:Commands
[createrestorepoint]

:OTL
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll File not found

[2008/09/03 20:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll

O4 - HKCU..\Run: [ctfmon32.exe] c:\ProgramData\gwdb.dat (Microsoft Corporation)

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: efbfcafebeccad = C:\Users\saicoink\AppData\Local\6e526fb3-f185-47c6-afe5-140b57ec9c52ad\efbfcafebeccad.exe ()

O15 - HKCU\..Trusted Domains: java.com ([]http in Trusted sites)

[2013/06/25 03:55:14 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\rundll32.exe
[2013/06/15 19:01:01 | 000,000,000 | ---D | C] -- C:\Users\saicoink\AppData\Local\6e526fb3-f185-47c6-afe5-140b57ec9c52ad

[2013/06/25 04:15:27 | 095,023,320 | ---- | M] () -- C:\ProgramData\bdwg.pad
[2013/06/25 02:38:04 | 000,000,840 | ---- | M] () -- C:\Users\saicoink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
[2013/06/24 20:25:55 | 000,002,630 | ---- | M] () -- C:\ProgramData\bdwg.js
[2013/06/17 00:30:01 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\vlcplayer.exe
[2013/06/17 00:30:00 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\teamviewer.exe
[2013/06/17 00:30:00 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\flashplayer.exe
[2013/06/17 00:11:07 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\chrome.exe
[2013/06/17 00:11:07 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\acrobatreader.exe
[2013/06/15 19:00:56 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\notepad.exe
[2013/06/15 19:00:56 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\jucheck.exe
[2013/06/15 19:00:55 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\acrobat.exe
[2013/06/15 19:00:54 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\mstsc.exe
[2013/06/15 19:00:54 | 000,000,000 | ---- | M] () -- C:\Users\saicoink\icq.exe

@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:30FD0CBD
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:8CE646EE