OTL logfile created on: 18/03/2012 16:34:32 - Run 2
OTL by OldTimer - Version 3.2.33.1     Folder = C:\Users\K8\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.97 Gb Total Physical Memory | 2.20 Gb Available Physical Memory | 55.46% Memory free
7.93 Gb Paging File | 5.96 Gb Available in Paging File | 75.17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 218.24 Gb Total Space | 158.60 Gb Free Space | 72.67% Space Free | Partition Type: NTFS
Drive D: | 931.28 Gb Total Space | 640.86 Gb Free Space | 68.81% Space Free | Partition Type: FAT32
 
Computer Name: K8-PC | User Name: K8 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012/03/11 13:48:36 | 001,652,536 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
PRC - [2012/03/11 13:48:36 | 000,931,640 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2012/03/01 14:03:12 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Users\K8\Desktop\OTL.scr
PRC - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/04/24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
PRC - [2011/01/17 18:08:58 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 18:08:58 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/10/27 18:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/04/03 09:59:47 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/05 01:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/11/24 21:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/11/02 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/09/16 18:52:14 | 000,331,776 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\TotalMedia Backup\uBBMonitor.exe
PRC - [2009/08/20 04:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009/08/17 17:58:46 | 006,859,392 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/08/12 22:20:46 | 000,178,816 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/07/31 18:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/06/24 20:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/06/19 18:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 18:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/16 01:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/23 01:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/14 05:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/14 04:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008/03/31 10:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007/11/30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 08:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011/11/10 16:11:00 | 000,557,056 | ---- | M] () -- C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
MOD - [2011/08/07 19:05:28 | 000,516,368 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\28896\RapportMS.dll
MOD - [2011/05/09 13:26:40 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
MOD - [2011/05/09 13:26:39 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/04/24 23:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll
MOD - [2011/04/24 23:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll
MOD - [2011/04/24 23:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll
MOD - [2011/04/24 23:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll
MOD - [2011/04/24 23:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll
MOD - [2011/04/24 23:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll
MOD - [2011/04/20 19:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
MOD - [2010/01/05 01:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/11/24 21:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009/11/02 22:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 22:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009/09/23 19:07:14 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2007/11/30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007/06/15 18:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007/06/02 01:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2009/12/08 00:16:34 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2007/08/08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2012/03/11 13:48:36 | 000,931,640 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP)
SRV - [2010/08/17 11:19:51 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/16 01:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/03/31 10:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012/03/16 12:26:56 | 000,615,728 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:[b]64bit:[/b] - [2012/03/11 13:48:52 | 000,063,760 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RapportKE64.sys -- (RapportKE64)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011/03/10 18:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:[b]64bit:[/b] - [2011/03/04 13:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:[b]64bit:[/b] - [2011/03/04 13:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:[b]64bit:[/b] - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/08/25 19:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2010/04/03 09:56:39 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:[b]64bit:[/b] - [2009/11/02 20:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:[b]64bit:[/b] - [2009/10/15 10:23:19 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2009/10/05 02:33:59 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009/08/23 06:08:07 | 000,056,320 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:[b]64bit:[/b] - [2009/08/21 07:48:17 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:[b]64bit:[/b] - [2009/08/06 22:24:13 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009/07/20 10:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/14 01:00:13 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dot4Scan.sys -- (Dot4Scan)
DRV:[b]64bit:[/b] - [2009/07/09 09:11:31 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2009/06/18 20:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:[b]64bit:[/b] - [2009/06/10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/06/05 11:15:55 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:[b]64bit:[/b] - [2009/05/13 02:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2008/05/24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:[b]64bit:[/b] - [2007/07/24 19:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV:[b]64bit:[/b] - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2012/03/11 13:48:52 | 000,061,712 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2012/03/11 13:48:52 | 000,055,056 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2011/12/15 18:14:59 | 000,397,520 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus64_34302.sys -- (RapportCerberus_34302)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3106575
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {5c4cae29-c754-4ca3-89e1-90b82459159a} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultthis.engineName: "PCHelpSoft Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3106575&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "PCHelpSoft Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..network.proxy.type: 0
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\K8\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012/03/16 12:44:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012/03/16 12:44:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/18 11:56:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/19 18:10:56 | 000,000,000 | ---D | M]
 
[2011/10/01 14:09:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\K8\AppData\Roaming\Mozilla\Extensions
[2012/02/22 13:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\K8\AppData\Roaming\Mozilla\Firefox\Profiles\i2wpgulv.default\extensions
[2012/01/03 09:22:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/06/17 15:45:20 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
() (No name found) -- C:\USERS\K8\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I2WPGULV.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
[2012/02/18 11:56:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/18 11:56:48 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/02/18 11:56:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/18 11:56:48 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/02/18 11:56:48 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/02/18 11:56:48 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\K8\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.79\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\K8\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\K8\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Skype Extension = C:\Users\K8\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\
 
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - Startup: C:\Users\K8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\K8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 16
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9:[b]64bit:[/b] - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:[b]64bit:[/b] - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E37BB2D-FB3D-4A20-B70F-7BC05F2098DB}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\linkscanner - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - AppInit_DLLs: (avgrssta.dll) -  File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\570\G2AWinLogon_x64.dll) - C:\Program Files (x86)\Citrix\GoToAssist\570\g2awinlogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/01/26 17:15:22 | 000,000,191 | ---- | M] () - D:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/03/18 10:08:30 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{45328B92-5D19-4901-A987-8B3869C5BB5A}
[2012/03/18 10:07:47 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{30BAA037-4DCC-46FB-A28F-5852D564DE29}
[2012/03/17 08:47:37 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{93C2B1BD-5F51-47E9-937E-A216FBCEAFF0}
[2012/03/17 08:47:00 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{AAEAEBC4-6B4F-4287-AAC3-56ADF50603E7}
[2012/03/16 12:36:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2012
[2012/03/16 12:27:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2012/03/16 12:26:56 | 000,615,728 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012/03/16 10:31:17 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{C229B0BE-9081-4652-AFDC-E7778FD66603}
[2012/03/16 10:31:07 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{9E3D8A1D-46DB-4FAE-97E5-CE356F25001C}
[2012/03/15 22:06:20 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{53661C84-7290-4396-BE67-31AA7EC46819}
[2012/03/15 22:05:55 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{A2ED6E2C-C0C2-4043-9187-785D13FDE8B4}
[2012/03/15 09:50:27 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{624353B2-5734-43E8-A93A-57B8CDBA699E}
[2012/03/15 09:50:05 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{C2BD0EB5-5983-4C4F-8545-E68E79FD792F}
[2012/03/15 03:11:54 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/03/15 03:11:52 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/03/15 03:11:51 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/03/14 21:49:15 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{3F217796-F4D3-4066-9C35-144A6B16FC3C}
[2012/03/14 21:48:51 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{AB107ACF-5ECB-4F1E-A4A4-5B3D3E6AB375}
[2012/03/14 11:26:35 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/03/14 11:24:41 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/03/14 11:24:41 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/03/14 11:24:36 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/03/14 11:24:36 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/03/14 11:24:35 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/03/14 09:48:08 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{79D60596-BF1D-42EE-98D7-F62041B1D578}
[2012/03/14 09:47:40 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{8D10318C-E8BF-476E-91A2-C8085ACAAC4B}
[2012/03/13 21:44:51 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{28714074-EE03-487B-A3C5-D5BE41DF692D}
[2012/03/13 21:44:25 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{0C107030-0B2C-4CCA-A4CB-BCDE17569C72}
[2012/03/13 15:28:18 | 000,061,440 | ---- | C] ( ) -- C:\Users\K8\Desktop\VEW.exe
[2012/03/13 13:20:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2012/03/13 13:19:55 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2012/03/13 13:16:09 | 004,485,448 | ---- | C] (Piriform Ltd) -- C:\Users\K8\Desktop\spsetup116.exe
[2012/03/13 12:59:21 | 004,777,280 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\K8\Desktop\procexp.exe
[2012/03/13 09:43:49 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{A5A73FD4-1C01-4EDC-99EA-2B4B0AC905F4}
[2012/03/13 09:43:24 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{79F643F5-8168-4E44-A7E6-1F4A60AB322E}
[2012/03/12 21:43:05 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{B2A8EE76-3348-4C01-9F04-7DA9BF4ABA01}
[2012/03/12 21:42:41 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{BAC7D8A9-030E-4456-89FD-4CFA01921E59}
[2012/03/12 09:42:05 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{7FA454E0-DDC9-47D7-8DA9-88E568784BDC}
[2012/03/12 09:41:43 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{83930FD9-C1E1-4A07-AC11-416A5FEF9757}
[2012/03/11 20:26:09 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{462ADF03-7BED-4B88-A7E7-32AE32BA7831}
[2012/03/11 01:51:34 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{8D690F07-4C46-43F0-9979-2A99EC0C1777}
[2012/03/10 09:45:25 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{7FDD9154-D62A-442B-ABE4-6FB5F896E3BA}
[2012/03/10 09:44:50 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{4FD78E65-35D1-4CF2-A533-9A14ED4D19E6}
[2012/03/09 14:25:48 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{280FF1FA-9B39-4F08-8C3C-8BF032BE9935}
[2012/03/09 14:25:25 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{9E0F7CB8-AEA1-45FA-B202-76F8FCB9205A}
[2012/03/09 02:26:04 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{48619239-3BEE-4CE4-A782-8BB941F7E335}
[2012/03/08 12:30:01 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{AD38CA3E-A8F6-4AC8-A1F1-39FE009A4441}
[2012/03/08 12:29:38 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{8A81816F-7119-4C4D-95F5-7D0FAF6A27A9}
[2012/03/08 00:47:22 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{A6DD8305-5E46-4AAD-9E3B-6628AB5ABD01}
[2012/03/07 09:18:22 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{813B4952-1D71-49A1-A8CF-DC9ACF7489BA}
[2012/03/07 09:18:10 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{D6F62A6E-8D26-44D0-A6DD-5100408BADA0}
[2012/03/06 09:16:19 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{1272CA7D-71EF-476E-B8C0-0316E9F11A71}
[2012/03/06 09:15:50 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{0F60E7CC-02BA-4891-9FAE-9C4F8185326A}
[2012/03/05 20:58:16 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{A49B708A-0535-4D65-8D0E-9B205EC910AF}
[2012/03/05 20:57:46 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{2A4052F0-9D68-4948-B4D8-C62E3B6C8DE5}
[2012/03/05 08:56:24 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{24D32D5A-532A-4911-8BB0-00ABCABED92E}
[2012/03/05 08:56:03 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{FA661A30-AB71-4658-B24D-E5DFD51ABB97}
[2012/03/04 17:53:38 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{E0950AB2-6C74-4310-9187-E48AAA0AB36A}
[2012/03/04 17:53:20 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{67266656-D1FC-4241-949E-E30875E7F061}
[2012/03/03 22:50:38 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{736C2485-DBA6-4CBB-B00B-7C83BAB14B6E}
[2012/03/03 22:50:21 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{0E41A23D-D29C-41C9-A244-0FABDA5EFFE8}
[2012/03/03 10:19:17 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{3971B66B-816A-44E5-8A94-96F16DF778BC}
[2012/03/03 10:18:03 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{563C49D5-B08E-4CD0-A10D-090E3CD7C6BB}
[2012/03/02 08:53:27 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{ED4C9CE2-A130-4858-82B4-8C230949B487}
[2012/03/02 08:52:53 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{C7B769A3-AF5E-4A7A-90D4-27B813AB138C}
[2012/03/01 14:03:01 | 000,583,168 | ---- | C] (OldTimer Tools) -- C:\Users\K8\Desktop\OTL.scr
[2012/03/01 09:36:58 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{A5733EE5-1C10-4F69-9918-C149C1B8BAAC}
[2012/03/01 09:36:23 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{F7B170F8-7474-422F-8F09-4A388EE2BE0B}
[2012/02/29 09:29:29 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{AFB6F932-CADA-45AD-B731-660BA2C82485}
[2012/02/29 09:28:57 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{376C65B8-84C8-412F-9B6A-D15F2036BA3B}
[2012/02/28 12:25:36 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{05B52EC0-E401-4CAD-866D-0DC26D219AB4}
[2012/02/28 12:25:12 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{9076989A-3E6E-4F0D-A3B1-838727281789}
[2012/02/27 21:53:19 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{6F680A32-C17D-45DE-9489-1411E73FB8CA}
[2012/02/27 21:53:02 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{6BCDC0EE-C602-40E8-8002-4FA513AAAFCD}
[2012/02/27 09:51:56 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{F0F1467F-AEC5-4E91-BAFA-936C796D30A0}
[2012/02/27 09:51:18 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{56EE7F7B-891C-4671-BE21-189B3483E659}
[2012/02/26 10:42:41 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{29FBB378-DC9D-445F-8317-8E1BE49EBF74}
[2012/02/25 14:15:02 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{E883E01E-2F01-47B3-BCAF-A0E0F22A47B0}
[2012/02/25 14:14:31 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{FA8FFF6E-2FE9-4F4A-A0E3-4E896FB03B0B}
[2012/02/25 09:45:17 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{203EF71A-031D-4E64-9EA5-93CBFF72DDE3}
[2012/02/25 02:14:37 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{C30D40DC-F854-4EE8-BE11-554019DDCFD4}
[2012/02/24 11:03:15 | 000,000,000 | ---D | C] -- C:\Users\K8\Documents\cc Registry backups
[2012/02/24 09:20:51 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{9A830147-6413-4E9B-AB6F-7C90C77CA722}
[2012/02/24 09:20:26 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{5E8A8042-B900-439C-B229-E1E4B8DA92F5}
[2012/02/23 21:20:03 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{E6C5982D-46B9-4C36-8A7A-C80E16BF73E6}
[2012/02/23 21:19:40 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{926F2B66-5881-4326-BDB4-1F2219049B99}
[2012/02/23 09:17:45 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{5EC60E84-0F03-4ADD-BFFF-90A70A00311B}
[2012/02/23 09:17:10 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{2FF3368A-5B79-4944-B692-B5AD07E224E7}
[2012/02/22 11:33:25 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{06324FC1-78C7-4AE9-8ECE-5A18416D6A92}
[2012/02/22 11:33:01 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{28C25BD2-3D0C-48B5-9D50-B98E39357E26}
[2012/02/21 23:32:05 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{2ACA339A-BFAB-4759-B413-8990ACF85025}
[2012/02/21 23:31:33 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{ADFFA814-0FFA-4419-A526-45C30506CF40}
[2012/02/21 08:42:06 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{A28E5FE9-222F-4E38-906F-2363F213E406}
[2012/02/21 08:41:37 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{5F259D83-3159-4451-BB70-1942B3A0F49E}
[2012/02/20 18:35:21 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{1201B7A6-06A4-4FCA-B484-2C6875CFB311}
[2012/02/20 18:34:58 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{2BB84090-F544-4B61-B31C-9DCF3E59A9A6}
[2012/02/20 05:33:48 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{C2EB7565-B23A-44AE-9516-0761A0607842}
[2012/02/20 05:33:35 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{F766D916-F6C2-4D3C-A83A-4017ED07F7E1}
[2012/02/19 17:33:08 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{147D87E6-243D-402C-A3F7-3FEBCC1C0185}
[2012/02/19 17:32:43 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{E06859C3-547D-4346-B1CB-A5C20FFE82EA}
[2012/02/18 16:08:51 | 000,000,000 | ---D | C] -- C:\ProgramData\HardwareHelper
[2012/02/18 16:05:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/02/18 16:04:56 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\Conduit
[2012/02/18 11:54:04 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{E6EE3545-2A32-4A5B-BBAF-8AFF4840F2E7}
[2012/02/18 11:53:43 | 000,000,000 | ---D | C] -- C:\Users\K8\AppData\Local\{C7416BB4-44F4-4C4A-A233-484A79354DF1}
[2012/02/17 20:46:13 | 000,000,000 | ---D | C] -- C:\Users\K8\Documents\manuals
[2009/04/08 18:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/08/12 05:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll
[2008/05/22 16:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[1 C:\Users\K8\AppData\Local\*.tmp files -> C:\Users\K8\AppData\Local\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/03/18 16:30:01 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/18 16:20:16 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2012/03/18 16:20:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/18 13:30:02 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/18 11:50:13 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/18 11:50:13 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/18 11:00:51 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/03/18 10:17:20 | 3193,765,888 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/16 16:01:11 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/03/16 16:01:11 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/03/16 16:01:11 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/03/16 12:44:22 | 000,152,233 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2012/03/16 12:44:22 | 000,107,177 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2012/03/16 12:31:54 | 000,017,408 | ---- | M] () -- C:\Users\K8\AppData\Local\WebpageIcons.db
[2012/03/16 12:26:56 | 000,615,728 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012/03/15 03:33:08 | 000,472,392 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/03/13 15:28:21 | 000,061,440 | ---- | M] ( ) -- C:\Users\K8\Desktop\VEW.exe
[2012/03/13 13:20:00 | 000,000,798 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2012/03/13 13:16:51 | 004,485,448 | ---- | M] (Piriform Ltd) -- C:\Users\K8\Desktop\spsetup116.exe
[2012/03/13 13:00:06 | 004,777,280 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\K8\Desktop\procexp.exe
[2012/03/11 13:48:52 | 000,063,760 | ---- | M] (Trusteer Ltd.) -- C:\Windows\SysNative\drivers\RapportKE64.sys
[2012/03/05 14:42:18 | 000,014,557 | ---- | M] () -- C:\Users\K8\Documents\borocs%20facturesept2011.rtf_0.odt
[2012/03/03 15:55:23 | 000,050,542 | ---- | M] () -- C:\Users\K8\Desktop\Accounts KATE2011.ods
[2012/03/01 14:03:12 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Users\K8\Desktop\OTL.scr
[2012/02/18 21:57:01 | 000,008,704 | ---- | M] () -- C:\Users\K8\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/18 14:57:25 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[1 C:\Users\K8\AppData\Local\*.tmp files -> C:\Users\K8\AppData\Local\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/03/16 12:31:54 | 000,017,408 | ---- | C] () -- C:\Users\K8\AppData\Local\WebpageIcons.db
[2012/03/16 12:29:30 | 000,152,233 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2012/03/16 12:29:30 | 000,107,177 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2012/03/13 13:20:00 | 000,000,798 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2012/03/05 14:44:57 | 000,014,557 | ---- | C] () -- C:\Users\K8\Documents\borocs%20facturesept2011.rtf_0.odt
[2011/12/09 18:57:31 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\qttask.exe
[2011/06/19 13:42:16 | 000,007,604 | ---- | C] () -- C:\Users\K8\AppData\Local\Resmon.ResmonCfg
[2011/06/14 09:52:34 | 000,000,000 | ---- | C] () -- C:\Users\K8\AppData\Local\{F9F8B4B1-2DDA-4F07-98C9-F7E19911AE2F}
[2010/08/28 17:20:48 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2010/08/25 19:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/08/25 19:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/08/25 19:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/08/17 22:17:30 | 000,008,704 | ---- | C] () -- C:\Users\K8\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/03 09:57:15 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2010/04/03 09:36:34 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:AB689DEA

< End of report >