Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

resource virus


  • Please log in to reply

#1
Sakai

Sakai

    New Member

  • Member
  • Pip
  • 1 posts
OTL logfile created on: 09/10/2012 1:34:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Colocho\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 55,54% Memory free
7,99 Gb Paging File | 6,07 Gb Available in Paging File | 75,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,51 Gb Total Space | 128,63 Gb Free Space | 13,81% Space Free | Partition Type: NTFS

Computer Name: A_D_A | User Name: Colocho | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/09 01:30:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Colocho\Desktop\OTL.exe
PRC - [2012/07/27 14:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/02/09 22:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/02/09 20:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2008/07/14 13:45:16 | 000,336,384 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Portrait Displays\HP My Display\dthtml.exe
PRC - [2008/07/14 13:43:04 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe


========== Modules (No Company Name) ==========

MOD - [2010/01/30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2008/07/14 13:43:06 | 000,077,824 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\CC\gui.dll
MOD - [2008/07/14 13:42:50 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
MOD - [2007/10/04 13:36:40 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\vista.dll
MOD - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007/09/02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll


========== Services (SafeList) ==========

SRV:64bit: - [2011/11/09 17:38:06 | 000,189,608 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel®
SRV:64bit: - [2009/07/13 19:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008/06/19 18:40:42 | 000,246,272 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_683778768905c7b3\stacsv64.exe -- (STacSV)
SRV - [2012/10/08 16:35:32 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 14:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/09 22:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/02/09 20:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/02/08 23:20:44 | 000,343,032 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Archivos de programa\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe -- (NitroReaderDriverReadSpool2)
SRV - [2011/11/03 09:49:34 | 002,072,896 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/06/13 22:21:14 | 000,343,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/14 13:43:04 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2008/06/19 18:40:42 | 000,246,272 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_683778768905c7b3\STacSV64.exe -- (STacSV)
SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/22 23:19:47 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/08/21 03:13:11 | 000,019,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012/03/08 12:57:37 | 000,715,296 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2012/03/08 12:57:37 | 000,079,392 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\tifsfilt.sys -- (tifsfilter)
DRV:64bit: - [2012/03/01 00:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/17 06:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/10/20 10:24:16 | 000,302,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y62x64.sys -- (e1yexpress)
DRV:64bit: - [2011/09/12 18:43:12 | 000,062,552 | ---- | M] (Toolkit Development, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\toolkitdisk.sys -- (ToolkitDisk)
DRV:64bit: - [2011/08/17 10:04:34 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2009/07/13 19:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 19:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/06/19 18:40:46 | 000,456,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2007/03/20 16:03:58 | 000,056,320 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wbondir.sys -- (wbondir)
DRV:64bit: - [2006/11/16 17:26:44 | 000,019,248 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pdiports.sys -- (PdiPorts)
DRV - [2012/04/04 19:54:55 | 000,025,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\wnsdrvr.sys -- (WnsDrvr)
DRV - [2011/10/31 16:22:10 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2011/03/02 05:06:50 | 000,015,664 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://es.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-ES
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F0 64 FE F4 82 A5 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co.cr/"
FF - prefs.js..extensions.enabledAddons: [email protected]:2.5
FF - prefs.js..extensions.enabledAddons: [email protected]:1.1.17
FF - prefs.js..extensions.enabledAddons: [email protected]:1.6.2
FF - prefs.js..extensions.enabledAddons: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.2.6
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:15.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/10/07 14:47:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF

[2012/07/21 02:28:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Colocho\AppData\Roaming\mozilla\Extensions
[2012/06/18 11:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Colocho\AppData\Roaming\mozilla\Extensions\[email protected]
[2012/08/28 22:15:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Colocho\AppData\Roaming\mozilla\Firefox\Profiles\6t9wi46v.default\extensions
[2012/07/25 00:04:19 | 000,000,000 | ---D | M] (Diccionario español Argentina) -- C:\Users\Colocho\AppData\Roaming\mozilla\Firefox\Profiles\6t9wi46v.default\extensions\[email protected]
[2012/08/28 22:15:45 | 000,000,000 | ---D | M] (Diccionario en Español para Venezuela) -- C:\Users\Colocho\AppData\Roaming\mozilla\Firefox\Profiles\6t9wi46v.default\extensions\[email protected]
[2012/07/21 02:33:14 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Colocho\AppData\Roaming\mozilla\Firefox\Profiles\6t9wi46v.default\extensions\[email protected]
[2012/07/26 00:05:53 | 000,189,341 | ---- | M] () (No name found) -- C:\Users\Colocho\AppData\Roaming\mozilla\firefox\profiles\6t9wi46v.default\extensions\[email protected]
[2012/07/26 00:10:28 | 000,258,567 | ---- | M] () (No name found) -- C:\Users\Colocho\AppData\Roaming\mozilla\firefox\profiles\6t9wi46v.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
[2012/07/02 20:06:55 | 000,044,251 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\toolkitsearch.xml

========== Chrome ==========

CHR - homepage: http://www.google.co.cr/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.co.cr/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.92\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.92\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: DivX\u00AE Content Upload Plugin (Enabled) = C:\Program Files (x86)\DivX\DivX Content Uploader\npUpload.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
CHR - Extension: YouTube = C:\Users\Colocho\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: B\u00FAsqueda de Google = C:\Users\Colocho\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Photo Zoom for Facebook = C:\Users\Colocho\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: Stylish = C:\Users\Colocho\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\0.10_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Colocho\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: DownloadnSave = C:\Users\Colocho\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhppnhodmnceccheoldjdebinikcnfbg\1.0_0\
CHR - Extension: Gmail = C:\Users\Colocho\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/10/08 21:45:54 | 000,000,808 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DT HPW] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe ()
O4 - HKLM..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe" File not found
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9:64bit: - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{73F86D3C-CB1C-4A48-AE00-9A1466002755}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{f15da232-d8e1-11e1-ac15-001cc09f02ca}\Shell - "" = AutoRun
O33 - MountPoints2\{f15da232-d8e1-11e1-ac15-001cc09f02ca}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{f15da23f-d8e1-11e1-ac15-001cc09f02ca}\Shell - "" = AutoRun
O33 - MountPoints2\{f15da23f-d8e1-11e1-ac15-001cc09f02ca}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{f15da24f-d8e1-11e1-ac15-001cc09f02ca}\Shell - "" = AutoRun
O33 - MountPoints2\{f15da24f-d8e1-11e1-ac15-001cc09f02ca}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/09 01:28:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Colocho\Desktop\OTL.exe
[2012/10/09 01:12:22 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Users\Colocho\Desktop\explorer.exe
[2012/10/08 23:43:36 | 026,633,976 | ---- | C] (Wireshark development team) -- C:\Users\Colocho\Desktop\Wireshark-win64-1.8.3.exe
[2012/10/08 23:31:07 | 000,000,000 | ---D | C] -- C:\MATS
[2012/10/08 17:32:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2012/10/08 16:35:28 | 009,575,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/10/08 15:44:09 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\FixItCenter
[2012/10/08 15:25:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2012/10/08 15:25:20 | 000,000,000 | ---D | C] -- C:\Windows\MATS
[2012/10/08 15:22:51 | 000,447,792 | ---- | C] (Microsoft Corporation) -- C:\Users\Colocho\Desktop\FixitCenter_Run.exe
[2012/10/08 12:28:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/10/08 12:11:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/10/08 12:11:05 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/10/08 12:11:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/10/08 11:16:12 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
[2012/10/08 11:16:12 | 000,001,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppcomapi.dll
[2012/10/06 19:19:24 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012/10/06 19:19:11 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012/10/06 19:19:10 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2012/10/06 19:18:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2012/10/06 19:18:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2012
[2012/10/06 16:52:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unlocker
[2012/10/06 16:47:17 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Roaming\Acronis
[2012/10/06 12:29:05 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2012/10/06 12:07:26 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{E989A5C8-CFB2-4D10-BDA4-E573995C0DB9}
[2012/10/06 11:57:36 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{016485D2-4E3C-4821-A095-BFDAF26CE332}
[2012/10/06 08:51:28 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/10/06 08:33:07 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{820D87E0-989C-4CE4-A9F0-8E148240D730}
[2012/10/05 15:10:11 | 000,000,000 | ---D | C] -- C:\Users\Colocho\Documents\PLANILLAS Y CLAVES
[2012/10/05 15:08:49 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{14285723-751D-4866-B368-1EF65D3C987F}
[2012/10/04 15:58:30 | 000,000,000 | ---D | C] -- C:\Users\Colocho\Desktop\Hi-Res Mugen
[2012/10/03 22:40:20 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{28E87272-36EF-40EA-AF18-FE31BC5B1305}
[2012/10/03 09:00:13 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{2D726EAF-76D7-4413-8430-7AF589A35450}
[2012/10/03 02:46:51 | 000,000,000 | ---D | C] -- C:\avast! sandbox
[2012/10/02 21:59:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
[2012/10/02 21:59:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCSX2 0.9.8
[2012/10/02 21:47:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Gaming Network
[2012/10/02 21:47:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CGN
[2012/09/30 02:38:47 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{189057C4-C52B-452A-8C04-AC4A0E1D2D33}
[2012/09/28 02:09:19 | 000,019,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2012/09/25 13:32:07 | 000,000,000 | ---D | C] -- C:\Users\Colocho\Desktop\Minimal tecno
[2012/09/24 09:35:55 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{E21D46F9-6C74-46B1-9AFC-4BB9E8D1F1C4}
[2012/09/23 21:35:21 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{1C3E6AB7-0C01-4145-B490-F295FAEA840E}
[2012/09/23 07:32:58 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{CC6146EB-7B47-4086-ABC1-A84A34A9D671}
[2012/09/22 23:22:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012/09/22 23:19:47 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/09/22 23:19:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012/09/22 04:37:12 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{7E3F05E2-148A-4106-952A-B09ED5A6D046}
[2012/09/20 12:20:55 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{D467F51F-74B6-402C-B4C4-AB95539F4145}
[2012/09/18 12:19:24 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{E4064A76-B5D3-436F-9389-7A1601B8C78D}
[2012/09/18 02:30:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox
[2012/09/18 02:30:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uninstall
[2012/09/18 02:30:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\searchplugins
[2012/09/18 02:30:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\extensions
[2012/09/18 02:30:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\dictionaries
[2012/09/18 02:30:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\defaults
[2012/09/18 02:30:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\components
[2012/09/18 02:17:47 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Roaming\Skype
[2012/09/18 01:17:22 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/09/18 01:17:05 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/09/18 01:17:05 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/09/18 01:17:05 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012/09/18 01:16:51 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/09/18 00:18:38 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{CB7327DD-0FB2-4FD8-8DF2-577776FCD9EE}
[2012/09/17 22:11:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Caphyon
[2012/09/17 22:06:48 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Roaming\Waterfox Limited
[2012/09/17 12:15:44 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{6F27AC17-1CC4-4C95-9066-E9E78CFAFABD}
[2012/09/17 02:40:20 | 000,000,000 | R--D | C] -- C:\Users\Colocho\Podcasts
[2012/09/17 02:35:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/09/17 02:35:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/09/17 01:24:24 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/09/17 01:24:24 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/09/17 01:24:23 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/09/17 01:24:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/09/17 01:24:22 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/09/17 01:24:21 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/09/17 01:24:21 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/09/17 01:24:21 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/09/17 01:24:21 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/09/17 01:24:21 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/09/17 01:24:20 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/09/17 01:24:19 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/09/17 01:24:18 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/09/17 01:18:18 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/09/17 01:18:18 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/09/17 01:18:17 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/09/17 01:09:06 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2012/09/17 01:09:06 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2012/09/17 01:08:46 | 005,505,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/09/17 01:08:43 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/09/17 01:08:43 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/09/17 01:07:11 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/09/17 01:07:11 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/09/17 01:07:09 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/09/17 01:07:08 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/09/17 01:07:08 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/09/17 01:07:07 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/09/17 01:07:07 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/09/17 01:07:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/09/17 01:07:07 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/09/17 01:07:07 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/09/17 01:07:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/09/17 01:07:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/09/17 01:07:06 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/09/17 01:07:06 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/09/17 01:07:05 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/09/17 01:07:05 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/09/17 01:07:05 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/09/17 01:07:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/09/17 01:07:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/09/17 01:07:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/09/17 01:07:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/09/17 01:07:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/09/17 01:07:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/09/17 01:07:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/09/17 01:07:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/09/17 01:07:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/09/17 01:07:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/09/17 01:07:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/09/17 01:07:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/09/17 01:07:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/09/17 01:07:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/09/17 01:07:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/09/17 01:07:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/09/17 01:07:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/09/17 01:07:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/09/17 01:07:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/09/17 01:07:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/09/17 01:07:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/09/17 01:07:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/09/17 01:07:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/09/17 01:07:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/09/17 01:07:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/09/17 01:07:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/09/17 01:07:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/09/17 01:07:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/09/17 01:07:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/09/17 01:07:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/09/17 01:07:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/09/17 01:07:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/09/17 01:07:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/09/17 01:06:59 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2012/09/17 01:06:59 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2012/09/17 01:06:59 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2012/09/17 01:06:59 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2012/09/17 01:06:59 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2012/09/17 01:06:59 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2012/09/17 01:06:58 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2012/09/17 01:06:58 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2012/09/17 01:06:49 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2012/09/17 01:06:47 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2012/09/17 01:06:45 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2012/09/17 01:06:44 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2012/09/17 01:06:36 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/09/17 01:06:36 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/09/17 01:06:30 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/09/17 01:06:30 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2012/09/17 01:06:30 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/09/17 01:06:29 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2012/09/17 01:06:29 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/09/17 01:06:27 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012/09/17 01:06:26 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/09/17 01:06:24 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012/09/17 01:06:24 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/09/17 01:06:24 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012/09/17 01:06:23 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/09/17 01:06:13 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/09/17 01:06:13 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/09/17 01:05:56 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2012/09/17 01:05:55 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2012/09/17 01:05:20 | 001,460,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/09/17 01:05:18 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/09/17 01:02:39 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/09/17 01:02:39 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/09/17 01:02:38 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/09/17 01:02:38 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/09/17 01:02:38 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/09/17 01:02:34 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/09/17 01:02:17 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/09/17 01:02:16 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/09/17 01:02:15 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/09/17 01:02:15 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/09/17 01:02:14 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/09/17 01:02:14 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/09/17 01:02:09 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/09/17 01:02:09 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/09/17 01:02:09 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/09/17 01:02:00 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/09/17 01:02:00 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2012/09/17 01:02:00 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/09/17 01:02:00 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/09/17 01:01:59 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/09/17 01:01:59 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2012/09/17 01:01:59 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2012/09/17 01:01:59 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2012/09/17 01:01:59 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2012/09/17 01:01:59 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2012/09/17 01:01:57 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/09/17 01:01:57 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/09/17 01:01:57 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2012/09/17 01:01:53 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/09/17 01:01:53 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/09/17 01:01:53 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/09/17 01:01:53 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/09/17 01:01:53 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/09/17 01:01:53 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/09/17 01:01:53 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/09/17 01:01:48 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2012/09/17 01:01:48 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012/09/17 01:01:47 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2012/09/17 01:01:47 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012/09/17 01:01:17 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/09/17 01:01:16 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/09/17 01:01:16 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/09/17 01:01:16 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/09/17 01:01:15 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/09/17 01:01:15 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/09/17 01:01:15 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/09/17 01:01:14 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/09/17 01:01:13 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/09/17 01:01:05 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/09/17 01:01:04 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/09/17 01:01:04 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/09/17 01:01:03 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/09/17 01:00:49 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2012/09/17 01:00:41 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/09/17 01:00:41 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/09/17 01:00:19 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/09/17 01:00:19 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/09/17 01:00:19 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/09/17 00:58:28 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/09/17 00:58:28 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/09/17 00:58:28 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012/09/17 00:58:28 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012/09/17 00:58:28 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/09/17 00:58:27 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/09/17 00:57:51 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2012/09/17 00:57:50 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2012/09/17 00:57:12 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/09/17 00:57:10 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2012/09/17 00:57:03 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2012/09/17 00:57:00 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2012/09/17 00:56:37 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2012/09/17 00:56:37 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2012/09/17 00:56:30 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2012/09/17 00:56:30 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2012/09/17 00:56:29 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/09/17 00:56:13 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/09/17 00:56:12 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/09/17 00:56:08 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/09/17 00:56:08 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/09/17 00:56:07 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/09/17 00:56:05 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/09/17 00:56:01 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/09/17 00:56:01 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/09/17 00:55:59 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2012/09/17 00:55:53 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2012/09/17 00:55:50 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/09/17 00:55:48 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2012/09/17 00:55:46 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2012/09/17 00:55:46 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2012/09/17 00:39:58 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2012/09/17 00:39:57 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2012/09/17 00:36:58 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/09/17 00:36:58 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/09/17 00:36:44 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2012/09/17 00:14:16 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{C0E1A3F0-2AC9-404C-A903-4123C490075E}
[2012/09/16 10:09:05 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{AE2EAC72-D3CF-4A74-8C1E-482088EC4980}
[2012/09/15 22:07:42 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{E004D89E-1E00-44C9-91BD-06876989C5EB}
[2012/09/15 03:17:07 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{5572CE43-7FD7-4969-8C94-99A8701146A6}
[2012/09/14 15:15:34 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{96392112-54CD-4C38-AF0A-7800A9B3E320}
[2012/09/13 22:16:17 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{95366B72-3620-4C97-A8BE-98CC6A96B98F}
[2012/09/12 22:15:24 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{C52D4442-91FD-424B-B6A0-0C9B6B2B0C9C}
[2012/09/11 10:14:12 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{647662E8-2EAB-435C-AF80-0E50BA2333C2}
[2012/09/10 16:03:13 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/09/10 16:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/09/10 16:02:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/09/10 14:06:16 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{CD9962B8-D199-4963-90A8-3F8963635E2D}
[2012/09/10 02:05:45 | 000,000,000 | ---D | C] -- C:\Users\Colocho\AppData\Local\{62444E19-3233-4C71-B87D-C2262E5BBCB5}
[2012/09/09 19:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2012/08/30 08:20:47 | 000,306,800 | ---- | C] (Caphyon LTD) -- C:\Program Files (x86)\updater.exe
[2012/08/30 07:01:38 | 000,864,768 | ---- | C] (Mozilla Foundation) -- C:\Program Files (x86)\nss3.dll
[2012/08/30 07:01:38 | 000,496,640 | ---- | C] (Mozilla Foundation) -- C:\Program Files (x86)\freebl3.dll
[2012/08/30 07:01:38 | 000,452,096 | ---- | C] (Mozilla Foundation) -- C:\Program Files (x86)\nssckbi.dll
[2012/08/30 07:01:38 | 000,218,624 | ---- | C] (Mozilla Foundation) -- C:\Program Files (x86)\softokn3.dll
[2012/08/30 07:01:38 | 000,188,928 | ---- | C] (Mozilla Foundation) -- C:\Program Files (x86)\ssl3.dll
[2012/08/30 07:01:38 | 000,154,112 | ---- | C] (Mozilla Foundation) -- C:\Program Files (x86)\nssdbm3.dll
[2012/08/30 07:01:38 | 000,110,592 | ---- | C] (Mozilla Foundation) -- C:\Program Files (x86)\smime3.dll
[2012/08/30 07:01:38 | 000,107,008 | ---- | C] (Mozilla Foundation) -- C:\Program Files (x86)\nssutil3.dll
[2012/08/30 07:01:32 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\D3DCompiler_43.dll
[2012/08/30 07:01:32 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\d3dx9_43.dll
[2012/08/30 07:01:32 | 000,881,152 | ---- | C] (Mozilla Foundation) -- C:\Program Files (x86)\libGLESv2.dll
[2012/08/30 07:01:32 | 000,155,136 | ---- | C] (Mozilla Foundation) -- C:\Program Files (x86)\libEGL.dll
[2012/08/30 07:01:28 | 025,267,712 | ---- | C] (Mozilla Foundation) -- C:\Program Files (x86)\xul.dll
[2012/08/30 07:01:28 | 003,938,304 | ---- | C] (Mozilla Foundation) -- C:\Program Files (x86)\gkmedias.dll
[2012/08/30 07:01:28 | 000,738,816 | ---- | C] (sqlite.org) -- C:\Program Files (x86)\mozsqlite3.dll
[2012/08/30 07:01:28 | 000,714,752 | ---- | C] (Mozilla Corporation) -- C:\Program Files (x86)\waterfox.exe
[2012/08/30 07:01:28 | 000,254,976 | ---- | C] (Mozilla Foundation) -- C:\Program Files (x86)\nspr4.dll
[2012/08/30 07:01:28 | 000,053,248 | ---- | C] (Mozilla Foundation) -- C:\Program Files (x86)\mozglue.dll
[2012/08/30 07:01:28 | 000,026,624 | ---- | C] (Mozilla Foundation) -- C:\Program Files (x86)\xpcom.dll
[2012/08/30 07:01:28 | 000,024,064 | ---- | C] (Mozilla Corporation) -- C:\Program Files (x86)\plugin-container.exe
[2012/08/30 07:01:28 | 000,019,456 | ---- | C] (Mozilla Foundation) -- C:\Program Files (x86)\plc4.dll
[2012/08/30 07:01:28 | 000,015,360 | ---- | C] (Mozilla Foundation) -- C:\Program Files (x86)\plds4.dll
[2012/08/30 07:01:28 | 000,009,728 | ---- | C] (Mozilla Foundation) -- C:\Program Files (x86)\mozalloc.dll
[2012/06/08 03:53:16 | 006,094,304 | ---- | C] (Intel Corporation) -- C:\Program Files (x86)\svml_dispmd.dll
[2012/06/08 03:53:16 | 003,406,304 | ---- | C] (Intel Corporation) -- C:\Program Files (x86)\libmmd.dll
[2012/06/08 03:53:16 | 001,150,944 | ---- | C] (Intel Corporation) -- C:\Program Files (x86)\libiomp5md.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/09 01:34:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/09 01:30:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Colocho\Desktop\OTL.exe
[2012/10/09 01:26:04 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/09 01:13:34 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Users\Colocho\Desktop\explorer.exe
[2012/10/09 01:04:48 | 026,633,976 | ---- | M] (Wireshark development team) -- C:\Users\Colocho\Desktop\Wireshark-win64-1.8.3.exe
[2012/10/09 00:38:03 | 000,016,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/09 00:38:03 | 000,016,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/09 00:29:53 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/09 00:26:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/09 00:26:27 | 3218,030,592 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/08 21:45:54 | 000,000,808 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/10/08 17:35:52 | 000,042,155 | ---- | M] () -- C:\Users\Colocho\Desktop\545387_4161376786381_1264953587_n.jpg
[2012/10/08 16:35:31 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/10/08 16:35:31 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/10/08 16:35:28 | 009,575,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/10/08 15:25:20 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Fix it Center.lnk
[2012/10/08 15:22:57 | 000,447,792 | ---- | M] (Microsoft Corporation) -- C:\Users\Colocho\Desktop\FixitCenter_Run.exe
[2012/10/08 11:16:16 | 000,002,048 | ---- | M] () -- C:\Windows\SysWow64\winver.exe
[2012/10/08 11:16:14 | 000,410,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
[2012/10/08 11:16:13 | 000,001,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sppcomapi.dll
[2012/10/08 11:16:12 | 000,113,543 | ---- | M] () -- C:\Windows\SysWow64\slmgr.vbs
[2012/10/08 01:08:27 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/10/05 14:27:15 | 001,087,742 | ---- | M] () -- C:\Users\Colocho\Desktop\1345358355375.png
[2012/10/05 14:27:08 | 001,553,229 | ---- | M] () -- C:\Users\Colocho\Desktop\1349351352429.jpg
[2012/10/05 14:26:29 | 000,341,151 | ---- | M] () -- C:\Users\Colocho\Desktop\1343068062998.jpg
[2012/10/05 13:12:56 | 000,046,149 | ---- | M] () -- C:\Users\Colocho\Desktop\292274_2925826070263_1399252239_32283577_584407689_n.jpg
[2012/10/04 23:41:26 | 001,671,442 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/04 23:41:26 | 000,745,448 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2012/10/04 23:41:26 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/04 23:41:26 | 000,157,948 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2012/10/04 23:41:26 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/04 15:54:50 | 2519,335,068 | ---- | M] () -- C:\Users\Colocho\Desktop\way of the samurai 2.nrg
[2012/10/02 22:24:14 | 000,178,443 | ---- | M] () -- C:\Users\Colocho\Desktop\581579_10151080505343201_125841106_n.jpg
[2012/09/29 10:11:48 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/09/22 23:19:47 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/09/21 16:17:58 | 000,048,994 | ---- | M] () -- C:\Users\Colocho\Desktop\attachment.jpg
[2012/09/19 04:29:15 | 000,266,507 | ---- | M] () -- C:\Users\Colocho\Desktop\1342075867778.jpg
[2012/09/18 02:30:04 | 000,000,342 | ---- | M] () -- C:\Program Files (x86)\updater.ini
[2012/09/18 01:16:58 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012/09/18 01:16:54 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/09/18 01:16:54 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/09/18 01:16:54 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/09/18 01:16:53 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012/09/18 01:16:53 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012/09/17 02:37:50 | 004,969,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/09/17 01:33:11 | 001,647,800 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/09/10 12:12:53 | 000,000,011 | R--- | M] () -- C:\Windows\amunres.lsl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/08 17:35:52 | 000,042,155 | ---- | C] () -- C:\Users\Colocho\Desktop\545387_4161376786381_1264953587_n.jpg
[2012/10/08 15:25:20 | 000,000,943 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Fix it Center.lnk
[2012/10/08 15:25:20 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Fix it Center.lnk
[2012/10/08 12:21:57 | 000,001,102 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/08 12:20:47 | 000,001,098 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/08 11:16:12 | 000,113,543 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs
[2012/10/08 11:16:12 | 000,002,048 | ---- | C] () -- C:\Windows\SysWow64\winver.exe
[2012/10/06 19:18:30 | 000,002,155 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2012/10/05 14:27:15 | 001,087,742 | ---- | C] () -- C:\Users\Colocho\Desktop\1345358355375.png
[2012/10/05 14:27:08 | 001,553,229 | ---- | C] () -- C:\Users\Colocho\Desktop\1349351352429.jpg
[2012/10/05 14:26:29 | 000,341,151 | ---- | C] () -- C:\Users\Colocho\Desktop\1343068062998.jpg
[2012/10/05 13:12:56 | 000,046,149 | ---- | C] () -- C:\Users\Colocho\Desktop\292274_2925826070263_1399252239_32283577_584407689_n.jpg
[2012/10/04 15:50:41 | 2519,335,068 | ---- | C] () -- C:\Users\Colocho\Desktop\way of the samurai 2.nrg
[2012/10/02 22:24:14 | 000,178,443 | ---- | C] () -- C:\Users\Colocho\Desktop\581579_10151080505343201_125841106_n.jpg
[2012/10/01 09:59:35 | 019,374,080 | ---- | C] () -- C:\Users\Colocho\Desktop\Emulador de PS2.iso
[2012/09/21 16:17:58 | 000,048,994 | ---- | C] () -- C:\Users\Colocho\Desktop\attachment.jpg
[2012/09/19 04:29:15 | 000,266,507 | ---- | C] () -- C:\Users\Colocho\Desktop\1342075867778.jpg
[2012/09/18 02:30:04 | 000,000,342 | ---- | C] () -- C:\Program Files (x86)\updater.ini
[2012/09/10 16:03:13 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/09/10 12:12:53 | 000,000,011 | R--- | C] () -- C:\Windows\amunres.lsl
[2012/08/30 07:01:52 | 008,382,107 | ---- | C] () -- C:\Program Files (x86)\omni.ja
[2012/08/30 07:01:42 | 000,000,478 | ---- | C] () -- C:\Program Files (x86)\softokn3.chk
[2012/08/30 07:01:42 | 000,000,478 | ---- | C] () -- C:\Program Files (x86)\nssdbm3.chk
[2012/08/30 07:01:42 | 000,000,478 | ---- | C] () -- C:\Program Files (x86)\freebl3.chk
[2012/08/30 07:01:28 | 003,113,472 | ---- | C] () -- C:\Program Files (x86)\mozjs.dll
[2012/08/30 07:01:28 | 000,023,999 | ---- | C] () -- C:\Program Files (x86)\blocklist.xml
[2012/08/30 07:01:28 | 000,000,356 | ---- | C] () -- C:\Program Files (x86)\application.ini
[2012/08/30 07:01:28 | 000,000,142 | ---- | C] () -- C:\Program Files (x86)\dependentlibs.list
[2012/08/30 07:01:28 | 000,000,049 | ---- | C] () -- C:\Program Files (x86)\platform.ini
[2012/08/30 07:01:26 | 000,035,988 | ---- | C] () -- C:\Program Files (x86)\removed-files
[2012/08/03 23:53:03 | 001,647,800 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/07/21 02:28:39 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2012/06/15 00:45:30 | 000,065,536 | ---- | C] () -- C:\Windows\IFinst27.exe
[2012/06/09 15:02:40 | 000,000,132 | ---- | C] () -- C:\Users\Colocho\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012/05/19 01:15:42 | 000,781,312 | ---- | C] () -- C:\Windows\SysWow64\RGSS102J.dll
[2012/05/19 01:15:42 | 000,778,752 | ---- | C] () -- C:\Windows\SysWow64\RGSS102E.dll
[2012/05/19 01:15:42 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\RGSS104J.dll
[2012/05/19 01:15:42 | 000,758,272 | ---- | C] () -- C:\Windows\SysWow64\RGSS104E.dll
[2012/05/19 01:15:42 | 000,685,056 | ---- | C] () -- C:\Windows\SysWow64\RGSS103J.dll
[2012/05/19 01:15:41 | 000,771,584 | ---- | C] () -- C:\Windows\SysWow64\RGSS100J.dll
[2012/05/08 00:40:38 | 000,000,020 | -HS- | C] () -- C:\Windows\SysWow64\Userdata.ini
[2012/04/30 11:33:25 | 000,000,132 | ---- | C] () -- C:\Users\Colocho\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/04/12 23:21:41 | 000,004,998 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe
[2012/04/12 22:38:53 | 000,476,672 | ---- | C] () -- C:\Windows\nxpunist.exe
[2012/03/31 15:33:56 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2012/03/31 15:33:56 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012/03/15 01:59:25 | 000,007,168 | ---- | C] () -- C:\Users\Colocho\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/08 23:55:22 | 000,376,832 | ---- | C] () -- C:\Windows\SysWow64\M2000Twn.dll
[2012/03/08 23:55:22 | 000,169,984 | ---- | C] () -- C:\Windows\SysWow64\glut32.dll
[2012/03/08 23:55:22 | 000,169,984 | ---- | C] () -- C:\Windows\SysWow64\glut.dll
[2012/03/08 23:55:19 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CompressATI2.dll
[2012/03/08 23:48:03 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/03/08 23:48:03 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2012/03/08 23:48:01 | 000,810,496 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/03/08 23:48:01 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/03/08 23:48:01 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/03/08 22:10:51 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012/03/08 22:05:01 | 000,000,000 | ---- | C] () -- C:\Users\Colocho\AppData\Roaming\.NANotifyHere
[2012/03/08 13:15:18 | 000,002,304 | ---- | C] () -- C:\Windows\SysWow64\Machnm32.sys
[2012/02/09 20:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 19:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:D5AD7675
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

Attached Files

  • Attached File  OTL.Txt   159.02KB   24 downloads

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP