TechSpot

Help to remove sirefef, keeps rebooting every 60 seconds

By jayski
Jun 17, 2012
  1. My laptop has been infected with the sirefef virus like many others who have posted on the forum for help. I have already taken the first steps as noted on other similar posts to download frst64.exe and run it, so I will post the first log below. I appreciate any help with this matter, thank you.
     
  2. jayski

    jayski TS Rookie Topic Starter Posts: 23

    Scan result of Farbar Recovery Scan Tool Version: 17-06-2012
    Ran by SYSTEM at 17-06-2012 12:34:46
    Running from G:\
    Windows 7 Ultimate (X64) OS Language: English(US)
    The current controlset is ControlSet001

    ========================== Registry (Whitelisted) =============

    HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [571760 2010-09-08] (Alps Electric Co., Ltd.)
    HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-05-25] (IDT, Inc.)
    HKLM\...\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [34232 2010-06-22] (Broadcom Corporation)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [499608 2011-03-15] (Adobe Systems Incorporated)
    HKLM\...\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE [x]
    HKLM\...\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start [539456 2011-10-15] (NVIDIA Corporation)
    HKLM\...\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet [1694016 2011-10-15] ()
    HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation)
    HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
    HKLM-x32\...\Run: [BTFAgent] "C:\Program Files (x86)\Dell Precision ON Flash\config\BTFAgent.exe" [227560 2010-08-23] (DeviceVM, Inc.)
    HKLM-x32\...\Run: [BTFWelcome] "C:\Program Files (x86)\Dell Precision ON Flash\config\BTFWelcome.exe" /autorun /s 95 [2230504 2010-08-23] (DeviceVM, Inc.)
    HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [462993 2010-03-12] (Creative Technology Ltd)
    HKLM-x32\...\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [815512 2012-01-03] (Adobe Systems Inc.)
    HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot [1667368 2010-09-13] (Hercules®)
    HKLM-x32\...\Run: [UIExec] "C:\Program Files (x86)\Mobile Partner Manager\UIExec.exe" [138584 2010-07-16] ()
    HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [36760 2012-01-03] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [] [x]
    HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-26] (Apple Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
    HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
    HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [1523360 2011-01-11] (Adobe Systems Incorporated)
    HKU\Jayski_Laptop\...\Run: [Google Update] "C:\Users\Jayski_Laptop\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-01-04] (Google Inc.)
    HKU\Jayski_Laptop\...\Run: [AdobeBridge] [x]
    HKU\Jayski_Laptop\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4280184 2012-03-08] (Microsoft Corporation)
    HKU\Jayski_Laptop\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
    HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
    AppInit_DLLs: acaptuser64.dll
    Lsa: [Authentication Packages] msv1_0
    wvauth
    HKLM\...\InprocServer32: [Default-wbemess] \\.\globalroot\systemroot\Installer\{cc5d1d3f-1e69-8a14-df1c-cc55cb13d8c1}\n. ATTENTION! ====> ZeroAccess
    Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
    ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
    Startup: C:\Users\All Users\Start Menu\Programs\Startup\Dell System Manager.lnk
    ShortcutTarget: Dell System Manager.lnk -> C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe (Dell Inc.)
    Startup: C:\Users\All Users\Start Menu\Programs\Startup\SetPoint.lnk
    ShortcutTarget: SetPoint.lnk -> C:\Program Files\SetPoint\SetPoint.exe (Logitech, Inc.)
    Startup: C:\Users\All Users\Start Menu\Programs\Startup\TdmNotify.lnk
    ShortcutTarget: TdmNotify.lnk -> C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe (Wave Systems Corp.)
    Startup: C:\Users\Jayski_Laptop\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> (No File)
    Startup: C:\Users\Jayski_Laptop\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
    ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe (Stardock)

    ==================== Services (Whitelisted) ======

    2 Credential Vault Host Control Service; "C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe" [1039776 2010-03-23] (Broadcom Corporation)
    2 Credential Vault Host Storage; "C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe" [31136 2010-03-23] (Broadcom Corporation)
    2 dcpsysmgrsvc; "C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe" [517488 2010-08-24] (Dell Inc.)
    2 DvmMDES; "C:\Program Files (x86)\Dell Precision ON Flash\config\DVMExportService.exe" [342264 2010-08-23] (DeviceVM, Inc.)
    2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe /DisableUI [1253376 2009-08-27] (MAGIX AG)
    3 FirebirdServerMAGIXInstance; "C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe" [3276800 2008-08-07] (MAGIX®)
    2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [20480 2010-12-23] ()
    2 InstallFilterService; C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\InstallFilterService.exe [60928 2010-01-10] ()
    3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [291696 2012-03-26] (Microsoft Corporation)
    2 NVIDIA Performance Driver Service; "C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe" [6810728 2009-12-08] ()
    2 OneTouch 4.0 Monitor; "C:\Program Files\Visioneer\OneTouch 4.0\OtService.exe" [131072 2008-06-02] (Visioneer Inc.)
    2 RemoteAccess; C:\Windows\SysWOW64\mprdin.dll [1692672 2012-03-28] ()
    3 SecureStorageService; "C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe" [1558016 2010-02-03] (Wave Systems Corp.)
    3 SolidWorks Licensing Service; "C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe" [72704 2011-03-04] (SolidWorks)
    2 TabletServiceWacom; C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe [8518008 2012-04-17] (Wacom Technology, Corp.)
    2 tcsd_win32.exe; "C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe" [1273856 2008-11-12] ()
    2 TdmService; "C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe" [2363240 2010-03-29] (Wave Systems Corp.)
    2 TouchServiceWacom; C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe [567672 2012-04-17] (Wacom Technology, Corp.)
    2 UI Assistant Service; C:\Program Files (x86)\Mobile Partner Manager\AssistantServices.exe [252784 2010-07-16] ()
    4 Mcx2Svc; C:\Windows\SysWOW64\Mcx2Svc.dll [x]

    ========================== Drivers (Whitelisted) =============

    2 adfs; C:\Windows\SysWow64\Drivers\adfs.sys [74720 2008-08-14] (Adobe Systems, Inc.)
    3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [185856 2010-12-23] (© Guillemot R&D, 2010. All rights reserved.)
    3 cvusbdrv; C:\Windows\System32\Drivers\cvusbdrv.sys [38440 2009-10-29] (Broadcom Corporation)
    1 DVMIO; \??\C:\Program Files (x86)\Dell Precision ON Flash\config\dvmio_x64.sys [20624 2010-02-05] (DeviceVM, Inc.)
    3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [301232 2010-04-05] (Intel Corporation)
    2 Hardlock; C:\Windows\System32\Drivers\Hardlock.sys [296448 2005-06-14] (Aladdin Knowledge Systems Ltd.)
    3 HDJAsioK; C:\Windows\System32\Drivers\HDJAsioK.sys [253952 2010-12-23] (© Guillemot R&D, 2010. All rights reserved.)
    3 HDJMidi; C:\Windows\System32\Drivers\HDJMidi.sys [221184 2010-12-23] (© Guillemot R&D, 2010. All rights reserved.)
    3 hidkmdf; C:\Windows\System32\Drivers\hidkmdf.sys [13688 2012-03-29] (Windows (R) Win 7 DDK provider)
    3 massfilter; C:\Windows\System32\Drivers\massfilter.sys [11776 2010-01-18] (ZTE Incorporated)
    0 PBADRV; C:\Windows\System32\Drivers\PBADRV.sys [32240 2008-06-04] (Dell Inc)
    0 stdflt; C:\Windows\System32\DRIVERS\stdfltn.sys [21040 2010-01-18] (ST Microelectronics)
    3 WacHidRouter; C:\Windows\System32\Drivers\WacHidRouter.sys [65912 2012-03-29] (Wacom Technology)
    3 wacomrouterfilter; C:\Windows\System32\Drivers\wacomrouterfilter.sys [15736 2012-03-29] (Wacom Technology)
    3 ZTEusbmdm6k; C:\Windows\System32\Drivers\ZTEusbmdm6k.sys [119680 2010-01-18] (ZTE Incorporated)
    3 ZTEusbnmea; C:\Windows\System32\Drivers\ZTEusbnmea.sys [119680 2010-01-18] (ZTE Incorporated)
    3 ZTEusbser6k; C:\Windows\System32\Drivers\ZTEusbser6k.sys [119680 2010-01-18] (ZTE Incorporated)
    3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [x]
    3 ew_hwusbdev; C:\Windows\System32\DRIVERS\ew_hwusbdev.sys [x]
    3 huawei_enumerator; C:\Windows\System32\DRIVERS\ew_jubusenum.sys [x]
    3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [x]
    3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [x]
    3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [x]
    3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]
    3 w4shwdrv; \??\C:\Users\JAYSKI~1\AppData\Local\Temp\w4s63BE.tmp [x]

    ========================== NetSvcs (Whitelisted) ===========

    NETSVCx32: Mcx2Svc -> C:\Windows\SysWOW64\Mcx2Svc.dll ==> No File.

    ============ One Month Created Files and Folders ==============

    2012-06-17 12:34 - 2012-06-17 12:35 - 00000000 ____D C:\FRST
    2012-06-17 01:57 - 2012-06-17 01:57 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{1706525E-055A-4CC3-9AEB-CF570B02E800}
    2012-06-15 23:50 - 2012-06-17 12:27 - 00000000 ____D C:\bc91b91cb90a90914baab60317
    2012-06-15 13:18 - 2012-06-15 13:18 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Tito Lopez - The Hunger Game (DatPiff.com)
    2012-06-15 13:15 - 2012-06-15 13:17 - 63496361 ____A C:\Users\Jayski_Laptop\Downloads\The_Hunger_Game-(DatPiff.com).zip
    2012-06-15 09:28 - 2012-06-15 09:29 - 00694284 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-04-08 at 12.45.56 PM.png
    2012-06-15 09:26 - 2012-06-15 09:27 - 00908593 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-05-20 at 12.07.37 PM.png
    2012-06-15 09:24 - 2012-06-15 09:25 - 00958951 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-01-24 at 5.20.35 PM.png
    2012-06-15 09:24 - 2012-06-15 09:25 - 00933958 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-02 at 4.50.47 PM.png
    2012-06-15 09:23 - 2012-06-15 09:24 - 00477818 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2011-10-08 at 2.45.52 PM.png
    2012-06-15 09:22 - 2012-06-15 09:23 - 00812952 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2011-10-09 at 10.58.48 AM.png
    2012-06-15 09:20 - 2012-06-15 09:21 - 00924851 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2011-11-26 at 7.34.20 AM.png
    2012-06-14 11:10 - 2012-06-15 23:12 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{4C8155D3-092C-4347-A123-B40CBB85A603}
    2012-06-14 11:10 - 2012-06-14 11:10 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{A5AAC039-878B-47A8-84E4-8A5C29653509}
    2012-06-13 13:59 - 2012-06-13 13:59 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{A3AE0268-9C30-4B2F-A68F-D41ED24E7DA3}
    2012-06-13 13:59 - 2012-06-13 13:59 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{0B4A6830-BEEF-4B5C-90F3-2929F1D59441}
    2012-06-12 11:14 - 2012-06-12 11:14 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{2B8266E4-2C6B-4BC5-A952-C25160E216D4}
    2012-06-11 12:55 - 2012-06-11 12:55 - 00014000 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+S05E13+HDTV+x264-ASAP+%5Beztv%5D.torrent
    2012-06-11 12:21 - 2012-06-11 12:22 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{E93D77B5-D797-41CF-9FB6-61DB358A1DCE}
    2012-06-10 21:36 - 2012-06-10 21:37 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{49B8FA57-A553-441A-9C24-37E0C9F59974}
    2012-06-10 21:36 - 2012-06-10 21:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{FAC2A613-1276-43C4-9590-5CF1A024C082}
    2012-06-10 10:47 - 2012-06-10 10:47 - 00658944 ____A C:\Windows\SysWOW64\ariwrv.exe
    2012-06-10 09:04 - 2012-06-10 09:09 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\[ www.TorrentDay.com ] - Chelsea.Lately.2012.06.07.Charlize.Theron.HDTV.x264-2HD
    2012-06-10 09:04 - 2012-06-10 09:04 - 00014360 ____A C:\Users\Jayski_Laptop\Downloads\Chelsea+Lately+2012+06+07+Charlize+Theron+HDTV+x264-2HD.torrent
    2012-06-10 08:21 - 2012-06-10 08:23 - 00000000 ____D C:\Users\Jayski_Laptop\Desktop\Adobe Dreamweaver CS5.5
    2012-06-10 03:26 - 2012-06-10 21:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{F16B5F5F-0E23-4481-A756-29CAEA1BBF8C}
    2012-06-10 03:26 - 2012-06-10 03:26 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{AE2F35B7-02F8-491D-8BDF-AB4E27609196}
    2012-06-10 03:26 - 2012-06-10 03:26 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{8927AC9C-AA90-4DAC-9027-366760435759}
    2012-06-10 02:04 - 2012-06-10 02:04 - 00037551 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-10 at 5.50.13 PM.png
    2012-06-10 01:05 - 2012-06-10 01:05 - 00080299 ____A C:\Users\Jayski_Laptop\Downloads\Untitled-3 copy 02.pdf
    2012-06-10 00:47 - 2012-06-10 00:47 - 00015744 ____A C:\Users\Jayski_Laptop\Downloads\Adobe.Dreamweaver.CS5.5.v11.5.Incl.Keymaker-CORE.torrent
    2012-06-10 00:43 - 2012-06-10 00:44 - 00000000 ____D C:\Users\Jayski_Laptop\Desktop\Adobe Dreamweaver CS6
    2012-06-10 00:25 - 2012-06-10 00:25 - 00012330 ____A C:\Users\Jayski_Laptop\Downloads\Adobe+Dreamweaver+CS6+12.0+build+5808+%2B+Crack.torrent
    2012-06-09 15:25 - 2012-06-09 15:25 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{893B8867-ABAC-45BA-9AE9-440C970717CC}
    2012-06-09 05:18 - 2012-06-09 05:18 - 00025307 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-09 at 9.19.21 PM.png
    2012-06-09 04:38 - 2012-06-09 04:38 - 00024153 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-09 at 8.39.42 PM.png
    2012-06-09 02:10 - 2012-06-09 02:10 - 00067009 ____A C:\Users\Jayski_Laptop\Downloads\Untitled-3 copy.pdf
    2012-06-09 01:42 - 2012-06-09 01:42 - 00019564 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-09 at 5.44.11 PM.png
    2012-06-09 00:39 - 2012-06-09 00:39 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{85AAC2A0-2994-48AA-90C9-FFEBD8D1946B}
    2012-06-09 00:38 - 2012-06-12 11:14 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5970F65B-D295-4B53-8836-9DBE901E3A79}
    2012-06-09 00:38 - 2012-06-09 00:39 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{D765ABF8-8BC7-434F-BAC7-A8106F5AD7AE}
    2012-06-08 12:03 - 2012-06-08 12:03 - 00015257 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-09 at 4.05.22 AM.png
    2012-06-08 11:58 - 2012-06-08 11:58 - 00024103 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-09 at 3.59.51 AM.png
    2012-06-08 11:52 - 2012-06-08 11:52 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5C86BFD0-E4CA-4CA4-AE7C-63B9BC5F27BD}
    2012-06-08 11:51 - 2012-06-09 00:38 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{908DA31B-A34D-4ACD-9588-92F27E76A9B0}
    2012-06-08 11:51 - 2012-06-08 11:52 - 00032187 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-09 at 3.44.22 AM.png
    2012-06-08 11:51 - 2012-06-08 11:52 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{F0BEFDAA-2E73-4A7A-BC60-B9C1954565AA}
    2012-06-08 11:51 - 2012-06-08 11:51 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5FD227A6-9FDC-48F3-A681-802D45514DCA}
    2012-06-08 10:39 - 2012-06-08 11:56 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\CODE_OF_SILENCE
    2012-06-08 10:39 - 2012-06-08 10:39 - 00014557 ____A C:\Users\Jayski_Laptop\Downloads\Code+of+Silence+-+Chuck+Norris%2C.torrent
    2012-06-08 10:22 - 2012-06-08 10:22 - 00421558 ____A C:\Users\Jayski_Laptop\Downloads\THE DESK_website.pdf
    2012-06-08 09:56 - 2012-06-08 09:57 - 00805307 ____A C:\Users\Jayski_Laptop\Downloads\THE DESK_PHOT.pdf
    2012-06-08 09:40 - 2012-06-08 09:40 - 00800216 ____A C:\Users\Jayski_Laptop\Documents\Screen shot 2012-06-03 at 11.35.42 PM.png
    2012-06-08 09:39 - 2012-06-08 09:39 - 00032989 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-04 at 10.38.34 PM.png
    2012-06-08 09:39 - 2012-06-08 09:39 - 00012050 ____A C:\Users\Jayski_Laptop\Documents\Screen shot 2012-06-04 at 12.21.02 AM.png
    2012-06-08 09:38 - 2012-06-08 09:38 - 00034449 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-09 at 1.34.03 AM.png
    2012-06-08 08:57 - 2012-06-08 08:57 - 00028293 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]raw.iron.making.of.pumping.iron.torrent
    2012-06-08 08:48 - 2012-06-08 09:00 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Arnold Schwarzenegger-Bodybuilding Encyclopedia-
    2012-06-08 08:48 - 2012-06-08 08:48 - 00049094 ____A C:\Users\Jayski_Laptop\Downloads\Arnold+Schwarzenegger+Bodybuilding+Encyclopedia%5BPDF+-+Eng%5D%5BTNTVillage.org%5Dby+Duracell72.torrent
    2012-06-08 07:15 - 2012-06-08 13:32 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Cliffhanger 1993 BRRip 720p H264-3Li
    2012-06-08 07:15 - 2012-06-08 07:15 - 00094194 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]cliffhanger.1993.brrip.720p.h264.3li.torrent
    2012-06-08 06:20 - 2012-06-09 02:47 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Caddyshack.1980.720p.BRRiP.x264.AAC.mkv-Zen_Bud
    2012-06-08 06:20 - 2012-06-08 06:20 - 00014934 ____A C:\Users\Jayski_Laptop\Downloads\Caddyshack+1980.720p+BRRiP+x264+AAC+mkv-Zen+Bud.torrent
    2012-06-08 06:19 - 2012-06-08 06:35 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Groundhog Day (1993)
    2012-06-08 06:19 - 2012-06-08 06:19 - 00014227 ____A C:\Users\Jayski_Laptop\Downloads\Groundhog+Day+%281993%29+720p+BrRip+x264+-+650MB+-+YIFY.torrent
    2012-06-07 23:55 - 2012-06-07 23:55 - 00049716 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-08 at 1.31.41 PM.png
    2012-06-07 23:50 - 2012-06-07 23:50 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{928FE6A2-E467-4D87-A5C4-A9EDCEBBCCF1}
    2012-06-07 23:50 - 2012-06-07 23:50 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{875B43FE-1C03-4761-8EA9-13CF57D7DED9}
    2012-06-07 23:50 - 2012-06-07 23:50 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{1299469E-C62D-42F6-9F3C-00069A402A26}
    2012-06-07 15:24 - 2012-06-07 15:24 - 00014200 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]mad.men.s05e12.hdtv.x264.asap.eztv.torrent
    2012-06-07 12:39 - 2012-06-09 08:06 - 210239488 ____A C:\Users\Jayski_Laptop\Downloads\AnimalPak.com Chest Volume 2.avi.bc!
    2012-06-07 12:39 - 2012-06-07 14:51 - 266351680 ____A C:\Users\Jayski_Laptop\Downloads\Animal Pak Arms Vol. I.avi
    2012-06-07 12:39 - 2012-06-07 12:39 - 00020768 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]animal.pak.arms.torrent
    2012-06-07 12:39 - 2012-06-07 12:39 - 00016574 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]animal.pak.vol.ii.chest.torrent
    2012-06-07 11:14 - 2012-06-07 11:14 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{E4E227CD-AD6B-4BDA-83F2-3542480318D2}
    2012-06-07 11:14 - 2012-06-07 11:14 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{A1646A14-78AC-4074-B5C2-0726C6F397CC}
    2012-06-07 11:13 - 2012-06-07 11:14 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{103D3E26-078C-487B-9574-6D2EB351D90A}
    2012-06-07 05:56 - 2012-06-07 05:58 - 09029595 ____A C:\Users\Jayski_Laptop\Downloads\Wiz Khalifa x Curreny Type Instrumental YouTube - [File2HD.com].mp4
    2012-06-07 04:45 - 2012-06-07 04:45 - 01102484 ____A C:\Users\Jayski_Laptop\Downloads\WD_Quick_Formatter_Win_1_2_0_10.zip
    2012-06-06 23:13 - 2012-06-06 23:13 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{D08D660D-7BD9-40B3-9BFE-431EB33B8D2C}
    2012-06-06 23:12 - 2012-06-06 23:13 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{3A6EF5CC-5CEE-4FB6-9786-98B6A38CD2C5}
    2012-06-06 23:08 - 2012-06-06 23:08 - 01282663 ____A C:\Users\Jayski_Laptop\Documents\Keung7.psd
    2012-06-06 11:12 - 2012-06-06 11:12 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{3DC6B928-5A42-4A54-9A6B-BF9F00E729C9}
    2012-06-06 11:11 - 2012-06-06 11:12 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{E59E8D91-2879-405C-BCB3-0E492D98E8F9}
    2012-06-05 21:51 - 2012-06-05 21:51 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{26564367-74A0-4EE8-9644-8038EC2CD69C}
    2012-06-05 21:50 - 2012-06-06 23:12 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{80519584-5A49-4B6B-9935-D2AF4A4FD494}
    2012-06-05 21:50 - 2012-06-05 21:51 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5B2AC70C-D61F-4640-85A8-6166496FE441}
    2012-06-05 10:17 - 2012-06-05 10:17 - 00540397 ____A C:\Users\Jayski_Laptop\Downloads\Picture 4 (1).png
    2012-06-05 10:17 - 2012-06-05 10:17 - 00444875 ____A C:\Users\Jayski_Laptop\Downloads\Picture 2 (1).png
    2012-06-05 10:17 - 2012-06-05 10:17 - 00407986 ____A C:\Users\Jayski_Laptop\Downloads\Picture 3 (1).png
    2012-06-05 09:51 - 2012-06-05 09:51 - 00017908 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-06 at 1.53.08 AM.png
    2012-06-05 09:49 - 2012-06-05 09:50 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{63BFD282-F16D-448F-A81C-A0B78936F93E}
    2012-06-05 09:42 - 2012-06-05 09:42 - 00122188 ____A C:\Users\Jayski_Laptop\Downloads\THE DESK (1).pdf
    2012-06-05 09:42 - 2012-06-05 09:42 - 00069552 ____A C:\Users\Jayski_Laptop\Downloads\THE DESK.pdf
    2012-06-04 21:51 - 2012-06-04 21:51 - 00019563 ____A C:\Users\Jayski_Laptop\Downloads\Big_K.R.I.T.-Live_From_The_Underground-2012-FTD+%2ANEW%2A.torrent
    2012-06-04 21:49 - 2012-06-04 21:49 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{C7F4A22B-B6CD-4862-ACC9-A0DB1D565F88}
    2012-06-04 13:30 - 2012-06-04 13:30 - 00013778 ____A C:\Users\Jayski_Laptop\Downloads\Curren%24y+-+The+Stoned+Immaculate+%28Deluxe+Version%29+%7B320+kbps%7D.torrent
    2012-06-04 09:48 - 2012-06-04 09:48 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{870806A8-4509-47E6-9366-B60C02F1E11B}
    2012-06-03 20:58 - 2012-06-07 23:50 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{4E0BAF4B-1BD5-4AB9-AEE3-9E456A5C4F72}
    2012-06-03 09:30 - 2012-06-04 11:25 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\[ www.TorrentDay.com ] - Mad.Men.S05E11.The.Other.Woman.HDTV.x264-ASAP
    2012-06-03 09:29 - 2012-06-04 11:11 - 375859598 ____A C:\Users\Jayski_Laptop\Downloads\Mad.Men.S05E09.HDTV.x264-ASAP.mp4
    2012-06-03 09:29 - 2012-06-04 11:06 - 355438042 ____A C:\Users\Jayski_Laptop\Downloads\Mad Men - S05E10.avi
    2012-06-03 09:29 - 2012-06-03 09:29 - 00027920 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+S05E11+The+Other+Woman+HDTV+x264-ASAP.torrent
    2012-06-03 09:29 - 2012-06-03 09:29 - 00015040 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+S05E09+HDTV+x264-ASAP+%5Beztv%5D.torrent
    2012-06-03 09:29 - 2012-06-03 09:29 - 00014401 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+-+S05E10.avi.torrent
    2012-06-03 09:29 - 2012-06-03 09:29 - 00014040 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+S05E08+HDTV+x264-ASAP+%5Beztv%5D.torrent
    2012-06-03 09:28 - 2012-06-03 09:28 - 00014940 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+S05E07+HDTV+x264+ASAP+mp4.torrent
    2012-06-03 09:27 - 2012-06-03 09:27 - 00015186 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+S05E06+PROPER+HDTV+x264-2HD+%5Beztv%5D.torrent
    2012-06-03 09:27 - 2012-06-03 09:27 - 00014723 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+-+Signal+30+5x5+%5BHDTV+-+FQM%5D.torrent
    2012-06-03 08:19 - 2012-06-03 08:19 - 00012050 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-04 at 12.21.02 AM.png
    2012-06-03 08:07 - 2012-06-03 08:07 - 00015025 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-04 at 12.09.13 AM.png
    2012-06-03 07:57 - 2012-06-03 07:57 - 00011725 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 11.59.01 PM.png
    2012-06-03 07:34 - 2012-06-03 07:40 - 00800216 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 11.35.42 PM.png
    2012-06-03 06:03 - 2012-06-03 06:12 - 01163011 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 10.04.58 PM.png
    2012-06-03 04:54 - 2012-06-03 04:54 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{856DEC75-067D-41DC-8FF7-F3A41D178A99}
    2012-06-03 04:54 - 2012-06-03 04:54 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{227D7F96-2117-49E8-B052-05BDD929723A}
    2012-06-03 04:19 - 2012-06-03 04:19 - 00015074 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+S05E04+HDTV+x264-ASAP+%5Beztv%5D.torrent
    2012-06-02 14:58 - 2012-06-02 14:58 - 00015812 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+S05E03+HDTV+RM-ASAP+%5Beztv%5D.torrent
    2012-06-02 12:04 - 2012-06-02 12:04 - 00016901 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 4.06.21 AM.png
    2012-06-02 11:54 - 2012-06-02 11:54 - 00012197 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 3.56.12 AM.png
    2012-06-02 11:49 - 2012-06-02 11:49 - 00021099 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 3.50.38 AM.png
    2012-06-02 11:43 - 2012-06-02 11:43 - 00020555 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 3.45.19 AM.png
    2012-06-02 11:02 - 2012-06-02 11:02 - 00012515 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 3.04.12 AM.png
    2012-06-02 10:57 - 2012-06-02 10:57 - 00014714 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 2.59.20 AM.png
    2012-06-02 10:54 - 2012-06-02 10:55 - 00015140 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 2.56.42 AM.png
    2012-06-02 10:53 - 2012-06-02 10:53 - 00013307 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 2.55.24 AM 1.png
    2012-06-02 10:43 - 2012-06-02 10:44 - 00013384 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 2.45.30 AM.png
    2012-06-02 02:57 - 2012-06-02 03:16 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Being John Malkovich[1999]DVDRip-FiveXS
    2012-06-02 02:55 - 2012-06-02 02:55 - 00028509 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]being.john.malkovich.1999.dvdrip.fivexs.torrent
    2012-06-02 00:25 - 2012-06-02 00:26 - 00337357 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-02 at 4.27.27 PM.png
    2012-06-02 00:18 - 2012-06-03 09:25 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\London_Trip_Movie
    2012-06-01 23:46 - 2012-06-01 23:46 - 00026277 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-02 at 12.07.40 PM.png
    2012-06-01 23:45 - 2012-06-01 23:45 - 00032317 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-02 at 12.07.32 PM.png
    2012-06-01 11:49 - 2012-06-01 11:49 - 00029718 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+S05E01-E02+HDTV+x264-ASAP+%5Beztv%5D.torrent
    2012-06-01 11:46 - 2012-06-01 11:46 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{CC9BE67F-1241-442F-8A5F-16D2CEBDEB66}
    2012-06-01 11:46 - 2012-06-01 11:46 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{15D292C2-9919-4854-BEAD-6A3622C37281}
    2012-06-01 11:25 - 2012-06-01 12:25 - 169217274 ____A C:\Users\Jayski_Laptop\Downloads\Chelsea.Lately.2012.05.08.Morgan.Spurlock.HDTV.x264-2HD.mp4
    2012-06-01 11:25 - 2012-06-01 11:25 - 00013694 ____A C:\Users\Jayski_Laptop\Downloads\Chelsea+Lately+2012+05+08+Morgan+Spurlock+HDTV+x264-2HD+mp4.torrent
    2012-06-01 09:45 - 2012-06-01 10:25 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\The.Shining.1980.720p.BRRiP.x264.AAC(5.1).mkv-Zen_Bud
    2012-06-01 09:45 - 2012-06-01 09:45 - 00040521 ____A C:\Users\Jayski_Laptop\Downloads\The.Shining.1980.720p.BRRiP.x264.AAC%285.1%29.mkv-Zen_Bud.torrent
    2012-05-31 23:45 - 2012-05-31 23:45 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{E468D392-9B7E-443E-8301-289B582B5F7B}
    2012-05-31 23:45 - 2012-05-31 23:45 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{9E1D1CAA-E3DB-4794-BADD-379F4948F773}
    2012-05-31 08:03 - 2012-06-17 12:27 - 00000000 ____D C:\Program Files\Microsoft Security Client
    2012-05-31 08:03 - 2012-06-17 12:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
    2012-05-31 08:00 - 2012-05-31 08:01 - 12621696 ____A (Microsoft Corporation) C:\Users\Jayski_Laptop\Downloads\mseinstall (1).exe
    2012-05-31 06:35 - 2012-05-31 06:35 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{EA76323E-CDF3-4833-974D-BD9BD62EABC5}
    2012-05-31 06:35 - 2012-05-31 06:35 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{7946AC36-652C-4C87-A657-08044FF37EA9}
    2012-05-29 13:50 - 2012-05-29 13:50 - 00000000 __SHD C:\Windows\System32\%APPDATA%
    2012-05-29 13:26 - 2012-05-29 13:26 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{02B24216-D5B2-4632-9843-3F9E328D90D1}
    2012-05-29 13:25 - 2012-05-29 13:26 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{8495C5B9-1D0E-43DC-9C58-F5EBDB548B82}
    2012-05-28 12:43 - 2012-05-28 12:43 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{D8441E6B-729A-4705-93AA-060F5E8C45F5}
    2012-05-28 12:42 - 2012-05-28 12:42 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{C883AB48-8111-47E7-8352-7725E4C63BB6}
    2012-05-27 15:25 - 2012-05-27 15:26 - 04959640 ____A C:\Users\Jayski_Laptop\Downloads\QuickBounce12.mp3
    2012-05-27 15:25 - 2012-05-27 15:25 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5E637022-5A92-4732-AF0A-7E244E411FDF}
    2012-05-27 15:24 - 2012-05-27 15:25 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{CECD077B-6629-4AF3-8D1C-94ECB17D70C0}
    2012-05-27 08:02 - 2012-05-27 08:02 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{9EEAB016-7A94-486C-B5BB-226BE289BDD2}
    2012-05-26 17:36 - 2012-05-26 17:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{FFA47962-C4D2-4E67-85A5-868445B3E002}
    2012-05-26 17:36 - 2012-05-26 17:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{04E411DB-9EC3-4631-BB4B-35BB233BBD0A}
    2012-05-26 01:09 - 2012-05-26 01:09 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{EE11483B-DC1D-4242-8CE7-A3998B1908CA}
    2012-05-26 01:09 - 2012-05-26 01:09 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{CE86D454-A410-4ECE-8A97-7E16430B3A09}
    2012-05-25 23:50 - 2012-05-25 23:50 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{8B7FC681-F174-41CE-B457-951DDD92F769}
    2012-05-24 10:33 - 2012-05-24 10:33 - 00001847 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
    2012-05-24 10:33 - 2012-05-24 10:33 - 00000000 ____D C:\Program Files (x86)\QuickTime
    2012-05-24 10:19 - 2012-05-24 10:20 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5E68F3B5-A8C6-4D1F-8610-92068C733ABA}
    2012-05-24 10:19 - 2012-05-24 10:19 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{CAB7917D-6EFC-49C6-A31E-386FD26B6174}
    2012-05-23 10:55 - 2012-05-23 10:55 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{ADE649E4-EE45-4FAD-A1AB-737AA571A04D}
    2012-05-23 10:55 - 2012-05-23 10:55 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5272B461-72AD-4258-A330-2C71D3F52085}
    2012-05-22 21:50 - 2012-05-22 21:50 - 00034975 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-05-23 at 12.04.51 AM.png
    2012-05-22 21:50 - 2012-05-22 21:50 - 00031716 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-05-23 at 12.04.44 AM.png
    2012-05-22 21:50 - 2012-05-22 21:50 - 00026740 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-05-23 at 12.04.57 AM.png
    2012-05-22 11:14 - 2012-05-22 11:14 - 00038238 ____A C:\Users\Jayski_Laptop\Downloads\designertheme.zip
    2012-05-22 10:56 - 2012-05-22 10:56 - 00152969 ____A C:\Users\Jayski_Laptop\Downloads\portfolium.zip
    2012-05-22 09:51 - 2012-05-22 09:51 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{FF38B70A-AEC8-4D61-A482-EE2DFBFAEA36}
    2012-05-22 09:51 - 2012-05-22 09:51 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{C8DBD1E3-A214-4971-BFA2-812BAFC66BB2}
    2012-05-21 12:36 - 2012-05-21 12:36 - 00000053 ____A C:\Users\Jayski_Laptop\Downloads\google912d1b1e5d4a4cf8.html
    2012-05-21 11:38 - 2012-05-24 11:49 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Mad.Men.Season.4.320p.HDTV.H264
    2012-05-21 11:38 - 2012-05-21 11:38 - 00025901 ____A C:\Users\Jayski_Laptop\Downloads\Mad.Men.Season.4.320p.HDTV.H264.torrent
    2012-05-21 11:30 - 2012-05-21 11:31 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{DF9FA72A-D8BE-49F8-81A6-4D1A13CF57F1}
    2012-05-21 11:30 - 2012-05-21 11:30 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{34416AE9-05C1-431E-B45D-B61DB3ECDC2C}
    2012-05-20 21:55 - 2012-05-20 21:55 - 00023717 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]tito.lopez.the.king.wit.no.crown.the.prequel.plus.cut.tracks.2009.torrent
    2012-05-20 21:55 - 2012-05-20 21:55 - 00015172 ____A C:\Users\Jayski_Laptop\Downloads\Tito.Lopez+-+****.H8ters+-+%28Bootleg%29+-+2010+-++%5BNoFS%5D+.torrent
    2012-05-20 21:49 - 2012-05-20 21:49 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{243A3385-CC7B-45FE-B585-7F247AD4BE42}
    2012-05-20 21:48 - 2012-05-20 21:49 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{F8465830-1D16-4C2C-9884-5CCF4EE52CEF}
    2012-05-20 21:48 - 2012-05-20 21:48 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5FD2808E-F872-4949-BCDE-5E512E541637}
    2012-05-20 21:48 - 2012-05-20 21:48 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{445DD9C7-DB18-4046-9350-3D2B0E3AAB81}
    2012-05-20 03:15 - 2012-05-20 03:15 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{089D9308-5EA5-4DE9-9BC9-B4CB3EE15645}
    2012-05-19 15:14 - 2012-05-20 03:15 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{CEB4B4CD-2866-4EE0-A51C-9165E96DAC61}
    2012-05-19 15:14 - 2012-05-19 15:14 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{04B42CEA-4A82-49BF-B9E0-C4F42F947A95}
    2012-05-19 04:40 - 2012-05-19 04:40 - 00015599 ____A C:\Users\Jayski_Laptop\Downloads\Adobe+Photoshop+Lightroom+4.0+Final+Multilingual+%28keygen-CORE%29+%5BChingLiu%5D.torrent
    2012-05-19 04:37 - 2012-05-19 04:37 - 00002057 ____A C:\Users\Public\Desktop\Lightroom 4 64-bit.lnk
    2012-05-19 01:59 - 2012-05-19 02:31 - 153866460 ____A C:\Users\Jayski_Laptop\Downloads\TheLostFilesOfTitoLopezReloaded-OnSMASH.zip
    2012-05-19 00:38 - 2012-05-19 00:38 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{183D48FD-0667-4D6E-A261-89768F697B8E}
    2012-05-19 00:37 - 2012-05-19 00:38 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{6F0B0E79-3ABE-4368-83B9-B2857DC5E477}
    2012-05-18 11:18 - 2012-05-18 11:18 - 01158683 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-05-18 at 3.17.36 PM.png
    2012-05-18 10:02 - 2012-06-02 06:35 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\Worthersee_2012_Movie
    2012-05-18 09:36 - 2012-05-18 09:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{DFA3A257-8512-48B2-9F43-76833E220E0B}
    2012-05-18 09:36 - 2012-05-18 09:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{1228C83F-35B9-44F2-9D9F-777AD44EF4DE}
     
  3. jayski

    jayski TS Rookie Topic Starter Posts: 23

    ============ 3 Months Modified Files and Folders =============
    2012-06-17 12:35 - 2012-06-17 12:34 - 00000000 ____D C:\FRST
    2012-06-17 12:28 - 2011-01-04 15:32 - 00000000 ____D C:\users\Jayski_Laptop
    2012-06-17 12:28 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
    2012-06-17 12:27 - 2012-06-15 23:50 - 00000000 ____D C:\bc91b91cb90a90914baab60317
    2012-06-17 12:27 - 2012-05-31 08:03 - 00000000 ____D C:\Program Files\Microsoft Security Client
    2012-06-17 12:27 - 2012-05-31 08:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
    2012-06-17 12:27 - 2011-04-13 06:03 - 00000000 ____D C:\Program Files (x86)\Mobile Partner Manager
    2012-06-17 12:27 - 2010-12-25 11:29 - 00000000 ____D C:\Users\All Users\NVIDIA
    2012-06-17 12:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
    2012-06-17 12:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
    2012-06-17 12:27 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
    2012-06-17 12:25 - 2012-04-24 13:51 - 00000000 ___RD C:\Users\Jayski_Laptop\Dropbox
    2012-06-17 12:25 - 2011-01-04 18:41 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Roaming\Skype
    2012-06-17 01:57 - 2012-06-17 01:57 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{1706525E-055A-4CC3-9AEB-CF570B02E800}
    2012-06-17 01:56 - 2011-01-04 16:38 - 00000000 ____D C:\Users\Jayski_Laptop\Tracing
    2012-06-16 00:11 - 2012-01-11 10:33 - 00000000 __SHD C:\Users\Jayski_Laptop\AppData\Local\{cc5d1d3f-1e69-8a14-df1c-cc55cb13d8c1}
    2012-06-15 23:35 - 2011-01-06 19:41 - 00000000 ____D C:\Users\Jayski_Laptop\TRANSFER
    2012-06-15 23:12 - 2012-06-14 11:10 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{4C8155D3-092C-4347-A123-B40CBB85A603}
    2012-06-15 13:18 - 2012-06-15 13:18 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Tito Lopez - The Hunger Game (DatPiff.com)
    2012-06-15 13:17 - 2012-06-15 13:15 - 63496361 ____A C:\Users\Jayski_Laptop\Downloads\The_Hunger_Game-(DatPiff.com).zip
    2012-06-15 12:29 - 2012-04-30 11:33 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Miami Vice - Seasons 3 and 4 - DVDrip
    2012-06-15 09:29 - 2012-06-15 09:28 - 00694284 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-04-08 at 12.45.56 PM.png
    2012-06-15 09:27 - 2012-06-15 09:26 - 00908593 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-05-20 at 12.07.37 PM.png
    2012-06-15 09:25 - 2012-06-15 09:24 - 00958951 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-01-24 at 5.20.35 PM.png
    2012-06-15 09:25 - 2012-06-15 09:24 - 00933958 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-02 at 4.50.47 PM.png
    2012-06-15 09:24 - 2012-06-15 09:23 - 00477818 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2011-10-08 at 2.45.52 PM.png
    2012-06-15 09:23 - 2012-06-15 09:22 - 00812952 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2011-10-09 at 10.58.48 AM.png
    2012-06-15 09:21 - 2012-06-15 09:20 - 00924851 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2011-11-26 at 7.34.20 AM.png
    2012-06-14 11:10 - 2012-06-14 11:10 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{A5AAC039-878B-47A8-84E4-8A5C29653509}
    2012-06-14 11:10 - 2011-01-04 16:20 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\Windows Live
    2012-06-13 22:18 - 2011-11-27 05:52 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\FINANCES
    2012-06-13 13:59 - 2012-06-13 13:59 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{A3AE0268-9C30-4B2F-A68F-D41ED24E7DA3}
    2012-06-13 13:59 - 2012-06-13 13:59 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{0B4A6830-BEEF-4B5C-90F3-2929F1D59441}
    2012-06-12 12:40 - 2012-03-04 01:53 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Movies_To_Watch
    2012-06-12 11:14 - 2012-06-12 11:14 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{2B8266E4-2C6B-4BC5-A952-C25160E216D4}
    2012-06-12 11:14 - 2012-06-09 00:38 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5970F65B-D295-4B53-8836-9DBE901E3A79}
    2012-06-11 14:05 - 2011-01-04 15:37 - 00000940 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3739037683-3064319709-692292168-1001UA.job
    2012-06-11 14:01 - 2012-04-14 08:56 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2012-06-11 13:48 - 2012-05-07 04:19 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
    2012-06-11 13:37 - 2009-07-13 21:10 - 01913691 ____A C:\Windows\WindowsUpdate.log
    2012-06-11 12:55 - 2012-06-11 12:55 - 00014000 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+S05E13+HDTV+x264-ASAP+%5Beztv%5D.torrent
    2012-06-11 12:22 - 2012-06-11 12:21 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{E93D77B5-D797-41CF-9FB6-61DB358A1DCE}
    2012-06-11 12:21 - 2012-04-14 08:56 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2012-06-10 22:05 - 2011-01-04 15:37 - 00000888 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3739037683-3064319709-692292168-1001Core.job
    2012-06-10 21:37 - 2012-06-10 21:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{49B8FA57-A553-441A-9C24-37E0C9F59974}
    2012-06-10 21:36 - 2012-06-10 21:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{FAC2A613-1276-43C4-9590-5CF1A024C082}
    2012-06-10 21:36 - 2012-06-10 03:26 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{F16B5F5F-0E23-4481-A756-29CAEA1BBF8C}
    2012-06-10 14:06 - 2012-01-22 12:59 - 01139200 __ASH C:\Users\Jayski_Laptop\Documents\Thumbs.db
    2012-06-10 12:43 - 2010-06-26 03:55 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\jbdesign.ca
    2012-06-10 11:24 - 2011-01-04 18:41 - 00000000 ____D C:\Users\All Users\Skype
    2012-06-10 11:19 - 2011-01-18 17:49 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Roaming\FileZilla
    2012-06-10 11:02 - 2011-01-15 19:26 - 00000132 ____A C:\Users\Jayski_Laptop\AppData\Roaming\Adobe PNG Format CS5 Prefs
    2012-06-10 10:47 - 2012-06-10 10:47 - 00658944 ____A C:\Windows\SysWOW64\ariwrv.exe
    2012-06-10 09:09 - 2012-06-10 09:04 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\[ www.TorrentDay.com ] - Chelsea.Lately.2012.06.07.Charlize.Theron.HDTV.x264-2HD
    2012-06-10 09:04 - 2012-06-10 09:04 - 00014360 ____A C:\Users\Jayski_Laptop\Downloads\Chelsea+Lately+2012+06+07+Charlize+Theron+HDTV+x264-2HD.torrent
    2012-06-10 08:59 - 2011-01-05 14:17 - 00000000 ____D C:\Users\All Users\regid.1986-12.com.adobe
    2012-06-10 08:57 - 2011-01-04 17:24 - 00000000 ____D C:\Program Files (x86)\Adobe
    2012-06-10 08:57 - 2011-01-04 15:37 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Roaming\Adobe
    2012-06-10 08:56 - 2011-01-04 17:23 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\Adobe
    2012-06-10 08:56 - 2011-01-04 17:04 - 00000000 ____D C:\Users\All Users\Adobe
    2012-06-10 08:23 - 2012-06-10 08:21 - 00000000 ____D C:\Users\Jayski_Laptop\Desktop\Adobe Dreamweaver CS5.5
    2012-06-10 03:26 - 2012-06-10 03:26 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{AE2F35B7-02F8-491D-8BDF-AB4E27609196}
    2012-06-10 03:26 - 2012-06-10 03:26 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{8927AC9C-AA90-4DAC-9027-366760435759}
    2012-06-10 02:04 - 2012-06-10 02:04 - 00037551 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-10 at 5.50.13 PM.png
    2012-06-10 01:05 - 2012-06-10 01:05 - 00080299 ____A C:\Users\Jayski_Laptop\Downloads\Untitled-3 copy 02.pdf
    2012-06-10 00:47 - 2012-06-10 00:47 - 00015744 ____A C:\Users\Jayski_Laptop\Downloads\Adobe.Dreamweaver.CS5.5.v11.5.Incl.Keymaker-CORE.torrent
    2012-06-10 00:45 - 2011-01-05 14:30 - 00000193 ____A C:\Windows\WORDPAD.INI
    2012-06-10 00:44 - 2012-06-10 00:43 - 00000000 ____D C:\Users\Jayski_Laptop\Desktop\Adobe Dreamweaver CS6
    2012-06-10 00:25 - 2012-06-10 00:25 - 00012330 ____A C:\Users\Jayski_Laptop\Downloads\Adobe+Dreamweaver+CS6+12.0+build+5808+%2B+Crack.torrent
    2012-06-09 16:00 - 2012-04-24 13:47 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Roaming\Dropbox
    2012-06-09 15:27 - 2009-07-13 21:13 - 00733884 ____A C:\Windows\System32\PerfStringBackup.INI
    2012-06-09 15:25 - 2012-06-09 15:25 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{893B8867-ABAC-45BA-9AE9-440C970717CC}
    2012-06-09 08:06 - 2012-06-07 12:39 - 210239488 ____A C:\Users\Jayski_Laptop\Downloads\AnimalPak.com Chest Volume 2.avi.bc!
    2012-06-09 05:21 - 2012-04-01 01:33 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\Tyme_GC
    2012-06-09 05:18 - 2012-06-09 05:18 - 00025307 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-09 at 9.19.21 PM.png
    2012-06-09 04:38 - 2012-06-09 04:38 - 00024153 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-09 at 8.39.42 PM.png
    2012-06-09 04:18 - 2011-09-09 07:45 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\Matte_Paintings
    2012-06-09 02:47 - 2012-06-08 06:20 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Caddyshack.1980.720p.BRRiP.x264.AAC.mkv-Zen_Bud
    2012-06-09 02:10 - 2012-06-09 02:10 - 00067009 ____A C:\Users\Jayski_Laptop\Downloads\Untitled-3 copy.pdf
    2012-06-09 01:42 - 2012-06-09 01:42 - 00019564 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-09 at 5.44.11 PM.png
    2012-06-09 00:39 - 2012-06-09 00:39 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{85AAC2A0-2994-48AA-90C9-FFEBD8D1946B}
    2012-06-09 00:39 - 2012-06-09 00:38 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{D765ABF8-8BC7-434F-BAC7-A8106F5AD7AE}
    2012-06-09 00:38 - 2012-06-08 11:51 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{908DA31B-A34D-4ACD-9588-92F27E76A9B0}
    2012-06-08 13:32 - 2012-06-08 07:15 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Cliffhanger 1993 BRRip 720p H264-3Li
    2012-06-08 12:03 - 2012-06-08 12:03 - 00015257 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-09 at 4.05.22 AM.png
    2012-06-08 11:58 - 2012-06-08 11:58 - 00024103 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-09 at 3.59.51 AM.png
    2012-06-08 11:56 - 2012-06-08 10:39 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\CODE_OF_SILENCE
    2012-06-08 11:52 - 2012-06-08 11:52 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5C86BFD0-E4CA-4CA4-AE7C-63B9BC5F27BD}
    2012-06-08 11:52 - 2012-06-08 11:51 - 00032187 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-09 at 3.44.22 AM.png
    2012-06-08 11:52 - 2012-06-08 11:51 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{F0BEFDAA-2E73-4A7A-BC60-B9C1954565AA}
    2012-06-08 11:51 - 2012-06-08 11:51 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5FD227A6-9FDC-48F3-A681-802D45514DCA}
    2012-06-08 10:39 - 2012-06-08 10:39 - 00014557 ____A C:\Users\Jayski_Laptop\Downloads\Code+of+Silence+-+Chuck+Norris%2C.torrent
    2012-06-08 10:22 - 2012-06-08 10:22 - 00421558 ____A C:\Users\Jayski_Laptop\Downloads\THE DESK_website.pdf
    2012-06-08 09:57 - 2012-06-08 09:56 - 00805307 ____A C:\Users\Jayski_Laptop\Downloads\THE DESK_PHOT.pdf
    2012-06-08 09:40 - 2012-06-08 09:40 - 00800216 ____A C:\Users\Jayski_Laptop\Documents\Screen shot 2012-06-03 at 11.35.42 PM.png
    2012-06-08 09:40 - 2009-07-13 20:45 - 00014224 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2012-06-08 09:40 - 2009-07-13 20:45 - 00014224 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2012-06-08 09:39 - 2012-06-08 09:39 - 00032989 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-04 at 10.38.34 PM.png
    2012-06-08 09:39 - 2012-06-08 09:39 - 00012050 ____A C:\Users\Jayski_Laptop\Documents\Screen shot 2012-06-04 at 12.21.02 AM.png
    2012-06-08 09:38 - 2012-06-08 09:38 - 00034449 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-09 at 1.34.03 AM.png
    2012-06-08 09:33 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2012-06-08 09:33 - 2009-07-13 20:51 - 00064308 ____A C:\Windows\setupact.log
    2012-06-08 09:00 - 2012-06-08 08:48 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Arnold Schwarzenegger-Bodybuilding Encyclopedia-
    2012-06-08 08:57 - 2012-06-08 08:57 - 00028293 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]raw.iron.making.of.pumping.iron.torrent
    2012-06-08 08:48 - 2012-06-08 08:48 - 00049094 ____A C:\Users\Jayski_Laptop\Downloads\Arnold+Schwarzenegger+Bodybuilding+Encyclopedia%5BPDF+-+Eng%5D%5BTNTVillage.org%5Dby+Duracell72.torrent
    2012-06-08 07:15 - 2012-06-08 07:15 - 00094194 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]cliffhanger.1993.brrip.720p.h264.3li.torrent
    2012-06-08 06:35 - 2012-06-08 06:19 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Groundhog Day (1993)
    2012-06-08 06:20 - 2012-06-08 06:20 - 00014934 ____A C:\Users\Jayski_Laptop\Downloads\Caddyshack+1980.720p+BRRiP+x264+AAC+mkv-Zen+Bud.torrent
    2012-06-08 06:19 - 2012-06-08 06:19 - 00014227 ____A C:\Users\Jayski_Laptop\Downloads\Groundhog+Day+%281993%29+720p+BrRip+x264+-+650MB+-+YIFY.torrent
    2012-06-07 23:55 - 2012-06-07 23:55 - 00049716 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-08 at 1.31.41 PM.png
    2012-06-07 23:50 - 2012-06-07 23:50 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{928FE6A2-E467-4D87-A5C4-A9EDCEBBCCF1}
    2012-06-07 23:50 - 2012-06-07 23:50 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{875B43FE-1C03-4761-8EA9-13CF57D7DED9}
    2012-06-07 23:50 - 2012-06-07 23:50 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{1299469E-C62D-42F6-9F3C-00069A402A26}
    2012-06-07 23:50 - 2012-06-03 20:58 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{4E0BAF4B-1BD5-4AB9-AEE3-9E456A5C4F72}
    2012-06-07 15:24 - 2012-06-07 15:24 - 00014200 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]mad.men.s05e12.hdtv.x264.asap.eztv.torrent
    2012-06-07 14:51 - 2012-06-07 12:39 - 266351680 ____A C:\Users\Jayski_Laptop\Downloads\Animal Pak Arms Vol. I.avi
    2012-06-07 12:39 - 2012-06-07 12:39 - 00020768 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]animal.pak.arms.torrent
    2012-06-07 12:39 - 2012-06-07 12:39 - 00016574 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]animal.pak.vol.ii.chest.torrent
    2012-06-07 11:14 - 2012-06-07 11:14 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{E4E227CD-AD6B-4BDA-83F2-3542480318D2}
    2012-06-07 11:14 - 2012-06-07 11:14 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{A1646A14-78AC-4074-B5C2-0726C6F397CC}
    2012-06-07 11:14 - 2012-06-07 11:13 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{103D3E26-078C-487B-9574-6D2EB351D90A}
    2012-06-07 05:58 - 2012-06-07 05:56 - 09029595 ____A C:\Users\Jayski_Laptop\Downloads\Wiz Khalifa x Curreny Type Instrumental YouTube - [File2HD.com].mp4
    2012-06-07 05:42 - 2012-04-20 12:51 - 00000000 ___AD C:\Users\Jayski_Laptop\Documents\WRKOUT
    2012-06-07 04:45 - 2012-06-07 04:45 - 01102484 ____A C:\Users\Jayski_Laptop\Downloads\WD_Quick_Formatter_Win_1_2_0_10.zip
    2012-06-06 23:13 - 2012-06-06 23:13 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{D08D660D-7BD9-40B3-9BFE-431EB33B8D2C}
    2012-06-06 23:13 - 2012-06-06 23:12 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{3A6EF5CC-5CEE-4FB6-9786-98B6A38CD2C5}
    2012-06-06 23:12 - 2012-06-05 21:50 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{80519584-5A49-4B6B-9935-D2AF4A4FD494}
    2012-06-06 23:08 - 2012-06-06 23:08 - 01282663 ____A C:\Users\Jayski_Laptop\Documents\Keung7.psd
    2012-06-06 11:12 - 2012-06-06 11:12 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{3DC6B928-5A42-4A54-9A6B-BF9F00E729C9}
    2012-06-06 11:12 - 2012-06-06 11:11 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{E59E8D91-2879-405C-BCB3-0E492D98E8F9}
    2012-06-05 21:51 - 2012-06-05 21:51 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{26564367-74A0-4EE8-9644-8038EC2CD69C}
    2012-06-05 21:51 - 2012-06-05 21:50 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5B2AC70C-D61F-4640-85A8-6166496FE441}
    2012-06-05 10:17 - 2012-06-05 10:17 - 00540397 ____A C:\Users\Jayski_Laptop\Downloads\Picture 4 (1).png
    2012-06-05 10:17 - 2012-06-05 10:17 - 00444875 ____A C:\Users\Jayski_Laptop\Downloads\Picture 2 (1).png
    2012-06-05 10:17 - 2012-06-05 10:17 - 00407986 ____A C:\Users\Jayski_Laptop\Downloads\Picture 3 (1).png
    2012-06-05 09:51 - 2012-06-05 09:51 - 00017908 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-06 at 1.53.08 AM.png
    2012-06-05 09:50 - 2012-06-05 09:49 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{63BFD282-F16D-448F-A81C-A0B78936F93E}
    2012-06-05 09:42 - 2012-06-05 09:42 - 00122188 ____A C:\Users\Jayski_Laptop\Downloads\THE DESK (1).pdf
    2012-06-05 09:42 - 2012-06-05 09:42 - 00069552 ____A C:\Users\Jayski_Laptop\Downloads\THE DESK.pdf
    2012-06-04 21:51 - 2012-06-04 21:51 - 00019563 ____A C:\Users\Jayski_Laptop\Downloads\Big_K.R.I.T.-Live_From_The_Underground-2012-FTD+%2ANEW%2A.torrent
    2012-06-04 21:49 - 2012-06-04 21:49 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{C7F4A22B-B6CD-4862-ACC9-A0DB1D565F88}
    2012-06-04 13:30 - 2012-06-04 13:30 - 00013778 ____A C:\Users\Jayski_Laptop\Downloads\Curren%24y+-+The+Stoned+Immaculate+%28Deluxe+Version%29+%7B320+kbps%7D.torrent
    2012-06-04 11:25 - 2012-06-03 09:30 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\[ www.TorrentDay.com ] - Mad.Men.S05E11.The.Other.Woman.HDTV.x264-ASAP
    2012-06-04 11:11 - 2012-06-03 09:29 - 375859598 ____A C:\Users\Jayski_Laptop\Downloads\Mad.Men.S05E09.HDTV.x264-ASAP.mp4
    2012-06-04 11:06 - 2012-06-03 09:29 - 355438042 ____A C:\Users\Jayski_Laptop\Downloads\Mad Men - S05E10.avi
    2012-06-04 09:48 - 2012-06-04 09:48 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{870806A8-4509-47E6-9366-B60C02F1E11B}
    2012-06-03 09:29 - 2012-06-03 09:29 - 00027920 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+S05E11+The+Other+Woman+HDTV+x264-ASAP.torrent
    2012-06-03 09:29 - 2012-06-03 09:29 - 00015040 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+S05E09+HDTV+x264-ASAP+%5Beztv%5D.torrent
    2012-06-03 09:29 - 2012-06-03 09:29 - 00014401 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+-+S05E10.avi.torrent
    2012-06-03 09:29 - 2012-06-03 09:29 - 00014040 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+S05E08+HDTV+x264-ASAP+%5Beztv%5D.torrent
    2012-06-03 09:28 - 2012-06-03 09:28 - 00014940 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+S05E07+HDTV+x264+ASAP+mp4.torrent
    2012-06-03 09:27 - 2012-06-03 09:27 - 00015186 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+S05E06+PROPER+HDTV+x264-2HD+%5Beztv%5D.torrent
    2012-06-03 09:27 - 2012-06-03 09:27 - 00014723 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+-+Signal+30+5x5+%5BHDTV+-+FQM%5D.torrent
    2012-06-03 09:25 - 2012-06-02 00:18 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\London_Trip_Movie
    2012-06-03 08:19 - 2012-06-03 08:19 - 00012050 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-04 at 12.21.02 AM.png
    2012-06-03 08:07 - 2012-06-03 08:07 - 00015025 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-04 at 12.09.13 AM.png
    2012-06-03 07:57 - 2012-06-03 07:57 - 00011725 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 11.59.01 PM.png
    2012-06-03 07:40 - 2012-06-03 07:34 - 00800216 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 11.35.42 PM.png
    2012-06-03 06:12 - 2012-06-03 06:03 - 01163011 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 10.04.58 PM.png
    2012-06-03 04:54 - 2012-06-03 04:54 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{856DEC75-067D-41DC-8FF7-F3A41D178A99}
    2012-06-03 04:54 - 2012-06-03 04:54 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{227D7F96-2117-49E8-B052-05BDD929723A}
    2012-06-03 04:19 - 2012-06-03 04:19 - 00015074 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+S05E04+HDTV+x264-ASAP+%5Beztv%5D.torrent
    2012-06-03 00:15 - 2012-04-24 13:51 - 00001049 ____A C:\Users\Jayski_Laptop\Desktop\Dropbox.lnk
    2012-06-02 14:58 - 2012-06-02 14:58 - 00015812 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+S05E03+HDTV+RM-ASAP+%5Beztv%5D.torrent
    2012-06-02 12:04 - 2012-06-02 12:04 - 00016901 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 4.06.21 AM.png
    2012-06-02 11:54 - 2012-06-02 11:54 - 00012197 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 3.56.12 AM.png
    2012-06-02 11:49 - 2012-06-02 11:49 - 00021099 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 3.50.38 AM.png
    2012-06-02 11:43 - 2012-06-02 11:43 - 00020555 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 3.45.19 AM.png
    2012-06-02 11:02 - 2012-06-02 11:02 - 00012515 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 3.04.12 AM.png
    2012-06-02 10:57 - 2012-06-02 10:57 - 00014714 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 2.59.20 AM.png
    2012-06-02 10:55 - 2012-06-02 10:54 - 00015140 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 2.56.42 AM.png
    2012-06-02 10:53 - 2012-06-02 10:53 - 00013307 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 2.55.24 AM 1.png
    2012-06-02 10:44 - 2012-06-02 10:43 - 00013384 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-03 at 2.45.30 AM.png
    2012-06-02 06:35 - 2012-05-18 10:02 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\Worthersee_2012_Movie
    2012-06-02 04:06 - 2011-03-04 06:42 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Roaming\SolidWorks
    2012-06-02 03:16 - 2012-06-02 02:57 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Being John Malkovich[1999]DVDRip-FiveXS
    2012-06-02 02:55 - 2012-06-02 02:55 - 00028509 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]being.john.malkovich.1999.dvdrip.fivexs.torrent
    2012-06-02 00:26 - 2012-06-02 00:25 - 00337357 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-02 at 4.27.27 PM.png
    2012-06-01 23:46 - 2012-06-01 23:46 - 00026277 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-02 at 12.07.40 PM.png
    2012-06-01 23:45 - 2012-06-01 23:45 - 00032317 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-06-02 at 12.07.32 PM.png
    2012-06-01 12:25 - 2012-06-01 11:25 - 169217274 ____A C:\Users\Jayski_Laptop\Downloads\Chelsea.Lately.2012.05.08.Morgan.Spurlock.HDTV.x264-2HD.mp4
    2012-06-01 11:49 - 2012-06-01 11:49 - 00029718 ____A C:\Users\Jayski_Laptop\Downloads\Mad+Men+S05E01-E02+HDTV+x264-ASAP+%5Beztv%5D.torrent
    2012-06-01 11:46 - 2012-06-01 11:46 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{CC9BE67F-1241-442F-8A5F-16D2CEBDEB66}
    2012-06-01 11:46 - 2012-06-01 11:46 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{15D292C2-9919-4854-BEAD-6A3622C37281}
    2012-06-01 11:25 - 2012-06-01 11:25 - 00013694 ____A C:\Users\Jayski_Laptop\Downloads\Chelsea+Lately+2012+05+08+Morgan+Spurlock+HDTV+x264-2HD+mp4.torrent
    2012-06-01 10:25 - 2012-06-01 09:45 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\The.Shining.1980.720p.BRRiP.x264.AAC(5.1).mkv-Zen_Bud
    2012-06-01 09:45 - 2012-06-01 09:45 - 00040521 ____A C:\Users\Jayski_Laptop\Downloads\The.Shining.1980.720p.BRRiP.x264.AAC%285.1%29.mkv-Zen_Bud.torrent
    2012-06-01 05:59 - 2011-10-20 11:43 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\C4D.SoftwareR13RC gRabb9
    2012-05-31 23:45 - 2012-05-31 23:45 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{E468D392-9B7E-443E-8301-289B582B5F7B}
    2012-05-31 23:45 - 2012-05-31 23:45 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{9E1D1CAA-E3DB-4794-BADD-379F4948F773}
    2012-05-31 08:03 - 2011-01-04 17:49 - 00740886 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
    2012-05-31 08:03 - 2011-01-04 17:49 - 00001945 ____A C:\Windows\epplauncher.mif
    2012-05-31 08:01 - 2012-05-31 08:00 - 12621696 ____A (Microsoft Corporation) C:\Users\Jayski_Laptop\Downloads\mseinstall (1).exe
    2012-05-31 06:35 - 2012-05-31 06:35 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{EA76323E-CDF3-4833-974D-BD9BD62EABC5}
    2012-05-31 06:35 - 2012-05-31 06:35 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{7946AC36-652C-4C87-A657-08044FF37EA9}
    2012-05-29 22:03 - 2010-01-26 18:10 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\Bills Paid
    2012-05-29 13:50 - 2012-05-29 13:50 - 00000000 __SHD C:\Windows\System32\%APPDATA%
    2012-05-29 13:26 - 2012-05-29 13:26 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{02B24216-D5B2-4632-9843-3F9E328D90D1}
    2012-05-29 13:26 - 2012-05-29 13:25 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{8495C5B9-1D0E-43DC-9C58-F5EBDB548B82}
    2012-05-29 13:20 - 2011-12-13 12:12 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\Batmobile_Batman&Robin
    2012-05-28 12:43 - 2012-05-28 12:43 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{D8441E6B-729A-4705-93AA-060F5E8C45F5}
    2012-05-28 12:42 - 2012-05-28 12:42 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{C883AB48-8111-47E7-8352-7725E4C63BB6}
    2012-05-27 22:30 - 2012-05-01 10:32 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\London_Trip_2012
    2012-05-27 15:26 - 2012-05-27 15:25 - 04959640 ____A C:\Users\Jayski_Laptop\Downloads\QuickBounce12.mp3
    2012-05-27 15:25 - 2012-05-27 15:25 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5E637022-5A92-4732-AF0A-7E244E411FDF}
    2012-05-27 15:25 - 2012-05-27 15:24 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{CECD077B-6629-4AF3-8D1C-94ECB17D70C0}
    2012-05-27 08:02 - 2012-05-27 08:02 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{9EEAB016-7A94-486C-B5BB-226BE289BDD2}
    2012-05-26 17:36 - 2012-05-26 17:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{FFA47962-C4D2-4E67-85A5-868445B3E002}
    2012-05-26 17:36 - 2012-05-26 17:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{04E411DB-9EC3-4631-BB4B-35BB233BBD0A}
    2012-05-26 01:09 - 2012-05-26 01:09 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{EE11483B-DC1D-4242-8CE7-A3998B1908CA}
    2012-05-26 01:09 - 2012-05-26 01:09 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{CE86D454-A410-4ECE-8A97-7E16430B3A09}
    2012-05-25 23:50 - 2012-05-25 23:50 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{8B7FC681-F174-41CE-B457-951DDD92F769}
    2012-05-24 11:49 - 2012-05-21 11:38 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Mad.Men.Season.4.320p.HDTV.H264
    2012-05-24 11:09 - 2011-01-04 15:38 - 00002445 ____A C:\Users\Jayski_Laptop\Desktop\Google Chrome.lnk
    2012-05-24 10:33 - 2012-05-24 10:33 - 00001847 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
    2012-05-24 10:33 - 2012-05-24 10:33 - 00000000 ____D C:\Program Files (x86)\QuickTime
    2012-05-24 10:20 - 2012-05-24 10:19 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5E68F3B5-A8C6-4D1F-8610-92068C733ABA}
    2012-05-24 10:19 - 2012-05-24 10:19 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{CAB7917D-6EFC-49C6-A31E-386FD26B6174}
    2012-05-23 10:55 - 2012-05-23 10:55 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{ADE649E4-EE45-4FAD-A1AB-737AA571A04D}
    2012-05-23 10:55 - 2012-05-23 10:55 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5272B461-72AD-4258-A330-2C71D3F52085}
    2012-05-22 21:50 - 2012-05-22 21:50 - 00034975 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-05-23 at 12.04.51 AM.png
    2012-05-22 21:50 - 2012-05-22 21:50 - 00031716 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-05-23 at 12.04.44 AM.png
    2012-05-22 21:50 - 2012-05-22 21:50 - 00026740 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-05-23 at 12.04.57 AM.png
    2012-05-22 11:14 - 2012-05-22 11:14 - 00038238 ____A C:\Users\Jayski_Laptop\Downloads\designertheme.zip
    2012-05-22 10:56 - 2012-05-22 10:56 - 00152969 ____A C:\Users\Jayski_Laptop\Downloads\portfolium.zip
    2012-05-22 09:51 - 2012-05-22 09:51 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{FF38B70A-AEC8-4D61-A482-EE2DFBFAEA36}
    2012-05-22 09:51 - 2012-05-22 09:51 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{C8DBD1E3-A214-4971-BFA2-812BAFC66BB2}
    2012-05-21 12:36 - 2012-05-21 12:36 - 00000053 ____A C:\Users\Jayski_Laptop\Downloads\google912d1b1e5d4a4cf8.html
    2012-05-21 11:38 - 2012-05-21 11:38 - 00025901 ____A C:\Users\Jayski_Laptop\Downloads\Mad.Men.Season.4.320p.HDTV.H264.torrent
    2012-05-21 11:31 - 2012-05-21 11:30 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{DF9FA72A-D8BE-49F8-81A6-4D1A13CF57F1}
    2012-05-21 11:30 - 2012-05-21 11:30 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{34416AE9-05C1-431E-B45D-B61DB3ECDC2C}
    2012-05-20 21:55 - 2012-05-20 21:55 - 00023717 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]tito.lopez.the.king.wit.no.crown.the.prequel.plus.cut.tracks.2009.torrent
    2012-05-20 21:55 - 2012-05-20 21:55 - 00015172 ____A C:\Users\Jayski_Laptop\Downloads\Tito.Lopez+-+****.H8ters+-+%28Bootleg%29+-+2010+-++%5BNoFS%5D+.torrent
    2012-05-20 21:49 - 2012-05-20 21:49 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{243A3385-CC7B-45FE-B585-7F247AD4BE42}
    2012-05-20 21:49 - 2012-05-20 21:48 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{F8465830-1D16-4C2C-9884-5CCF4EE52CEF}
    2012-05-20 21:48 - 2012-05-20 21:48 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5FD2808E-F872-4949-BCDE-5E512E541637}
    2012-05-20 21:48 - 2012-05-20 21:48 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{445DD9C7-DB18-4046-9350-3D2B0E3AAB81}
    2012-05-20 03:15 - 2012-05-20 03:15 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{089D9308-5EA5-4DE9-9BC9-B4CB3EE15645}
    2012-05-20 03:15 - 2012-05-19 15:14 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{CEB4B4CD-2866-4EE0-A51C-9165E96DAC61}
    2012-05-20 00:52 - 2012-04-07 14:24 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\Adobe
    2012-05-19 15:14 - 2012-05-19 15:14 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{04B42CEA-4A82-49BF-B9E0-C4F42F947A95}
    2012-05-19 04:40 - 2012-05-19 04:40 - 00015599 ____A C:\Users\Jayski_Laptop\Downloads\Adobe+Photoshop+Lightroom+4.0+Final+Multilingual+%28keygen-CORE%29+%5BChingLiu%5D.torrent
    2012-05-19 04:37 - 2012-05-19 04:37 - 00002057 ____A C:\Users\Public\Desktop\Lightroom 4 64-bit.lnk
    2012-05-19 04:37 - 2011-01-04 17:25 - 00000000 ____D C:\Program Files\Common Files\Adobe
    2012-05-19 04:35 - 2011-01-05 13:53 - 00000000 ____D C:\Program Files\Adobe
    2012-05-19 04:26 - 2011-01-04 17:32 - 00000000 ____D C:\Users\Jayski_Laptop\Desktop\Adobe
    2012-05-19 02:31 - 2012-05-19 01:59 - 153866460 ____A C:\Users\Jayski_Laptop\Downloads\TheLostFilesOfTitoLopezReloaded-OnSMASH.zip
    2012-05-19 00:38 - 2012-05-19 00:38 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{183D48FD-0667-4D6E-A261-89768F697B8E}
    2012-05-19 00:38 - 2012-05-19 00:37 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{6F0B0E79-3ABE-4368-83B9-B2857DC5E477}
    2012-05-18 15:07 - 2011-01-04 19:30 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Roaming\Mozilla
    2012-05-18 11:18 - 2012-05-18 11:18 - 01158683 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-05-18 at 3.17.36 PM.png
    2012-05-18 09:36 - 2012-05-18 09:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{DFA3A257-8512-48B2-9F43-76833E220E0B}
    2012-05-18 09:36 - 2012-05-18 09:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{1228C83F-35B9-44F2-9D9F-777AD44EF4DE}
    2012-05-15 21:58 - 2012-05-15 21:58 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{D1531FC5-2061-4AB6-A564-7082E2CB93A0}
    2012-05-15 21:58 - 2012-05-15 21:57 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{6D5FF26A-C1B0-4F71-BDE8-7719EF1B8CFC}
    2012-05-13 21:37 - 2012-05-13 21:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{25A5732F-D14A-45B5-BD38-3CAC3A408A4C}
    2012-05-13 21:36 - 2012-05-13 21:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{351B38B9-2816-4CA6-8C89-6D923DF23302}
    2012-05-13 21:36 - 2012-05-13 21:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{154E819D-9BBE-4EBF-A4CE-A61EA2BDCAE7}
    2012-05-13 21:36 - 2012-05-13 21:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{09C49E68-F710-4E57-A393-05CBF634879F}
    2012-05-13 10:56 - 2012-05-13 09:12 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Kickboxer(Van Damme)[1989]DvDrip[Eng]-prithwi
    2012-05-13 09:12 - 2012-05-13 09:12 - 00056771 ____A C:\Users\Jayski_Laptop\Downloads\Kickboxer%28Van+Damme%29%5B1989%5DDvDrip%5BEng%5D-prithwi.torrent
    2012-05-13 07:33 - 2012-05-13 07:33 - 00014793 ____A C:\Users\Jayski_Laptop\Downloads\The+Crow+%5B1994%5D+DVDRip+XviD-BLiTZKRiEG+avi.torrent
    2012-05-13 03:29 - 2012-05-13 03:29 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{FC63E9A1-1419-4B4D-B6E3-DFE10AB74648}
    2012-05-13 03:29 - 2012-05-13 03:29 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{E16E928F-00EF-4C15-961B-B614FDE45C2F}
    2012-05-13 02:09 - 2012-05-13 02:09 - 00199360 ____A C:\Users\Jayski_Laptop\Downloads\Casino-Royale-007-Ringtone.mp3.zip
    2012-05-12 16:47 - 2012-03-17 09:06 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Roaming\Audacity
    2012-05-12 16:43 - 2012-04-02 12:08 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\HEAVYYYY
    2012-05-12 15:29 - 2012-05-12 15:28 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{ADF33C32-6391-4F08-9971-726D59ACEAFA}
    2012-05-12 15:28 - 2012-05-12 15:28 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{CD74A676-9476-4B95-B371-DBD5947E68A8}
    2012-05-12 08:30 - 2012-05-12 08:30 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\The Airplane Boys - Alignment
    2012-05-12 08:29 - 2012-05-12 08:29 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\KEYS N KRATES - BLACKOUT
    2012-05-12 00:53 - 2011-10-22 16:40 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Font Collection
    2012-05-11 23:55 - 2012-05-11 23:55 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Dreamchasers_2-(DatPiff.com)
    2012-05-11 15:10 - 2012-05-11 15:10 - 00015567 ____A C:\Users\Jayski_Laptop\Downloads\2FDC76638F413426D5FEF4F33FA4F78DEB877C0D.torrent
    2012-05-11 13:49 - 2012-01-22 09:53 - 00069120 __ASH C:\Users\Jayski_Laptop\Thumbs.db
    2012-05-11 13:13 - 2012-05-11 11:28 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\21 Jump Street 2012 R5 NEW LiNE XViD - INSPiRAL
    2012-05-11 11:28 - 2012-05-11 11:28 - 00015440 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]21.jump.street.2012.r5.new.line.xvid.inspiral.torrent
    2012-05-11 10:37 - 2011-06-18 02:31 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\GraphPaperPress
    2012-05-11 08:59 - 2012-05-11 08:59 - 00006887 ____A C:\Users\Jayski_Laptop\Downloads\The+Office+8x24+%5BHDTV+-+LOL%5D.torrent
    2012-05-11 08:35 - 2012-05-11 08:35 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{36D1E622-84E9-4F00-B3E1-220309205B8B}
    2012-05-11 08:35 - 2012-05-11 08:35 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{18A9C8C0-6781-4FCE-98F6-2BDD38171E4E}
    2012-05-10 13:28 - 2012-05-10 13:27 - 00206594 ____A C:\Users\Jayski_Laptop\Downloads\Picture 19.png
    2012-05-10 06:37 - 2012-05-10 06:37 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{99ABC755-C60F-4CE7-BF13-D68746BA760A}
    2012-05-10 06:37 - 2012-05-10 06:37 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{7AADBA48-6415-4F7E-BED4-158AFE4F8E3D}
    2012-05-09 14:30 - 2012-05-09 14:30 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{A0DC139B-EFC0-4488-AF09-258CA2161F50}
    2012-05-09 14:30 - 2012-05-09 14:29 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{A5135227-5A13-49A0-B497-CDAB166C2611}
    2012-05-09 14:28 - 2009-07-13 20:45 - 05882168 ____A C:\Windows\System32\FNTCACHE.DAT
    2012-05-09 02:34 - 2011-01-14 12:20 - 00000000 ____D C:\Users\All Users\Microsoft Help
    2012-05-09 02:34 - 2011-01-07 05:31 - 57848688 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2012-05-09 02:25 - 2010-12-25 11:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2012-05-09 02:25 - 2009-07-13 23:46 - 00000000 ____D C:\Program Files\Windows Journal
    2012-05-09 00:40 - 2012-05-09 00:40 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{CEC767C7-D411-47F8-9DE3-EE39B1EC43A7}
    2012-05-09 00:40 - 2012-05-09 00:40 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{6765BE87-D435-4811-9376-F996601F0252}
    2012-05-08 12:56 - 2012-05-08 12:56 - 00262080 ____A C:\Windows\ntbtlog.txt
    2012-05-08 10:56 - 2012-05-08 10:56 - 00132334 ____A C:\Users\Jayski_Laptop\Downloads\jsgt-by-citroen-race-car-rear.jpeg
    2012-05-08 05:56 - 2012-05-08 05:56 - 00057539 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-05-08 at 9.57.47 AM.png
    2012-05-08 04:08 - 2012-05-08 04:08 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{262BC6C4-7C29-42A1-BB73-933E9252192D}
    2012-05-08 04:08 - 2012-05-08 04:08 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{1087C280-819F-4E3B-A885-4877E0012509}
    2012-05-07 13:31 - 2012-05-07 13:31 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{034746E4-8524-4A30-A432-4EA0D470EB4B}
    2012-05-07 13:30 - 2012-05-07 13:30 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{321B8E33-79FE-4898-8745-518D9108DFFA}
    2012-05-07 04:19 - 2012-05-07 04:19 - 00419488 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2012-05-07 04:19 - 2011-09-05 09:43 - 00070304 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2012-05-06 22:12 - 2012-05-06 22:11 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{4B08E505-DC04-4308-A686-4D9B85F3C3E0}
    2012-05-06 22:11 - 2012-05-06 22:11 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{F9E8DFE2-00C5-4AF5-805D-2F38B981742C}
    2012-05-06 22:11 - 2012-05-06 22:11 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5A3F7839-F607-4EDE-B183-6E237FC9DD76}
    2012-05-06 22:11 - 2012-05-04 15:09 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{3379A989-422B-4239-B4AB-CB85F4780EDF}
    2012-05-06 10:34 - 2012-05-04 23:05 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Mad Men Season 3
    2012-05-06 09:57 - 2012-05-06 09:57 - 00035027 ____A C:\Users\Jayski_Laptop\Downloads\[mnova.eu] 21_Jump_Street_2012_TS_Xvid_UnKnOwN.torrent
    2012-05-06 09:43 - 2012-05-06 09:43 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{8230ED58-AE7E-44D6-A2D6-B3A134A16A72}
    2012-05-06 09:43 - 2012-05-06 09:43 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{7E0DCBD2-B323-4683-8BCB-C36CFAD0C573}
    2012-05-06 09:43 - 2012-05-06 09:43 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5EB856E4-F5E7-41E4-9E59-9FCD15475E05}
    2012-05-06 05:46 - 2012-05-06 05:46 - 01606064 ____A C:\Users\Jayski_Laptop\Downloads\googletalk-setup.exe
    2012-05-06 05:41 - 2012-05-06 05:41 - 00020784 ____A C:\Users\Jayski_Laptop\Downloads\[mnova.eu] 007_James_Bond_-_Casino_Royale_(2006)_HDrip_x264_-_500MB_-_YIFY.torrent
    2012-05-05 21:19 - 2012-05-05 21:19 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{F4D86234-E9E1-4EDA-8F75-553DB10B78CD}
    2012-05-05 21:19 - 2012-05-05 21:19 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{DF4C95DE-8977-4196-9A71-7B3A61096A8A}
    2012-05-05 21:18 - 2012-05-04 15:08 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{31D472B6-037B-4301-BE3C-3A83C29E07F8}
    2012-05-05 09:18 - 2012-05-05 09:18 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{7DA363BF-9D9B-4CE1-AA62-26F6086EF52E}
    2012-05-05 09:18 - 2012-05-05 09:18 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{566B19BF-FD77-4B52-A712-6D4741171FEC}
    2012-05-04 23:04 - 2012-05-04 23:04 - 00092974 ____A C:\Users\Jayski_Laptop\Downloads\[mnova.eu] Mad_Men_Season_3_XviD_HDTV.torrent
    2012-05-04 15:09 - 2012-05-04 15:09 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{ADF35E79-20EC-4752-B3F8-DA3FAC3CC470}
    2012-05-04 15:09 - 2012-05-04 15:09 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{A80BB525-E22E-4D99-B99F-ED510C90B79B}
    2012-05-04 12:31 - 2012-05-04 12:31 - 00007147 ____A C:\Users\Jayski_Laptop\Downloads\The+Office+S08E23+HDTV+x264-LOL+%5BVTV%5D+mp4.torrent
    2012-05-04 03:08 - 2012-05-04 03:07 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{A4681BA4-25E1-4856-ABC6-894FA624F0B6}
    2012-05-04 03:07 - 2012-05-04 03:07 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{A81AD207-5F58-408C-A423-90C1E5B7B091}
    2012-05-03 06:10 - 2012-05-03 06:10 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{ACEE970D-424C-4320-81AF-C1B960611E02}
    2012-05-03 06:10 - 2012-05-03 06:10 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{285DC766-170B-4BDA-976F-38883A2F7CE0}
    2012-05-02 05:36 - 2012-05-02 05:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{B408736F-0139-4033-8BA8-0DA641823D7F}
    2012-05-02 05:36 - 2012-05-02 05:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{67FB8F9D-1920-489F-A412-CEC0EFE10D4F}
    2012-05-01 10:36 - 2012-05-01 10:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{CF120B84-16C2-4EB0-8B30-54FA1FFD14D6}
    2012-05-01 10:36 - 2012-05-01 10:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{317269F7-6A4B-4CB1-90DC-4386ABCB714D}
    2012-05-01 10:36 - 2012-04-29 11:34 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{1B27ABD7-4F01-43CA-8A18-41DB8222C357}
    2012-05-01 10:35 - 2012-05-01 10:35 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{44A713C4-5CB4-4788-B854-BF680CE0A3CD}
    2012-05-01 08:02 - 2012-05-01 08:02 - 00064962 ____A C:\Users\Jayski_Laptop\Downloads\IMG-20120501-00030.jpeg
    2012-05-01 08:00 - 2012-05-01 08:00 - 00054046 ____A C:\Users\Jayski_Laptop\Downloads\IMG-20120501-00027.jpeg
    2012-05-01 07:53 - 2012-05-01 07:53 - 00066936 ____A C:\Users\Jayski_Laptop\Downloads\IMG-20120501-00026.jpeg
    2012-05-01 07:53 - 2012-05-01 07:53 - 00065625 ____A C:\Users\Jayski_Laptop\Downloads\IMG-20120501-00028.jpeg
    2012-05-01 05:56 - 2011-07-18 11:43 - 00029696 ____A C:\Users\Jayski_Laptop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2012-04-30 22:35 - 2012-04-30 22:35 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{9ACE8730-5958-44BD-B01D-18D6CDEDE827}
    2012-04-30 22:35 - 2012-04-30 22:34 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{D365FFBD-656E-4F79-9A10-99330D20E4EE}
    2012-04-30 22:34 - 2012-04-28 23:33 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{33353E1E-C69D-440E-8133-BED1E4CE822C}
    2012-04-30 11:32 - 2012-04-30 11:32 - 00182643 ____A C:\Users\Jayski_Laptop\Downloads\Miami+Vice+Seasons+3+and+4+DVDrip+w+Eng+SRTs+++%28Demonoid%29.torrent
    2012-04-30 11:08 - 2012-04-30 11:08 - 00014826 ____A C:\Users\Jayski_Laptop\Downloads\MellowHype+-+BlackenedWhite+%2B+Digital+Booklet+%5B2011-Album%5D%5BSW%5D.torrent
    2012-04-30 10:58 - 2012-04-30 10:56 - 10924865 ____A C:\Users\Jayski_Laptop\Downloads\Little Brother Loving It instrumental
     
  4. jayski

    jayski TS Rookie Topic Starter Posts: 23

    2012-04-30 10:55 - 2010-06-26 03:53 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\Mixtape_Im_Not_A_Rapper
    2012-04-30 09:06 - 2012-04-30 09:06 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{C2ECAD44-81E1-4B18-B608-5A4F90419BEF}
    2012-04-30 09:06 - 2012-04-30 09:06 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{01DC2063-8D6C-4F9F-9F06-E99F67F4F60A}
    2012-04-29 21:44 - 2012-03-16 08:21 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\AUDI_TEMP
    2012-04-29 11:35 - 2012-04-29 11:35 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{FF7774ED-9407-4ADF-AA5D-1DE176717D96}
    2012-04-29 11:35 - 2012-04-29 11:35 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{F56B81E2-8FFB-4782-AE3E-6F26C5E2A07C}
    2012-04-29 08:02 - 2012-04-29 08:01 - 08092638 ____A C:\Users\Jayski_Laptop\Downloads\VID-20120429-00000.3GP
    2012-04-29 04:04 - 2012-04-29 04:04 - 00013469 ____A C:\Users\Jayski_Laptop\Downloads\JASON' loan.docx
    2012-04-29 01:31 - 2012-04-29 01:31 - 00231388 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]purple.rain.1984.brrip.xvidhd.720p.npw.torrent
    2012-04-29 01:21 - 2012-04-29 01:21 - 00033870 ____A C:\Users\Jayski_Laptop\Downloads\Action+Bronson+-+Blue+Chips-2012-MIXFIEND.torrent
    2012-04-29 00:10 - 2012-04-28 23:52 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Coast 2 Coast Instrumentals Vol. 38-2012-MIXFIEND
    2012-04-29 00:05 - 2012-04-28 23:52 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Coast 2 Coast Instrumentals Vol. 37-2012-MIXFIEND
    2012-04-28 23:52 - 2012-04-28 23:52 - 00041018 ____A C:\Users\Jayski_Laptop\Downloads\Coast+2+Coast+Instrumentals+Vol.+37-2012-MIXFIEND.torrent
    2012-04-28 23:52 - 2012-04-28 23:52 - 00029228 ____A C:\Users\Jayski_Laptop\Downloads\Coast+2+Coast+Instrumentals+Vol.+38-2012-MIXFIEND.torrent
    2012-04-28 23:34 - 2012-04-28 23:33 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{A0B5C87B-E8E3-4ECE-9987-814686C60795}
    2012-04-28 23:10 - 2012-04-28 23:10 - 00087316 ____A C:\Users\Jayski_Laptop\Downloads\Invoice_Download_19808060_2012_04_11.pdf
    2012-04-28 22:58 - 2010-12-25 12:43 - 00041644 ____A C:\Windows\PFRO.log
    2012-04-28 21:24 - 2012-04-28 21:23 - 05182216 ____A (Web Solution Mart ) C:\Users\Jayski_Laptop\Downloads\setup (1).exe
    2012-04-28 21:20 - 2012-04-28 21:20 - 00018852 ____A C:\Users\Jayski_Laptop\Downloads\cs4.torrent
    2012-04-28 21:19 - 2012-04-28 21:19 - 00001761 ____A C:\Users\Jayski_Laptop\Downloads\drive.torrent
    2012-04-28 21:18 - 2012-04-28 21:18 - 00017090 ____A C:\Users\Jayski_Laptop\Downloads\ps.torrent
    2012-04-28 12:40 - 2012-04-28 12:40 - 00067172 ___AT C:\Users\Jayski_Laptop\Downloads\Imagesdsd
    2012-04-28 11:41 - 2012-04-28 11:41 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
    2012-04-28 11:40 - 2012-04-28 11:40 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Roaming\WTablet
    2012-04-28 11:40 - 2012-04-28 11:40 - 00000000 ____D C:\Program Files\Tablet
    2012-04-28 11:40 - 2011-01-05 14:55 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
    2012-04-28 11:38 - 2012-04-28 11:36 - 31201144 ____A C:\Users\Jayski_Laptop\Downloads\WacomTablet_6.3.1w3.exe
    2012-04-28 11:33 - 2012-04-28 11:32 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{B06B1C98-5662-414D-9182-9E0143BEA7D9}
    2012-04-28 11:32 - 2012-04-28 11:32 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{F2FB7A65-278E-44EE-BCD0-ACB05DE1A085}
    2012-04-28 10:23 - 2012-04-28 10:23 - 00007647 ____A C:\Users\Jayski_Laptop\Downloads\The+Office+S08E22+HDTV+x264-LOL+%5BVTV%5D+mp4.torrent
    2012-04-28 06:47 - 2012-04-28 06:47 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{DD288702-9A2D-4D5D-BE6A-7D99550955C6}
    2012-04-27 06:20 - 2012-04-27 06:20 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{7B7A25ED-510E-49FB-9C16-9BA30F7752FF}
    2012-04-27 06:20 - 2012-04-27 06:20 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5D5F7B0A-CF46-4E1F-B802-42F1E34A9996}
    2012-04-26 10:07 - 2012-04-26 10:07 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{36227C17-7A28-43CE-B0A5-7107DF8455BC}
    2012-04-26 10:07 - 2012-04-26 10:06 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{28EBF3DF-5F4D-4326-AA5A-3CAB1E455B31}
    2012-04-25 22:06 - 2012-04-25 22:06 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{B60FAD69-8B59-4F47-996E-1F87C51E8FB8}
    2012-04-25 22:06 - 2012-04-25 22:06 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{0F391072-1262-42F3-92C0-1830C68F4BC7}
    2012-04-25 08:40 - 2012-04-25 08:39 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{D934D5BB-EC28-4E34-BFA7-3643E170A4A5}
    2012-04-25 08:39 - 2012-04-25 08:39 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{E0FA60BD-1D18-462D-9778-0BEBDC86F125}
    2012-04-24 12:47 - 2012-04-24 12:47 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{67DB481D-2774-4488-8386-80492631CB3D}
    2012-04-24 12:47 - 2012-04-24 12:46 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{B3E4A553-EC4C-4CC7-9EA3-3699E85DE66B}
    2012-04-23 13:58 - 2012-04-23 13:58 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{443A0EA9-1BB6-48C1-A697-4C01F5FE8767}
    2012-04-23 13:58 - 2012-04-23 13:58 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{3232866A-0B0D-4273-9BBE-95FF4ECFC3EB}
    2012-04-22 21:46 - 2012-04-22 21:46 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{EA1A9625-3E45-4DBB-A85C-C98F43FAC34B}
    2012-04-22 21:46 - 2012-04-22 21:46 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{AAAC0CE2-26DF-4F5E-9A82-5F9B9E88FDC5}
    2012-04-22 21:46 - 2012-04-22 21:45 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{99181512-6FCE-452E-BEF3-4B1E698211BE}
    2012-04-22 21:45 - 2012-04-22 21:45 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{7CEFD05A-AE57-4A8F-A83B-A99CB14A47C7}
    2012-04-22 13:47 - 2012-04-06 12:17 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\Capture_The_Swag
    2012-04-22 05:55 - 2012-04-22 05:55 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{96B87F3F-A2E0-4272-A696-4037765AABF0}
    2012-04-22 05:55 - 2012-04-22 05:54 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{25626C7F-DEB3-43C0-8638-B09083D63508}
    2012-04-21 17:54 - 2012-04-21 17:54 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{3C4B6CD3-5887-43B8-B5F4-18709A3FED61}
    2012-04-21 17:54 - 2012-04-21 17:54 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{251C15FC-EE43-49D6-A7DF-04DF36A2DC79}
    2012-04-21 06:43 - 2012-04-21 06:43 - 00029848 ____A C:\Users\Jayski_Laptop\Downloads\Adobe+Photoshop+Lightroom+v4.0+Multilingual+Incl.+Key~snake_charmer.torrent
    2012-04-21 02:30 - 2012-04-21 02:30 - 00007561 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]the.office.s08e21.hdtv.x264.lol.vtv.mp4.torrent
    2012-04-21 02:17 - 2012-04-21 02:17 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{F6BB58B3-25E6-4776-A3F3-43CFF9B807E3}
    2012-04-21 02:17 - 2012-04-21 02:17 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{BF40B484-8840-48E5-88AB-CA819DDBE6D7}
    2012-04-21 01:33 - 2012-04-21 01:32 - 00545736 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-04-21 at 5.33.59 AM.png
    2012-04-20 14:17 - 2012-04-20 14:16 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{2A18DEF0-4F74-4E1D-B1AA-3AA8A7A83E10}
    2012-04-20 14:16 - 2012-04-20 14:16 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{56FC24CF-DCD9-4994-A388-5A31222A76BF}
    2012-04-20 13:03 - 2012-04-14 08:56 - 00000000 ____D C:\Program Files (x86)\Google
    2012-04-20 12:49 - 2012-04-20 12:46 - 38676209 ____A C:\Users\Jayski_Laptop\Downloads\WRKOUT.zip
    2012-04-20 02:52 - 2011-12-26 11:23 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\My Scanned Documents
    2012-04-20 02:15 - 2012-04-20 02:15 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{EA875D32-773B-4D25-9190-D96D2BCB19E8}
    2012-04-20 02:15 - 2012-04-20 02:15 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{19B5FBB2-7932-4A56-885D-2031E3790D73}
    2012-04-19 12:20 - 2012-04-19 12:20 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{FB68C4A5-E64F-4C1F-92C5-3745D914F0EF}
    2012-04-19 12:20 - 2012-04-18 23:20 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{B14A3211-787D-4EAA-A8F2-E008374733A4}
    2012-04-18 23:21 - 2012-04-18 23:20 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{558271E2-5C57-499B-9FB4-DAF209058C9D}
    2012-04-18 11:20 - 2012-04-18 11:20 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{08CD561D-786D-4134-A3F5-6CA29477B313}
    2012-04-18 11:20 - 2012-04-17 23:19 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{A338DE0D-E652-45D5-BCD3-B9AE24EAE723}
    2012-04-18 10:56 - 2012-04-18 10:56 - 00094208 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx
    2012-04-18 10:56 - 2012-04-18 10:56 - 00069632 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts
    2012-04-17 23:47 - 2012-04-28 11:40 - 01830776 ____A (Wacom Technology, Corp.) C:\Windows\System32\Wintab32.dll
    2012-04-17 23:47 - 2012-04-28 11:40 - 01816440 ____A (Wacom Technology, Corp.) C:\Windows\System32\WacomMT.dll
    2012-04-17 23:47 - 2012-04-28 11:40 - 01765240 ____A (Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.dll
    2012-04-17 23:47 - 2012-04-28 11:40 - 01758584 ____A (Wacom Technology, Corp.) C:\Windows\System32\Wacom_Touch_Tablet.dll
    2012-04-17 23:47 - 2012-04-28 11:40 - 01496952 ____A (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
    2012-04-17 23:47 - 2012-04-28 11:40 - 01484152 ____A (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
    2012-04-17 23:47 - 2012-04-28 11:40 - 01450872 ____A (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
    2012-04-17 23:47 - 2012-04-28 11:40 - 01444216 ____A (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
    2012-04-17 23:19 - 2012-04-17 23:19 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{B373ADCC-C974-4AF6-BCA5-5B0728A52B94}
    2012-04-17 12:36 - 2012-04-17 12:36 - 00140270 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-04-17 at 4.36.08 PM.png
    2012-04-17 07:01 - 2012-04-17 07:01 - 00157472 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
    2012-04-17 07:01 - 2012-04-17 07:01 - 00149280 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
    2012-04-17 07:01 - 2012-04-17 07:01 - 00149280 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
    2012-04-17 07:01 - 2010-12-25 10:57 - 00472808 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
    2012-04-17 04:46 - 2012-04-17 04:46 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{4996EE3F-55B2-4901-AB1F-2D61AC2860F2}
    2012-04-17 04:46 - 2012-04-17 04:46 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{140F486A-79DC-40AB-8F44-DD7FC8A8D64A}
    2012-04-16 13:03 - 2010-12-25 10:59 - 00000000 ____D C:\Program Files\Broadcom Corporation
    2012-04-16 12:52 - 2012-04-16 12:52 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{3D30881E-8604-433D-A504-5090A4B86985}
    2012-04-15 11:47 - 2012-04-15 11:47 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{F14708E1-1D15-4801-AF0E-D8FA9CE302C1}
    2012-04-15 11:47 - 2012-04-15 11:47 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{C6C85F45-3D3D-43D5-8918-2F489C781CF8}
    2012-04-15 11:47 - 2012-04-15 11:47 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{3DDCD1FD-0B10-4BD4-A5FD-39C16FBD51EE}
    2012-04-15 11:47 - 2012-04-15 11:46 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{6B5E3DA3-84B6-4BB7-BFBB-D9D91456D2B3}
    2012-04-15 06:33 - 2012-04-14 14:53 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Die Hard 3 1995 DvDRiP Dual Audio Hindi Eng[Sub]--ChEtAn
    2012-04-15 02:29 - 2012-04-15 02:29 - 00135421 ____A C:\Users\Jayski_Laptop\Downloads\sight.zip
    2012-04-14 23:46 - 2012-04-14 23:46 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{AB3DE727-5C58-4953-B49E-C8F77B0AC441}
    2012-04-14 23:46 - 2012-04-14 23:46 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{93CD156B-0AE7-4C27-A897-13442184A0FA}
    2012-04-14 14:53 - 2012-04-14 14:53 - 00019232 ____A C:\Users\Jayski_Laptop\Downloads\Die+Hard+3+1995+DvDRiP+Dual+Audio+Hindi+Eng%5BSub%5D+-+ChEtAn.torrent
    2012-04-14 12:44 - 2012-04-14 12:44 - 00025438 ____A C:\Users\Jayski_Laptop\Documents\Softbox_test.wire
    2012-04-14 12:44 - 2012-04-14 12:44 - 00001974 ____A C:\Users\Jayski_Laptop\Documents\Softbox_test.wire.ICON
    2012-04-14 11:27 - 2012-04-14 11:27 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{2E4474F0-47F2-482E-9720-0B10CA46062A}
    2012-04-14 11:27 - 2012-04-14 11:26 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{6F9A0DA6-A57D-4881-8C9C-A8895A3DBD5A}
    2012-04-14 10:18 - 2012-04-09 03:03 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Ocean's.11[2001]DvDrip[Eng]-aXXo
    2012-04-14 09:54 - 2012-04-14 09:54 - 00007895 ____A C:\Users\Jayski_Laptop\Downloads\The+Office+S08E20+HDTV+x264-LOL+%5BVTV%5D+mp4.torrent
    2012-04-14 08:59 - 2011-01-04 15:32 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\LocalLow
    2012-04-14 08:56 - 2012-04-14 08:56 - 00739832 ____A (Google Inc.) C:\Users\Jayski_Laptop\Downloads\GoogleEarthPluginSetup.exe
    2012-04-13 23:53 - 2011-08-19 08:41 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
    2012-04-13 23:53 - 2011-01-04 18:41 - 00000000 ___RD C:\Program Files (x86)\Skype
    2012-04-13 23:26 - 2012-04-13 23:26 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{43663CA3-8675-4D31-9CC0-EA06DF968921}
    2012-04-13 23:26 - 2012-04-13 23:25 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{7A6616AB-8A78-455B-AD36-D0559CBA0565}
    2012-04-13 14:58 - 2012-04-13 14:58 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{FF7E4D72-0FE1-4000-9BA6-6F3F2F63F79D}
    2012-04-13 14:58 - 2012-04-13 14:58 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{9E21166E-FC2E-4BAC-B75C-581DE130E80A}
    2012-04-13 14:55 - 2012-04-13 14:55 - 00000000 ____D C:\Windows\en
    2012-04-13 14:52 - 2010-12-25 11:20 - 00000000 ____D C:\Program Files\Windows Live
    2012-04-13 14:52 - 2010-12-25 11:20 - 00000000 ____D C:\Program Files (x86)\Windows Live
    2012-04-13 14:51 - 2010-12-25 11:19 - 00100830 ____A C:\Windows\DirectX.log
    2012-04-13 14:36 - 2012-04-13 14:36 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{34C9068E-92FC-421B-9DB7-F516DA765628}
    2012-04-13 00:44 - 2012-04-13 00:34 - 248492169 ____A C:\Users\Jayski_Laptop\Downloads\Drake Live Berlin 12042012 YouTube - [File2HD.com].mp4
    2012-04-12 15:10 - 2012-04-12 15:08 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{13494C42-C18A-47E0-BDE4-BA5083749779}
    2012-04-11 13:41 - 2012-04-11 13:40 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{65A17699-687E-4F42-9453-0EF1034D502F}
    2012-04-11 12:24 - 2012-04-11 12:24 - 00196725 ____A C:\Users\Jayski_Laptop\Downloads\error.png
    2012-04-11 01:40 - 2012-04-11 01:40 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{7BDA4DE3-4FC3-4F11-A22A-F3F22DA01288}
    2012-04-10 13:40 - 2012-04-10 13:39 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{6E73C626-D039-4704-A449-0F8FBD4910F9}
    2012-04-10 13:21 - 2012-04-10 13:21 - 00001458 ____A C:\Users\Jayski_Laptop\Documents\Foose Letter.txt
    2012-04-10 01:39 - 2012-04-10 01:39 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{12E0CF60-411D-451A-9095-7FEA4CC6593A}
    2012-04-09 13:25 - 2012-04-09 01:25 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{81DEE84A-1448-4E6B-805F-6D138BA6E30E}
    2012-04-09 13:18 - 2012-04-09 13:18 - 00105615 ____A C:\Users\Jayski_Laptop\Downloads\expositio.zip
    2012-04-09 11:09 - 2011-10-03 13:06 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\Website_2012
    2012-04-09 04:18 - 2012-04-09 04:18 - 00298470 ____A C:\Users\Jayski_Laptop\Downloads\Pattern_Set_2_by_fudgegraphics.zip
    2012-04-09 03:03 - 2012-04-09 03:03 - 00057253 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]oceans.11.2001.dvdrip.eng.axxo.torrent
    2012-04-09 01:25 - 2012-04-09 01:24 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{1542CFA4-084E-4E52-B145-F8B26450D402}
    2012-04-08 13:24 - 2012-04-08 13:24 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{A76B83BF-AA60-4B46-981F-EFCB165BC79A}
    2012-04-08 01:24 - 2012-04-07 01:22 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{F75E3FC6-8BAB-4B04-9E27-319E1CB12D64}
    2012-04-08 01:23 - 2012-04-08 01:23 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{4AE8479C-2FC6-41D7-8363-05C6B531A961}
    2012-04-07 09:53 - 2012-04-07 09:53 - 00152270 ____A C:\Users\Jayski_Laptop\Downloads\Picture 4.png
    2012-04-07 09:11 - 2012-04-07 09:11 - 00134193 ____A C:\Users\Jayski_Laptop\Downloads\Picture 3.png
    2012-04-07 08:08 - 2011-12-11 03:38 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\Bernd Logo
    2012-04-07 06:15 - 2012-04-07 06:15 - 00035424 ____A C:\Users\Jayski_Laptop\Downloads\Banner.png
    2012-04-06 13:22 - 2012-04-06 13:22 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{FFFCF692-25BE-4DD5-9DDA-D94CDFC3AAC0}
    2012-04-06 08:58 - 2012-04-06 08:58 - 00180596 ____A C:\Users\Jayski_Laptop\Downloads\Visualtheme.zip
    2012-04-06 08:47 - 2012-04-06 08:47 - 00066720 ____A C:\Users\Jayski_Laptop\Downloads\StudioDessign.zip
    2012-04-06 08:43 - 2012-04-06 08:43 - 00028077 ____A C:\Users\Jayski_Laptop\Downloads\SwissDessign.zip
    2012-04-06 08:28 - 2012-04-06 08:28 - 00011989 ____A C:\Users\Jayski_Laptop\Downloads\cardeo-mini-wordpress-theme.zip
    2012-04-06 07:36 - 2012-04-05 11:03 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Batman.Year.One.2011.BluRay.720p.x264.DTS.MySilu
    2012-04-06 07:22 - 2012-04-06 07:22 - 00014804 ____A C:\Users\Jayski_Laptop\Downloads\St++Elmos+Fire+1985+DvD+Rip%5BTabsman%5D%5BH33T%5D%5BRelease%5D.torrent
    2012-04-06 02:43 - 2012-04-06 02:43 - 00012325 ____A C:\Users\Jayski_Laptop\Downloads\[mnova.eu] Lone_Wolf_McQuade_1983_DVD9rip_English_Klam.torrent
    2012-04-06 02:40 - 2012-04-05 10:51 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Dirty Dancing 1987 20th Anniversary Edition DvDrip[Eng]-greenbud1969
    2012-04-06 02:39 - 2012-04-06 02:39 - 00013247 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]batman.dead.end.torrent
    2012-04-06 01:21 - 2012-04-06 01:21 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{D37B239D-E6EB-419E-9DE5-B9B21409C5AE}
    2012-04-06 01:21 - 2012-04-05 13:20 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{8987A69B-F98F-4207-95B2-D68CEBF6385F}
    2012-04-06 00:55 - 2011-01-04 15:33 - 00301240 ____A C:\Users\Jayski_Laptop\AppData\Local\GDIPFONTCACHEV1.DAT
    2012-04-05 23:08 - 2012-04-05 23:08 - 00524248 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-04-06 at 1.29.59 AM.png
    2012-04-05 14:37 - 2011-12-13 12:22 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\Batmobile_Batman_Forever
    2012-04-05 11:03 - 2012-04-05 11:03 - 00008882 ____A C:\Users\Jayski_Laptop\Downloads\Batman.Year.One.2011.BluRay.720p.x264.DTS.MySilu.torrent
    2012-04-05 11:02 - 2012-04-05 11:02 - 00076102 ____A C:\Users\Jayski_Laptop\Downloads\92709766FADCC7636E18858AC3CCEC653E406841.torrent
    2012-04-05 10:51 - 2012-04-05 10:51 - 00015270 ____A C:\Users\Jayski_Laptop\Downloads\[kat.ph]dirty.dancing.1987.20th.anniversary.edition.dvdrip.eng.greenbud1969.torrent
    2012-04-05 01:20 - 2012-04-05 01:20 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{90F5FC33-5886-4F62-B4D8-C0E8A0524DB7}
    2012-04-04 13:20 - 2012-04-04 13:19 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{55BA0B4D-9134-4549-930D-383ED744CF9E}
    2012-04-04 01:19 - 2012-04-04 01:19 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{8092108C-D2D2-4ACE-A3FD-994B2433B9FD}
    2012-04-03 14:29 - 2011-12-13 12:24 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\Batmobile_Batman
    2012-04-03 13:19 - 2012-04-03 13:19 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{5609195B-5BFE-4B4D-B0C9-E5AE2B9931C7}
    2012-04-03 09:33 - 2012-04-02 23:13 - 00000400 ____A C:\Windows\System32\Wacom_Tablet.dat
    2012-04-02 22:35 - 2012-04-02 22:34 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{F2E347F3-0A10-429F-B8DC-86DF27768CBD}
    2012-04-02 10:43 - 2012-04-02 10:42 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\bp800
    2012-04-02 10:32 - 2012-04-02 10:32 - 03623741 ____A C:\Users\Jayski_Laptop\Downloads\Dream To Me `1.mp3
    2012-04-02 07:50 - 2012-04-02 07:50 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{C2FC974F-AE5F-4E11-9C21-D508A1E1C04A}
    2012-04-02 07:02 - 2012-04-02 06:59 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Roaming\Windows Live Writer
    2012-04-02 06:59 - 2012-04-02 06:59 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\Windows Live Writer
    2012-04-01 19:49 - 2012-04-01 00:59 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{A24220A0-17FB-4BAB-BBD7-DD024C346FA7}
    2012-04-01 06:23 - 2012-04-01 01:18 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\American.Graffiti.1973.1080p.Bluray.x264.anoXmous
    2012-04-01 01:34 - 2012-04-01 01:34 - 00085654 ____A C:\Users\Jayski_Laptop\Downloads\Invoice_Download_19808060_2012_03_11.pdf
    2012-04-01 01:18 - 2012-04-01 01:18 - 00011701 ____A C:\Users\Jayski_Laptop\Downloads\American+Graffiti+1973+1080p+Bluray+x264+anoXmous.torrent
    2012-03-31 12:42 - 2012-03-31 12:42 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{E932E433-DC5F-4EF3-8008-10F7FAF2059D}
    2012-03-31 10:37 - 2012-03-31 10:37 - 00013155 ____A C:\Users\Jayski_Laptop\Downloads\Goon (2011) DVDRip XviD BBnRG-[rarbg.com].torrent
    2012-03-31 01:28 - 2012-03-31 01:28 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\bp900
    2012-03-31 00:42 - 2012-03-26 03:04 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{D37B3EF1-EA1B-4027-BF82-E3238D75103A}
    2012-03-30 22:05 - 2012-05-09 01:34 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
    2012-03-30 20:39 - 2012-05-09 01:34 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2012-03-30 20:39 - 2012-05-09 01:34 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2012-03-30 19:10 - 2012-05-09 01:34 - 03146240 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2012-03-30 03:35 - 2012-05-09 01:33 - 01918320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
    2012-03-29 14:26 - 2012-03-17 07:45 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\B.O.S.C.O
    2012-03-29 12:52 - 2012-03-29 12:51 - 01542206 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-03-26 at 12.36.00 AM.png
    2012-03-29 11:56 - 2012-03-29 11:56 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\bp1000
    2012-03-29 10:52 - 2012-03-29 10:52 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\bp1200
    2012-03-29 10:06 - 2012-03-29 10:06 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\bp1400
    2012-03-29 04:04 - 2012-04-28 11:40 - 00065912 ____A (Wacom Technology) C:\Windows\System32\Drivers\wachidrouter.sys
    2012-03-29 04:04 - 2012-04-28 11:40 - 00015736 ____A (Wacom Technology) C:\Windows\System32\Drivers\wacomrouterfilter.sys
    2012-03-29 04:04 - 2012-04-28 11:40 - 00013688 ____A (Windows (R) Win 7 DDK provider) C:\Windows\System32\Drivers\hidkmdf.sys
    2012-03-29 00:00 - 2012-03-29 00:00 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk
    2012-03-29 00:00 - 2012-03-28 23:59 - 00000000 ____D C:\Program Files\iTunes
    2012-03-29 00:00 - 2012-03-28 23:59 - 00000000 ____D C:\Program Files (x86)\iTunes
    2012-03-28 23:59 - 2012-03-28 23:59 - 00000000 ____D C:\Program Files\iPod
    2012-03-28 13:56 - 2012-03-28 13:56 - 01692672 ____A C:\Windows\SysWOW64\mprdin.dll
    2012-03-28 13:56 - 2012-03-28 13:56 - 00000400 ____A C:\Windows\SysWOW64\mprdin.ocx
    2012-03-28 04:07 - 2012-03-28 04:06 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{163257B9-EAD5-4FE8-9BF1-5F9DAFFAF441}
    2012-03-28 04:06 - 2012-03-28 04:06 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{7D064F73-3D49-4C27-AAFB-ED34EAA2CE4D}
    2012-03-28 04:06 - 2012-03-28 04:06 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{2C3344CA-116F-40B7-B81E-91331390B9E9}
    2012-03-27 03:24 - 2012-03-27 03:24 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{1626210F-714E-48A3-8F88-620FD037DCC5}
    2012-03-26 03:28 - 2012-03-26 03:28 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{CE4EF9F8-490E-414D-9047-59CC5E75C11D}
    2012-03-26 03:28 - 2012-03-26 03:28 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{409FB12F-6809-446B-802A-AF6EF26FF5DB}
    2012-03-25 13:48 - 2011-01-08 08:09 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Roaming\Xilisoft
    2012-03-25 13:45 - 2012-03-25 13:43 - 00002878 ____A C:\Windows\System32\Drivers\etc\hosts.txt
    2012-03-25 13:41 - 2012-03-25 13:41 - 00726016 ____A (Igor Pavlov) C:\Windows\SysWOW64\7z.dll
    2012-03-25 13:41 - 2012-03-25 13:41 - 00001252 ____A C:\Users\Public\Desktop\Xilisoft Video Converter Ultimate.lnk
    2012-03-25 13:41 - 2011-04-02 13:33 - 00000000 ____D C:\Users\All Users\Xilisoft
    2012-03-25 13:40 - 2011-01-08 08:07 - 00000000 ____D C:\Program Files (x86)\Xilisoft
    2012-03-25 13:39 - 2012-03-25 13:37 - 00000000 ____D C:\Users\Jayski_Laptop\Downloads\Xilisoft Video Converter Ultimate 7.1.0.20120222
    2012-03-25 13:36 - 2012-03-25 13:36 - 00012645 ____A C:\Users\Jayski_Laptop\Downloads\Xilisoft+Video+Converter+Ultimate+7.1.0.20120222.torrent
    2012-03-25 13:20 - 2012-03-25 13:20 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{65EAC352-2BC4-4293-B9C3-FB32A1601876}
    2012-03-25 13:20 - 2012-03-25 13:20 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{53D82EF9-A9A1-44C9-A1B4-C12CF99F37A2}
    2012-03-25 13:20 - 2012-03-25 13:20 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{3BE40060-0AD9-4D2B-B2E6-8C4036194BCE}
    2012-03-25 13:20 - 2012-03-24 01:00 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{14414DE2-BC80-4E8F-BFE7-922EF43BF630}
    2012-03-25 07:08 - 2012-03-25 07:08 - 00276392 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-03-25 at 11.09.05 AM.png
    2012-03-25 06:33 - 2012-03-25 06:33 - 00292001 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-03-25 at 10.31.28 AM.png
    2012-03-25 06:28 - 2012-03-25 06:28 - 00292796 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-03-25 at 10.29.42 AM.png
    2012-03-25 06:15 - 2012-03-25 06:13 - 02877155 ____A C:\Users\Jayski_Laptop\Downloads\phtographs try out.pdf
    2012-03-25 01:19 - 2012-03-25 01:19 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{A8662F4F-1E3A-402B-A2D8-1AC1CA398654}
    2012-03-25 01:19 - 2012-03-25 01:19 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{7C60F0D5-AE7F-4FE4-8D7F-B2CBBFC6EEFF}
    2012-03-25 01:19 - 2012-03-25 01:19 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{1870B1BB-3CAB-4443-9076-3E30ACC806AE}
    2012-03-24 17:22 - 2012-03-24 17:21 - 00699564 ____A C:\Users\Jayski_Laptop\Downloads\Screen shot 2012-03-24 at 9.23.05 PM.png
    2012-03-24 17:16 - 2012-03-24 12:04 - 11366798 ____A C:\Users\Jayski_Laptop\Documents\BMX_Parts_1.psd
    2012-03-24 17:15 - 2012-03-24 14:49 - 07213900 ____A C:\Users\Jayski_Laptop\Documents\BMX_Parts_2.psd
    2012-03-24 16:34 - 2012-03-24 16:34 - 00039004 ____A C:\Users\Jayski_Laptop\Downloads\Univers LT 59 Ultra Condensed.ttf
    2012-03-24 13:02 - 2012-03-24 13:02 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{B193032A-B959-445E-8896-1BF72C10DCAF}
    2012-03-24 13:02 - 2012-03-24 13:02 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{6C8A4005-393F-452F-AB98-B2A03C189D23}
    2012-03-24 13:02 - 2012-03-24 13:01 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{A513B9CD-F86B-4148-A3E9-E8E8BC7BB0E9}
    2012-03-24 01:01 - 2012-03-24 01:01 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{45269CD1-C1E6-4250-A142-4EE19D2AE581}
    2012-03-24 01:01 - 2012-03-24 01:01 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{3B7E9EA3-CB8B-4033-9736-8239DB4C67BF}
    2012-03-24 01:01 - 2012-03-24 01:01 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{2CE9E054-556A-4B59-A177-4F0FECBBB4BC}
    2012-03-23 16:21 - 2011-08-21 05:31 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\ElevatedDiagnostics
    2012-03-23 13:00 - 2012-03-23 13:00 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{E3E17936-8889-4CF7-A033-1FAB84B70615}
    2012-03-23 13:00 - 2012-03-23 13:00 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{359CC26B-9595-4856-956A-99485DDFC014}
    2012-03-23 13:00 - 2012-03-23 12:59 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{57B4CA10-1886-4CD1-BB80-35E5DDDB2049}
    2012-03-23 12:59 - 2012-03-23 12:58 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{2DDC6100-F941-46B4-91C0-289B8DB517F4}
    2012-03-23 06:24 - 2011-03-19 06:49 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\GT_iPhone_Game
    2012-03-22 13:18 - 2012-03-22 13:18 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{69DD529E-16F1-4810-97EF-FD19FFDD78DA}
    2012-03-22 13:18 - 2012-03-15 04:56 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{E0C2521E-5213-491C-8AA8-F545F5143131}
    2012-03-21 12:09 - 2012-03-21 12:09 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{8E3251DE-3A07-4547-B9F4-60B8F1511654}
    2012-03-21 11:35 - 2012-03-21 11:35 - 01500954 ____A C:\Users\Jayski_Laptop\Downloads\j.battersby.pdf
    2012-03-21 11:32 - 2012-03-21 11:31 - 08306258 ____A C:\Users\Jayski_Laptop\Downloads\I Got This Here (Dirty).mp3
    2012-03-21 07:08 - 2012-01-28 15:15 - 00000000 ____D C:\Program Files\KeyShot3
    2012-03-20 14:12 - 2012-03-20 14:11 - 15036792 ____A (Dropbox, Inc.) C:\Users\Jayski_Laptop\Downloads\Dropbox 1.2.52.exe
    2012-03-20 14:10 - 2012-03-10 01:43 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\Ro_Poster
    2012-03-20 13:04 - 2011-03-27 18:17 - 00000000 ____D C:\Users\Jayski_Laptop\Documents\Jurisdiction_The_Movie
    2012-03-20 11:33 - 2012-03-20 11:33 - 00000000 ____D C:\Users\Jayski_Laptop\AppData\Local\{09E8DB54-8AD0-4D45-8CE2-58357FE4EF5B}
    2012-03-20 10:44 - 2012-03-20 10:44 - 00203888 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\MpFilter.sys
    2012-03-20 10:44 - 2012-03-20 10:44 - 00098688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\NisDrvWFP.sys
     
  5. jayski

    jayski TS Rookie Topic Starter Posts: 23

    ZeroAccess:
    C:\Windows\Installer\{cc5d1d3f-1e69-8a14-df1c-cc55cb13d8c1}
    C:\Windows\Installer\{cc5d1d3f-1e69-8a14-df1c-cc55cb13d8c1}\@
    C:\Windows\Installer\{cc5d1d3f-1e69-8a14-df1c-cc55cb13d8c1}\L
    C:\Windows\Installer\{cc5d1d3f-1e69-8a14-df1c-cc55cb13d8c1}\n
    C:\Windows\Installer\{cc5d1d3f-1e69-8a14-df1c-cc55cb13d8c1}\U
    C:\Windows\Installer\{cc5d1d3f-1e69-8a14-df1c-cc55cb13d8c1}\U\00000001.@
    C:\Windows\Installer\{cc5d1d3f-1e69-8a14-df1c-cc55cb13d8c1}\U\80000000.@
    C:\Windows\Installer\{cc5d1d3f-1e69-8a14-df1c-cc55cb13d8c1}\U\800000cb.@
    ZeroAccess:
    C:\Users\Jayski_Laptop\AppData\Local\{cc5d1d3f-1e69-8a14-df1c-cc55cb13d8c1}
    C:\Users\Jayski_Laptop\AppData\Local\{cc5d1d3f-1e69-8a14-df1c-cc55cb13d8c1}\@
    C:\Users\Jayski_Laptop\AppData\Local\{cc5d1d3f-1e69-8a14-df1c-cc55cb13d8c1}\L
    C:\Users\Jayski_Laptop\AppData\Local\{cc5d1d3f-1e69-8a14-df1c-cc55cb13d8c1}\U
    ========================= Known DLLs (Whitelisted) ============
    ========================= Bamital & volsnap Check ============
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe 014A9CB92514E27C0107614DF764BC06 ZeroAccess <==== ATTENTION!.
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
    ==================== EXE ASSOCIATION =====================
    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK
    ========================= Memory info ======================
    Percentage of memory in use: 10%
    Total physical RAM: 8181.83 MB
    Available physical RAM: 7318.78 MB
    Total Pagefile: 8179.98 MB
    Available Pagefile: 7302.47 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.9 MB
    ======================= Partitions =========================
    1 Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:59.72 GB) NTFS
    3 Drive f: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
    4 Drive g: (CRUZER) (Removable) (Total:3.81 GB) (Free:0.38 GB) FAT32
    5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
    6 Drive y: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:14.33 GB) NTFS
    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 465 GB 0 B
    Disk 1 Online 3912 MB 0 B
    Partitions of Disk 0:
    ===============
    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 OEM 39 MB 31 KB
    Partition 2 Primary 14 GB 40 MB
    Partition 3 Primary 451 GB 14 GB
    ======================================================================================================
    Disk: 0
    Partition 1
    Type : DE
    Hidden: Yes
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 5 FAT Partition 39 MB Healthy Hidden
    ======================================================================================================
    Disk: 0
    Partition 2
    Type : 07
    Hidden: No
    Active: Yes
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 Y RECOVERY NTFS Partition 14 GB Healthy
    ======================================================================================================
    Disk: 0
    Partition 3
    Type : 07
    Hidden: No
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 C OS NTFS Partition 451 GB Healthy
    ======================================================================================================
    Partitions of Disk 1:
    ===============
    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 3898 MB 17 KB
    ======================================================================================================
    Disk: 1
    Partition 1
    Type : 0B
    Hidden: No
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 4 G CRUZER FAT32 Removable 3898 MB Healthy
    ======================================================================================================
    ==========================================================
    Last Boot: 2012-06-13 18:00
    ======================= End Of Log ==========================
     
  6. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running tools or applying updates other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ================================================================

    In Vista or Windows 7: Boot to System Recovery Options and run FRST.
    In Windows XP: Please boot to BartPe and run FRST.
    Type the following in the edit box after "Search:".

    services.exe

    Click Search button and post the log (Search.txt) it makes to your reply.
     
  7. jayski

    jayski TS Rookie Topic Starter Posts: 23

    Farbar Recovery Scan Tool Version: 17-06-2012
    Ran by SYSTEM at 2012-06-17 12:39:05
    Running from G:\

    ================== Search: "services.exe" ===================

    C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
    [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

    C:\Windows\System32\services.exe
    [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 014A9CB92514E27C0107614DF764BC06

    ====== End Of Search ======
     
  8. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    On Vista or Windows 7: Now please enter System Recovery Options.
    On Windows XP: Now please boot into the BartPE CD.
    Run FRST64 and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
     

    Attached Files:

  9. jayski

    jayski TS Rookie Topic Starter Posts: 23

    Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 17-06-2012
    Ran by SYSTEM at 2012-06-17 18:00:48 Run:1
    Running from G:\

    ==============================================

    HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\SubSystems\\Windows Value was restored successfully .
    C:\Windows\System32\consrv.dll not found.
    HKEY_LOCAL_MACHINE\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ Default Value restored successfully.
    HKEY_USERS\Jayski_Laptop\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge Value deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32\\Default value was restored successfully .
    w4shwdrv service deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs Mcx2Svc Deleted successfully.
    C:\Windows\Installer\{cc5d1d3f-1e69-8a14-df1c-cc55cb13d8c1} moved successfully.
    C:\Users\Jayski_Laptop\AppData\Local\{cc5d1d3f-1e69-8a14-df1c-cc55cb13d8c1} moved successfully.
    C:\Windows\System32\services.exe moved successfully.
    C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe copied successfully to C:\Windows\System32\services.exe

    ==== End of Fixlog ====
     
  10. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    Try to boot normally.
     
  11. jayski

    jayski TS Rookie Topic Starter Posts: 23

    Ok it works fine booted no problem, how can I prevent further problems from happening?
     
  12. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    Good news but we're not done.

    We need to run some more checks to make sure you're clean.

    Please download ComboFix from Here, Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    • Never rename Combofix unless instructed.
    • Close any open browsers.
    • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    • Double click on combofix.exe & follow the prompts.

    • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
    • When finished, it will produce a report for you.
    • Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try one of the following:

    1. Run Combofix from Safe Mode.

    2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.
    Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
    There are 4 different versions. If one of them won't run then download and try to run the other one.
    Vista and Win7 users need to right click Rkill and choose Run as Administrator
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    * Rkill.com
    * Rkill.scr
    * Rkill.exe
    • Double-click on the Rkill icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.
    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    If normal mode still doesn't work, run BOTH tools from safe mode.

    In case #2, please post BOTH logs, rKill and Combofix.

    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
     
  13. jayski

    jayski TS Rookie Topic Starter Posts: 23

    Ok I ran Combofix and it then rebooted my machine. When windows started the Combofix window popped up and said Preparing Log Report. Do not run any programs until Combofix has finished. it has been hanging like this for over 20 minutes, is this normal?
     
  14. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    Be patient.
     
  15. jayski

    jayski TS Rookie Topic Starter Posts: 23

    ComboFix 12-06-16.02 - Jayski_Laptop 17/06/2012 18:33:00.1.8 - x64
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.2.1033.18.8182.6024 [GMT 2:00]
    Running from: c:\users\Jayski_Laptop\Desktop\ComboFix.exe
    AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
    SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\Install.exe
    C:\prefs.js
    c:\programdata\9FC4FB61E3.sys
    c:\programdata\Propellerhead Software\ReCycle
    c:\programdata\Propellerhead Software\ReCycle\ReCycle210.dat
    c:\users\Jayski_Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato
    c:\users\Jayski_Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\About Us.lnk
    c:\users\Jayski_Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Customer Support.lnk
    c:\users\Jayski_Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Uninstall Instructions.lnk
    c:\users\Jayski_Laptop\AppData\Roaming\Propellerhead Software\ReCycle
    c:\users\Jayski_Laptop\AppData\Roaming\Propellerhead Software\ReCycle\ReCycle Preferences File.prf
    c:\windows\system32\drivers\etc\hosts.txt
    c:\windows\SysWow64\CCXPButton.ocx
    c:\windows\SysWow64\test
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-05-17 to 2012-06-17 )))))))))))))))))))))))))))))))
    .
    .
    2012-06-17 20:34 . 2012-06-17 20:36--------d-----w-C:\FRST
    2012-06-17 16:49 . 2012-06-17 16:49--------d-----w-c:\users\Default\AppData\Local\temp
    2012-06-16 07:50 . 2012-06-17 20:27--------d-----w-C:\bc91b91cb90a90914baab60317
    2012-06-10 18:47 . 2012-06-10 18:47658944----a-w-c:\windows\SysWow64\ariwrv.exe
    2012-06-02 08:14 . 2012-05-08 08:028955792----a-w-c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C7852E85-35F8-4D84-AF21-B40B29BE8A3E}\mpengine.dll
    2012-06-01 14:01 . 2012-05-08 08:028955792----a-w-c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2012-05-31 16:05 . 2012-05-31 16:05927800----a-w-c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2D4CADCC-D0EE-4C56-B57E-AC7EFA60E7EA}\gapaengine.dll
    2012-05-31 16:03 . 2012-06-17 20:27--------d-----w-c:\program files (x86)\Microsoft Security Client
    2012-05-31 16:03 . 2012-06-17 20:27--------d-----w-c:\program files\Microsoft Security Client
    2012-05-29 21:50 . 2012-05-29 21:50--------d-sh--w-c:\windows\system32\%APPDATA%
    2012-05-24 18:34 . 2012-05-24 18:34159744----a-w-c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
    2012-05-24 18:34 . 2012-05-24 18:34159744----a-w-c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
    2012-05-24 18:34 . 2012-05-24 18:34159744----a-w-c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
    2012-05-24 18:34 . 2012-05-24 18:34159744----a-w-c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
    2012-05-24 18:34 . 2012-05-24 18:34159744----a-w-c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
    2012-05-24 18:34 . 2012-05-24 18:34159744----a-w-c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
    2012-05-24 18:34 . 2012-05-24 18:33159744----a-w-c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
    2012-05-24 18:33 . 2012-05-24 18:33--------d-----w-c:\program files (x86)\QuickTime
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-05-07 12:19 . 2012-05-07 12:19419488----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
    2012-05-07 12:19 . 2011-09-05 17:4370304----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-04-18 18:56 . 2012-04-18 18:5694208----a-w-c:\windows\SysWow64\QuickTimeVR.qtx
    2012-04-18 18:56 . 2012-04-18 18:5669632----a-w-c:\windows\SysWow64\QuickTime.qts
    2012-04-18 07:47 . 2012-04-28 19:401758584----a-w-c:\windows\system32\Wacom_Touch_Tablet.dll
    2012-04-18 07:47 . 2012-04-28 19:401444216----a-w-c:\windows\SysWow64\Wacom_Touch_Tablet.dll
    2012-04-18 07:47 . 2012-04-28 19:401830776----a-w-c:\windows\system32\Wintab32.dll
    2012-04-18 07:47 . 2012-04-28 19:401816440----a-w-c:\windows\system32\WacomMT.dll
    2012-04-18 07:47 . 2012-04-28 19:401765240----a-w-c:\windows\system32\Wacom_Tablet.dll
    2012-04-18 07:47 . 2012-04-28 19:401496952----a-w-c:\windows\SysWow64\Wintab32.dll
    2012-04-18 07:47 . 2012-04-28 19:401484152----a-w-c:\windows\SysWow64\WacomMT.dll
    2012-04-18 07:47 . 2012-04-28 19:401450872----a-w-c:\windows\SysWow64\Wacom_Tablet.dll
    2012-04-17 15:01 . 2010-12-25 18:57472808----a-w-c:\windows\SysWow64\deployJava1.dll
    2012-03-31 06:05 . 2012-05-09 09:345559664----a-w-c:\windows\system32\ntoskrnl.exe
    2012-03-31 04:39 . 2012-05-09 09:343968368----a-w-c:\windows\SysWow64\ntkrnlpa.exe
    2012-03-31 04:39 . 2012-05-09 09:343913072----a-w-c:\windows\SysWow64\ntoskrnl.exe
    2012-03-31 03:10 . 2012-05-09 09:343146240----a-w-c:\windows\system32\win32k.sys
    2012-03-30 11:35 . 2012-05-09 09:331918320----a-w-c:\windows\system32\drivers\tcpip.sys
    2012-03-29 12:04 . 2012-04-28 19:4065912----a-w-c:\windows\system32\drivers\wachidrouter.sys
    2012-03-29 12:04 . 2012-04-28 19:4013688----a-w-c:\windows\system32\drivers\hidkmdf.sys
    2012-03-29 12:04 . 2012-04-28 19:4015736----a-w-c:\windows\system32\drivers\wacomrouterfilter.sys
    2012-03-28 21:56 . 2012-03-28 21:561692672----a-w-c:\windows\SysWow64\mprdin.dll
    2012-03-25 21:41 . 2012-03-25 21:41726016----a-w-c:\windows\SysWow64\7z.dll
    2012-03-20 18:44 . 2012-03-20 18:4498688----a-w-c:\windows\system32\drivers\NisDrvWFP.sys
    2012-03-20 18:44 . 2012-03-20 18:44203888----a-w-c:\windows\system32\drivers\MpFilter.sys
    2009-11-19 19:08 . 2009-11-19 19:083749224----a-w-c:\program files (x86)\Common Files\adlmint_libFNP.dll
    2009-11-19 19:08 . 2009-11-19 19:082941288----a-w-c:\program files (x86)\Common Files\adlmint.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:5894208----a-w-c:\users\Jayski_Laptop\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:5894208----a-w-c:\users\Jayski_Laptop\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:5894208----a-w-c:\users\Jayski_Laptop\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:5894208----a-w-c:\users\Jayski_Laptop\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
    "BTFAgent"="c:\program files (x86)\Dell Precision ON Flash\config\BTFAgent.exe" [2010-08-23 227560]
    "BTFWelcome"="c:\program files (x86)\Dell Precision ON Flash\config\BTFWelcome.exe" [2010-08-23 2230504]
    "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-03-12 462993]
    "Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-01-03 815512]
    "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "Hercules DJ Series"="c:\program files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe" [2010-09-13 1667368]
    "UIExec"="c:\program files (x86)\Mobile Partner Manager\UIExec.exe" [2010-07-16 138584]
    "Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-01-03 36760]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
    "AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
    .
    c:\users\Jayski_Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\users\Jayski_Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
    Stardock ObjectDock.lnk - c:\program files (x86)\Stardock\ObjectDock\ObjectDock.exe [2011-1-5 3450608]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-1-9 1121568]
    Dell System Manager.lnk - c:\program files\Dell\Dell System Manager\DCPSysMgr.exe [2010-8-25 1549680]
    SetPoint.lnk - c:\program files\SetPoint\SetPoint.exe [2011-1-8 1207312]
    TdmNotify.lnk - c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe [2010-3-29 185192]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security PackagesREG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-14 116648]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-07 257696]
    R3 Bulk;HDJBulk;c:\windows\system32\Drivers\HDJBulk.sys [x]
    R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
    R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
    R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-14 116648]
    R3 HDJAsioK;HDJAsioK;c:\windows\system32\Drivers\HDJAsioK.sys [x]
    R3 HDJMidi;Hercules DJ Console Mk2 MIDI;c:\windows\system32\DRIVERS\HDJMidi.sys [x]
    R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys [x]
    R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
    R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
    R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
    R3 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [x]
    R3 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys [x]
    R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
    R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
    R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys [x]
    R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
    S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdfltn.sys [x]
    S1 DVMIO;DVMIO;c:\program files (x86)\Dell Precision ON Flash\config\dvmio_x64.sys [2010-02-05 20624]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2010-05-25 89600]
    S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2010-03-24 1039776]
    S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2010-03-24 31136]
    S2 dcpsysmgrsvc;Dell System Manager Service;c:\program files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2010-08-24 517488]
    S2 DvmMDES;DeviceVM Meta Data Export Service;c:\program files (x86)\Dell Precision ON Flash\config\DVMExportService.exe [2010-08-23 342264]
    S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
    S2 HerculesDJControlMP3;Hercules DJ Control MP3;c:\program files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [2010-12-23 20480]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
    S2 InstallFilterService;FF Install Filter Service;c:\program files (x86)\STMicroelectronics\AccelerometerP11\InstallFilterService.exe [2010-01-10 60928]
    S2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-12-08 6810728]
    S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys [x]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248]
    S2 TabletServiceWacom;TabletServiceWacom;c:\program files\Tablet\Wacom\Wacom_Tablet.exe [2012-04-18 8518008]
    S2 TouchServiceWacom;Wacom Professional Touch Service;c:\program files\Tablet\Wacom\Wacom_TouchService.exe [2012-04-18 567672]
    S2 UI Assistant Service;UI Assistant Service;c:\program files (x86)\Mobile Partner Manager\AssistantServices.exe [2010-07-16 252784]
    S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [x]
    S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
    S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
    S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
    S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [x]
    S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [x]
    S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
    S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - WS2IFSL
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-06-17 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-07 12:19]
    .
    2012-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-14 16:56]
    .
    2012-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-14 16:56]
    .
    2012-06-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3739037683-3064319709-692292168-1001Core.job
    - c:\users\Jayski_Laptop\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-04 23:37]
    .
    2012-06-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3739037683-3064319709-692292168-1001UA.job
    - c:\users\Jayski_Laptop\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-04 23:37]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:5897792----a-w-c:\users\Jayski_Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:5897792----a-w-c:\users\Jayski_Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:5897792----a-w-c:\users\Jayski_Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:5897792----a-w-c:\users\Jayski_Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
    @="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
    [HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
    2010-03-29 19:0060784----a-w-c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
    @="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
    [HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
    2010-03-29 19:0060784----a-w-c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-09-09 571760]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-05-25 487424]
    "USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2010-06-22 34232]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
    "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-10-15 539456]
    "nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-15 1694016]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
    "combofix"="c:\combofix\CF7162.3XE" [2010-11-20 345088]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x1
    "AppInit_DLLs"=c:\windows\System32\acaptuser64.dll
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://startsear.ch/?aff=1
    mStart Page = hxxp://startsear.ch/?aff=1
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
    IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    TCP: DhcpNameServer = 192.168.2.1
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
    SafeBoot-MsMpSvc
    Toolbar-Locked - (no file)
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files\Visioneer\OneTouch 4.0\OtService.exe
    c:\windows\SysWOW64\RunDll32.exe
    c:\program files\Dell\Dell System Manager\PanelHelper32.exe
    c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    .
    **************************************************************************
    .
    Completion time: 2012-06-17 19:52:40 - machine was rebooted
    ComboFix-quarantined-files.txt 2012-06-17 17:52
    .
    Pre-Run: 63,527,444,480 bytes free
    Post-Run: 66,923,737,088 bytes free
    .
    - - End Of File - - E91D7D0A2808A66647AF76794456B834
     
  16. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    Looks good :)

    Any current issues?

    Download OTL to your Desktop.

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox.
    • Under the Custom Scan box paste this in:


    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\Fonts\*.exe
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg
    %systemroot%\*.jpg
    %systemroot%\*.png
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\bak. /s
    %systemroot%\system32\bak. /s
    %ALLUSERSPROFILE%\Start Menu\*.lnk /x
    %systemroot%\system32\config\systemprofile\*.dat /x
    %systemroot%\*.config
    %systemroot%\system32\*.db
    %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
    %USERPROFILE%\Desktop\*.exe
    %PROGRAMFILES%\Common Files\*.*
    %systemroot%\*.src
    %systemroot%\install\*.*
    %systemroot%\system32\DLL\*.*
    %systemroot%\system32\HelpFiles\*.*
    %systemroot%\tasks\*.*
    %systemroot%\system32\rundll\*.*
    %systemroot%\winn32\*.*
    %systemroot%\Java\*.*
    %systemroot%\system32\test\*.*
    %systemroot%\system32\Rundll32\*.*
    %systemroot%\AppPatch\Custom\*.*
    %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
    %PROGRAMFILES%\PC-Doctor\Downloads\*.*
    %PROGRAMFILES%\Internet Explorer\*.tmp
    %PROGRAMFILES%\Internet Explorer\*.dat
    %USERPROFILE%\My Documents\*.exe
    %USERPROFILE%\*.exe
    %systemroot%\ADDINS\*.*
    %systemroot%\assembly\*.bak2
    %systemroot%\Config\*.*
    %systemroot%\REPAIR\*.bak2
    %systemroot%\SECURITY\Database\*.sdb /x
    %systemroot%\SYSTEM\*.bak2
    %systemroot%\Web\*.bak2
    %systemroot%\Driver Cache\*.*
    %PROGRAMFILES%\Mozilla Firefox\0*.exe
    %ProgramFiles%\Microsoft Common\*.*
    %ProgramFiles%\TinyProxy.
    %USERPROFILE%\Favorites\*.url /x
    %systemroot%\system32\*.bk
    %systemroot%\*.te
    %systemroot%\system32\system32\*.*
    %ALLUSERSPROFILE%\*.dat /x
    %systemroot%\system32\drivers\*.rmv
    dir /b "%systemroot%\system32\*.exe" | find /I " " /c
    dir /b "%systemroot%\*.exe" | find /I " " /c
    %PROGRAMFILES%\Microsoft\*.*
    %systemroot%\System32\Wbem\proquota.exe
    %PROGRAMFILES%\Mozilla Firefox\*.dat
    %USERPROFILE%\Cookies\*.txt /x
    %SystemRoot%\system32\fonts\*.*
    %systemroot%\system32\winlog\*.*
    %systemroot%\system32\Language\*.*
    %systemroot%\system32\Settings\*.*
    %systemroot%\system32\*.quo
    %SYSTEMROOT%\AppPatch\*.exe
    %SYSTEMROOT%\inf\*.exe
    %SYSTEMROOT%\Installer\*.exe
    %systemroot%\system32\config\*.bak2
    %systemroot%\system32\Computers\*.*
    %SystemRoot%\system32\Sound\*.*
    %SystemRoot%\system32\SpecialImg\*.*
    %SystemRoot%\system32\code\*.*
    %SystemRoot%\system32\draft\*.*
    %SystemRoot%\system32\MSSSys\*.*
    %ProgramFiles%\Javascript\*.*
    %systemroot%\pchealth\helpctr\System\*.exe /s
    %systemroot%\Web\*.exe
    %systemroot%\system32\msn\*.*
    %systemroot%\system32\*.tro
    %AppData%\Microsoft\Installer\msupdates\*.*
    %ProgramFiles%\Messenger\*.*
    %systemroot%\system32\systhem32\*.*
    %systemroot%\system\*.exe
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\LastSuccessTime /rs
    /md5start
    /md5stop


    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
     
  17. jayski

    jayski TS Rookie Topic Starter Posts: 23

    OTL.txt

    OTL logfile created on: 6/17/2012 8:17:58 PM - Run 1
    OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\Jayski_Laptop\Desktop
    64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7601.17514)
    Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

    7.99 Gb Total Physical Memory | 5.72 Gb Available Physical Memory | 71.58% Memory free
    15.98 Gb Paging File | 13.68 Gb Available in Paging File | 85.61% Paging File free
    Paging file location(s): c:\pagefile.sys 0 0 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 451.07 Gb Total Space | 61.97 Gb Free Space | 13.74% Space Free | Partition Type: NTFS
    Drive G: | 5.46 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
    Drive H: | 7.60 Gb Total Space | 6.62 Gb Free Space | 87.10% Space Free | Partition Type: FAT32
    Drive I: | 3.81 Gb Total Space | 0.60 Gb Free Space | 15.82% Space Free | Partition Type: FAT32

    Computer Name: JAYSKILAPTOP | User Name: Jayski_Laptop | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/06/17 20:14:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jayski_Laptop\Desktop\OTL.exe
    PRC - [2012/05/24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jayski_Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe
    PRC - [2012/01/03 15:10:50 | 000,815,512 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
    PRC - [2011/10/15 07:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    PRC - [2010/08/25 01:07:00 | 001,802,096 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell System Manager\PanelHelper32.exe
    PRC - [2010/08/24 00:26:44 | 000,342,264 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\Dell Precision ON Flash\config\DVMExportService.exe
    PRC - [2010/08/24 00:26:34 | 000,227,560 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\Dell Precision ON Flash\config\BTFAgent.exe
    PRC - [2010/07/16 15:51:34 | 000,138,584 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner Manager\UIExec.exe
    PRC - [2010/07/16 15:49:38 | 000,252,784 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner Manager\AssistantServices.exe
    PRC - [2010/03/04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    PRC - [2010/03/04 04:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    PRC - [2010/01/09 00:59:56 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    PRC - [2009/08/28 00:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
    PRC - [2008/06/02 22:26:04 | 000,131,072 | ---- | M] (Visioneer Inc.) -- C:\Program Files\Visioneer\OneTouch 4.0\OtService.exe
    PRC - [2007/05/01 02:43:54 | 003,450,608 | ---- | M] (Stardock) -- C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/05/23 03:56:50 | 000,441,880 | ---- | M] () -- C:\Users\Jayski_Laptop\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppgooglenaclpluginchrome.dll
    MOD - [2012/05/23 03:56:49 | 003,922,456 | ---- | M] () -- C:\Users\Jayski_Laptop\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
    MOD - [2012/05/23 03:55:35 | 000,553,496 | ---- | M] () -- C:\Users\Jayski_Laptop\AppData\Local\Google\Chrome\Application\19.0.1084.52\libglesv2.dll
    MOD - [2012/05/23 03:55:33 | 000,117,784 | ---- | M] () -- C:\Users\Jayski_Laptop\AppData\Local\Google\Chrome\Application\19.0.1084.52\libegl.dll
    MOD - [2012/05/23 03:55:24 | 000,134,696 | ---- | M] () -- C:\Users\Jayski_Laptop\AppData\Local\Google\Chrome\Application\19.0.1084.52\avutil-51.dll
    MOD - [2012/05/23 03:55:23 | 000,250,408 | ---- | M] () -- C:\Users\Jayski_Laptop\AppData\Local\Google\Chrome\Application\19.0.1084.52\avformat-54.dll
    MOD - [2012/05/23 03:55:21 | 002,375,720 | ---- | M] () -- C:\Users\Jayski_Laptop\AppData\Local\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll
    MOD - [2012/05/23 03:06:23 | 008,743,584 | ---- | M] () -- C:\Users\Jayski_Laptop\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
    MOD - [2012/05/10 01:16:46 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\635b3aec298ad5e8c903b2323d79cc5a\IAStorUtil.ni.dll
    MOD - [2012/05/10 00:35:42 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\1a690902e9a6293de228c16fab21e2f7\System.Web.ni.dll
    MOD - [2012/05/10 00:35:35 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
    MOD - [2012/05/10 00:35:06 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll
    MOD - [2012/05/10 00:34:59 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll
    MOD - [2012/05/10 00:34:43 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
    MOD - [2012/05/10 00:34:37 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
    MOD - [2012/05/10 00:34:33 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
    MOD - [2012/05/10 00:34:32 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
    MOD - [2012/05/10 00:34:25 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
    MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2010/11/21 16:54:34 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
    MOD - [2010/07/16 15:51:34 | 000,138,584 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner Manager\UIExec.exe
    MOD - [2010/01/21 08:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    MOD - [2010/01/10 03:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    MOD - [2007/05/01 02:18:50 | 000,112,400 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDock\DockShellHook.dll
    MOD - [2007/04/21 20:47:52 | 000,059,592 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDock\zlib.dll
    MOD - [2007/04/19 21:23:48 | 000,095,944 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDock\CrashRpt.dll
    MOD - [2002/11/19 21:11:40 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\Common Files\Stardock\ODimg.dll
    MOD - [2002/03/14 02:46:32 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDock\ODimg.dll


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - [2012/04/18 09:47:16 | 008,518,008 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe -- (TabletServiceWacom)
    SRV:64bit: - [2012/04/18 09:47:16 | 000,567,672 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe -- (TouchServiceWacom)
    SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
    SRV:64bit: - [2010/12/23 19:45:42 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE -- (HerculesDJControlMP3)
    SRV:64bit: - [2010/09/23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV:64bit: - [2010/08/25 01:07:24 | 000,517,488 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc)
    SRV:64bit: - [2010/07/20 02:08:30 | 001,429,776 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
    SRV:64bit: - [2010/07/20 01:46:54 | 000,838,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
    SRV:64bit: - [2010/05/25 21:54:32 | 000,258,560 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
    SRV:64bit: - [2010/05/25 21:53:26 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
    SRV:64bit: - [2010/03/29 21:00:58 | 002,363,240 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
    SRV:64bit: - [2010/03/24 08:07:58 | 001,039,776 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)
    SRV:64bit: - [2010/03/24 08:07:58 | 000,031,136 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)
    SRV:64bit: - [2010/02/04 01:53:54 | 001,558,016 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
    SRV:64bit: - [2010/01/09 00:59:56 | 000,919,328 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
    SRV:64bit: - [2009/12/08 17:14:26 | 006,810,728 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe -- (NVIDIA Performance Driver Service)
    SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
    SRV:64bit: - [2008/06/02 22:26:04 | 000,131,072 | ---- | M] (Visioneer Inc.) [Auto | Running] -- C:\Program Files\Visioneer\OneTouch 4.0\OtService.exe -- (OneTouch 4.0 Monitor)
    SRV - [2012/06/05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2012/05/07 14:19:06 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2012/03/28 23:56:12 | 001,692,672 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\mprdin.dll -- (RemoteAccess)
    SRV - [2011/10/15 07:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
    SRV - [2011/05/14 17:42:23 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2011/03/16 11:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
    SRV - [2011/03/04 16:38:45 | 000,072,704 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
    SRV - [2010/08/24 00:26:44 | 000,342,264 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Precision ON Flash\config\DVMExportService.exe -- (DvmMDES)
    SRV - [2010/07/16 15:49:38 | 000,252,784 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Mobile Partner Manager\AssistantServices.exe -- (UI Assistant Service)
    SRV - [2010/03/18 20:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/03/04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
    SRV - [2010/02/19 20:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
    SRV - [2010/01/10 20:01:38 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\InstallFilterService.exe -- (InstallFilterService)
    SRV - [2009/08/28 00:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
    SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2008/11/12 21:25:48 | 001,273,856 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
    SRV - [2008/08/07 18:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2012/03/29 14:04:36 | 000,065,912 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
    DRV:64bit: - [2012/03/29 14:04:36 | 000,013,688 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
    DRV:64bit: - [2012/03/29 14:04:32 | 000,015,736 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
    DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
    DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2011/07/08 01:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
    DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/12/23 19:46:16 | 000,221,184 | ---- | M] (© Guillemot R&D, 2010. All rights reserved.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HDJMidi.sys -- (HDJMidi)
    DRV:64bit: - [2010/12/23 19:46:08 | 000,185,856 | ---- | M] (© Guillemot R&D, 2010. All rights reserved.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HDJBulk.sys -- (Bulk)
    DRV:64bit: - [2010/12/23 19:46:04 | 000,253,952 | ---- | M] (© Guillemot R&D, 2010. All rights reserved.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HDJAsioK.sys -- (HDJAsioK)
    DRV:64bit: - [2010/11/20 15:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
    DRV:64bit: - [2010/11/20 15:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
    DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/11/20 13:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
    DRV:64bit: - [2010/11/20 13:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
    DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/11/20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV:64bit: - [2010/08/30 12:31:30 | 000,306,296 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
    DRV:64bit: - [2010/07/13 22:42:58 | 007,821,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R)
    DRV:64bit: - [2010/05/25 21:54:38 | 000,506,880 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
    DRV:64bit: - [2010/04/27 23:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
    DRV:64bit: - [2010/04/27 23:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
    DRV:64bit: - [2010/04/27 21:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
    DRV:64bit: - [2010/04/27 21:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
    DRV:64bit: - [2010/04/12 10:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
    DRV:64bit: - [2010/04/05 18:37:42 | 000,301,232 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress) Intel(R)
    DRV:64bit: - [2010/03/21 05:25:04 | 000,081,920 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdpe64.sys -- (risdpcie)
    DRV:64bit: - [2010/03/21 05:25:04 | 000,061,952 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci)
    DRV:64bit: - [2010/03/21 05:25:04 | 000,055,808 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
    DRV:64bit: - [2010/03/03 13:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2010/01/18 17:21:02 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
    DRV:64bit: - [2010/01/18 17:21:02 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
    DRV:64bit: - [2010/01/18 17:21:02 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
    DRV:64bit: - [2010/01/18 17:21:02 | 000,011,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
    DRV:64bit: - [2010/01/18 15:56:26 | 000,026,160 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
    DRV:64bit: - [2010/01/18 15:56:26 | 000,021,040 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdfltn.sys -- (stdflt)
    DRV:64bit: - [2010/01/11 03:49:06 | 000,321,576 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
    DRV:64bit: - [2010/01/11 03:49:06 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
    DRV:64bit: - [2010/01/11 03:49:06 | 000,102,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
    DRV:64bit: - [2010/01/11 03:49:06 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
    DRV:64bit: - [2010/01/11 03:49:06 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
    DRV:64bit: - [2009/10/30 08:51:16 | 000,038,440 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cvusbdrv.sys -- (cvusbdrv)
    DRV:64bit: - [2009/09/17 00:08:48 | 000,172,960 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
    DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/06/17 18:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
    DRV:64bit: - [2009/06/17 18:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
    DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/05/18 20:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2008/06/27 14:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
    DRV:64bit: - [2008/06/04 22:14:00 | 000,032,240 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PBADRV.SYS -- (PBADRV)
    DRV:64bit: - [2005/06/14 20:01:16 | 000,296,448 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\hardlock.sys -- (Hardlock)
    DRV - [2010/02/05 21:41:46 | 000,020,624 | ---- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- C:\Program Files (x86)\Dell Precision ON Flash\config\dvmio_x64.sys -- (DVMIO)
    DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
    DRV - [2008/08/14 14:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {FE454CB3-A951-4233-9A37-22721CD7A8FD}
    IE:64bit: - HKLM\..\SearchScopes\{FE454CB3-A951-4233-9A37-22721CD7A8FD}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
    IE - HKLM\..\SearchScopes,DefaultScope = {CDD2492E-0D23-487B-9E9E-477D287631B2}
    IE - HKLM\..\SearchScopes\{E1D5D062-AF94-4778-A48A-437AC392C2CC}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-3739037683-3064319709-692292168-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
    IE - HKU\S-1-5-21-3739037683-3064319709-692292168-1001\..\SearchScopes,DefaultScope = {CDD2492E-0D23-487B-9E9E-477D287631B2}
    IE - HKU\S-1-5-21-3739037683-3064319709-692292168-1001\..\SearchScopes\{CDD2492E-0D23-487B-9E9E-477D287631B2}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=1c4953b1-0281-11e1-85ac-1c659daced7c&q={searchTerms}
    IE - HKU\S-1-5-21-3739037683-3064319709-692292168-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-3739037683-3064319709-692292168-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    ========== FireFox ==========

    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
    FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
    FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
    FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.6: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Jayski_Laptop\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Jayski_Laptop\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jayski_Laptop\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jayski_Laptop\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/02/09 00:15:09 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Users\Jayski_Laptop\AppData\Local\ClickPotatoLiteSA\bin\12.0.15.0\firefox\extensions [2012/01/08 13:50:04 | 000,000,000 | ---D | M]


    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Users\Jayski_Laptop\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jayski_Laptop\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jayski_Laptop\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
    CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Jayski_Laptop\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
    CHR - plugin: vShare.tv plug-in (Enabled) = C:\Users\Jayski_Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\nppdf32.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
    CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Jayski_Laptop\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
    CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Jayski_Laptop\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
    CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
    CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
    CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
    CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
    CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
    CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
    CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Silverlight Plug-In (Disabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
    CHR - Extension: YouTube = C:\Users\Jayski_Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
    CHR - Extension: Google Search = C:\Users\Jayski_Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
    CHR - Extension: vshare plugin = C:\Users\Jayski_Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\
    CHR - Extension: Skype Click to Call = C:\Users\Jayski_Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\
    CHR - Extension: Gmail = C:\Users\Jayski_Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2012/06/17 18:53:55 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\S-1-5-21-3739037683-3064319709-692292168-1001\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
    O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
    O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
    O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
    O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
    O4:64bit: - HKLM..\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation)
    O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
    O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [BTFAgent] C:\Program Files (x86)\Dell Precision ON Flash\config\BTFAgent.exe (DeviceVM, Inc.)
    O4 - HKLM..\Run: [BTFWelcome] "C:\Program Files (x86)\Dell Precision ON Flash\config\BTFWelcome.exe" /autorun /s 95 File not found
    O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
    O4 - HKLM..\Run: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe (Hercules®)
    O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
    O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [UIExec] C:\Program Files (x86)\Mobile Partner Manager\UIExec.exe ()
    O4 - Startup: C:\Users\Jayski_Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Jayski_Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    O4 - Startup: C:\Users\Jayski_Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe (Stardock)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-3739037683-3064319709-692292168-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-3739037683-3064319709-692292168-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-3739037683-3064319709-692292168-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
    O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
    O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
    O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C22BE30-15CF-4EE3-8398-340B38D48EE5}: DhcpNameServer = 192.168.2.1
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O20:64bit: - AppInit_DLLs: (C:\Windows\System32\acaptuser64.dll) - C:\Windows\SysNative\acaptuser64.dll (Adobe Systems, Inc.)
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2007/02/12 21:53:42 | 000,000,277 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
    NetSvcs: Remoteaccess - C:\Windows\SysWOW64\mprdin.dll ()

    Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
    Drivers32: msacm.ac3acm - C:\Windows\SysWow64\AC3ACM.acm (fccHandler)
    Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.l3fhg - C:\Windows\SysWow64\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
    Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
    Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
    Drivers32: vidc.wmv3 - C:\Windows\SysWow64\WMV9VCM.dll (Microsoft Corporation)
    Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
     
  18. jayski

    jayski TS Rookie Topic Starter Posts: 23

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/06/17 22:34:40 | 000,000,000 | ---D | C] -- C:\FRST
    [2012/06/17 20:14:53 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Jayski_Laptop\Desktop\OTL.exe
    [2012/06/17 19:53:36 | 000,000,000 | ---D | C] -- C:\Windows\temp
    [2012/06/17 18:54:03 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
    [2012/06/17 18:30:10 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2012/06/17 18:30:10 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2012/06/17 18:30:10 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2012/06/17 18:29:57 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2012/06/17 18:29:24 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
    [2012/06/17 18:23:06 | 004,560,591 | R--- | C] (Swearware) -- C:\Users\Jayski_Laptop\Desktop\ComboFix.exe
    [2012/06/17 18:09:26 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{C809F871-EC8C-4CFE-82C0-FD12A5AB8DEC}
    [2012/06/17 11:57:19 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{1706525E-055A-4CC3-9AEB-CF570B02E800}
    [2012/06/16 09:50:23 | 000,000,000 | ---D | C] -- C:\bc91b91cb90a90914baab60317
    [2012/06/16 09:47:38 | 000,000,000 | ---D | C] -- C:\Config.Msi
    [2012/06/14 21:10:22 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{A5AAC039-878B-47A8-84E4-8A5C29653509}
    [2012/06/14 21:10:08 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{4C8155D3-092C-4347-A123-B40CBB85A603}
    [2012/06/13 23:59:23 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{0B4A6830-BEEF-4B5C-90F3-2929F1D59441}
    [2012/06/13 23:59:10 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{A3AE0268-9C30-4B2F-A68F-D41ED24E7DA3}
    [2012/06/12 21:14:19 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{2B8266E4-2C6B-4BC5-A952-C25160E216D4}
    [2012/06/11 22:21:51 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{E93D77B5-D797-41CF-9FB6-61DB358A1DCE}
    [2012/06/11 07:36:49 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{49B8FA57-A553-441A-9C24-37E0C9F59974}
    [2012/06/11 07:36:35 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{FAC2A613-1276-43C4-9590-5CF1A024C082}
    [2012/06/10 18:21:39 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\Desktop\Adobe Dreamweaver CS5.5
    [2012/06/10 13:26:31 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{AE2F35B7-02F8-491D-8BDF-AB4E27609196}
    [2012/06/10 13:26:19 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{8927AC9C-AA90-4DAC-9027-366760435759}
    [2012/06/10 13:26:06 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{F16B5F5F-0E23-4481-A756-29CAEA1BBF8C}
    [2012/06/10 10:43:39 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\Desktop\Adobe Dreamweaver CS6
    [2012/06/10 01:25:28 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{893B8867-ABAC-45BA-9AE9-440C970717CC}
    [2012/06/09 10:39:09 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{85AAC2A0-2994-48AA-90C9-FFEBD8D1946B}
    [2012/06/09 10:38:54 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{D765ABF8-8BC7-434F-BAC7-A8106F5AD7AE}
    [2012/06/09 10:38:27 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{5970F65B-D295-4B53-8836-9DBE901E3A79}
    [2012/06/08 21:52:02 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{5C86BFD0-E4CA-4CA4-AE7C-63B9BC5F27BD}
    [2012/06/08 21:51:50 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{F0BEFDAA-2E73-4A7A-BC60-B9C1954565AA}
    [2012/06/08 21:51:38 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{5FD227A6-9FDC-48F3-A681-802D45514DCA}
    [2012/06/08 21:51:15 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{908DA31B-A34D-4ACD-9588-92F27E76A9B0}
    [2012/06/08 09:50:47 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{875B43FE-1C03-4761-8EA9-13CF57D7DED9}
    [2012/06/08 09:50:37 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{928FE6A2-E467-4D87-A5C4-A9EDCEBBCCF1}
    [2012/06/08 09:50:26 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{1299469E-C62D-42F6-9F3C-00069A402A26}
    [2012/06/07 21:14:14 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{E4E227CD-AD6B-4BDA-83F2-3542480318D2}
    [2012/06/07 21:14:03 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{A1646A14-78AC-4074-B5C2-0726C6F397CC}
    [2012/06/07 21:13:52 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{103D3E26-078C-487B-9574-6D2EB351D90A}
    [2012/06/07 09:13:09 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{D08D660D-7BD9-40B3-9BFE-431EB33B8D2C}
    [2012/06/07 09:12:58 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{3A6EF5CC-5CEE-4FB6-9786-98B6A38CD2C5}
    [2012/06/06 21:12:02 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{3DC6B928-5A42-4A54-9A6B-BF9F00E729C9}
    [2012/06/06 21:11:50 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{E59E8D91-2879-405C-BCB3-0E492D98E8F9}
    [2012/06/06 07:51:00 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{26564367-74A0-4EE8-9644-8038EC2CD69C}
    [2012/06/06 07:50:48 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{5B2AC70C-D61F-4640-85A8-6166496FE441}
    [2012/06/06 07:50:33 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{80519584-5A49-4B6B-9935-D2AF4A4FD494}
    [2012/06/05 19:49:54 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{63BFD282-F16D-448F-A81C-A0B78936F93E}
    [2012/06/05 07:49:18 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{C7F4A22B-B6CD-4862-ACC9-A0DB1D565F88}
    [2012/06/04 19:48:39 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{870806A8-4509-47E6-9366-B60C02F1E11B}
    [2012/06/04 06:58:37 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{4E0BAF4B-1BD5-4AB9-AEE3-9E456A5C4F72}
    [2012/06/03 14:54:43 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{227D7F96-2117-49E8-B052-05BDD929723A}
    [2012/06/03 14:54:21 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{856DEC75-067D-41DC-8FF7-F3A41D178A99}
    [2012/06/02 10:18:08 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\Documents\London_Trip_Movie
    [2012/06/01 21:46:38 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{CC9BE67F-1241-442F-8A5F-16D2CEBDEB66}
    [2012/06/01 21:46:15 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{15D292C2-9919-4854-BEAD-6A3622C37281}
    [2012/06/01 09:45:43 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{E468D392-9B7E-443E-8301-289B582B5F7B}
    [2012/06/01 09:45:32 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{9E1D1CAA-E3DB-4794-BADD-379F4948F773}
    [2012/05/31 18:03:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
    [2012/05/31 18:03:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
    [2012/05/31 16:35:49 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{EA76323E-CDF3-4833-974D-BD9BD62EABC5}
    [2012/05/31 16:35:38 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{7946AC36-652C-4C87-A657-08044FF37EA9}
    [2012/05/29 23:50:18 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
    [2012/05/29 23:26:11 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{02B24216-D5B2-4632-9843-3F9E328D90D1}
    [2012/05/29 23:25:59 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{8495C5B9-1D0E-43DC-9C58-F5EBDB548B82}
    [2012/05/28 22:43:05 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{D8441E6B-729A-4705-93AA-060F5E8C45F5}
    [2012/05/28 22:42:28 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{C883AB48-8111-47E7-8352-7725E4C63BB6}
    [2012/05/28 01:25:19 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{5E637022-5A92-4732-AF0A-7E244E411FDF}
    [2012/05/28 01:24:11 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{CECD077B-6629-4AF3-8D1C-94ECB17D70C0}
    [2012/05/27 18:02:28 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{9EEAB016-7A94-486C-B5BB-226BE289BDD2}
    [2012/05/27 03:36:33 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{04E411DB-9EC3-4631-BB4B-35BB233BBD0A}
    [2012/05/27 03:36:21 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{FFA47962-C4D2-4E67-85A5-868445B3E002}
    [2012/05/26 11:09:16 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{EE11483B-DC1D-4242-8CE7-A3998B1908CA}
    [2012/05/26 11:09:02 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{CE86D454-A410-4ECE-8A97-7E16430B3A09}
    [2012/05/26 09:50:46 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{8B7FC681-F174-41CE-B457-951DDD92F769}
    [2012/05/24 20:33:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
    [2012/05/24 20:33:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
    [2012/05/24 20:19:59 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{5E68F3B5-A8C6-4D1F-8610-92068C733ABA}
    [2012/05/24 20:19:42 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{CAB7917D-6EFC-49C6-A31E-386FD26B6174}
    [2012/05/23 20:55:16 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{5272B461-72AD-4258-A330-2C71D3F52085}
    [2012/05/23 20:55:00 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{ADE649E4-EE45-4FAD-A1AB-737AA571A04D}
    [2012/05/22 19:51:32 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{C8DBD1E3-A214-4971-BFA2-812BAFC66BB2}
    [2012/05/22 19:51:16 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{FF38B70A-AEC8-4D61-A482-EE2DFBFAEA36}
    [2012/05/21 21:30:55 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{DF9FA72A-D8BE-49F8-81A6-4D1A13CF57F1}
    [2012/05/21 21:30:33 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{34416AE9-05C1-431E-B45D-B61DB3ECDC2C}
    [2012/05/21 07:49:05 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{243A3385-CC7B-45FE-B585-7F247AD4BE42}
    [2012/05/21 07:48:52 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{F8465830-1D16-4C2C-9884-5CCF4EE52CEF}
    [2012/05/21 07:48:38 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{445DD9C7-DB18-4046-9350-3D2B0E3AAB81}
    [2012/05/21 07:48:24 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{5FD2808E-F872-4949-BCDE-5E512E541637}
    [2012/05/20 13:15:10 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{089D9308-5EA5-4DE9-9BC9-B4CB3EE15645}
    [2012/05/20 01:14:26 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{04B42CEA-4A82-49BF-B9E0-C4F42F947A95}
    [2012/05/20 01:14:11 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{CEB4B4CD-2866-4EE0-A51C-9165E96DAC61}
    [2012/05/19 10:38:23 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{183D48FD-0667-4D6E-A261-89768F697B8E}
    [2012/05/19 10:37:59 | 000,000,000 | ---D | C] -- C:\Users\Jayski_Laptop\AppData\Local\{6F0B0E79-3ABE-4368-83B9-B2857DC5E477}
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2012/06/17 20:14:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jayski_Laptop\Desktop\OTL.exe
    [2012/06/17 20:14:12 | 000,733,884 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012/06/17 20:14:12 | 000,636,076 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012/06/17 20:14:12 | 000,114,058 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012/06/17 20:05:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3739037683-3064319709-692292168-1001UA.job
    [2012/06/17 20:01:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/06/17 19:48:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/06/17 19:04:50 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/06/17 19:04:50 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/06/17 19:01:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/06/17 18:53:55 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2012/06/17 18:52:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/06/17 18:52:06 | 2139,484,159 | -HS- | M] () -- C:\hiberfil.sys
    [2012/06/17 18:30:01 | 000,001,122 | ---- | M] () -- C:\Users\Public\Desktop\modo 501 sp2 64bit.lnk
    [2012/06/17 18:30:01 | 000,001,038 | ---- | M] () -- C:\Users\Jayski_Laptop\Desktop\RealFlow 2012.lnk
    [2012/06/17 18:30:01 | 000,000,941 | ---- | M] () -- C:\Users\Public\Desktop\KeyShot2 64.lnk
    [2012/06/17 18:30:01 | 000,000,941 | ---- | M] () -- C:\Users\Jayski_Laptop\Desktop\KeyShot2 64.lnk
    [2012/06/17 18:30:01 | 000,000,794 | ---- | M] () -- C:\Users\Jayski_Laptop\Desktop\KeyShot Resources.lnk
    [2012/06/17 18:23:29 | 004,560,591 | R--- | M] (Swearware) -- C:\Users\Jayski_Laptop\Desktop\ComboFix.exe
    [2012/06/11 08:05:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3739037683-3064319709-692292168-1001Core.job
    [2012/06/10 21:02:17 | 000,000,132 | ---- | M] () -- C:\Users\Jayski_Laptop\AppData\Roaming\Adobe PNG Format CS5 Prefs
    [2012/06/10 20:47:29 | 000,658,944 | ---- | M] () -- C:\Windows\SysWow64\ariwrv.exe
    [2012/06/10 10:45:42 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
    [2012/06/08 19:40:47 | 000,800,216 | ---- | M] () -- C:\Users\Jayski_Laptop\Documents\Screen shot 2012-06-03 at 11.35.42 PM.png
    [2012/06/08 19:39:12 | 000,012,050 | ---- | M] () -- C:\Users\Jayski_Laptop\Documents\Screen shot 2012-06-04 at 12.21.02 AM.png
    [2012/06/07 09:08:24 | 000,255,880 | ---- | M] () -- C:\Users\Jayski_Laptop\Documents\Keung7.jpg
    [2012/06/07 09:08:14 | 001,282,663 | ---- | M] () -- C:\Users\Jayski_Laptop\Documents\Keung7.psd
    [2012/06/03 16:11:40 | 000,010,938 | ---- | M] () -- C:\Users\Jayski_Laptop\Documents\photo.jpg
    [2012/06/03 10:15:20 | 000,001,065 | ---- | M] () -- C:\Users\Jayski_Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    [2012/06/03 10:15:00 | 000,001,049 | ---- | M] () -- C:\Users\Jayski_Laptop\Desktop\Dropbox.lnk
    [2012/05/31 18:03:49 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
    [2012/05/31 18:03:38 | 000,740,886 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2012/05/24 21:09:52 | 000,002,445 | ---- | M] () -- C:\Users\Jayski_Laptop\Desktop\Google Chrome.lnk
    [2012/05/24 20:33:51 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
    [2012/05/19 14:37:44 | 000,002,057 | ---- | M] () -- C:\Users\Public\Desktop\Lightroom 4 64-bit.lnk
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2012/06/17 18:30:10 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2012/06/17 18:30:10 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2012/06/17 18:30:10 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2012/06/17 18:30:10 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2012/06/17 18:30:10 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2012/06/10 20:47:29 | 000,658,944 | ---- | C] () -- C:\Windows\SysWow64\ariwrv.exe
    [2012/06/10 18:58:47 | 000,001,249 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CS5.5.lnk
    [2012/06/10 18:56:30 | 000,001,381 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
    [2012/06/10 18:56:24 | 000,001,553 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
    [2012/06/10 18:56:16 | 000,001,280 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
    [2012/06/10 18:55:55 | 000,001,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
    [2012/06/08 19:40:32 | 000,800,216 | ---- | C] () -- C:\Users\Jayski_Laptop\Documents\Screen shot 2012-06-03 at 11.35.42 PM.png
    [2012/06/08 19:39:02 | 000,012,050 | ---- | C] () -- C:\Users\Jayski_Laptop\Documents\Screen shot 2012-06-04 at 12.21.02 AM.png
    [2012/06/07 09:08:20 | 000,255,880 | ---- | C] () -- C:\Users\Jayski_Laptop\Documents\Keung7.jpg
    [2012/06/07 09:08:13 | 001,282,663 | ---- | C] () -- C:\Users\Jayski_Laptop\Documents\Keung7.psd
    [2012/06/03 16:11:38 | 000,010,938 | ---- | C] () -- C:\Users\Jayski_Laptop\Documents\photo.jpg
    [2012/05/31 18:03:40 | 000,001,917 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
    [2012/05/24 20:33:51 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
    [2012/05/19 14:37:44 | 000,002,065 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 4 64-bit.lnk
    [2012/05/19 14:37:44 | 000,002,057 | ---- | C] () -- C:\Users\Public\Desktop\Lightroom 4 64-bit.lnk
    [2012/03/28 23:56:06 | 001,692,672 | ---- | C] () -- C:\Windows\SysWow64\mprdin.dll
    [2012/03/15 15:37:11 | 000,000,132 | ---- | C] () -- C:\Users\Jayski_Laptop\AppData\Roaming\Adobe GIF Format CS5 Prefs
    [2011/12/22 18:10:49 | 000,007,613 | ---- | C] () -- C:\Users\Jayski_Laptop\AppData\Local\Resmon.ResmonCfg
    [2011/11/13 00:25:56 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
    [2011/10/15 07:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
    [2011/09/29 00:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
    [2011/08/18 22:44:37 | 000,000,028 | ---- | C] () -- C:\Windows\Robota.INI
    [2011/07/18 21:43:30 | 000,029,696 | ---- | C] () -- C:\Users\Jayski_Laptop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/05/29 22:53:51 | 000,415,232 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
    [2011/05/20 20:55:23 | 000,000,014 | ---- | C] () -- C:\Windows\SysWow64\syspvc.dll
    [2011/03/04 16:36:04 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
    [2011/01/16 05:26:50 | 000,000,132 | ---- | C] () -- C:\Users\Jayski_Laptop\AppData\Roaming\Adobe PNG Format CS5 Prefs
    [2011/01/10 04:00:38 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
    [2011/01/06 00:48:55 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
    [2011/01/06 00:48:52 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
    [2011/01/06 00:30:01 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
    [2011/01/05 22:58:50 | 000,000,048 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
    [2011/01/05 06:59:47 | 000,000,616 | ---- | C] () -- C:\Windows\eReg.dat
    [2011/01/05 03:49:00 | 000,740,886 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2010/12/25 20:59:37 | 000,080,368 | ---- | C] () -- C:\Windows\SysWow64\pbadrvdll.dll

    ========== LOP Check ==========

    [2011/03/31 03:04:58 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Acoustica
    [2011/09/07 11:17:02 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Ambient Design
    [2011/05/20 21:19:53 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\AnvSoft
    [2012/05/13 02:47:05 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Audacity
    [2011/08/14 18:19:57 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Autodesk
    [2012/01/08 13:50:08 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Babylon
    [2011/12/27 19:29:14 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Bell
    [2011/01/05 01:33:35 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Broadcom
    [2011/11/13 16:29:10 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Bunkspeed
    [2012/02/28 12:02:58 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Canon
    [2011/09/21 20:53:16 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    [2011/06/19 12:53:17 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\CoreFTP
    [2012/06/17 18:54:42 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Dropbox
    [2011/03/04 16:37:36 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\DWGeditor
    [2012/06/10 21:19:38 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\FileZilla
    [2011/07/02 09:51:16 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\go
    [2011/01/21 17:55:28 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Leadertech
    [2011/12/26 21:21:55 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\LinkManager 4.0
    [2012/03/04 14:06:01 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Luxology
    [2011/01/21 00:26:49 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\MAGIX
    [2011/10/20 21:51:44 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\MAXON
    [2012/06/17 18:45:30 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Propellerhead Software
    [2011/07/14 20:03:25 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Refractive Software
    [2011/05/14 17:31:47 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Soft Gold
    [2011/01/06 01:15:25 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
    [2011/03/31 04:06:41 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\SynthMaker
    [2011/04/14 15:23:10 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Telefónica
    [2011/01/05 01:33:35 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Wave Systems Corp
    [2012/04/02 17:02:06 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Windows Live Writer
    [2012/03/25 23:48:22 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Xilisoft
    [2011/03/31 23:31:29 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\Xilisoft Corporation
    [2012/02/05 14:37:14 | 000,000,000 | ---D | M] -- C:\Users\Jayski_Laptop\AppData\Roaming\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1
    [2011/12/18 21:54:54 | 000,032,572 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Custom Scans ==========

    < %SYSTEMDRIVE%\*.* >
    [2012/06/17 19:53:02 | 000,028,095 | ---- | M] () -- C:\ComboFix.txt
    [2010/12/25 22:40:19 | 000,031,467 | RH-- | M] () -- C:\dell.sdr
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
    [2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
    [2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
    [2010/12/10 03:55:54 | 000,171,014 | ---- | M] () -- C:\game.ico
    [2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
    [2011/04/13 16:04:15 | 000,000,136 | ---- | M] () -- C:\GPEapSim.log
    [2012/06/17 18:52:06 | 2139,484,159 | -HS- | M] () -- C:\hiberfil.sys
    [2011/11/20 18:56:09 | 000,000,000 | ---- | M] () -- C:\import_result.txt
    [2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
    [2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
    [2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
    [2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
    [2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
    [2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
    [2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
    [2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
    [2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
    [2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
    [2006/12/02 07:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
    [2010/06/07 21:57:44 | 000,000,643 | ---- | M] () -- C:\NetworkCfg.xml
    [2012/06/17 18:52:13 | 4284,305,407 | -HS- | M] () -- C:\pagefile.sys
    [2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
    [2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
    [2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

    < %systemroot%\Fonts\*.com >
    [2009/07/14 07:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
    [2009/07/14 07:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
    [2009/07/14 07:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
    [2009/07/14 07:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

    < %systemroot%\Fonts\*.dll >

    < %systemroot%\Fonts\*.ini >
    [2009/06/10 22:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

    < %systemroot%\Fonts\*.ini2 >

    < %systemroot%\Fonts\*.exe >

    < %systemroot%\system32\spool\prtprocs\w32x86\*.* >

    < %systemroot%\REPAIR\*.bak1 >

    < %systemroot%\REPAIR\*.ini >

    < %systemroot%\system32\*.jpg >

    < %systemroot%\*.jpg >

    < %systemroot%\*.png >

    < %systemroot%\*.scr >
    [2012/03/08 18:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    < %systemroot%\*._sy >

    < %APPDATA%\Adobe\Update\*.* >

    < %ALLUSERSPROFILE%\Favorites\*.* >

    < %APPDATA%\Microsoft\*.* >
    [2011/04/25 17:57:13 | 000,001,686 | -HS- | M] () -- C:\Users\Jayski_Laptop\AppData\Roaming\Microsoft\LastFlashConfig.wfc

    < %PROGRAMFILES%\*.* >
    [2009/07/14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

    < %APPDATA%\Update\*.* >

    < %systemroot%\*. /mp /s >

    < %systemroot%\System32\config\*.sav >

    < %PROGRAMFILES%\bak. /s >

    < %systemroot%\system32\bak. /s >

    < %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

    < %systemroot%\system32\config\systemprofile\*.dat /x >

    < %systemroot%\*.config >

    < %systemroot%\system32\*.db >

    < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
    [2011/01/05 01:36:40 | 000,000,221 | -HS- | M] () -- C:\Users\Jayski_Laptop\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

    < %USERPROFILE%\Desktop\*.exe >
    [2012/06/17 18:23:29 | 004,560,591 | R--- | M] (Swearware) -- C:\Users\Jayski_Laptop\Desktop\ComboFix.exe
    [2012/06/17 20:14:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jayski_Laptop\Desktop\OTL.exe

    < %PROGRAMFILES%\Common Files\*.* >
    [2009/11/19 21:08:02 | 002,941,288 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Common Files\adlmint.dll
    [2009/11/19 21:08:02 | 003,749,224 | ---- | M] (Acresso Software Inc.) -- C:\Program Files (x86)\Common Files\adlmint_libFNP.dll

    < %systemroot%\*.src >

    < %systemroot%\install\*.* >

    < %systemroot%\system32\DLL\*.* >

    < %systemroot%\system32\HelpFiles\*.* >

    < %systemroot%\tasks\*.* >
    [2012/06/17 19:48:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/06/17 19:01:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/06/17 20:01:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/06/11 08:05:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3739037683-3064319709-692292168-1001Core.job
    [2012/06/17 20:05:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3739037683-3064319709-692292168-1001UA.job
    [2012/06/17 18:52:38 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2011/12/18 21:54:54 | 000,032,572 | ---- | M] () -- C:\Windows\tasks\SCHEDLGU.TXT

    < %systemroot%\system32\rundll\*.* >

    < %systemroot%\winn32\*.* >

    < %systemroot%\Java\*.* >

    < %systemroot%\system32\test\*.* >

    < %systemroot%\system32\Rundll32\*.* >

    < %systemroot%\AppPatch\Custom\*.* >

    < %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

    < %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

    < %PROGRAMFILES%\Internet Explorer\*.tmp >

    < %PROGRAMFILES%\Internet Explorer\*.dat >

    < %USERPROFILE%\My Documents\*.exe >

    < %USERPROFILE%\*.exe >

    < %systemroot%\ADDINS\*.* >
    [2009/06/10 23:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\ADDINS\FXSEXT.ecf

    < %systemroot%\assembly\*.bak2 >

    < %systemroot%\Config\*.* >

    < %systemroot%\REPAIR\*.bak2 >

    < %systemroot%\SECURITY\Database\*.sdb /x >
    [2012/01/02 23:02:50 | 000,008,192 | ---- | M] () -- C:\Windows\SECURITY\Database\edb.chk
    [2012/01/02 23:02:49 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edb.log
    [2012/01/02 23:02:49 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edbres00001.jrs
    [2012/01/02 23:02:49 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edbres00002.jrs
    [2012/01/02 23:02:49 | 000,786,432 | ---- | M] () -- C:\Windows\SECURITY\Database\edbtmp.log
    [2012/01/02 23:02:49 | 001,056,768 | ---- | M] () -- C:\Windows\SECURITY\Database\tmp.edb

    < %systemroot%\SYSTEM\*.bak2 >

    < %systemroot%\Web\*.bak2 >

    < %systemroot%\Driver Cache\*.* >

    < %PROGRAMFILES%\Mozilla Firefox\0*.exe >

    < %ProgramFiles%\Microsoft Common\*.* >

    < %ProgramFiles%\TinyProxy. >

    < %USERPROFILE%\Favorites\*.url /x >
    [2012/02/15 20:36:02 | 000,000,402 | -HS- | M] () -- C:\Users\Jayski_Laptop\Favorites\desktop.ini

    < %systemroot%\system32\*.bk >

    < %systemroot%\*.te >

    < %systemroot%\system32\system32\*.* >

    < %ALLUSERSPROFILE%\*.dat /x >
    [2011/08/28 13:18:43 | 000,002,828 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys

    < %systemroot%\system32\drivers\*.rmv >

    < dir /b "%systemroot%\system32\*.exe" | find /I " " /c >

    < dir /b "%systemroot%\*.exe" | find /I " " /c >

    < %PROGRAMFILES%\Microsoft\*.* >

    < %systemroot%\System32\Wbem\proquota.exe >

    < %PROGRAMFILES%\Mozilla Firefox\*.dat >

    < %USERPROFILE%\Cookies\*.txt /x >

    < %SystemRoot%\system32\fonts\*.* >

    < %systemroot%\system32\winlog\*.* >

    < %systemroot%\system32\Language\*.* >

    < %systemroot%\system32\Settings\*.* >

    < %systemroot%\system32\*.quo >

    < %SYSTEMROOT%\AppPatch\*.exe >

    < %SYSTEMROOT%\inf\*.exe >

    < %SYSTEMROOT%\Installer\*.exe >

    < %systemroot%\system32\config\*.bak2 >

    < %systemroot%\system32\Computers\*.* >

    < %SystemRoot%\system32\Sound\*.* >

    < %SystemRoot%\system32\SpecialImg\*.* >

    < %SystemRoot%\system32\code\*.* >

    < %SystemRoot%\system32\draft\*.* >

    < %SystemRoot%\system32\MSSSys\*.* >

    < %ProgramFiles%\Javascript\*.* >

    < %systemroot%\pchealth\helpctr\System\*.exe /s >

    < %systemroot%\Web\*.exe >

    < %systemroot%\system32\msn\*.* >

    < %systemroot%\system32\*.tro >

    < %AppData%\Microsoft\Installer\msupdates\*.* >

    < %ProgramFiles%\Messenger\*.* >

    < %systemroot%\system32\systhem32\*.* >

    < %systemroot%\system\*.exe >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\LastSuccessTime /rs >
    < End of report >
     
  19. jayski

    jayski TS Rookie Topic Starter Posts: 23

    Extras.txt

    OTL Extras logfile created on: 6/17/2012 8:17:58 PM - Run 1
    OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\Jayski_Laptop\Desktop
    64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7601.17514)
    Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

    7.99 Gb Total Physical Memory | 5.72 Gb Available Physical Memory | 71.58% Memory free
    15.98 Gb Paging File | 13.68 Gb Available in Paging File | 85.61% Paging File free
    Paging file location(s): c:\pagefile.sys 0 0 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 451.07 Gb Total Space | 61.97 Gb Free Space | 13.74% Space Free | Partition Type: NTFS
    Drive G: | 5.46 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
    Drive H: | 7.60 Gb Total Space | 6.62 Gb Free Space | 87.10% Space Free | Partition Type: FAT32
    Drive I: | 3.81 Gb Total Space | 0.60 Gb Free Space | 15.82% Space Free | Partition Type: FAT32

    Computer Name: JAYSKILAPTOP | User Name: Jayski_Laptop | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
    "{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
    "{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
    "{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
    "{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
    "{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
    "{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
    "{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
    "{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
    "{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0003C1E0-E0E7-49BB-A0F6-4AE6D2B09202}" = UPEK TouchChip Fingerprint Reader
    "{02112E5E-D6DE-481D-ADA7-3E3863AC68C4}" = Bunkspeed Shot (64-bit)
    "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
    "{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
    "{0DB0EA38-E806-44ED-A892-489F2E305080}" = Dell System Manager
    "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802" = CanoScan LiDE 600F
    "{131A2659-99A9-4A89-B012-22A898EAE9DA}" = EMBASSY Security Center Lite
    "{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
    "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
    "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
    "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
    "{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
    "{34481E35-179E-4738-A83A-71FA7AA3894B}" = Bunkspeed HyperDrive (64-bit)
    "{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
    "{4327107B-E95E-415C-9194-458FCED6BF12}" = Intel(R) PROSet/Wireless WiFi Software
    "{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
    "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{4C0A8D65-4286-4B58-87FE-18AD24289285}" = NVIDIA Performance Drivers
    "{4F7EE569-CF67-4054-82D2-8FF309489682}" = OneTouch 4.0
    "{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
    "{5869841A-0C15-4852-8A91-4F3B40BC823B}" = Autodesk AliasStudio 2009 (64-bit)
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
    "{669A82E0-43E2-4645-8A2E-1A3DE78F8312}" = Adobe Photoshop Lightroom 4 64-bit
    "{67154CF5-2C33-41C2-A9F2-A4FBC29482AD}" = Wave Infrastructure Installer
    "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{7AAA00C4-26E6-4EC0-8069-955B0A9D6009}" = Intel(R) Network Connections 15.2.89.0
    "{7B7D73E7-79D5-4133-AB7A-E27BB5F64725}" = Dell Control Point 64
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
    "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
    "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
    "{8E80AF23-17B4-4611-B28E-68A114B23488}" = Dell ControlVault Host Components Installer 64Bit
    "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
    "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
    "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
    "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
    "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
    "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
    "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
    "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
    "{A4F53D2C-1FED-4CDF-9D83-4AED82CD0436}" = Gemalto
    "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
    "{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
    "{AC76BA86-1033-0000-0064-0003D0000004}" = Adobe Acrobat 9 Pro Extended 64-bit Add-On
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{AF7E4468-E364-4991-BC2A-6E8293E1055B}" = BioAPI Framework
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.62
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.62
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.62
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.02
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 285.62
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.0621
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.24.0
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
    "{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
    "{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
    "{BB93D30B-B395-44BB-A9ED-A0E057F07E53}" = NTRU TCG Software Stack
    "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
    "{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
    "{D16193A3-921A-4134-B381-597C8F4B8EBD}" = PaperPort Image Printer
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DDD6BE8C-9AFA-48F1-A6AE-3BD596E2EB0B}" = Trusted Drive Manager
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
    "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
    "{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "9512AA21B791B05A54E27065C45BBC417AB282DF" = Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6)
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
    "KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v4.1.0
    "MAXONB6EC381C" = CINEMA 4D 11.514
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft Security Client" = Microsoft Security Essentials
    "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
    "ProInst" = Intel PROSet Wireless
    "PROSetDX" = Intel(R) Network Connections 15.2.89.0
    "Wacom Tablet Driver" = Wacom Tablet

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
    "{0215A652-E081-4B09-9333-DC85AAB67FFA}" = Adobe Dreamweaver CS5.5
    "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
    "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
    "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
    "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
    "{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
    "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
    "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
    "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
    "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
    "{198573D8-60B3-4BBA-9B35-A8D2AFA8B5C0}" = MAGIX Music Maker 17 Premium (Sound package)
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
    "{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{259BD7B2-490E-4773-A159-284912544111}" = Dell Latitude ON Configuration Utility Installer
    "{26621E14-A45B-45CD-9ED9-7A0A9B585DB4}" = SolidWorks Installation Manager
    "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
    "{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
    "{325045C9-F040-3D98-892D-53D5E840266C}" = Google Talk Plugin
    "{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{33999F1F-EA46-4E55-A239-1BA803235396}" = Hercules DJ Products Series drivers
    "{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
    "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
    "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
    "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
    "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
    "{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
    "{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
    "{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
    "{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
    "{47F6627C-61DD-4191-91C3-2E4077EE7B1F}" = MAGIX Music Maker 17 Premium Download Version
    "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
    "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
    "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
    "{511FA8D0-78BE-47F9-AEB0-CDF377E3064A}" = MAGIX Music Maker 17 Premium (Instrument package 1)
    "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
    "{559FAB96-A0CD-4105-A02F-1C21DEBCEF89}" = SolidWorks Explorer 2007 sp0
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{5D0BAA26-7D88-4343-A507-F439566E1DDD}" = MAGIX Music Maker 17 Premium (Instrument package 2)
    "{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
    "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
    "{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
    "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
    "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{75FEB085-179F-4C85-B0E4-B517D2160750}" = eDrawings 2007
    "{761E061F-FB8E-BBB4-69A4-B1DEF3640DB7}" = Zinio Reader 4
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
    "{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
    "{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
    "{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
    "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
    "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
    "{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
    "{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A56A332-F833-45CF-9A20-6F3524054843}" = James Bond 007(TM) - Blood Stone
    "{8B7IL77L-LKS1-AC3-BATAC-18CD6E6334R1}_is1" = Batman Arkham City version 1.0
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8CE08C3C-8FF4-45D9-925E-4F3CE2D7FA7D}" = Adobe Setup
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8EB8E60B-315D-44EB-A896-10D88602EE46}" = Adobe Setup
    "{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
    "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
    "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
    "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
    "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
    "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
    "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
    "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
    "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
    "{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
    "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
    "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
    "{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
    "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
    "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
    "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
    "{95FCA50A-CF7D-457E-AF69-F058F8BC2844}" = SolidWorks 2007 SP0
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
    "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Mobile Partner Manager
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
    "{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
    "{AC76BA86-1033-F400-7761-000000000004}_920" = Adobe Acrobat 9.2.0 - CPSID_50026
    "{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
    "{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
    "{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
    "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
    "{B352D3F6-352B-4031-9C79-2C7A26062BBC}" = MAGIX Music Maker 17 Premium (Synthesizer and effects)
    "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
    "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
    "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
    "{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
    "{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
    "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{CA1CA5F8-7500-45C5-9D4C-47D13FBC92D2}" = Adobe Setup
    "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{DFDD2913-557D-4EB5-8745-47749E521760}" = MAGIX Screenshare
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E0BA659A-45CC-4EC2-AA1C-E73CAFC6408B}" = Autodesk Alias 2010
    "{E17141A6-211D-5854-61D9-69827A430D82}" = EA Download Manager UI
    "{E21C8CCF-76C4-4664-AD53-CCC8990C5B78}" = Autodesk DirectConnect 2011
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
    "{ECC69E86-3B0E-4010-AA37-414C5D71B7B9}" = RPS CRT
    "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
    "{F02651E6-BFB4-4CF2-ADE0-DA44D90B573F}" = SolidWorks 2008 API SDK
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
    "{F1274811-33BC-45EB-B4F6-D05265BADBA1}" = Autodesk Showcase 2011 32-bit
    "{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = SetPoint
    "{F4487649-7368-4217-AEA3-1E04DB3E2C5C}" = Dell ControlPoint Security Manager
    "{F4884EA7-CF31-4E87-B840-CFE161BD81D3}" = MAGIX Music Maker 17 Premium (Instrument package 3)
    "{F5125699-C01A-4ED8-BD3A-265DF29859FE}" = DWGeditor
    "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
    "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
    "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
    "{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder
    "{FDD41BE8-3FEE-4839-B1D8-8970D24D314D}" = MAGIX Speed burnR (MSI)
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
    "{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}" = Dell Security Device Driver Pack
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "«Tom Clancy`s Splinter Cell»_is1" = «Tom Clancy`s Splinter Cell» version 1.3
    "501 sp2_64" = Luxology modo 501 sp2 64-bit build 41321
    "ABViewer 7_is1" = ABViewer 7
    "Acoustica Effects Pack" = Acoustica Effects Pack
    "Acoustica Mixcraft 5" = Acoustica Mixcraft 5
    "Adobe AIR" = Adobe AIR
    "Adobe_1710d324011afc3e7658e969025f4ba" = Adobe InDesign CS4
    "Adobe_2a31ae7a5c43ff52d8577782dd34e04" = Adobe Illustrator CS4
    "Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
    "Adobe_5aab5a491a3a52ae624fd639f6aaa95" = Adobe After Effects CS4 Third Party Content
    "Any Video Converter Professional_is1" = Any Video Converter Professional 3.0.7
    "Audacity_is1" = Audacity 2.0
    "BitLord" = BitLord 1.1
    "Blurb Template Creator CS4_is1" = Blurb Template Creator CS4 v1.1.0.1d5
    "CanoScan Toolbox 5.0" = Canon CanoScan Toolbox 5.0
    "CDisplay_is1" = CDisplay 1.8
    "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser
    "com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
    "CoreFTP" = Core FTP LE
    "Dell Webcam Central" = Dell Webcam Central
    "EA Download Manager" = EA Download Manager
    "Fake Webcam_is1" = Fake Webcam 6.1.3
    "fakewebcam7.1.0_is1" = Fake Webcam 7.1
    "FileZilla Client" = FileZilla Client 3.3.5.1
    "GoldenEye: Source" = GoldenEye: Source - HalfLife 2 Mod
    "InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
    "InstallShield_{131A2659-99A9-4A89-B012-22A898EAE9DA}" = EMBASSY Security Center Lite
    "InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
    "InstallShield_{8A56A332-F833-45CF-9A20-6F3524054843}" = James Bond 007(TM) - Blood Stone
    "InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
    "InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
    "KeyShot2_64" = KeyShot2 2.3 64 bit
    "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.6.6
    "Magic Bullet Looks" = Magic Bullet Looks
    "Magic Bullet LooksBuilder" = Magic Bullet LooksBuilder
    "MAGIX_MSI_mm17dlx" = MAGIX Music Maker 17 Premium Download Version
    "Network Play System" = Network Play System
    "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
    "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
    "ObjectDock" = ObjectDock
    "Office14.PROPLUS" = Microsoft Office Professional Plus 2010
    "PowerISO" = PowerISO
    "RealFlow 2012" = RealFlow 2012
    "Veetle TV" = Veetle TV
    "Video Converter Professional_is1" = Video Converter Professional 4.0.0.0
    "Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
    "vShare.tv plugin" = vShare.tv plugin 1.3
    "Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
    "Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin
    "Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
    "WinLiveSuite" = Windows Live Essentials
    "Xilisoft DVD Creator 6" = Xilisoft DVD Creator 6
    "Xilisoft HD Video Converter" = Xilisoft HD Video Converter
    "Xilisoft HD Video Converter 6" = Xilisoft HD Video Converter 6
    "Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate
    "Xilisoft Video Converter Ultimate 6" = Xilisoft Video Converter Ultimate 6
    "ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1" = Zinio Reader 4

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-3739037683-3064319709-692292168-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Dropbox" = Dropbox
    "Game Organizer" = EasyBits GO
    "Google Chrome" = Google Chrome

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 6/17/2012 6:09:30 AM | Computer Name = JayskiLaptop | Source = WinMgmt | ID = 28
    Description =

    Error - 6/17/2012 6:11:00 AM | Computer Name = JayskiLaptop | Source = Microsoft-Windows-CAPI2 | ID = 512
    Description = The Cryptographic Services service failed to initialize the VSS backup
    "System Writer" object. Details: Could not query the status of the EventSystem service.

    System
    Error: The RPC server is unavailable. .

    Error - 6/17/2012 6:11:15 AM | Computer Name = JayskiLaptop | Source = VSS | ID = 13
    Description =

    Error - 6/17/2012 6:11:15 AM | Computer Name = JayskiLaptop | Source = VSS | ID = 8193
    Description =

    Error - 6/17/2012 6:14:37 AM | Computer Name = JayskiLaptop | Source = Application Error | ID = 1000
    Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
    stamp: 0x4a5bc100 Faulting module name: mprdin.dll, version: 0.0.0.0, time stamp:
    0x2a425e19 Exception code: 0xc0000005 Fault offset: 0x0000897a Faulting process id:
    0x99c Faulting application start time: 0x01cd4c71f8d301f8 Faulting application path:
    C:\Windows\SysWOW64\svchost.exe Faulting module path: c:\windows\syswow64\mprdin.dll
    Report
    Id: 3d90a2a9-b865-11e1-afea-1c659daced7c

    Error - 6/17/2012 6:14:39 AM | Computer Name = JayskiLaptop | Source = WinMgmt | ID = 28
    Description =

    Error - 6/17/2012 12:08:28 PM | Computer Name = JayskiLaptop | Source = Application Error | ID = 1000
    Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
    stamp: 0x4a5bc100 Faulting module name: mprdin.dll, version: 0.0.0.0, time stamp:
    0x2a425e19 Exception code: 0xc0000005 Fault offset: 0x0000897a Faulting process id:
    0xb74 Faulting application start time: 0x01cd4ca36a35661d Faulting application path:
    C:\Windows\SysWOW64\svchost.exe Faulting module path: c:\windows\syswow64\mprdin.dll
    Report
    Id: ac53c2c0-b896-11e1-9245-1c659daced7c

    Error - 6/17/2012 12:29:41 PM | Computer Name = JayskiLaptop | Source = Application Error | ID = 1000
    Description = Faulting application name: TdmNotify.exe, version: 3.3.3.104, time
    stamp: 0x4bb10672 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception
    code: 0xc0000005 Fault offset: 0x0000016300000029 Faulting process id: 0x10fc Faulting
    application start time: 0x01cd4ca3734fc949 Faulting application path: C:\Program
    Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe Faulting module path:
    unknown Report Id: a353fbf7-b899-11e1-9245-1c659daced7c

    Error - 6/17/2012 12:52:52 PM | Computer Name = JayskiLaptop | Source = Application Error | ID = 1000
    Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
    stamp: 0x4a5bc100 Faulting module name: mprdin.dll, version: 0.0.0.0, time stamp:
    0x2a425e19 Exception code: 0xc0000005 Fault offset: 0x0000897a Faulting process id:
    0xb98 Faulting application start time: 0x01cd4ca99e070d86 Faulting application path:
    C:\Windows\SysWOW64\svchost.exe Faulting module path: c:\windows\syswow64\mprdin.dll
    Report
    Id: e078ba53-b89c-11e1-8fa0-1c659daced7c

    Error - 6/17/2012 12:54:31 PM | Computer Name = JayskiLaptop | Source = Application Error | ID = 1000
    Description = Faulting application name: TdmNotify.exe, version: 3.3.3.104, time
    stamp: 0x4bb10672 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception
    code: 0xc0000005 Fault offset: 0x0000016300000027 Faulting process id: 0x1208 Faulting
    application start time: 0x01cd4ca9cc022941 Faulting application path: C:\Program
    Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe Faulting module path:
    unknown Report Id: 1b7afc70-b89d-11e1-8fa0-1c659daced7c

    [ Media Center Events ]
    Error - 3/4/2012 1:50:47 AM | Computer Name = JayskiLaptop | Source = MCUpdate | ID = 0
    Description = 6:50:47 AM - Error connecting to the internet. 6:50:47 AM - Unable
    to contact server..

    Error - 3/4/2012 1:50:52 AM | Computer Name = JayskiLaptop | Source = MCUpdate | ID = 0
    Description = 6:50:52 AM - Error connecting to the internet. 6:50:52 AM - Unable
    to contact server..

    Error - 3/4/2012 2:50:57 AM | Computer Name = JayskiLaptop | Source = MCUpdate | ID = 0
    Description = 7:50:57 AM - Error connecting to the internet. 7:50:57 AM - Unable
    to contact server..

    Error - 3/4/2012 2:51:02 AM | Computer Name = JayskiLaptop | Source = MCUpdate | ID = 0
    Description = 7:51:02 AM - Error connecting to the internet. 7:51:02 AM - Unable
    to contact server..

    Error - 3/4/2012 11:55:15 PM | Computer Name = JayskiLaptop | Source = MCUpdate | ID = 0
    Description = 4:55:15 AM - Error connecting to the internet. 4:55:15 AM - Unable
    to contact server..

    Error - 3/4/2012 11:56:01 PM | Computer Name = JayskiLaptop | Source = MCUpdate | ID = 0
    Description = 4:55:21 AM - Error connecting to the internet. 4:55:21 AM - Unable
    to contact server..

    Error - 3/5/2012 12:56:05 AM | Computer Name = JayskiLaptop | Source = MCUpdate | ID = 0
    Description = 5:56:05 AM - Error connecting to the internet. 5:56:05 AM - Unable
    to contact server..

    Error - 3/5/2012 12:56:11 AM | Computer Name = JayskiLaptop | Source = MCUpdate | ID = 0
    Description = 5:56:10 AM - Error connecting to the internet. 5:56:10 AM - Unable
    to contact server..

    Error - 3/6/2012 1:59:22 AM | Computer Name = JayskiLaptop | Source = MCUpdate | ID = 0
    Description = 6:59:22 AM - Error connecting to the internet. 6:59:22 AM - Unable
    to contact server..

    Error - 3/6/2012 1:59:33 AM | Computer Name = JayskiLaptop | Source = MCUpdate | ID = 0
    Description = 6:59:27 AM - Error connecting to the internet. 6:59:27 AM - Unable
    to contact server..

    [ System Events ]
    Error - 6/17/2012 12:29:28 PM | Computer Name = JayskiLaptop | Source = Service Control Manager | ID = 7031
    Description = The Routing and Remote Access service terminated unexpectedly. It
    has done this 1 time(s). The following corrective action will be taken in 120000
    milliseconds: Restart the service.

    Error - 6/17/2012 12:38:58 PM | Computer Name = JayskiLaptop | Source = Service Control Manager | ID = 7030
    Description = The PEVSystemStart service is marked as an interactive service. However,
    the system is configured to not allow interactive services. This service may not
    function properly.

    Error - 6/17/2012 12:44:10 PM | Computer Name = JayskiLaptop | Source = Application Popup | ID = 1060
    Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
    with this system. Please contact your software vendor for a compatible version
    of the driver.

    Error - 6/17/2012 12:50:27 PM | Computer Name = JayskiLaptop | Source = Service Control Manager | ID = 7030
    Description = The PEVSystemStart service is marked as an interactive service. However,
    the system is configured to not allow interactive services. This service may not
    function properly.

    Error - 6/17/2012 12:50:50 PM | Computer Name = JayskiLaptop | Source = Service Control Manager | ID = 7030
    Description = The PEVSystemStart service is marked as an interactive service. However,
    the system is configured to not allow interactive services. This service may not
    function properly.

    Error - 6/17/2012 12:52:38 PM | Computer Name = JayskiLaptop | Source = Service Control Manager | ID = 7001
    Description = The NTRU TSS v1.2.1.29 TCS service depends on the TPM Base Services
    service which failed to start because of the following error: %%0

    Error - 6/17/2012 12:52:44 PM | Computer Name = JayskiLaptop | Source = Service Control Manager | ID = 7000
    Description = The Hardlock service failed to start due to the following error: %%577

    Error - 6/17/2012 12:52:45 PM | Computer Name = JayskiLaptop | Source = Service Control Manager | ID = 7023
    Description = The Windows Defender service terminated with the following error:
    %%126

    Error - 6/17/2012 12:52:53 PM | Computer Name = JayskiLaptop | Source = Service Control Manager | ID = 7031
    Description = The Routing and Remote Access service terminated unexpectedly. It
    has done this 1 time(s). The following corrective action will be taken in 120000
    milliseconds: Restart the service.

    Error - 6/17/2012 12:58:28 PM | Computer Name = JayskiLaptop | Source = Service Control Manager | ID = 7022
    Description = The Windows Update service hung on starting.


    < End of report >
     
  20. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    You didn't say:
    [​IMG]

    ======================================================

    OTL logs are clean.

    Last scans....

    1. Download Security Check from HERE, and save it to your Desktop.
    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

      NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

    2. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
    • Make sure the following options are checked:
      • Internet Services
      • Windows Firewall
      • System Restore
      • Security Center
      • Windows Update
      • Windows Defender
    • Press "Scan".
    • It will create a log (FSS.txt) in the same directory the tool is run.
    • Please copy and paste the log to your reply.


    3. Download Temp File Cleaner (TFC)
    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.


    4. Please run a free online scan with the ESET Online Scanner

    • Disable your antivirus program
    • Tick the box next to YES, I accept the Terms of Use
    • Click Start
    • Accept any security warnings from your browser.
    • Check Scan archives
    • Click Start
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click on List of found threats
    • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • NOTE. If Eset won't find any threats, it won't produce any log.
     
  21. jayski

    jayski TS Rookie Topic Starter Posts: 23

    Sorry yes everything is working fine, will run last scans now.
     
  22. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    OK...
     
  23. jayski

    jayski TS Rookie Topic Starter Posts: 23

    Sorry if your waiting for me to post the results, I live in Germany and have a full time job, I have just returned from work, I will post the scan logs as soon as possible.
     
  24. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    No problem :)
     
  25. jayski

    jayski TS Rookie Topic Starter Posts: 23

    Checkup.txt

    Results of screen317's Security Check version 0.99.24
    Windows 7 x64 (UAC is disabled!)
    Internet Explorer 8 Out of date!
    ``````````````````````````````
    Antivirus/Firewall Check:

    Windows Firewall Enabled!
    WMI entry may not exist for antivirus; attempting automatic update.
    ```````````````````````````````
    Anti-malware/Other Utilities Check:

    Java(TM) 6 Update 31
    ````````````````````````````````
    Process Check:
    objlist.exe by Laurent

    Microsoft Security Essentials msseces.exe
    ``````````End of Log````````````
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...