Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

trojan horse psw.generico10.yee

Started by IvoF , Nov 20 2012 05:38 PM

  • Please log in to reply

#1
IvoF
Posted 20 November 2012 - 05:38 PM

IvoF

    New Member

  • Member
  • Pip
  • 3 posts
Hey guys !

First of all thank you for your time and upcoming solutions to fix this problem.

I just bought a new gamers pc and i started downloading games with grabbit
And some how i overlooked a suspicious file/game/crack and AVG found the trojan horse.
the name of the trojan is : PSW.generic10.YEE.dropper located: C:\program files (x86)iexplorer.exe (4748)
PSW.generic10.YEE located: SysWOW64\svchost.exe (4768)

now normally i have no problems to delete these viruses and solving the problem.....
But this virus is a pain to be honest!
So i need you guys for some advice and help!
What do you need to know what kind of logs would you like to receive ?

Thank you for you time and help

regards

Ivo

Edited by IvoF, 20 November 2012 - 05:48 PM.

  • 0

Advertisements

#2
IvoF
Posted 20 November 2012 - 05:48 PM

IvoF

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
OTL logfile created on: 21-11-2012 0:43:34 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ivo\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

7,96 Gb Total Physical Memory | 5,50 Gb Available Physical Memory | 69,08% Memory free
15,92 Gb Paging File | 13,63 Gb Available in Paging File | 85,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 255,13 Gb Free Space | 54,79% Space Free | Partition Type: NTFS
Drive D: | 7,88 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: IVOFEIJEN | User Name: Ivo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-11-21 00:39:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ivo\Downloads\OTL.exe
PRC - [2012-11-07 21:57:05 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-11-07 20:07:05 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2012-11-06 19:00:32 | 003,143,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2012-11-06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2012-10-31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-10-22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2012-10-09 10:53:54 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Ivo\AppData\Local\Akamai\netsession_win.exe
PRC - [2012-07-23 10:59:04 | 017,432,576 | ---- | M] (GIGABYTE Technology Co.,Ltd.) -- C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
PRC - [2012-05-20 17:26:26 | 000,291,648 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012-05-15 15:17:26 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012-05-15 15:17:22 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012-05-10 15:20:34 | 000,165,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012-01-13 14:04:16 | 000,219,760 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
PRC - [2010-05-20 10:04:14 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2009-03-13 14:13:48 | 001,773,568 | ---- | M] (Sitecom Europe BV) -- C:\Program Files (x86)\Sitecom\Common\RaUI.exe
PRC - [2008-05-13 15:12:54 | 000,069,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\Sitecom\Common\RegistryWriter.exe


========== Modules (No Company Name) ==========

MOD - [2012-11-07 20:07:05 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2012-10-31 23:15:05 | 000,460,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppgooglenaclpluginchrome.dll
MOD - [2012-10-31 23:15:04 | 012,455,448 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
MOD - [2012-10-31 23:15:02 | 004,007,448 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
MOD - [2012-10-31 23:13:47 | 000,587,288 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libglesv2.dll
MOD - [2012-10-31 23:13:46 | 000,123,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libegl.dll
MOD - [2012-10-31 23:13:35 | 000,156,712 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avutil-51.dll
MOD - [2012-10-31 23:13:34 | 000,274,984 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avformat-54.dll
MOD - [2012-10-31 23:13:32 | 002,168,360 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll
MOD - [2012-06-25 13:49:20 | 001,482,820 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll
MOD - [2012-06-21 14:58:06 | 002,826,311 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll
MOD - [2012-06-21 13:31:46 | 000,618,563 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\work.dll
MOD - [2012-06-20 14:11:58 | 000,294,912 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.dll
MOD - [2012-05-22 19:12:56 | 001,331,266 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\SF.dll
MOD - [2012-05-08 15:01:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll
MOD - [2012-05-07 21:45:00 | 001,429,589 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll
MOD - [2012-03-01 09:14:46 | 001,335,362 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\HM.dll
MOD - [2012-01-13 14:04:16 | 000,219,760 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
MOD - [2011-10-18 09:26:16 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\STT.dll
MOD - [2011-09-14 17:12:30 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll
MOD - [2011-03-01 19:00:58 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\StabilityLib.dll
MOD - [2010-06-24 15:50:08 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\IccLibDll.dll
MOD - [2010-06-10 15:52:24 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\AMD8.dll
MOD - [2010-03-12 05:40:58 | 004,449,632 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\platform.dll
MOD - [2010-03-12 05:40:56 | 000,423,256 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\device.dll
MOD - [2008-05-07 15:22:58 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll
MOD - [2003-02-14 14:11:46 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012-09-28 02:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012-04-20 14:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2010-04-06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-11-14 15:57:14 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012-11-14 15:57:05 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012-11-07 21:57:05 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-11-07 21:28:56 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-11-06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012-10-26 16:07:08 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- C:\AeriaGames\TribesAscend\HiPatchService.exe -- (HiPatchService)
SRV - [2012-10-22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012-10-19 16:56:30 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-05-15 15:17:26 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-05-15 15:17:22 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-05-10 15:20:34 | 000,165,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012-03-30 23:43:34 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012-03-06 16:36:00 | 004,199,520 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011-08-30 15:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010-05-20 10:04:14 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-05-13 15:12:54 | 000,069,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Sitecom\Common\RegistryWriter.exe -- (RalinkRegistryWriter)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012-11-03 21:25:38 | 000,503,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012-10-22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2012-10-15 03:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012-10-05 03:32:50 | 000,111,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2012-10-02 03:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012-09-28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012-09-28 02:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012-09-21 03:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012-09-21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2012-09-14 03:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012-05-20 17:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012-05-20 17:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012-05-20 17:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012-05-14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012-04-25 08:07:18 | 000,104,560 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2012-03-27 03:09:54 | 014,748,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012-03-01 07:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011-12-06 12:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011-11-10 01:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011-11-02 10:48:26 | 000,021,616 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010-10-27 10:11:37 | 000,107,912 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010-10-27 10:11:37 | 000,027,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-10-27 09:18:33 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009-07-31 11:40:32 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\XENfiltv.sys -- (XENfiltv)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-04-03 23:04:24 | 000,880,128 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV - [2012-11-21 00:14:15 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2012-11-21 00:13:52 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012-11-05 03:31:54 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2012-11-04 22:46:47 | 000,051,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\AeriaGames\Wolfteam\avital\wolf64.sys -- (wolf)
DRV - [2010-02-04 10:09:00 | 000,014,376 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys -- (GPCIDrv)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.nl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
IE - HKCU\..\SearchScopes,DefaultScope = GOOGLE_SEARCH
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKCU\..\SearchScopes\DEVIANTART_SEARCH: "URL" = http://search.devian...q={searchTerms}
IE - HKCU\..\SearchScopes\Event_ID_SEARCH: "URL" = http://www.eventid.n...hTerms}&source=
IE - HKCU\..\SearchScopes\GOOGLE_SEARCH: "URL" = http://www.google.nl...rchTerms}&meta=
IE - HKCU\..\SearchScopes\MSDN_ENHANCED_SEARCH: "URL" = http://search.msdn.m...y={searchTerms}
IE - HKCU\..\SearchScopes\MSDOWNLOADCENTER: "URL" = http://www.microsoft...&DisplayLang=nl
IE - HKCU\..\SearchScopes\MSHELP: "URL" = http://support.micro...d={SearchTerms}
IE - HKCU\..\SearchScopes\MSTECHNET: "URL" = http://social.techne...y={SearchTerms}
IE - HKCU\..\SearchScopes\NEOWIN_FORUM: "URL" = http://www.neowin.ne...rms}&forums=all
IE - HKCU\..\SearchScopes\WIKIPEDIA_EN_SEARCH: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\WIKIPEDIA_NL_SEARCH: "URL" = http://nl.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\YOUTUBE_SEARCH: "URL" = http://www.youtube.c...}&search=Search
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)



========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Ivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Zoeken = C:\Users\Ivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Gmail = C:\Users\Ivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [{9F6A0799-E74C-5CE7-87E2-BF60F61081CB}] C:\Users\Ivo\AppData\Roaming\Woqo\suop.exe (Limited Energy Imports)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Ivo\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Windows Live] C:\Users\Ivo\AppData\Local\Temp\winini.exe File not found
O4 - HKLM..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.giga...bject/Dldrv.ocx (Dldrv2 Control)
O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} http://www.netgame.c...ch_USAv1005.cab (MGLaunch_v1004 Class)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...21022/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30E34748-BED7-4455-9774-3280D937D3B7}: DhcpNameServer = 212.54.35.25 212.54.40.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{60CDCCBE-E0E3-4A8C-91B0-D3C789D5611D}: NameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-08-25 07:27:21 | 000,000,133 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{ed34875f-25f2-11e2-8b64-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ed34875f-25f2-11e2-8b64-806e6f6e6963}\Shell\AutoRun\command - "" = SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-11-20 23:13:42 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\Woqo
[2012-11-20 23:13:42 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\tor
[2012-11-20 23:13:42 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\Aveh
[2012-11-18 13:15:38 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\Darksiders
[2012-11-18 13:15:24 | 000,121,984 | ---- | C] (Valve Corporation) -- C:\Windows\SysWow64\steam_api.dll
[2012-11-18 13:15:17 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\dll-files.com
[2012-11-18 13:15:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files.com Fixer
[2012-11-18 13:15:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dll-Files.com Fixer
[2012-11-18 12:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
[2012-11-18 12:54:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\THQ
[2012-11-18 02:36:39 | 000,000,000 | ---D | C] -- C:\Users\Ivo\Documents\Prototype
[2012-11-18 01:27:33 | 000,000,000 | ---D | C] -- C:\Root
[2012-11-18 01:26:16 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2012-11-17 22:20:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
[2012-11-17 22:06:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
[2012-11-17 21:08:40 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\QuickPar
[2012-11-17 21:06:26 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
[2012-11-17 21:06:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
[2012-11-17 21:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickPar
[2012-11-17 20:49:48 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\GrabIt
[2012-11-17 20:46:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrabIt
[2012-11-17 20:46:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GrabIt
[2012-11-17 20:34:21 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
[2012-11-17 20:33:44 | 000,226,304 | ---- | C] (RAD Game Tools, Inc.) -- C:\Windows\SysWow64\binkw32.dll
[2012-11-17 20:31:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Chart Controls
[2012-11-17 20:30:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012-11-15 21:34:20 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\Creative
[2012-11-15 21:32:27 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Creative
[2012-11-15 21:32:27 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\Creative
[2012-11-14 15:58:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative Labs
[2012-11-14 15:57:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2012-11-14 15:57:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative
[2012-11-14 15:57:30 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Creative Installation Information
[2012-11-14 15:57:14 | 000,466,520 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012-11-14 15:57:14 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012-11-14 15:57:13 | 002,906,591 | ---- | C] (Creative) -- C:\Windows\SysWow64\Sens_oal.dll
[2012-11-14 15:57:13 | 001,942,528 | ---- | C] (Creative) -- C:\Windows\SysNative\Sens_oal.dll
[2012-11-14 15:57:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative Labs Shared
[2012-11-14 15:57:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2012-11-14 15:56:56 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2012-11-14 15:56:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2012-11-12 18:19:32 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012-11-09 19:29:11 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\Chromium
[2012-11-09 19:28:01 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\Awesomium
[2012-11-09 19:01:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Hi-Rez Studios
[2012-11-09 18:23:29 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-11-09 18:21:26 | 000,000,000 | ---D | C] -- C:\Users\Ivo\Documents\Gunz
[2012-11-09 18:21:22 | 004,199,520 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2012-11-09 18:21:16 | 000,004,774 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2012-11-09 18:21:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2012-11-09 01:34:22 | 000,000,000 | ---D | C] -- C:\Users\Ivo\jagexcache1
[2012-11-08 19:23:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vittalia
[2012-11-08 19:16:34 | 000,000,000 | ---D | C] -- C:\PFiles
[2012-11-08 18:22:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012-11-07 21:53:39 | 000,000,000 | ---D | C] -- C:\Users\Ivo\Documents\America's Army 3
[2012-11-07 21:31:34 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012-11-07 21:28:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012-11-07 21:28:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012-11-07 21:28:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012-11-07 20:44:36 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\PBlackout
[2012-11-07 20:40:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BandiMPEG1
[2012-11-07 20:36:16 | 000,000,000 | ---D | C] -- C:\SG Interactive
[2012-11-07 20:07:08 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\PMB Files
[2012-11-07 20:07:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012-11-07 20:07:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2012-11-07 18:06:09 | 000,000,000 | ---D | C] -- C:\Users\Ivo\Documents\EpicBot
[2012-11-07 18:06:09 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\EpicBot
[2012-11-07 18:05:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EpicBot
[2012-11-07 18:05:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EpicBot
[2012-11-05 12:54:16 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-11-05 12:52:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012-11-05 11:54:35 | 000,000,000 | ---D | C] -- C:\Windows\.jagex_cache_32
[2012-11-05 11:53:04 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
[2012-11-05 03:27:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Auto Shutdown
[2012-11-05 03:27:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise
[2012-11-05 03:14:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink
[2012-11-05 03:14:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sitecom Wireless
[2012-11-05 03:14:11 | 000,880,128 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\SysNative\drivers\netr28ux.sys
[2012-11-05 03:14:07 | 000,303,616 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll
[2012-11-05 03:14:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Sitecom Driver
[2012-11-05 03:14:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2012-11-05 03:13:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sitecom
[2012-11-05 01:55:43 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\Skyrim
[2012-11-05 01:55:43 | 000,000,000 | ---D | C] -- C:\Users\Ivo\Documents\My Games
[2012-11-05 01:50:46 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\AVG2013
[2012-11-05 01:49:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2012-11-05 01:48:59 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\TuneUp Software
[2012-11-05 01:48:29 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012-11-05 01:48:29 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2012-11-05 01:48:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012-11-05 01:47:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls V - Skyrim
[2012-11-05 01:45:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision
[2012-11-05 01:43:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012-11-05 01:43:30 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\MFAData
[2012-11-05 01:43:30 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012-11-05 01:43:30 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\Avg2013
[2012-11-05 01:37:31 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\DAEMON Tools
[2012-11-05 01:37:29 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\DAEMON Tools Pro
[2012-11-05 01:31:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Black_Box
[2012-11-05 01:26:21 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012-11-05 01:26:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012-11-05 01:26:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012-11-05 01:26:02 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\DAEMON Tools Lite
[2012-11-05 01:00:17 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\WinRAR
[2012-11-05 01:00:17 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-11-05 01:00:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-11-05 01:00:09 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012-11-05 00:56:38 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\Spotnet
[2012-11-05 00:44:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotnet
[2012-11-05 00:44:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Spotnet
[2012-11-05 00:44:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spotnet
[2012-11-04 22:16:12 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\PunkBuster
[2012-11-04 22:13:23 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\Aeria Games
[2012-11-04 22:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Aeria Games
[2012-11-04 22:10:44 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
[2012-11-04 22:08:32 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2012-11-04 22:08:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
[2012-11-04 22:08:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aeria Games
[2012-11-04 22:00:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\News Server Tester
[2012-11-04 22:00:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\News Server Tester
[2012-11-04 21:56:16 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\Akamai
[2012-11-04 21:56:15 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2012-11-04 21:24:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GamersFirst
[2012-11-04 20:55:51 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\ElevatedDiagnostics
[2012-11-04 20:37:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2012-11-04 20:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2012-11-04 20:33:37 | 000,000,000 | ---D | C] -- C:\Nexon
[2012-11-04 20:33:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU
[2012-11-04 20:09:52 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\Skype
[2012-11-04 20:09:50 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012-11-04 20:09:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-11-04 20:09:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012-11-04 20:09:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012-11-04 19:53:00 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\ATI
[2012-11-04 19:53:00 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\ATI
[2012-11-04 19:53:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012-11-04 19:52:59 | 000,000,000 | ---D | C] -- C:\Users\Ivo\Documents\temp
[2012-11-04 02:14:50 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Netgame
[2012-11-04 02:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Netgame
[2012-11-04 02:14:16 | 000,000,000 | ---D | C] -- C:\Netgame
[2012-11-04 02:13:45 | 000,000,000 | ---D | C] -- C:\Users\Ivo\jagexcache
[2012-11-04 02:13:38 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012-11-04 02:13:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012-11-04 01:32:23 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012-11-04 01:32:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2012-11-04 01:32:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012-11-04 01:32:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2012-11-04 01:32:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2012-11-04 01:32:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012-11-04 01:31:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012-11-04 01:30:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012-11-04 01:29:18 | 000,000,000 | ---D | C] -- C:\AMD
[2012-11-04 01:20:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012-11-04 00:49:04 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\GamersFirst LIVE!
[2012-11-04 00:48:54 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GamersFirst
[2012-11-04 00:48:53 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\GamersFirst
[2012-11-04 00:42:07 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\Macromedia
[2012-11-04 00:42:07 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\Adobe
[2012-11-03 23:26:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2012-11-03 23:26:21 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE
[2012-11-03 23:26:08 | 000,104,560 | ---- | C] (Qualcomm Atheros Co., Ltd.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2012-11-03 23:26:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012-11-03 23:26:06 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012-11-03 23:25:33 | 002,605,400 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012-11-03 23:25:30 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012-11-03 23:25:30 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012-11-03 23:25:30 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012-11-03 23:25:30 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012-11-03 23:25:21 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012-11-03 23:25:20 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012-11-03 23:25:20 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012-11-03 23:25:20 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012-11-03 23:25:19 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012-11-03 23:25:19 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012-11-03 23:25:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e
[2012-11-03 23:25:02 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012-11-03 23:25:02 | 001,015,640 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2012-11-03 23:25:01 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012-11-03 23:24:50 | 002,533,952 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012-11-03 23:24:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012-11-03 23:24:46 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012-11-03 23:24:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012-11-03 23:24:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2012-11-03 23:23:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012-11-03 23:23:38 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012-11-03 23:23:23 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012-11-03 23:23:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012-11-03 23:23:17 | 000,000,000 | ---D | C] -- C:\Intel
[2012-11-03 23:23:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012-11-03 23:23:02 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\InstallShield
[2012-11-03 23:23:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-11-03 23:22:48 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\Google
[2012-11-03 23:22:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012-11-03 21:34:57 | 000,000,000 | ---D | C] -- C:\GvTemp
[2012-11-03 21:33:51 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012-11-03 21:33:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
[2012-11-03 21:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2012-11-03 21:33:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012-11-03 21:32:16 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012-11-03 21:32:12 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012-11-03 21:28:13 | 000,000,000 | R--D | C] -- C:\Users\Ivo\Searches
[2012-11-03 21:28:13 | 000,000,000 | R--D | C] -- C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012-11-03 21:28:13 | 000,000,000 | -H-D | C] -- C:\Users\Ivo\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012-11-03 21:28:05 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\Identities
[2012-11-03 21:28:04 | 000,000,000 | R--D | C] -- C:\Users\Ivo\Contacts
[2012-11-03 21:26:17 | 000,000,000 | --SD | C] -- C:\Users\Ivo\AppData\Roaming\Microsoft
[2012-11-03 21:26:17 | 000,000,000 | R--D | C] -- C:\Users\Ivo\Videos
[2012-11-03 21:26:17 | 000,000,000 | R--D | C] -- C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012-11-03 21:26:17 | 000,000,000 | R--D | C] -- C:\Users\Ivo\Saved Games
[2012-11-03 21:26:17 | 000,000,000 | R--D | C] -- C:\Users\Ivo\Pictures
[2012-11-03 21:26:17 | 000,000,000 | R--D | C] -- C:\Users\Ivo\Music
[2012-11-03 21:26:17 | 000,000,000 | R--D | C] -- C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012-11-03 21:26:17 | 000,000,000 | R--D | C] -- C:\Users\Ivo\Links
[2012-11-03 21:26:17 | 000,000,000 | R--D | C] -- C:\Users\Ivo\Favorites
[2012-11-03 21:26:17 | 000,000,000 | R--D | C] -- C:\Users\Ivo\Downloads
[2012-11-03 21:26:17 | 000,000,000 | R--D | C] -- C:\Users\Ivo\Documents
[2012-11-03 21:26:17 | 000,000,000 | R--D | C] -- C:\Users\Ivo\Desktop
[2012-11-03 21:26:17 | 000,000,000 | R--D | C] -- C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012-11-03 21:26:17 | 000,000,000 | -HSD | C] -- C:\Users\Ivo\AppData\Local\Temporary Internet Files
[2012-11-03 21:26:17 | 000,000,000 | -HSD | C] -- C:\Users\Ivo\Sjablonen
[2012-11-03 21:26:17 | 000,000,000 | -HSD | C] -- C:\Users\Ivo\SendTo
[2012-11-03 21:26:17 | 000,000,000 | -HSD | C] -- C:\Users\Ivo\Recent
[2012-11-03 21:26:17 | 000,000,000 | -HSD | C] -- C:\Users\Ivo\Netwerkprinteromgeving
[2012-11-03 21:26:17 | 000,000,000 | -HSD | C] -- C:\Users\Ivo\NetHood
[2012-11-03 21:26:17 | 000,000,000 | -HSD | C] -- C:\Users\Ivo\Documents\Mijn video's
[2012-11-03 21:26:17 | 000,000,000 | -HSD | C] -- C:\Users\Ivo\Documents\Mijn muziek
[2012-11-03 21:26:17 | 000,000,000 | -HSD | C] -- C:\Users\Ivo\Mijn documenten
[2012-11-03 21:26:17 | 000,000,000 | -HSD | C] -- C:\Users\Ivo\Documents\Mijn afbeeldingen
[2012-11-03 21:26:17 | 000,000,000 | -HSD | C] -- C:\Users\Ivo\Menu Start
[2012-11-03 21:26:17 | 000,000,000 | -HSD | C] -- C:\Users\Ivo\Local Settings
[2012-11-03 21:26:17 | 000,000,000 | -HSD | C] -- C:\Users\Ivo\AppData\Local\Geschiedenis
[2012-11-03 21:26:17 | 000,000,000 | -HSD | C] -- C:\Users\Ivo\Cookies
[2012-11-03 21:26:17 | 000,000,000 | -HSD | C] -- C:\Users\Ivo\Application Data
[2012-11-03 21:26:17 | 000,000,000 | -HSD | C] -- C:\Users\Ivo\AppData\Local\Application Data
[2012-11-03 21:26:17 | 000,000,000 | -H-D | C] -- C:\Users\Ivo\AppData
[2012-11-03 21:26:17 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\Temp
[2012-11-03 21:26:17 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Local\Microsoft
[2012-11-03 21:26:17 | 000,000,000 | ---D | C] -- C:\Users\Ivo\AppData\Roaming\Media Center Programs
[2012-11-03 21:25:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012-11-03 21:25:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012-11-03 21:25:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2012-11-03 21:25:20 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady
[2012-11-03 21:25:18 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012-11-03 21:25:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012-11-03 21:25:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Sjablonen
[2012-11-03 21:25:07 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012-11-03 21:25:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mijn video's
[2012-11-03 21:25:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mijn muziek
[2012-11-03 21:25:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mijn afbeeldingen
[2012-11-03 21:25:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2012-11-03 21:25:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorieten
[2012-11-03 21:25:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documenten
[2012-11-03 21:25:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Bureaublad
[2012-11-03 21:13:47 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012-11-03 21:13:33 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012-11-03 21:12:56 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012-10-22 13:02:44 | 000,154,464 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-11-21 00:32:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-21 00:23:07 | 000,012,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-11-21 00:23:07 | 000,012,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-11-21 00:22:15 | 000,011,434 | ---- | M] () -- C:\Users\Ivo\Desktop\Naamloos.png
[2012-11-21 00:19:30 | 001,549,262 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-11-21 00:19:30 | 000,701,326 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2012-11-21 00:19:30 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-11-21 00:19:30 | 000,133,358 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2012-11-21 00:19:30 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-11-21 00:14:15 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2012-11-21 00:14:15 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref
[2012-11-21 00:13:56 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-21 00:13:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-11-21 00:13:33 | 2117,820,415 | -HS- | M] () -- C:\hiberfil.sys
[2012-11-18 14:23:29 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job
[2012-11-18 14:23:29 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_MONTHLY.job
[2012-11-18 13:15:25 | 000,121,984 | ---- | M] (Valve Corporation) -- C:\Windows\SysWow64\steam_api.dll
[2012-11-18 13:15:10 | 000,001,126 | ---- | M] () -- C:\Users\Ivo\Application Data\Microsoft\Internet Explorer\Quick Launch\Dll-Files.com Fixer.lnk
[2012-11-18 13:15:10 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Dll-Files.com Fixer.lnk
[2012-11-18 13:11:53 | 000,002,115 | ---- | M] () -- C:\Users\Public\Desktop\Darksiders Comic.lnk
[2012-11-18 13:11:53 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\Darksiders Soundtrack.lnk
[2012-11-17 21:06:26 | 000,001,021 | ---- | M] () -- C:\Users\Ivo\Desktop\QuickPar.lnk
[2012-11-17 20:46:36 | 000,001,017 | ---- | M] () -- C:\Users\Ivo\Application Data\Microsoft\Internet Explorer\Quick Launch\GrabIt.lnk
[2012-11-17 20:46:36 | 000,000,993 | ---- | M] () -- C:\Users\Ivo\Desktop\GrabIt.lnk
[2012-11-17 20:33:45 | 000,226,304 | ---- | M] (RAD Game Tools, Inc.) -- C:\Windows\SysWow64\binkw32.dll
[2012-11-16 15:19:07 | 000,000,627 | ---- | M] () -- C:\Users\Ivo\Ivo.lnk
[2012-11-14 15:57:29 | 000,000,376 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2012-11-14 15:57:14 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012-11-14 15:57:14 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012-11-14 15:57:11 | 000,002,297 | ---- | M] () -- C:\Users\Public\Desktop\Creative-productregistratie.lnk
[2012-11-13 01:01:32 | 000,000,222 | ---- | M] () -- C:\Users\Ivo\Desktop\Call of Duty Black Ops II.url
[2012-11-13 01:01:32 | 000,000,222 | ---- | M] () -- C:\Users\Ivo\Desktop\Call of Duty Black Ops II - Zombies.url
[2012-11-13 01:01:32 | 000,000,222 | ---- | M] () -- C:\Users\Ivo\Desktop\Call of Duty Black Ops II - Multiplayer.url
[2012-11-12 18:18:07 | 000,000,017 | ---- | M] () -- C:\Users\Ivo\AppData\Local\resmon.resmoncfg
[2012-11-09 19:02:15 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\HRUPPROG.DIE.NOW
[2012-11-09 19:01:29 | 000,001,741 | ---- | M] () -- C:\Users\Ivo\Desktop\Hi-Rez Diagnostics and Support.lnk
[2012-11-09 19:01:29 | 000,001,691 | ---- | M] () -- C:\Users\Ivo\Desktop\Tribes Ascend.lnk
[2012-11-09 18:33:29 | 000,002,388 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012-11-09 18:27:43 | 000,000,031 | ---- | M] () -- C:\Windows\GunzLauncher.INI
[2012-11-09 18:23:19 | 526,313,647 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012-11-09 18:20:27 | 000,001,615 | ---- | M] () -- C:\Users\Ivo\Desktop\GunZ.lnk
[2012-11-09 17:36:16 | 000,000,024 | ---- | M] () -- C:\Users\Ivo\random.dat
[2012-11-09 16:40:17 | 000,000,024 | ---- | M] () -- C:\Users\Ivo\jagexappletviewer.preferences
[2012-11-09 16:39:41 | 000,000,042 | ---- | M] () -- C:\Users\Ivo\jagex_cl_runescape_LIVE.dat
[2012-11-09 01:34:22 | 000,000,043 | ---- | M] () -- C:\Users\Ivo\jagex_cl_runescape_LIVE1.dat
[2012-11-08 23:06:53 | 000,298,280 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012-11-08 23:06:53 | 000,298,280 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-11-08 18:46:41 | 000,298,280 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012-11-08 18:22:39 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012-11-07 21:57:05 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-11-07 21:50:28 | 003,360,624 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2012-11-07 21:41:55 | 000,000,221 | ---- | M] () -- C:\Users\Ivo\Desktop\America's Army 3.url
[2012-11-07 21:31:34 | 000,000,221 | ---- | M] () -- C:\Users\Ivo\Desktop\America's Army 3 Dedicated Server.url
[2012-11-07 21:28:21 | 000,000,927 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012-11-07 20:16:10 | 991,538,856 | ---- | M] () -- C:\Users\Ivo\Desktop\ProjectBlackout_Install_101512_2.exe
[2012-11-07 18:10:40 | 000,001,883 | ---- | M] () -- C:\Users\Public\Desktop\EpicBot.lnk
[2012-11-05 12:55:08 | 000,872,636 | ---- | M] () -- C:\Users\Ivo\Desktop\RSBot-4040.jar
[2012-11-05 11:53:04 | 000,002,042 | ---- | M] () -- C:\Users\Ivo\Desktop\RuneScape.lnk
[2012-11-05 03:27:30 | 000,001,230 | ---- | M] () -- C:\Users\Public\Desktop\Wise Auto Shutdown.lnk
[2012-11-05 03:14:15 | 000,002,009 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Sitecom Wireless Utility.lnk
[2012-11-05 02:38:24 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012-11-05 01:47:30 | 000,001,329 | ---- | M] () -- C:\Users\Public\Desktop\The Elder Scrolls V - Skyrim.lnk
[2012-11-05 01:26:18 | 000,001,964 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012-11-05 00:45:38 | 000,001,005 | ---- | M] () -- C:\Users\Public\Desktop\Spotnet.lnk
[2012-11-04 22:10:44 | 000,001,663 | ---- | M] () -- C:\Users\Ivo\Desktop\Wolfteam.lnk
[2012-11-04 22:08:32 | 000,002,038 | ---- | M] () -- C:\Users\Public\Desktop\Aeria Ignite.lnk
[2012-11-04 22:05:32 | 000,274,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-11-04 22:00:53 | 000,001,057 | ---- | M] () -- C:\Users\Ivo\Desktop\News Server Tester.lnk
[2012-11-04 21:11:06 | 000,000,351 | ---- | M] () -- C:\Users\Ivo\Desktop\Computer.lnk
[2012-11-04 20:09:50 | 000,002,513 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012-11-04 20:09:50 | 000,001,975 | ---- | M] () -- C:\Users\Ivo\Desktop\Skype.lnk
[2012-11-04 02:14:50 | 000,001,571 | ---- | M] () -- C:\Users\Ivo\Desktop\OPERATION7.lnk
[2012-11-04 00:54:00 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2012-11-04 00:48:54 | 000,001,131 | ---- | M] () -- C:\Users\Ivo\Desktop\GamersFirst LIVE!.lnk
[2012-11-04 00:43:52 | 000,001,471 | ---- | M] () -- C:\Users\Ivo\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012-11-03 23:26:55 | 000,002,022 | ---- | M] () -- C:\Users\Public\Desktop\ET6.lnk
[2012-11-03 23:26:17 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012-11-03 23:23:00 | 000,002,253 | ---- | M] () -- C:\Users\Ivo\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012-11-03 21:33:47 | 000,002,751 | ---- | M] () -- C:\Users\Public\Desktop\GIGABYTE OC_GURU.lnk
[2012-11-03 21:33:47 | 000,002,174 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk
[2012-11-03 21:25:38 | 000,503,352 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2012-11-03 21:19:22 | 000,050,200 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012-11-03 21:19:22 | 000,050,200 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012-10-27 10:12:26 | 000,028,104 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2012-10-22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-11-21 00:22:15 | 000,011,434 | ---- | C] () -- C:\Users\Ivo\Desktop\Naamloos.png
[2012-11-18 13:15:20 | 000,000,288 | ---- | C] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job
[2012-11-18 13:15:19 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\DLL-files.com Fixer_MONTHLY.job
[2012-11-18 13:15:10 | 000,001,126 | ---- | C] () -- C:\Users\Ivo\Application Data\Microsoft\Internet Explorer\Quick Launch\Dll-Files.com Fixer.lnk
[2012-11-18 13:15:10 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Dll-Files.com Fixer.lnk
[2012-11-18 12:54:27 | 000,002,115 | ---- | C] () -- C:\Users\Public\Desktop\Darksiders Comic.lnk
[2012-11-18 12:54:27 | 000,001,967 | ---- | C] () -- C:\Users\Public\Desktop\Darksiders Soundtrack.lnk
[2012-11-17 21:06:26 | 000,001,021 | ---- | C] () -- C:\Users\Ivo\Desktop\QuickPar.lnk
[2012-11-17 20:46:36 | 000,001,017 | ---- | C] () -- C:\Users\Ivo\Application Data\Microsoft\Internet Explorer\Quick Launch\GrabIt.lnk
[2012-11-17 20:46:36 | 000,000,993 | ---- | C] () -- C:\Users\Ivo\Desktop\GrabIt.lnk
[2012-11-17 20:14:15 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\GVTunner.ref
[2012-11-16 18:04:02 | 000,001,975 | ---- | C] () -- C:\Users\Ivo\Desktop\Skype.lnk
[2012-11-16 15:19:07 | 000,000,627 | ---- | C] () -- C:\Users\Ivo\Ivo.lnk
[2012-11-14 15:57:18 | 000,032,434 | ---- | C] () -- C:\Windows\SysNative\xfiXEN.ini
[2012-11-14 15:57:18 | 000,011,084 | ---- | C] () -- C:\Windows\XENAPO64.ssc
[2012-11-14 15:57:18 | 000,006,737 | ---- | C] () -- C:\Windows\XENCFX64.ssc
[2012-11-14 15:57:18 | 000,002,169 | ---- | C] () -- C:\Windows\XENcfg.ini
[2012-11-14 15:57:18 | 000,000,388 | ---- | C] () -- C:\Windows\XENMCcfg.ini
[2012-11-14 15:57:17 | 000,242,176 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2012-11-14 15:57:17 | 000,186,880 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012-11-14 15:57:17 | 000,089,088 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2012-11-14 15:57:17 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012-11-14 15:57:17 | 000,000,376 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2012-11-14 15:57:11 | 000,002,297 | ---- | C] () -- C:\Users\Public\Desktop\Creative-productregistratie.lnk
[2012-11-14 15:57:09 | 000,007,062 | ---- | C] () -- C:\Windows\SysWow64\audiopid.vxd
[2012-11-13 01:01:32 | 000,000,222 | ---- | C] () -- C:\Users\Ivo\Desktop\Call of Duty Black Ops II.url
[2012-11-13 01:01:32 | 000,000,222 | ---- | C] () -- C:\Users\Ivo\Desktop\Call of Duty Black Ops II - Zombies.url
[2012-11-13 01:01:32 | 000,000,222 | ---- | C] () -- C:\Users\Ivo\Desktop\Call of Duty Black Ops II - Multiplayer.url
[2012-11-12 18:18:07 | 000,000,017 | ---- | C] () -- C:\Users\Ivo\AppData\Local\resmon.resmoncfg
[2012-11-09 19:02:15 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\HRUPPROG.DIE.NOW
[2012-11-09 19:01:29 | 000,001,741 | ---- | C] () -- C:\Users\Ivo\Desktop\Hi-Rez Diagnostics and Support.lnk
[2012-11-09 19:01:29 | 000,001,691 | ---- | C] () -- C:\Users\Ivo\Desktop\Tribes Ascend.lnk
[2012-11-09 18:23:19 | 526,313,647 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012-11-09 18:21:30 | 000,000,031 | ---- | C] () -- C:\Windows\GunzLauncher.INI
[2012-11-09 18:21:16 | 000,005,265 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2012-11-09 18:20:27 | 000,001,615 | ---- | C] () -- C:\Users\Ivo\Desktop\GunZ.lnk
[2012-11-09 01:34:22 | 000,000,043 | ---- | C] () -- C:\Users\Ivo\jagex_cl_runescape_LIVE1.dat
[2012-11-07 21:41:55 | 000,000,221 | ---- | C] () -- C:\Users\Ivo\Desktop\America's Army 3.url
[2012-11-07 21:36:29 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012-11-07 21:31:34 | 000,000,221 | ---- | C] () -- C:\Users\Ivo\Desktop\America's Army 3 Dedicated Server.url
[2012-11-07 21:28:21 | 000,000,927 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012-11-07 20:08:03 | 991,538,856 | ---- | C] () -- C:\Users\Ivo\Desktop\ProjectBlackout_Install_101512_2.exe
[2012-11-07 18:05:55 | 000,001,883 | ---- | C] () -- C:\Users\Public\Desktop\EpicBot.lnk
[2012-11-05 12:54:52 | 000,872,636 | ---- | C] () -- C:\Users\Ivo\Desktop\RSBot-4040.jar
[2012-11-05 11:54:34 | 000,000,024 | ---- | C] () -- C:\Users\Ivo\jagexappletviewer.preferences
[2012-11-05 11:53:04 | 000,002,072 | ---- | C] () -- C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
[2012-11-05 11:53:04 | 000,002,042 | ---- | C] () -- C:\Users\Ivo\Desktop\RuneScape.lnk
[2012-11-05 03:27:30 | 000,001,230 | ---- | C] () -- C:\Users\Public\Desktop\Wise Auto Shutdown.lnk
[2012-11-05 03:14:15 | 000,002,009 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Sitecom Wireless Utility.lnk
[2012-11-05 03:14:11 | 000,004,096 | ---- | C] () -- C:\Windows\SysWow64\drivers\rt2870.bin
[2012-11-05 03:14:11 | 000,004,096 | ---- | C] () -- C:\Windows\SysNative\drivers\rt2870.bin
[2012-11-05 03:14:07 | 000,013,931 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2012-11-05 03:14:07 | 000,013,931 | ---- | C] () -- C:\Windows\SysNative\RaCoInst.dat
[2012-11-05 03:13:56 | 000,025,088 | ---- | C] () -- C:\Windows\SysWow64\RAEXTUI.dll
[2012-11-05 03:13:56 | 000,025,088 | ---- | C] () -- C:\Windows\SysNative\RAEXTUI.dll
[2012-11-05 02:38:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-11-05 01:49:00 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012-11-05 01:47:30 | 000,001,329 | ---- | C] () -- C:\Users\Public\Desktop\The Elder Scrolls V - Skyrim.lnk
[2012-11-05 01:26:18 | 000,001,964 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012-11-05 00:44:45 | 000,001,005 | ---- | C] () -- C:\Users\Public\Desktop\Spotnet.lnk
[2012-11-04 22:16:15 | 000,298,280 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012-11-04 22:10:44 | 000,001,663 | ---- | C] () -- C:\Users\Ivo\Desktop\Wolfteam.lnk
[2012-11-04 22:08:32 | 000,002,038 | ---- | C] () -- C:\Users\Public\Desktop\Aeria Ignite.lnk
[2012-11-04 22:00:53 | 000,001,057 | ---- | C] () -- C:\Users\Ivo\Desktop\News Server Tester.lnk
[2012-11-04 21:58:55 | 000,298,280 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-11-04 21:58:55 | 000,298,280 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012-11-04 21:58:54 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-11-04 21:11:06 | 000,000,351 | ---- | C] () -- C:\Users\Ivo\Desktop\Computer.lnk
[2012-11-04 20:09:50 | 000,002,513 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012-11-04 02:14:50 | 000,001,571 | ---- | C] () -- C:\Users\Ivo\Desktop\OPERATION7.lnk
[2012-11-04 02:13:45 | 000,000,042 | ---- | C] () -- C:\Users\Ivo\jagex_cl_runescape_LIVE.dat
[2012-11-04 02:13:45 | 000,000,024 | ---- | C] () -- C:\Users\Ivo\random.dat
[2012-11-04 00:48:54 | 000,001,131 | ---- | C] () -- C:\Users\Ivo\Desktop\GamersFirst LIVE!.lnk
[2012-11-04 00:43:52 | 000,001,471 | ---- | C] () -- C:\Users\Ivo\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012-11-04 00:34:59 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012-11-03 23:26:55 | 000,002,022 | ---- | C] () -- C:\Users\Public\Desktop\ET6.lnk
[2012-11-03 23:26:21 | 000,031,272 | ---- | C] () -- C:\Windows\SysNative\AppleChargerSrv.exe
[2012-11-03 23:26:21 | 000,021,616 | ---- | C] () -- C:\Windows\SysNative\drivers\AppleCharger.sys
[2012-11-03 23:26:17 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012-11-03 23:25:19 | 000,280,869 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012-11-03 23:24:09 | 017,226,240 | ---- | C] () -- C:\Windows\SysNative\ig7icd64.dll
[2012-11-03 23:24:09 | 013,024,768 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012-11-03 23:24:09 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2012-11-03 23:24:09 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012-11-03 23:24:09 | 000,755,188 | ---- | C] () -- C:\Windows\SysNative\igkrng700.bin
[2012-11-03 23:24:09 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012-11-03 23:24:09 | 000,561,508 | ---- | C] () -- C:\Windows\SysNative\igfcg700m.bin
[2012-11-03 23:24:09 | 000,221,877 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2012-11-03 23:24:09 | 000,208,522 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2012-11-03 23:24:09 | 000,192,378 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2012-11-03 23:24:09 | 000,164,821 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2012-11-03 23:24:09 | 000,162,150 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2012-11-03 23:24:09 | 000,157,713 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2012-11-03 23:24:09 | 000,148,461 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2012-11-03 23:24:09 | 000,147,116 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2012-11-03 23:24:09 | 000,146,125 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2012-11-03 23:24:09 | 000,146,008 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2012-11-03 23:24:09 | 000,144,790 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2012-11-03 23:24:09 | 000,144,267 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2012-11-03 23:24:09 | 000,143,564 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2012-11-03 23:24:09 | 000,143,112 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2012-11-03 23:24:09 | 000,142,797 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2012-11-03 23:24:09 | 000,142,606 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2012-11-03 23:24:09 | 000,142,079 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2012-11-03 23:24:09 | 000,141,854 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2012-11-03 23:24:09 | 000,141,421 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2012-11-03 23:24:09 | 000,141,282 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2012-11-03 23:24:09 | 000,140,949 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2012-11-03 23:24:09 | 000,140,548 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2012-11-03 23:24:09 | 000,139,901 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2012-11-03 23:24:09 | 000,136,850 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2012-11-03 23:24:09 | 000,136,778 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2012-11-03 23:24:09 | 000,136,261 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2012-11-03 23:24:09 | 000,131,674 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2012-11-03 23:24:09 | 000,125,306 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2012-11-03 23:24:09 | 000,123,778 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2012-11-03 23:24:09 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2012-11-03 23:24:09 | 000,079,360 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2012-11-03 23:24:09 | 000,059,425 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2012-11-03 23:24:09 | 000,059,398 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2012-11-03 23:24:09 | 000,059,230 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2012-11-03 23:24:09 | 000,059,104 | ---- | C] () -- C:\Windows\SysNative\iglhxc64_dev.vp
[2012-11-03 23:24:09 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012-11-03 23:24:09 | 000,058,796 | ---- | C] () -- C:\Windows\SysNative\iglhxg64_dev.vp
[2012-11-03 23:24:09 | 000,058,109 | ---- | C] () -- C:\Windows\SysNative\iglhxo64_dev.vp
[2012-11-03 23:24:09 | 000,018,656 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2012-11-03 23:24:09 | 000,009,216 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2012-11-03 23:24:09 | 000,000,264 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2012-11-03 23:23:56 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012-11-03 23:23:00 | 000,002,388 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012-11-03 23:23:00 | 000,002,253 | ---- | C] () -- C:\Users\Ivo\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012-11-03 23:22:50 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-03 23:22:50 | 000,001,046 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-03 23:21:45 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012-11-03 21:33:47 | 000,002,751 | ---- | C] () -- C:\Users\Public\Desktop\GIGABYTE OC_GURU.lnk
[2012-11-03 21:33:47 | 000,002,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk
[2012-11-03 21:28:17 | 000,001,437 | ---- | C] () -- C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012-11-03 21:28:15 | 000,001,477 | ---- | C] () -- C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012-11-03 21:26:17 | 000,000,290 | ---- | C] () -- C:\Users\Ivo\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012-11-03 21:26:17 | 000,000,272 | ---- | C] () -- C:\Users\Ivo\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012-11-03 21:25:38 | 000,503,352 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2012-11-03 21:18:45 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012-11-03 21:18:45 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012-11-03 21:13:33 | 2117,820,415 | -HS- | C] () -- C:\hiberfil.sys
[2012-10-27 10:12:26 | 000,028,104 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2012-09-28 02:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-09-28 02:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-05-02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012-04-20 13:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011-09-19 08:07:46 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011-09-19 08:07:32 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011-09-12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:28:25 | 014,171,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:42:16 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012-11-20 23:53:53 | 000,000,000 | ---D | M] -- C:\Users\Ivo\AppData\Roaming\Aveh
[2012-11-05 01:50:46 | 000,000,000 | ---D | M] -- C:\Users\Ivo\AppData\Roaming\AVG2013
[2012-11-09 19:28:01 | 000,000,000 | ---D | M] -- C:\Users\Ivo\AppData\Roaming\Awesomium
[2012-11-05 01:37:31 | 000,000,000 | ---D | M] -- C:\Users\Ivo\AppData\Roaming\DAEMON Tools
[2012-11-05 01:44:54 | 000,000,000 | ---D | M] -- C:\Users\Ivo\AppData\Roaming\DAEMON Tools Lite
[2012-11-05 01:37:29 | 000,000,000 | ---D | M] -- C:\Users\Ivo\AppData\Roaming\DAEMON Tools Pro
[2012-11-18 13:15:17 | 000,000,000 | ---D | M] -- C:\Users\Ivo\AppData\Roaming\dll-files.com
[2012-11-07 18:06:29 | 000,000,000 | ---D | M] -- C:\Users\Ivo\AppData\Roaming\EpicBot
[2012-11-18 13:23:35 | 000,000,000 | ---D | M] -- C:\Users\Ivo\AppData\Roaming\GrabIt
[2012-11-05 01:48:59 | 000,000,000 | ---D | M] -- C:\Users\Ivo\AppData\Roaming\TuneUp Software
[2012-11-20 23:13:42 | 000,000,000 | ---D | M] -- C:\Users\Ivo\AppData\Roaming\Woqo

========== Purity Check ==========



< End of report >
  • 0

#3
IvoF
Posted 20 November 2012 - 06:54 PM

IvoF

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
oke a serious problem accorded :/ my internet is now shut off and can't connect to the internet.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP