Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Phantom files!

Started by Luka Patterson , Feb 23 2012 12:33 AM

  • Please log in to reply

#1
Luka Patterson
Posted 23 February 2012 - 12:33 AM

Luka Patterson

    New Member

  • Member
  • Pip
  • 8 posts
Crossposting http://www.geekstogo...pparent-reason/

"Hello! This is my first post in a while, so I'll head straight to the point:
Yesterday everything was fine, today everything is not fine.

My music is all gone! Yesterday, it was there and I was able to listen to it as much as I please but today when I ran iTunes and selected a song to play, it came up with the 'unable to locate' error message, when I tried manually navigating to it there was nothing there: the folder is there and when I right click and check properties it says that there is a total of 59.7gb in my root music folder but inside each individual folder there is absolutely nothing. I have my computer set to show hidden files and I've tried running a program called unhider but both have shown no positive effects.
Can anybody lend me a hand?
(and/or redirect my thread to a more appropriate board)
Cheers,

Luka

If it matters, I just replaced my HD5770 with a HD6850 this morning but that might just be a coincidence.

#Edit;
I've also attempted a system restore (to no objective success) "

Here's the OTL results, thanks in advance to anybody who helps out

_________________________________________________________________________________________________________________________________________________






OTL logfile created on: 23/02/2012 2:33:14 PM - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Luka\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

8.00 Gb Total Physical Memory | 5.30 Gb Available Physical Memory | 66.24% Memory free
15.99 Gb Paging File | 12.88 Gb Available in Paging File | 80.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 389.88 Gb Free Space | 41.86% Space Free | Partition Type: NTFS

Computer Name: LUKA-PC | User Name: Luka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/23 14:33:02 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Luka\Downloads\OTL.exe
PRC - [2011/11/01 23:25:58 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2011/10/30 08:14:04 | 000,929,792 | ---- | M] (Ray Adams) -- C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray.exe
PRC - [2011/10/21 20:32:02 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011/09/30 01:59:21 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2009/10/21 15:12:50 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009/08/06 16:51:20 | 000,065,536 | R--- | M] () -- C:\Windows\SysWOW64\XSrvSetup.exe
PRC - [2009/02/06 15:23:36 | 000,727,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/23 14:27:58 | 014,415,144 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/02/23 14:27:58 | 000,857,896 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/02/23 14:27:57 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2012/02/23 14:27:57 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2012/02/23 14:27:57 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2012/02/15 16:03:36 | 000,429,040 | ---- | M] () -- C:\Users\Luka\AppData\Local\Google\Chrome\Application\17.0.963.56\ppgooglenaclpluginchrome.dll
MOD - [2012/02/15 16:03:34 | 003,772,912 | ---- | M] () -- C:\Users\Luka\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll
MOD - [2012/02/15 16:02:10 | 000,122,880 | ---- | M] () -- C:\Users\Luka\AppData\Local\Google\Chrome\Application\17.0.963.56\avutil-51.dll
MOD - [2012/02/15 16:02:08 | 000,220,672 | ---- | M] () -- C:\Users\Luka\AppData\Local\Google\Chrome\Application\17.0.963.56\avformat-53.dll
MOD - [2012/02/15 16:02:07 | 001,747,456 | ---- | M] () -- C:\Users\Luka\AppData\Local\Google\Chrome\Application\17.0.963.56\avcodec-53.dll
MOD - [2012/02/15 13:00:24 | 008,593,568 | ---- | M] () -- C:\Users\Luka\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/10/30 08:12:56 | 000,187,392 | ---- | M] () -- C:\Program Files (x86)\Ray Adams\ATI Tray Tools\raphook.dll
MOD - [2011/07/15 03:01:59 | 000,958,976 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-53.dll
MOD - [2011/07/15 03:01:59 | 000,132,096 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-51.dll
MOD - [2011/07/15 03:01:58 | 007,006,208 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-53.dll
MOD - [2011/07/15 03:01:58 | 000,239,616 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-0.dll
MOD - [2010/01/21 02:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 21:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2008/04/12 03:33:18 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Ray Adams\ATI Tray Tools\plugins\mg_intelcpu.dll
MOD - [2008/04/10 03:08:46 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Ray Adams\ATI Tray Tools\plugins\mg_amdcore.dll
MOD - [2007/09/15 02:35:34 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Ray Adams\ATI Tray Tools\plugins\mg_cpuload.dll
MOD - [2007/03/07 23:26:34 | 000,077,824 | ---- | M] () -- C:\Program Files (x86)\Ray Adams\ATI Tray Tools\support.dll
MOD - [2007/03/07 23:25:26 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Ray Adams\ATI Tray Tools\kbdhook.dll
MOD - [2007/01/04 07:09:46 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Ray Adams\ATI Tray Tools\plugins\mg_xvlt.dll
MOD - [2006/12/27 04:53:28 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Ray Adams\ATI Tray Tools\plugins\mg_hdddtemp.dll
MOD - [2006/12/25 20:02:24 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Ray Adams\ATI Tray Tools\plugins\mongraphsexample.dll
MOD - [2006/08/24 13:17:52 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\Messenger Plus! Live\Detoured.dll
MOD - [2005/11/30 04:38:20 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Ray Adams\ATI Tray Tools\plugins\hddtemp.dll
MOD - [2005/11/30 04:34:38 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Ray Adams\ATI Tray Tools\plugins\pciset.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/12/06 14:11:56 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/08/28 06:16:32 | 000,094,992 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2009/07/14 12:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 12:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/02/06 15:27:10 | 000,023,296 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2009/02/06 15:23:36 | 000,727,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV - [2012/02/11 12:57:12 | 003,340,064 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll -- (Akamai)
SRV - [2012/02/08 09:08:43 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2011/12/29 20:19:06 | 000,017,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Overwolf\\OverwolfUpdater.exe -- (OverwolfUpdaterService)
SRV - [2011/12/08 15:07:16 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/09/30 01:59:21 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/08/15 17:18:12 | 002,329,480 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/04/16 13:25:01 | 000,129,856 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe -- (Desura Install Service)
SRV - [2010/08/30 09:29:58 | 003,893,752 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010/08/27 23:39:17 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/26 04:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/06 16:51:20 | 000,065,536 | R--- | M] () [Auto | Running] -- C:\Windows\SysWOW64\XSrvSetup.exe -- (JMB36X)
SRV - [2009/06/11 08:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/06/16 00:40:40 | 000,049,152 | ---- | M] (Avid Technology, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\AvidSDMService.exe -- (AvidSDMService)
SRV - [2007/06/16 00:40:12 | 001,536,000 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\AvidStartup.exe -- (AvidStartup)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/12/06 14:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011/12/06 14:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/12/06 13:12:14 | 000,327,168 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/10/18 04:40:50 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/10/08 20:53:14 | 000,066,728 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm) Virtual Audio Cable (WDM)
DRV:64bit: - [2011/08/28 06:16:30 | 000,156,288 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2011/05/10 09:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 17:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 17:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/07/27 20:13:58 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2010/07/09 14:19:02 | 000,021,480 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:64bit: - [2010/06/26 04:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010/06/23 19:36:33 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/03/01 11:35:20 | 000,020,520 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2009/12/01 15:49:52 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009/11/27 20:45:06 | 000,295,424 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/11/09 14:28:08 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2009/10/29 19:14:38 | 000,115,824 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009/10/27 02:19:48 | 000,176,640 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2009/10/27 02:19:46 | 000,075,264 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/10/01 01:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/07/14 12:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 12:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 12:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 12:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 07:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/11 07:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 07:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 07:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 07:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009/02/06 15:24:48 | 000,044,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2009/02/06 15:24:44 | 000,033,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2009/02/06 15:24:42 | 000,163,400 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2009/02/06 15:23:20 | 000,132,464 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2009/02/06 15:19:56 | 000,141,728 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamon.sys -- (eamon)
DRV:64bit: - [2008/07/31 13:27:14 | 000,792,576 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV - [2009/07/14 12:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007/06/16 01:30:08 | 000,056,832 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\AvidXPSerial.sys -- (Serial)
DRV - [2007/06/15 23:26:18 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\aspi32.sys -- (Aspi32)
DRV - [2005/01/02 14:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D9 E9 7A E4 96 93 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:5.0.31.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {43c35458-c907-439b-bcfd-07d373834689}:2.2.1
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.1.1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.8.0.8855
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@hanbiton.com/HbsMozillaLauncher: C:\ProgramData\hanbitsoft\nphlauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Luka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Luka\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Luka\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Luka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@us-w1.rockmelt.com/RockMelt Update;version=8: C:\Users\Luka\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll (RockMelt Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.26\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/10 20:09:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.26\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/02/10 20:09:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/08/22 08:02:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010/07/27 20:23:47 | 000,000,000 | ---D | M]

[2010/06/10 19:01:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luka\AppData\Roaming\Mozilla\Extensions
[2012/02/13 20:54:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luka\AppData\Roaming\Mozilla\Firefox\Profiles\me41t9rb.default\extensions
[2010/08/04 22:00:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luka\AppData\Roaming\Mozilla\Firefox\Profiles\me41t9rb.default\extensions\{43c35458-c907-439b-bcfd-07d373834689}
[2011/02/14 16:45:10 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Luka\AppData\Roaming\Mozilla\Firefox\Profiles\me41t9rb.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2010/09/23 19:47:27 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\Luka\AppData\Roaming\Mozilla\Firefox\Profiles\me41t9rb.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2010/08/04 21:59:41 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Luka\AppData\Roaming\Mozilla\Firefox\Profiles\me41t9rb.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/03/05 10:40:31 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Luka\AppData\Roaming\Mozilla\Firefox\Profiles\me41t9rb.default\extensions\[email protected]
[2012/02/13 20:54:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/01/12 18:22:35 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/07/12 15:39:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/03/16 16:08:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/05/30 21:51:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/11/12 11:05:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/03/30 13:57:04 | 000,098,304 | ---- | M] (NHN USA Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
[2011/07/12 08:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Luka\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Luka\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Luka\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Luka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.53.2_0\npBP4FUpdater.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Luka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.53.2_0\BP4FUpdater.exe
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: ijji Auto Install Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: O3D Plugin (Enabled) = C:\Users\Luka\AppData\Roaming\Mozilla\plugins\npo3dautoplugin.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files (x86)\DNA\plugins\npbtdna.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Luka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Luka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: RockMelt Update (Enabled) = C:\Users\Luka\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: FB Chat Sidebar Disabler = C:\Users\Luka\AppData\Local\Google\Chrome\User Data\Default\Extensions\beeidigicffecnkbanlfnmaplmkafdje\2.4.4.1_0\
CHR - Extension: YouTube = C:\Users\Luka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Luka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Google Search = C:\Users\Luka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Battlefield Play4Free = C:\Users\Luka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.53.2_0\
CHR - Extension: imgur = C:\Users\Luka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehoopddfhgaehhmphfcooacjdpmbjlao\1.0.5_0\
CHR - Extension: DoodleHelper = C:\Users\Luka\AppData\Local\Google\Chrome\User Data\Default\Extensions\igcjgopahfdpnlepbjbcdhfmndbpmdma\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\Luka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.8.0.8855_0\
CHR - Extension: GET = C:\Users\Luka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nggahkahccmfofmgojdioepehmiccgnf\1.0_1\
CHR - Extension: 4chan Plus = C:\Users\Luka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinelipedelckihohgdlpcclgocodhjj\2.3.9_0\
CHR - Extension: Gmail = C:\Users\Luka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/02/19 00:05:37 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TNOD UP] "C:\Program Files (x86)\TNod User & Password Finder\TNODUP.exe" /i File not found
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [svcdotnet] C:\Windows\svcdotnet\svcdotnet.exe ()
O4 - HKCU..\Run: [AtiTrayTools] C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray.exe (Ray Adams)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Luka\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0133B738-B11A-4262-AADE-A6C1C191D2DA}: DhcpNameServer = 10.0.0.138 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{171F15BD-85E0-4627-B639-3EABA3435D65}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B479796-E116-4EA5-8FC5-493503494E9E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8CEC2182-87B0-46D9-8BD1-F98F4ECD16DA}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E1F4A30-1D50-4773-B854-45354372AC95}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AD5753A2-1DE9-4343-91BC-C4D2876B498A}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Overwolf\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/13 22:44:48 | 000,000,000 | ---D | M] - C:\Autorun -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/23 14:17:20 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{A7241389-B689-4276-9321-466B35C59DE0}
[2012/02/22 23:59:20 | 000,000,000 | ---D | C] -- C:\DOTA 2
[2012/02/22 23:58:26 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\Nem's Tools
[2012/02/22 23:58:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nem's Tools
[2012/02/22 23:58:22 | 000,000,000 | ---D | C] -- C:\Program Files\Nem's Tools
[2012/02/22 23:57:59 | 000,561,878 | ---- | C] (Ryan Gregg ) -- C:\Users\Luka\Desktop\gcfscape182.exe
[2012/02/22 22:36:22 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{D5968179-B88F-467C-90A1-506C4AC1EB5D}
[2012/02/22 22:35:59 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{4F076961-F0A9-458B-AEF4-BC061377634A}
[2012/02/22 10:35:33 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{B46D750C-95AA-41DB-A575-02BAF00BCBD8}
[2012/02/22 10:35:10 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{68367F57-B3EA-4BCC-B924-075062768241}
[2012/02/22 00:13:51 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Roaming\RotMG.Production
[2012/02/21 22:34:43 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{AB756DC3-5970-4C8D-AEC3-90CCC50D0E70}
[2012/02/21 10:33:52 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{4C4CA650-C553-4EAF-8EEF-60CCC10604B0}
[2012/02/21 10:33:19 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{1A583989-E80D-43E8-B2B7-4D82BD2ABEF3}
[2012/02/20 17:08:55 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{875C8CD5-43FF-47FD-90B6-E5965E7D67C6}
[2012/02/20 17:08:32 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{6502CBFE-416F-4FED-AFBF-B8D9B591AB9B}
[2012/02/20 16:49:44 | 000,000,000 | ---D | C] -- C:\Riot Games
[2012/02/20 16:49:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2012/02/20 08:27:03 | 000,000,000 | ---D | C] -- C:\Users\Luka\Desktop\LeagueOfLegends
[2012/02/20 00:04:38 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{E2273D9A-5182-4882-95FB-31332A0A226E}
[2012/02/20 00:04:16 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{2FEEAA7E-6F2E-4AD9-A81B-1B332A9D7B7F}
[2012/02/19 12:03:49 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{72BF72DF-C936-4653-A951-087A560B9F54}
[2012/02/19 12:03:26 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{BC57A069-DB52-4896-A6F3-16C90F861215}
[2012/02/19 00:32:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/02/19 00:23:04 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/02/18 23:47:47 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/02/18 23:47:47 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/02/18 23:47:47 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/02/18 23:47:43 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/02/18 23:47:39 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/18 22:08:15 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{6B32AC29-F2F7-42B5-A26E-B7C934F6A26D}
[2012/02/18 22:08:01 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{09FAE6F9-84E4-4AC4-ADE9-8624319EBCA3}
[2012/02/18 16:06:24 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012/02/18 16:06:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2012/02/18 15:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/02/18 15:17:10 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012/02/18 14:31:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phyxion.net
[2012/02/18 14:31:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Phyxion.net
[2012/02/18 11:23:27 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{C8F1F4A5-4BFA-4070-A98F-91A59B3B6ACD}
[2012/02/18 11:22:53 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{C3FE52F5-9C78-442B-B9D7-036ED1ED25CD}
[2012/02/17 19:57:12 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{24FEFD5C-8BDB-4B2F-B21E-2131930BC124}
[2012/02/17 19:56:46 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{040FD991-D15C-4165-AE7D-20D811993B20}
[2012/02/17 07:55:24 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{14A4E51A-A54E-4DD1-BDC1-544FF33E7231}
[2012/02/17 07:55:04 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{ADA01BEC-7436-4BD8-870D-DEFB98113E52}
[2012/02/16 19:47:29 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{FC8670C2-5BED-49B3-981D-E2BC64A33C92}
[2012/02/16 19:47:06 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{5FFFFE01-94AD-4389-B039-38D045A4076A}
[2012/02/16 07:46:28 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{E55E434B-F0C0-444D-A03D-26B9B8A62FD1}
[2012/02/16 07:46:13 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{0B0F596E-9119-4789-8691-6F98E7FBDF8E}
[2012/02/15 15:25:22 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{2EBE3796-7329-42FF-A9E8-21B7FD5B0F9C}
[2012/02/15 15:25:06 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{6DFF987B-E3BC-424B-BD6D-AEBD380CFFD8}
[2012/02/14 20:41:28 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{42A1DC01-436A-4523-B3A3-537BFF09FFDB}
[2012/02/14 20:41:05 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{738D836E-2875-477A-B10D-3C7505EB0EEC}
[2012/02/14 08:40:04 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{C4C2B6BD-0AE7-482D-8435-47AC40E4486D}
[2012/02/14 08:39:26 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{AE750CDA-16F5-4EC8-BCBC-B89AA9051B4F}
[2012/02/13 19:59:47 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{76C05723-98BD-4417-9E4B-E3F22BB6E9F8}
[2012/02/13 19:59:24 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{4BAC6B05-6F55-45D0-82C5-AEB032660612}
[2012/02/13 19:50:59 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{A0827B12-BD75-4CEB-A7F3-27E08D2DC613}
[2012/02/13 19:50:36 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{21FABE76-2503-4679-B9CA-FA873F621884}
[2012/02/13 07:49:54 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{A878BC9B-CA14-48D5-A9C2-613F569BBA19}
[2012/02/13 07:49:26 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{FDD7395E-0E17-4419-94F8-6D58FBCB646E}
[2012/02/12 13:00:17 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{76AA4772-DE47-43DF-A3DD-245188C0A9DD}
[2012/02/12 12:59:53 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{0F1D743F-43D0-40F1-A48D-233F83322D01}
[2012/02/12 00:59:22 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{9003E202-88A1-48BD-8FC8-851391AAACF9}
[2012/02/12 00:58:59 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{5F7E6B53-FDB5-4D11-9D6E-85A2F4610F41}
[2012/02/11 12:58:40 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{8156E672-5E2F-4724-AD19-544D5ECBFE54}
[2012/02/11 12:58:23 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{4F22FA71-EDEE-4E75-AB5B-1FE4CAC343E3}
[2012/02/11 00:47:38 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{8CADCDEA-FD92-45AD-9A76-F353F02F9A43}
[2012/02/11 00:47:16 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{6EECFDC9-B505-4CE4-8E09-E3AD4ECF24F7}
[2012/02/10 13:00:06 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Roaming\Wireshark
[2012/02/10 12:55:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2012/02/10 12:55:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2012/02/10 12:55:13 | 000,000,000 | ---D | C] -- C:\Program Files\Wireshark
[2012/02/10 07:50:16 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{72B0CAD1-E695-4CAD-91E5-2B018B4D220A}
[2012/02/10 07:49:56 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{43AF3838-8680-41CB-93BD-1191CD3930C1}
[2012/02/09 18:38:38 | 000,000,000 | ---D | C] -- C:\Users\Luka\Documents\Dose Files
[2012/02/09 14:05:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\id Software
[2012/02/09 14:05:42 | 000,000,000 | ---D | C] -- C:\ProgramData\id Software
[2012/02/09 13:15:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LucasArts
[2012/02/09 12:47:19 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{C677AC0E-83ED-4FE2-B29E-74D9A9887428}
[2012/02/09 12:47:03 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{FDEDA159-D256-471B-883C-788AEA2BFD0A}
[2012/02/08 19:56:22 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{D60503B2-5446-4754-87AC-D5D94AF92E67}
[2012/02/08 19:55:59 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{941D0DBF-24D4-4954-A922-945ED99A4C92}
[2012/02/08 08:14:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012/02/08 08:14:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012/02/08 07:55:33 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{ABE87E25-E60A-491B-AAFE-5C40715D62FD}
[2012/02/08 07:55:11 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{DACD8E51-71B0-4654-BB40-E51A3687D153}
[2012/02/07 19:54:45 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{EB0AC3DE-5313-4292-A1D4-2A8F29EBA01A}
[2012/02/07 19:54:22 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{F23DC07E-F085-4C45-A416-0219863E2417}
[2012/02/07 07:53:23 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{B20526D7-5700-4BC4-B819-ABBD3F5D6C87}
[2012/02/07 07:53:07 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{071B27CF-DBCB-4ED2-914B-CBAA25B46854}
[2012/02/06 17:39:15 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{4C383C9D-1165-4EFC-83A9-83A09D16E0F7}
[2012/02/06 17:38:46 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{11B26521-4A4F-49F5-A83C-101FB226FA24}
[2012/02/05 21:44:38 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{A6A229D8-A1B6-4536-9C66-DB504315891B}
[2012/02/05 21:44:15 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{93DBD003-7311-405C-AB4F-82368EA1306E}
[2012/02/05 09:43:27 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{8C882D78-22CF-4AC2-87C0-A8F3B6CB6C5D}
[2012/02/05 09:42:58 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{1B8F66D1-6F76-41E2-B616-7469A50802D2}
[2012/02/04 15:30:05 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{3C9D2390-9C71-487E-9EF8-F492D89CF853}
[2012/02/04 15:29:43 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{7411C1D2-5B94-49F5-AE67-35F2A53B8C95}
[2012/02/04 03:29:17 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{D8B6E94B-AECD-4002-AF63-D667A94FCB5B}
[2012/02/03 15:28:37 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{62787E1A-9AFC-46CC-8A8A-C6D815AB6D34}
[2012/02/03 15:28:13 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{6205B418-C3F7-437B-BA2E-A88DA402F5EF}
[2012/02/03 02:17:30 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{1D9ED4ED-E5FF-45B1-8E08-881344E7353C}
[2012/02/03 02:17:04 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{665AFF66-0873-418D-96D8-D895D3273FCD}
[2012/02/02 14:16:51 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{0342AEB2-8AED-4143-BDE2-3616DE5C2ADD}
[2012/02/02 14:16:28 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{6BE5C250-CF78-4806-865E-348B58FB4AFE}
[2012/02/02 13:18:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameForge
[2012/02/02 13:18:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GameForge
[2012/02/02 13:18:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gameforge4D
[2012/02/02 02:16:00 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{7597ADC8-E74E-4908-93C2-61E5FF4C8801}
[2012/02/02 02:15:33 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{20CC3053-0497-401B-B9FF-0E5D5AE87EA0}
[2012/02/01 14:40:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T3Fun
[2012/02/01 14:38:33 | 000,000,000 | ---D | C] -- C:\T3Fun
[2012/02/01 14:15:06 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{4EB8332E-EC34-4F49-8B0F-6FF859DB375D}
[2012/02/01 14:14:43 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{F8D3D436-71B4-429C-972F-C1D89BE9B221}
[2012/02/01 02:14:17 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{35325C1C-FB36-4857-A5AF-D897B24B2857}
[2012/01/31 14:13:28 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{B93433C0-BC5F-498B-9E32-722856F63F77}
[2012/01/31 14:12:50 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{39FED795-2B4A-48F9-A830-46B514890566}
[2012/01/31 01:49:23 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{B39FCA5C-C71F-4708-A5AA-5FCAC8EFBE3C}
[2012/01/31 01:49:00 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{9BE947B0-AC50-4998-BE7B-9B66308D99CE}
[2012/01/30 21:06:53 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxis
[2012/01/30 21:06:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxis
[2012/01/30 13:48:41 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{2B82B3AC-7D0D-46DF-BF77-458A9A8B828A}
[2012/01/30 13:48:11 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{F445D5A6-E6F9-4E16-8256-6723C9CE5507}
[2012/01/30 01:47:43 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{E8C657B9-CD09-44CC-9651-C183F10A595A}
[2012/01/30 01:47:20 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{88F66D30-403A-4B4D-B26C-85457321B3B5}
[2012/01/29 13:46:45 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{BC3FBDFE-A50A-4CD7-96B1-BE4F99323CA4}
[2012/01/29 13:46:29 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{077AFDA7-C08B-42DE-9B90-79E6E43ADC2F}
[2012/01/28 15:18:19 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{4418107D-1CDB-430E-8F05-1FA30E38997E}
[2012/01/28 15:17:56 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{0BE9CEC0-09C8-436D-BF6E-B40DC91FD901}
[2012/01/28 03:17:29 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{C291194A-A550-4E5A-95E9-51F8D9953A59}
[2012/01/28 03:17:06 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{47E44E95-4EDE-4F16-A82C-7FCBC316C8E1}
[2012/01/27 15:16:36 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{7032323C-AAEB-4AD8-AAC0-F35A2E97E265}
[2012/01/27 15:16:07 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{6CF92C5E-AF9F-46E1-8985-D378BC44E63A}
[2012/01/27 02:10:36 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RockMelt
[2012/01/26 22:21:30 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{9D8BF4E5-21F5-4557-A65A-A738034269DD}
[2012/01/26 10:20:48 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{C29C7987-D95B-4246-84E6-C4EFD19778AE}
[2012/01/26 10:20:32 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{B2692672-4B5C-4C9D-8EA6-77D3DF311351}
[2012/01/25 14:59:07 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{9A62C6AE-392E-4AF2-8622-6F9EF123C8E7}
[2012/01/25 14:58:33 | 000,000,000 | ---D | C] -- C:\Users\Luka\AppData\Local\{BFD6A790-FA90-4CD8-AD3C-92CDBD99339A}
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Luka\AppData\Local\*.tmp files -> C:\Users\Luka\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/23 14:38:03 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2279249268-2734133613-1878461060-1000UA.job
[2012/02/23 14:37:02 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2279249268-2734133613-1878461060-1000UA.job
[2012/02/23 14:37:02 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2279249268-2734133613-1878461060-1000Core.job
[2012/02/23 14:23:27 | 000,017,360 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/23 14:23:27 | 000,017,360 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/23 14:16:24 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/23 14:16:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/23 14:16:13 | 2143,936,511 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/23 14:14:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-2279249268-2734133613-1878461060-1000UA.job
[2012/02/23 13:40:01 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/23 07:53:24 | 000,461,570 | ---- | M] () -- C:\ProgramData\svcdotnet.inc
[2012/02/22 23:58:09 | 000,561,878 | ---- | M] (Ryan Gregg ) -- C:\Users\Luka\Desktop\gcfscape182.exe
[2012/02/22 23:21:54 | 000,091,164 | ---- | M] () -- C:\Users\Luka\Desktop\1329913275209.jpg
[2012/02/22 17:38:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2279249268-2734133613-1878461060-1000Core.job
[2012/02/21 22:34:01 | 000,002,651 | ---- | M] () -- C:\Users\Luka\Desktop\1329805636862.jpg
[2012/02/21 11:53:22 | 000,002,114 | ---- | M] () -- C:\Users\Luka\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2012/02/20 18:54:14 | 001,092,161 | ---- | M] () -- C:\Users\Luka\Desktop\ROSENTHAL.png
[2012/02/20 18:51:50 | 000,162,875 | ---- | M] () -- C:\Users\Luka\Desktop\ROSENTHAL.JPG
[2012/02/20 16:55:59 | 000,001,722 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2012/02/20 07:56:09 | 000,001,441 | ---- | M] () -- C:\Users\Luka\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/20 00:30:45 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/02/20 00:30:45 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/02/19 23:45:05 | 000,160,358 | ---- | M] () -- C:\Users\Luka\Desktop\pragman gives himself up to save gotham.jpg
[2012/02/19 23:44:14 | 000,095,827 | ---- | M] () -- C:\Users\Luka\Desktop\aboriginals_1906.jpg
[2012/02/19 23:42:40 | 000,081,938 | ---- | M] () -- C:\Users\Luka\Desktop\eodt.jpg
[2012/02/19 23:31:46 | 000,040,343 | ---- | M] () -- C:\Users\Luka\Desktop\australia-aborigines-460.jpg
[2012/02/19 23:28:34 | 000,322,478 | ---- | M] () -- C:\Users\Luka\Desktop\legless prag vj.png
[2012/02/19 23:28:21 | 000,325,226 | ---- | M] () -- C:\Users\Luka\Desktop\prag VJ.png
[2012/02/19 23:22:02 | 000,056,483 | ---- | M] () -- C:\Users\Luka\Desktop\zoom_PTL0378WQ.jpg
[2012/02/19 23:17:49 | 000,781,119 | ---- | M] () -- C:\Users\Luka\Desktop\222.png
[2012/02/19 23:16:29 | 000,786,252 | ---- | M] () -- C:\Users\Luka\Desktop\pragman berlin.png
[2012/02/19 23:13:58 | 000,141,036 | ---- | M] () -- C:\Users\Luka\Desktop\Reichstag.jpg
[2012/02/19 00:31:40 | 003,091,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/02/19 00:29:50 | 661,402,050 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/02/19 00:26:36 | 000,802,176 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/02/19 00:26:36 | 000,663,822 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/02/19 00:26:36 | 000,125,952 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/02/19 00:05:37 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/02/18 22:51:48 | 000,684,297 | ---- | M] () -- C:\Users\Luka\Desktop\unhide.exe
[2012/02/15 19:24:43 | 155,387,341 | ---- | M] () -- C:\Users\Luka\Desktop\12-1_vista_win7_64_dd_ccc_634635434694749656.zip
[2012/02/13 22:55:55 | 005,554,481 | ---- | M] () -- C:\Users\Luka\Desktop\Admiral_Fallow-Beetle_In_The_Box.zip
[2012/02/13 20:31:22 | 000,200,800 | ---- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/02/12 02:14:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-2279249268-2734133613-1878461060-1000Core.job
[2012/02/10 12:55:25 | 000,001,553 | ---- | M] () -- C:\Users\Luka\Application Data\Microsoft\Internet Explorer\Quick Launch\Wireshark.lnk
[2012/02/09 18:20:08 | 000,043,320 | ---- | M] () -- C:\Users\Luka\Desktop\1328771834396.jpg
[2012/02/03 22:38:44 | 000,086,755 | ---- | M] () -- C:\Users\Luka\Desktop\pragman.png
[2012/02/02 01:19:38 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/02/02 01:19:38 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/01/31 20:51:36 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Luka\AppData\Local\*.tmp files -> C:\Users\Luka\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/22 23:21:57 | 000,091,164 | ---- | C] () -- C:\Users\Luka\Desktop\1329913275209.jpg
[2012/02/21 22:34:05 | 000,002,651 | ---- | C] () -- C:\Users\Luka\Desktop\1329805636862.jpg
[2012/02/20 18:54:07 | 001,092,161 | ---- | C] () -- C:\Users\Luka\Desktop\ROSENTHAL.png
[2012/02/20 18:51:55 | 000,162,875 | ---- | C] () -- C:\Users\Luka\Desktop\ROSENTHAL.JPG
[2012/02/20 16:55:59 | 000,001,722 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2012/02/20 00:30:45 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/02/20 00:30:45 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/02/19 23:45:05 | 000,160,358 | ---- | C] () -- C:\Users\Luka\Desktop\pragman gives himself up to save gotham.jpg
[2012/02/19 23:44:16 | 000,095,827 | ---- | C] () -- C:\Users\Luka\Desktop\aboriginals_1906.jpg
[2012/02/19 23:42:39 | 000,081,938 | ---- | C] () -- C:\Users\Luka\Desktop\eodt.jpg
[2012/02/19 23:31:48 | 000,040,343 | ---- | C] () -- C:\Users\Luka\Desktop\australia-aborigines-460.jpg
[2012/02/19 23:28:31 | 000,322,478 | ---- | C] () -- C:\Users\Luka\Desktop\legless prag vj.png
[2012/02/19 23:28:18 | 000,325,226 | ---- | C] () -- C:\Users\Luka\Desktop\prag VJ.png
[2012/02/19 23:22:04 | 000,056,483 | ---- | C] () -- C:\Users\Luka\Desktop\zoom_PTL0378WQ.jpg
[2012/02/19 23:17:45 | 000,781,119 | ---- | C] () -- C:\Users\Luka\Desktop\222.png
[2012/02/19 23:16:25 | 000,786,252 | ---- | C] () -- C:\Users\Luka\Desktop\pragman berlin.png
[2012/02/19 23:14:02 | 000,141,036 | ---- | C] () -- C:\Users\Luka\Desktop\Reichstag.jpg
[2012/02/19 00:29:50 | 661,402,050 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/02/18 23:47:47 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/02/18 23:47:47 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/02/18 23:47:47 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/02/18 23:47:47 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/02/18 23:47:47 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/02/18 23:30:23 | 000,684,297 | ---- | C] () -- C:\Users\Luka\Desktop\unhide.exe
[2012/02/15 18:54:47 | 155,387,341 | ---- | C] () -- C:\Users\Luka\Desktop\12-1_vista_win7_64_dd_ccc_634635434694749656.zip
[2012/02/13 22:54:32 | 005,554,481 | ---- | C] () -- C:\Users\Luka\Desktop\Admiral_Fallow-Beetle_In_The_Box.zip
[2012/02/12 13:04:25 | 000,008,341 | ---- | C] () -- C:\Users\Luka\Desktop\1327039271892.png
[2012/02/10 12:55:25 | 000,001,553 | ---- | C] () -- C:\Users\Luka\Application Data\Microsoft\Internet Explorer\Quick Launch\Wireshark.lnk
[2012/02/10 12:55:25 | 000,001,541 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
[2012/02/09 18:20:11 | 000,043,320 | ---- | C] () -- C:\Users\Luka\Desktop\1328771834396.jpg
[2012/02/03 22:37:11 | 000,086,755 | ---- | C] () -- C:\Users\Luka\Desktop\pragman.png
[2012/01/28 02:11:52 | 000,001,845 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 11.61 1250.lnk
[2012/01/27 02:09:07 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-2279249268-2734133613-1878461060-1000UA.job
[2012/01/27 02:09:07 | 000,000,872 | ---- | C] () -- C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-2279249268-2734133613-1878461060-1000Core.job
[2011/12/05 22:04:00 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/12/05 22:03:52 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/12/04 12:34:33 | 000,000,278 | ---- | C] () -- C:\Windows\SysWow64\msexcr.ini
[2011/11/10 13:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011/11/10 13:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/11/05 11:18:24 | 000,000,000 | ---- | C] () -- C:\Users\Luka\AppData\Local\{3385AF69-8F5A-48C1-9E15-B55DB4398F35}
[2011/09/25 20:43:23 | 000,004,122 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2011/09/13 10:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/09/09 22:46:47 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011/06/28 09:20:36 | 000,461,570 | ---- | C] () -- C:\ProgramData\svcdotnet.inc
[2011/06/28 09:20:28 | 000,000,012 | ---- | C] () -- C:\ProgramData\svcdotnet.cfg
[2011/06/06 23:20:31 | 000,200,800 | ---- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/05/26 17:56:31 | 000,004,608 | ---- | C] () -- C:\Users\Luka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/18 00:52:31 | 006,904,040 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2011/05/18 00:52:31 | 000,017,857 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2011/04/29 00:23:30 | 000,066,936 | -HS- | C] () -- C:\Windows\dlinfo_0.drv
[2011/04/29 00:22:26 | 000,086,528 | ---- | C] () -- C:\Windows\bnetunin.exe
[2011/04/29 00:22:26 | 000,061,440 | ---- | C] () -- C:\Windows\diabunin.exe
[2011/04/28 11:29:44 | 000,000,000 | ---- | C] () -- C:\Users\Luka\AppData\Local\{4DF8455B-618C-4AD1-8D8F-CC4A04544B21}
[2011/04/09 19:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/04/09 15:53:49 | 000,473,600 | ---- | C] () -- C:\Windows\SysWow64\Harmony.dll
[2011/04/09 15:53:49 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\Unlha32.dll
[2011/04/09 15:53:49 | 000,087,040 | ---- | C] () -- C:\Windows\UnGins.exe
[2011/01/19 16:30:50 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/01/02 19:24:38 | 000,000,092 | ---- | C] () -- C:\Users\Luka\AppData\Local\fusioncache.dat
[2010/10/14 20:21:35 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/09/18 22:53:27 | 000,000,000 | ---- | C] () -- C:\Windows\TMonitor64.INI
[2010/09/17 16:31:03 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010/08/27 23:59:16 | 000,007,606 | ---- | C] () -- C:\Users\Luka\AppData\Local\Resmon.ResmonCfg
[2010/08/10 20:24:21 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\uc_karos_launching.dll
[2010/07/26 20:08:47 | 000,000,206 | ---- | C] () -- C:\Windows\ulead32.ini
[2010/07/22 19:57:10 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2010/07/22 09:41:46 | 000,000,767 | ---- | C] () -- C:\Windows\eReg.dat
[2010/07/18 16:05:56 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2010/07/14 17:46:52 | 000,782,022 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/07/10 06:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2010/06/27 11:38:12 | 002,427,248 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_heroes.exe
[2010/06/26 20:33:29 | 000,000,845 | ---- | C] () -- C:\Users\Luka\AppData\Local\RT2870_{171F15BD-85E0-4627-B639-3EABA3435D65}_sta
[2010/06/26 20:33:29 | 000,000,842 | ---- | C] () -- C:\Users\Luka\AppData\Local\RT2870_{171F15BD-85E0-4627-B639-3EABA3435D65}_prof
[2010/06/26 04:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010/06/23 15:44:48 | 001,658,973 | ---- | C] () -- C:\Windows\SysWow64\libmmd.dll
[2010/06/23 15:44:48 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\PtSSE2.dll
[2010/06/23 15:44:47 | 001,536,000 | ---- | C] () -- C:\Windows\SysWow64\AvidStartup.exe
[2010/06/23 15:44:47 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AvidXPSerial.sys
[2010/06/23 15:44:47 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\Cpuinf32.dll
[2010/06/17 18:07:49 | 000,065,536 | R--- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe
[2010/06/17 18:04:15 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2010/06/13 22:51:35 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010/06/11 09:44:01 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2010/06/10 19:16:33 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/06/10 19:16:31 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010/06/10 19:16:31 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/06/10 18:59:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== LOP Check ==========

[2012/01/25 16:35:05 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\.minecraft
[2011/04/17 11:02:23 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\.Nitrous
[2011/07/06 09:11:41 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\Beat Hazard
[2011/10/30 15:35:45 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\Bioshock
[2011/12/21 16:55:55 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\Bioshock2
[2011/09/09 22:46:48 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\Broken Rules
[2011/09/12 12:49:27 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\bsnes
[2010/08/16 21:34:54 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/09/09 22:12:36 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\Crayon Physics Deluxe
[2011/07/28 21:09:39 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\DAEMON Tools Pro
[2010/07/27 18:20:13 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\ESET
[2010/10/12 07:17:03 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\FOG Downloader
[2010/07/20 16:45:47 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\FreeArc
[2010/12/30 23:23:57 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\GameRanger
[2010/09/01 19:24:17 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\ijjigame
[2010/08/22 17:44:03 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\LolClient
[2012/02/02 17:01:55 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\Might & Magic Heroes VI
[2011/09/20 19:49:55 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\Mount&Blade Warband
[2012/02/22 23:18:30 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\Mumble
[2011/07/03 13:35:37 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\OnLive App
[2012/01/28 02:11:17 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\Opera
[2011/09/16 20:18:09 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\PFStaticIP
[2010/08/08 00:17:16 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\Publish Providers
[2011/11/24 08:13:23 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\Rainmeter
[2012/02/22 00:13:51 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\RotMG.Production
[2011/01/09 18:48:32 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\Screaming Bee
[2010/08/17 18:24:55 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\SecondLife
[2010/08/08 00:17:14 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\Sony
[2011/04/21 21:53:47 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\Sony Creative Software
[2011/11/10 20:00:33 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\SplitMediaLabs
[2011/04/02 19:18:30 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\Synthesia
[2012/01/08 18:29:36 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\SystemRequirementsLab
[2011/08/14 13:45:55 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\Thunderbird
[2010/07/27 23:47:20 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\TrueCrypt
[2012/01/12 16:33:44 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\TS3Client
[2011/08/07 03:53:44 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\Unity
[2012/02/23 14:18:02 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\uTorrent
[2010/12/05 15:58:53 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\Windows Live Writer
[2012/02/10 13:00:06 | 000,000,000 | ---D | M] -- C:\Users\Luka\AppData\Roaming\Wireshark
[2012/02/22 17:38:00 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2279249268-2734133613-1878461060-1000Core.job
[2012/02/23 14:38:03 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2279249268-2734133613-1878461060-1000UA.job
[2012/02/12 02:14:00 | 000,000,872 | ---- | M] () -- C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-2279249268-2734133613-1878461060-1000Core.job
[2012/02/23 14:14:00 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-2279249268-2734133613-1878461060-1000UA.job
[2012/01/26 10:19:48 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2011/02/01 18:19:11 | 000,000,000 | ---D | M](C:\Users\Luka\Documents\????) -- C:\Users\Luka\Documents\마비노기
[2011/02/01 18:19:11 | 000,000,000 | ---D | C](C:\Users\Luka\Documents\????) -- C:\Users\Luka\Documents\마비노기

< End of report >
  • 0

Advertisements

#2
Luka Patterson
Posted 28 February 2012 - 04:03 AM

Luka Patterson

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Glorious bump
  • 0

#3
Luka Patterson
Posted 04 March 2012 - 05:40 AM

Luka Patterson

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
One more for good measure, I'll try elsewhere if this yields nothing.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP