CAN SOME ONE PLEASE, PLEASE TELL WHATS GOING ON WITH Virus, Spyware, M

OTL logfile created on: 27/11/2012 13:34:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\chez\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

4.54 Gb Total Physical Memory | 2.50 Gb Available Physical Memory | 54.99% Memory free
9.08 Gb Paging File | 6.70 Gb Available in Paging File | 73.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.45 Gb Total Space | 223.18 Gb Free Space | 79.86% Space Free | Partition Type: NTFS
Drive D: | 394.18 Gb Total Space | 392.69 Gb Free Space | 99.62% Space Free | Partition Type: NTFS

Computer Name: CHEZ-PC | User Name: chez | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/27 13:34:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\chez\Downloads\OTL.exe
PRC - [2012/11/01 00:15:08 | 001,242,136 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/02/04 02:24:50 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
PRC - [2012/02/04 01:40:42 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
PRC - [2012/01/09 20:09:56 | 001,556,128 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2011/10/17 04:44:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/10/01 18:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 18:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/12/21 03:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/21 03:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

========== Modules (No Company Name) ==========

MOD - [2012/11/21 18:21:05 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll
MOD - [2012/11/21 18:19:45 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll
MOD - [2012/11/21 18:19:09 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012/11/21 18:18:52 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012/11/21 18:18:44 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll
MOD - [2012/11/21 18:18:18 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012/11/21 18:18:04 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012/11/21 18:17:55 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012/11/21 18:17:52 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012/11/21 18:17:31 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012/11/01 00:15:05 | 000,460,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppgooglenaclpluginchrome.dll
MOD - [2012/11/01 00:15:04 | 012,455,448 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
MOD - [2012/11/01 00:15:02 | 004,007,448 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
MOD - [2012/11/01 00:13:47 | 000,587,288 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libglesv2.dll
MOD - [2012/11/01 00:13:46 | 000,123,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libegl.dll
MOD - [2012/11/01 00:13:35 | 000,156,712 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avutil-51.dll
MOD - [2012/11/01 00:13:34 | 000,274,984 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avformat-54.dll
MOD - [2012/11/01 00:13:32 | 002,168,360 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll

========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2012/11/27 13:25:40 | 000,067,904 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe -- (UPDATESRV)
SRV:64bit: - [2012/03/23 16:44:02 | 001,956,616 | ---- | M] (Bitdefender) [Auto | Unknown] -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe -- (vsserv)
SRV:64bit: - [2012/02/21 14:04:12 | 000,075,384 | ---- | M] (Bitdefender) [On_Demand | Stopped] -- C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe -- (SafeBox)
SRV:64bit: - [2011/10/14 23:57:26 | 000,466,736 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV:64bit: - [2011/09/01 03:08:08 | 001,166,848 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011/07/28 06:04:48 | 001,517,328 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/07/28 05:48:34 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/07/28 05:44:18 | 000,844,560 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011/06/03 21:51:38 | 000,134,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2011/03/04 01:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010/11/30 00:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010/09/23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/11/24 17:51:33 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/20 08:17:34 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/09 21:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/04 02:24:50 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011/10/17 04:44:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/01 18:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 18:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/12/21 03:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/21 03:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS -- (SASKUTIL)
DRV:64bit: - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS -- (SASDIFSV)
DRV:64bit: - [2012/03/20 20:22:46 | 000,691,896 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/17 16:45:56 | 000,545,064 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2011/11/25 15:00:36 | 000,258,736 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avchv.sys -- (avchv)
DRV:64bit: - [2011/11/22 16:21:46 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/11/22 16:21:46 | 000,130,024 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/11/17 17:38:34 | 000,079,952 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bdsandbox.sys -- (bdsandbox)
DRV:64bit: - [2011/11/14 20:16:42 | 000,090,192 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV:64bit: - [2011/11/14 20:16:38 | 000,103,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2011/10/27 15:07:05 | 000,329,800 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos)
DRV:64bit: - [2011/10/18 05:41:44 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/10/18 05:41:44 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/10/17 04:44:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/10/01 18:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 18:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 18:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 18:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/09/19 09:54:46 | 000,108,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/08/16 14:59:12 | 000,442,088 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV:64bit: - [2011/08/08 16:32:08 | 000,299,008 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011/08/08 16:32:08 | 000,299,008 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011/08/04 02:28:32 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/07/26 10:22:48 | 012,288,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/07/20 18:47:56 | 000,143,144 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2011/05/14 00:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011/04/26 05:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/11/30 00:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/20 15:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 13:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/14 19:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/01/19 19:32:40 | 000,103,944 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bdvedisk.sys -- (BDVEDISK)
DRV:64bit: - [2009/10/05 03:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/24 03:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "http://www.google.com/search"
FF - prefs.js..extensions.enabledAddons: browserprotect%40browserprotect.com:1.1.3
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.2
FF - prefs.js..extensions.enabledAddons: %7B7473b6bd-4691-4744-a82b-7854eb3d70b6%7D:10.13.40.15
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2012\BDTBEXT\ [2012/11/27 13:16:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/24 02:08:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\ [2012/11/27 13:16:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\chez\AppData\Roaming\Hide IP NG\firefox_plugin\
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{9764bb84-7272-11dd-8eb6-20d155d89557}: C:\Users\chez\AppData\Roaming\hideip_firefox_plugin\

[2012/11/24 02:11:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\chez\AppData\Roaming\Mozilla\Extensions
[2012/11/25 11:53:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\chez\AppData\Roaming\Mozilla\Firefox\Profiles\6qbo7ri8.default\extensions
[2012/11/25 11:53:36 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\chez\AppData\Roaming\Mozilla\Firefox\Profiles\6qbo7ri8.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2012/11/24 02:29:31 | 000,047,822 | ---- | M] () (No name found) -- C:\Users\chez\AppData\Roaming\Mozilla\Firefox\Profiles\6qbo7ri8.default\extensions\[email protected]
[2012/11/24 02:36:08 | 000,530,519 | ---- | M] () (No name found) -- C:\Users\chez\AppData\Roaming\Mozilla\Firefox\Profiles\6qbo7ri8.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012/11/24 02:08:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/11/20 08:17:52 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/11/20 08:17:14 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/20 08:17:14 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: google.co.uk (Enabled)
CHR - default_search_provider: search_url = http://uk.search.yah...p={searchTerms}
CHR - default_search_provider: suggest_url = http://uk-sayt.ff.se...d={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\chez\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\chez\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - Extension: YouTube = C:\Users\chez\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\chez\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: uTorrentControl_v2 = C:\Users\chez\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.13.20.29_0\
CHR - Extension: Gmail = C:\Users\chez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012/11/27 08:18:17 | 000,444,830 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15276 more lines...
O2:64bit: - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2:64bit: - BHO: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value found.
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Bitdefender)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.154.124.1 193.231.252.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B52FE9D3-CFBE-4076-90DE-B955BCBE10F4}: DhcpNameServer = 213.154.124.1 193.231.252.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/27 13:16:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2012
[2012/11/27 13:16:17 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\Bitdefender
[2012/11/27 13:16:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2012/11/27 13:12:03 | 000,442,088 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdfsfltr.sys
[2012/11/27 13:12:00 | 000,329,800 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
[2012/11/27 13:01:12 | 000,000,000 | ---D | C] -- C:\Users\chez\Documents\ASUS
[2012/11/27 13:00:59 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\Yahoo!
[2012/11/27 12:21:54 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2012/11/27 11:47:08 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\bdch
[2012/11/27 11:12:37 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2012/11/27 11:06:12 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\QuickScan
[2012/11/27 10:44:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2012/11/27 09:56:50 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\{42421E40-D1D6-41C8-9073-E46D884EA3F5}
[2012/11/27 09:56:49 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\{8389369E-135C-4508-9F08-2CF40D228997}
[2012/11/26 21:01:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/11/26 15:53:23 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\{D1DA57DB-1226-4651-BCB7-77DBF34215F9}
[2012/11/26 13:11:38 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/11/26 12:56:54 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\{103577AA-F10A-438C-B2D8-0B1FCD8FF74F}
[2012/11/26 12:14:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/11/26 12:14:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/11/26 12:13:55 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/11/26 12:13:55 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/11/26 12:13:55 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/11/26 12:13:47 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/11/26 12:13:47 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/11/26 12:13:47 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/11/26 12:13:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/11/26 10:08:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2012/11/26 09:34:15 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\{A0A2409E-9073-4803-8D2A-BF7118FC4767}
[2012/11/25 16:45:33 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2012/11/25 16:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP250 series
[2012/11/25 16:45:29 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2012/11/25 16:45:00 | 000,336,896 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLM9W.DLL
[2012/11/25 16:44:47 | 001,321,984 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC250C.dll
[2012/11/25 16:44:47 | 000,328,192 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC250L.dll
[2012/11/25 16:44:47 | 000,303,104 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNC250L.dll
[2012/11/25 16:44:47 | 000,106,496 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNC250U.dll
[2012/11/25 16:44:47 | 000,092,672 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC250I.dll
[2012/11/25 16:44:47 | 000,017,920 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNHMCA6.dll
[2012/11/25 16:44:47 | 000,015,872 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNHMCA.dll
[2012/11/25 16:15:03 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\{5B4A7A20-B099-4185-8E6E-C9DB02661639}
[2012/11/25 16:14:49 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\Windows Live Writer
[2012/11/25 16:14:49 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\Windows Live Writer
[2012/11/25 15:42:17 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\Hide IP NG
[2012/11/25 15:03:54 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\ESET
[2012/11/25 15:02:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012/11/25 15:02:43 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/11/25 12:30:11 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\GRETECH
[2012/11/25 12:28:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
[2012/11/25 12:28:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH
[2012/11/25 11:53:39 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\CRE
[2012/11/25 11:53:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/11/25 11:53:13 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\Conduit
[2012/11/25 11:52:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2012/11/25 11:52:14 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\uTorrent
[2012/11/25 00:26:34 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\TuneUp Software
[2012/11/25 00:25:01 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012/11/25 00:24:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012/11/25 00:24:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/11/24 17:51:26 | 009,575,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/11/24 16:02:18 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\Macromedia
[2012/11/24 16:01:17 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/11/24 16:01:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/11/24 10:29:23 | 000,000,000 | ---D | C] -- C:\ProgramData\P4G
[2012/11/24 02:25:32 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\Curiolab
[2012/11/24 02:11:20 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\Mozilla
[2012/11/24 02:08:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/11/24 02:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/11/24 02:08:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/11/23 19:50:14 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\{920D599A-6647-41AA-AD3A-F3C254DE2FDC}
[2012/11/23 18:22:51 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\FLEXnet
[2012/11/23 18:22:50 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\Nuance
[2012/11/23 18:22:47 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\Zeon
[2012/11/23 10:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2012/11/23 02:12:50 | 000,340,112 | ---- | C] (Hide My IP) -- C:\Windows\SysWow64\HMIPCore.dll
[2012/11/23 02:12:26 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\Programs
[2012/11/23 00:51:10 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\{5C7D22FB-1E85-4A09-9E23-29D6ED0754F4}
[2012/11/23 00:34:40 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/11/23 00:34:40 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/11/23 00:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[2012/11/23 00:34:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2012/11/23 00:31:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2012/11/23 00:01:53 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/11/22 21:22:20 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012/11/22 12:07:30 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\{DE86C6C0-2FE4-4A6D-9C63-976E35D8B9A0}
[2012/11/21 18:07:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/11/21 18:07:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/11/21 17:22:12 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\Skype
[2012/11/21 17:22:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/11/21 17:22:05 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/11/21 17:22:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/11/21 17:21:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/11/21 16:33:24 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012/11/21 16:33:24 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012/11/21 16:19:48 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/11/21 16:19:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/11/21 16:19:47 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/11/21 16:19:47 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/11/21 16:19:47 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/11/21 16:19:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/11/21 16:19:47 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/11/21 16:19:47 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/11/21 16:19:46 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/11/21 16:19:46 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/11/21 16:19:46 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/11/21 16:19:46 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/11/21 16:19:45 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/11/21 16:19:45 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/11/21 16:19:45 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/11/21 16:13:49 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012/11/21 16:13:48 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012/11/21 16:13:48 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012/11/21 16:13:48 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012/11/21 16:07:35 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/11/21 16:07:35 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/11/21 15:55:28 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\Power2Go
[2012/11/21 13:34:13 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2012/11/21 13:33:48 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\{CAC0CE8A-FADB-4556-AB9D-593D09870E35}
[2012/11/20 21:25:01 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/11/20 21:19:51 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\SoftGrid Client
[2012/11/20 21:19:49 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\SoftGrid Client
[2012/11/20 21:19:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
[2012/11/20 21:18:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/11/20 21:18:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/11/20 21:18:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2012/11/20 21:18:07 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\TP
[2012/11/20 14:09:20 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/11/20 14:09:15 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012/11/20 14:09:15 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012/11/20 14:09:15 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012/11/20 14:09:08 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/11/20 14:09:08 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/11/20 14:09:07 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/11/20 14:09:07 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/11/20 14:09:04 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/11/20 14:08:58 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/11/20 14:08:58 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/11/20 14:08:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/11/20 14:08:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/11/20 14:08:53 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/11/20 14:08:53 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/11/20 14:08:52 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/11/20 14:08:47 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/11/20 14:08:47 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/11/20 14:08:46 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/11/20 14:08:44 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/11/20 14:08:44 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/11/20 14:08:34 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/11/20 14:08:34 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/11/20 14:08:34 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/11/20 14:08:34 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/11/20 14:08:34 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/11/20 14:08:33 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/11/20 14:08:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/11/20 14:08:33 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/11/20 14:08:33 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/11/20 14:08:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/11/20 14:08:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/11/20 14:08:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/11/20 14:08:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/11/20 14:08:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/11/20 14:08:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/11/20 14:08:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/11/20 14:08:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/11/20 14:08:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/11/20 14:08:32 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/11/20 14:08:32 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/11/20 14:08:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/11/20 14:08:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/11/20 14:08:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/11/20 14:08:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/11/20 14:08:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/11/20 14:08:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/11/20 14:08:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/11/20 14:08:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/11/20 14:08:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/11/20 14:08:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/11/20 14:08:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/11/20 14:08:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/11/20 14:08:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/11/20 14:08:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/11/20 14:08:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/11/20 14:08:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/20 14:08:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/11/20 14:08:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/11/20 14:08:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/11/20 14:08:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/11/20 14:08:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/11/20 14:08:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/11/20 14:08:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/11/20 14:08:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/11/20 14:08:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/11/20 14:08:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/11/20 14:08:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/11/20 14:08:17 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012/11/20 14:08:15 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/11/20 14:08:15 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/11/20 14:08:14 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/11/20 14:08:14 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/11/20 14:08:13 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/11/20 14:08:13 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/11/20 14:08:13 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/11/20 14:08:13 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/11/20 14:08:13 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/11/20 14:08:09 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/11/20 14:08:09 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012/11/20 14:08:09 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012/11/20 14:08:09 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012/11/20 14:08:09 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012/11/20 14:08:09 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012/11/20 14:08:09 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012/11/20 14:08:09 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012/11/20 14:07:58 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/11/20 14:07:41 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012/11/20 14:06:35 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/11/20 14:06:35 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/11/20 14:06:35 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/11/20 14:06:35 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/11/20 14:05:09 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/11/20 14:05:07 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012/11/20 14:05:07 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012/11/20 14:04:57 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/11/20 14:04:57 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/11/20 14:04:57 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/11/20 14:04:56 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/11/20 14:04:24 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/11/20 14:04:19 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/11/20 14:04:18 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/11/20 14:04:17 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/11/20 14:04:15 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/11/20 14:04:15 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/11/20 14:04:06 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/11/20 14:04:05 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/11/20 14:04:01 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/11/20 14:04:00 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/11/20 14:04:00 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/11/20 14:04:00 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/11/20 14:03:52 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/11/20 14:03:51 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/11/20 14:03:36 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/11/20 14:03:36 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/11/20 13:46:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/11/20 13:46:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/11/20 13:45:41 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\Mozilla
[2012/11/20 13:43:51 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\Google
[2012/11/20 13:41:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/11/20 13:31:14 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/11/20 13:31:14 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/11/20 13:23:48 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/11/20 13:23:48 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/11/20 13:23:48 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/11/20 13:23:35 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/11/20 13:23:35 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/11/20 13:23:35 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/11/20 13:23:26 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/11/20 13:23:26 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/11/20 11:46:32 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\Deployment
[2012/11/20 11:46:32 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\Apps
[2012/11/20 11:34:43 | 000,000,000 | ---D | C] -- C:\temp
[2012/11/20 11:17:34 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\ASUS WebStorage
[2012/11/20 08:30:29 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\Macromedia
[2012/11/20 08:29:56 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\Adobe
[2012/11/20 08:22:44 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\Diagnostics
[2012/11/20 08:00:07 | 000,000,000 | R--D | C] -- C:\Users\chez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/11/20 08:00:07 | 000,000,000 | R--D | C] -- C:\Users\chez\Searches
[2012/11/20 08:00:07 | 000,000,000 | R--D | C] -- C:\Users\chez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/11/20 08:00:07 | 000,000,000 | -H-D | C] -- C:\Users\chez\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/11/20 07:59:59 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\Identities
[2012/11/20 07:59:56 | 000,000,000 | R--D | C] -- C:\Users\chez\Contacts
[2012/11/20 07:59:55 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\VirtualStore
[2012/11/20 07:59:46 | 000,000,000 | R-SD | C] -- C:\Users\Public\Desktop\ASUS
[2012/11/20 07:59:46 | 000,000,000 | ---D | C] -- C:\ProgramData\FolderView
[2012/11/20 07:59:32 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\Intel
[2012/11/20 07:59:32 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\ASUS
[2012/11/20 07:59:30 | 000,000,000 | -HSD | C] -- C:\Users\chez\AppData\Local\Temporary Internet Files
[2012/11/20 07:59:30 | 000,000,000 | -HSD | C] -- C:\Users\chez\Templates
[2012/11/20 07:59:30 | 000,000,000 | -HSD | C] -- C:\Users\chez\Start Menu
[2012/11/20 07:59:30 | 000,000,000 | -HSD | C] -- C:\Users\chez\SendTo
[2012/11/20 07:59:30 | 000,000,000 | -HSD | C] -- C:\Users\chez\Recent
[2012/11/20 07:59:30 | 000,000,000 | -HSD | C] -- C:\Users\chez\PrintHood
[2012/11/20 07:59:30 | 000,000,000 | -HSD | C] -- C:\Users\chez\NetHood
[2012/11/20 07:59:30 | 000,000,000 | -HSD | C] -- C:\Users\chez\Documents\My Videos
[2012/11/20 07:59:30 | 000,000,000 | -HSD | C] -- C:\Users\chez\Documents\My Pictures
[2012/11/20 07:59:30 | 000,000,000 | -HSD | C] -- C:\Users\chez\Documents\My Music
[2012/11/20 07:59:30 | 000,000,000 | -HSD | C] -- C:\Users\chez\My Documents
[2012/11/20 07:59:30 | 000,000,000 | -HSD | C] -- C:\Users\chez\Local Settings
[2012/11/20 07:59:30 | 000,000,000 | -HSD | C] -- C:\Users\chez\AppData\Local\History
[2012/11/20 07:59:30 | 000,000,000 | -HSD | C] -- C:\Users\chez\Cookies
[2012/11/20 07:59:30 | 000,000,000 | -HSD | C] -- C:\Users\chez\Application Data
[2012/11/20 07:59:30 | 000,000,000 | -HSD | C] -- C:\Users\chez\AppData\Local\Application Data
[2012/11/20 07:59:29 | 000,000,000 | --SD | C] -- C:\Users\chez\AppData\Roaming\Microsoft
[2012/11/20 07:59:29 | 000,000,000 | R--D | C] -- C:\Users\chez\Videos
[2012/11/20 07:59:29 | 000,000,000 | R--D | C] -- C:\Users\chez\Saved Games
[2012/11/20 07:59:29 | 000,000,000 | R--D | C] -- C:\Users\chez\Pictures
[2012/11/20 07:59:29 | 000,000,000 | R--D | C] -- C:\Users\chez\Music
[2012/11/20 07:59:29 | 000,000,000 | R--D | C] -- C:\Users\chez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/11/20 07:59:29 | 000,000,000 | R--D | C] -- C:\Users\chez\Links
[2012/11/20 07:59:29 | 000,000,000 | R--D | C] -- C:\Users\chez\Favorites
[2012/11/20 07:59:29 | 000,000,000 | R--D | C] -- C:\Users\chez\Downloads
[2012/11/20 07:59:29 | 000,000,000 | R--D | C] -- C:\Users\chez\Documents
[2012/11/20 07:59:29 | 000,000,000 | R--D | C] -- C:\Users\chez\Desktop
[2012/11/20 07:59:29 | 000,000,000 | R--D | C] -- C:\Users\chez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/11/20 07:59:29 | 000,000,000 | -H-D | C] -- C:\Users\chez\AppData
[2012/11/20 07:59:29 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\Temp
[2012/11/20 07:59:29 | 000,000,000 | ---D | C] -- C:\Users\chez\Roaming
[2012/11/20 07:59:29 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Local\Microsoft
[2012/11/20 07:59:29 | 000,000,000 | ---D | C] -- C:\Users\chez\AppData\Roaming\Media Center Programs

========== Files - Modified Within 30 Days ==========

[2012/11/27 13:27:07 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/27 13:25:37 | 000,093,160 | ---- | M] (BitDefender LLC) -- C:\Windows\SysNative\drivers\bdfndisf6.sys.upd
[2012/11/27 13:17:52 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/27 13:17:52 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/27 13:17:28 | 001,488,673 | ---- | M] () -- C:\ProgramData\1354014714.bdinstall.bin
[2012/11/27 13:16:20 | 000,002,098 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2012.lnk
[2012/11/27 13:15:55 | 000,795,104 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/11/27 13:15:55 | 000,676,644 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/11/27 13:15:55 | 000,129,430 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/11/27 13:11:01 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/27 13:10:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/27 13:10:08 | 3655,376,896 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/27 12:51:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/11/27 12:21:55 | 000,100,140 | ---- | M] () -- C:\ProgramData\1354011599.bdinstall.bin
[2012/11/27 12:16:55 | 000,092,543 | ---- | M] () -- C:\ProgramData\1354011394.bdinstall.bin
[2012/11/27 12:07:29 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2012/11/27 11:12:40 | 000,084,005 | ---- | M] () -- C:\ProgramData\1354007095.6656.bin
[2012/11/27 11:12:36 | 000,068,059 | ---- | M] () -- C:\ProgramData\1354007095.6304.bin
[2012/11/27 11:12:36 | 000,050,636 | ---- | M] () -- C:\ProgramData\1354007095.5324.bin
[2012/11/27 11:11:45 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/11/27 11:10:40 | 000,023,391 | ---- | M] () -- C:\ProgramData\1354007095.1804.bin
[2012/11/27 11:10:32 | 000,001,164 | ---- | M] () -- C:\ProgramData\1354007095.7132.bin
[2012/11/27 11:08:40 | 001,741,614 | ---- | M] () -- C:\ProgramData\1354007095.6164.bin
[2012/11/27 11:07:15 | 000,004,512 | ---- | M] () -- C:\ProgramData\1354007095.5748.bin
[2012/11/27 11:06:42 | 000,004,467 | ---- | M] () -- C:\ProgramData\1354007095.4300.bin
[2012/11/27 11:06:40 | 000,004,467 | ---- | M] () -- C:\ProgramData\1354007095.1700.bin
[2012/11/27 11:06:37 | 000,004,467 | ---- | M] () -- C:\ProgramData\1354007095.4156.bin
[2012/11/27 11:05:59 | 000,004,467 | ---- | M] () -- C:\ProgramData\1354007095.7008.bin
[2012/11/27 11:05:45 | 000,004,467 | ---- | M] () -- C:\ProgramData\1354007095.7024.bin
[2012/11/27 11:05:08 | 000,010,196 | ---- | M] () -- C:\ProgramData\1354007095.3624.bin
[2012/11/27 11:05:08 | 000,001,404 | ---- | M] () -- C:\ProgramData\1354007095.5932.bin
[2012/11/27 11:05:08 | 000,001,404 | ---- | M] () -- C:\ProgramData\1354007095.5336.bin
[2012/11/27 08:18:17 | 000,444,830 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/11/27 08:17:49 | 000,444,830 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20121127-081817.backup
[2012/11/27 03:55:40 | 000,444,830 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20121127-081749.backup
[2012/11/27 03:55:06 | 000,444,830 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20121127-035540.backup
[2012/11/26 21:19:01 | 000,444,830 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20121127-035506.backup
[2012/11/26 12:13:40 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/11/26 12:13:38 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/11/26 12:13:38 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/11/26 12:13:37 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/11/26 12:13:37 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/11/26 12:13:37 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/11/25 12:53:35 | 000,000,387 | ---- | M] () -- C:\Users\chez\AppData\Roaming\sp_data.sys
[2012/11/25 12:44:07 | 000,002,040 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/11/25 12:28:19 | 000,001,215 | ---- | M] () -- C:\Users\chez\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2012/11/25 12:28:19 | 000,001,191 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2012/11/25 11:52:43 | 000,000,973 | ---- | M] () -- C:\Users\chez\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/11/25 11:52:43 | 000,000,949 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/11/24 18:08:27 | 001,324,491 | ---- | M] () -- C:\Users\chez\Desktop\BROCHURE FOR BLOODHOUD FINAL.pdf
[2012/11/24 17:51:33 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/11/24 17:51:33 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/11/24 17:51:26 | 009,575,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/11/24 15:39:03 | 000,001,363 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/11/24 11:34:26 | 000,054,377 | ---- | M] () -- C:\Users\chez\Desktop\348_82697320203_9699_n.jpg
[2012/11/24 10:30:32 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\Splendid Utility.Lnk
[2012/11/24 10:28:55 | 000,001,022 | ---- | M] () -- C:\Users\Public\Desktop\LifeFrame.lnk
[2012/11/24 10:24:47 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe
[2012/11/24 03:52:52 | 000,000,024 | ---- | M] () -- C:\Windows\ATKPF.ini
[2012/11/24 02:08:37 | 000,001,153 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/11/23 22:50:04 | 000,861,955 | ---- | M] () -- C:\Users\chez\AppData\Local\census.cache
[2012/11/23 22:49:55 | 000,106,270 | ---- | M] () -- C:\Users\chez\AppData\Local\ars.cache
[2012/11/23 22:43:20 | 000,000,036 | ---- | M] () -- C:\Users\chez\AppData\Local\housecall.guid.cache
[2012/11/23 18:22:17 | 000,000,000 | -H-- | M] () -- C:\Users\chez\Documents\Default.rdp
[2012/11/23 01:56:58 | 000,000,017 | ---- | M] () -- C:\Users\chez\AppData\Local\resmon.resmoncfg
[2012/11/23 01:34:20 | 000,134,416 | ---- | M] () -- C:\Users\chez\Desktop\dana website crown.jpg
[2012/11/23 01:33:41 | 000,145,395 | ---- | M] () -- C:\Users\chez\Documents\dana website.jpg
[2012/11/23 00:34:22 | 000,001,167 | ---- | M] () -- C:\Users\chez\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2012/11/23 00:34:22 | 000,001,143 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2012/11/22 21:22:12 | 000,803,700 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/11/21 18:10:07 | 000,275,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/11/21 17:22:06 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/11/20 14:30:47 | 000,002,380 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/11/20 13:46:50 | 000,002,279 | ---- | M] () -- C:\Users\chez\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/11/20 08:22:59 | 000,001,443 | ---- | M] () -- C:\Users\chez\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/20 07:59:01 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
[2012/11/20 06:57:14 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/11/20 06:57:14 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf

========== Files Created - No Company Name ==========

[2012/11/27 13:17:28 | 001,488,673 | ---- | C] () -- C:\ProgramData\1354014714.bdinstall.bin
[2012/11/27 13:16:20 | 000,002,098 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2012.lnk
[2012/11/27 12:21:55 | 000,100,140 | ---- | C] () -- C:\ProgramData\1354011599.bdinstall.bin
[2012/11/27 12:16:55 | 000,092,543 | ---- | C] () -- C:\ProgramData\1354011394.bdinstall.bin
[2012/11/27 12:07:29 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2012/11/27 11:11:45 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/11/27 11:10:32 | 000,001,164 | ---- | C] () -- C:\ProgramData\1354007095.7132.bin
[2012/11/27 11:07:04 | 000,068,059 | ---- | C] () -- C:\ProgramData\1354007095.6304.bin
[2012/11/27 11:07:04 | 000,004,512 | ---- | C] () -- C:\ProgramData\1354007095.5748.bin
[2012/11/27 11:06:42 | 000,004,467 | ---- | C] () -- C:\ProgramData\1354007095.4300.bin
[2012/11/27 11:06:40 | 000,004,467 | ---- | C] () -- C:\ProgramData\1354007095.1700.bin
[2012/11/27 11:06:37 | 000,004,467 | ---- | C] () -- C:\ProgramData\1354007095.4156.bin
[2012/11/27 11:05:59 | 000,004,467 | ---- | C] () -- C:\ProgramData\1354007095.7008.bin
[2012/11/27 11:05:45 | 000,004,467 | ---- | C] () -- C:\ProgramData\1354007095.7024.bin
[2012/11/27 11:05:08 | 001,741,614 | ---- | C] () -- C:\ProgramData\1354007095.6164.bin
[2012/11/27 11:05:08 | 000,010,196 | ---- | C] () -- C:\ProgramData\1354007095.3624.bin
[2012/11/27 11:05:08 | 000,001,404 | ---- | C] () -- C:\ProgramData\1354007095.5932.bin
[2012/11/27 11:05:08 | 000,001,404 | ---- | C] () -- C:\ProgramData\1354007095.5336.bin
[2012/11/27 11:04:58 | 000,084,005 | ---- | C] () -- C:\ProgramData\1354007095.6656.bin
[2012/11/27 11:04:56 | 000,023,391 | ---- | C] () -- C:\ProgramData\1354007095.1804.bin
[2012/11/27 11:04:55 | 000,050,636 | ---- | C] () -- C:\ProgramData\1354007095.5324.bin
[2012/11/25 16:44:47 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\CNC173AD.TBL
[2012/11/25 16:44:47 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\CNC173AD.TBL
[2012/11/25 12:28:19 | 000,001,215 | ---- | C] () -- C:\Users\chez\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2012/11/25 12:28:19 | 000,001,191 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2012/11/25 11:52:43 | 000,000,973 | ---- | C] () -- C:\Users\chez\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/11/25 11:52:43 | 000,000,949 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/11/24 18:08:27 | 001,324,491 | ---- | C] () -- C:\Users\chez\Desktop\BROCHURE FOR BLOODHOUD FINAL.pdf
[2012/11/24 15:38:45 | 000,000,387 | ---- | C] () -- C:\Users\chez\AppData\Roaming\sp_data.sys
[2012/11/24 11:34:25 | 000,054,377 | ---- | C] () -- C:\Users\chez\Desktop\348_82697320203_9699_n.jpg
[2012/11/24 10:30:32 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\Splendid Utility.Lnk
[2012/11/24 10:28:53 | 000,001,022 | ---- | C] () -- C:\Users\Public\Desktop\LifeFrame.lnk
[2012/11/24 02:08:37 | 000,001,165 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/11/24 02:08:37 | 000,001,153 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/11/23 18:22:17 | 000,000,000 | -H-- | C] () -- C:\Users\chez\Documents\Default.rdp
[2012/11/23 01:56:58 | 000,000,017 | ---- | C] () -- C:\Users\chez\AppData\Local\resmon.resmoncfg
[2012/11/23 01:51:49 | 000,861,955 | ---- | C] () -- C:\Users\chez\AppData\Local\census.cache
[2012/11/23 01:51:41 | 000,106,270 | ---- | C] () -- C:\Users\chez\AppData\Local\ars.cache
[2012/11/23 01:41:40 | 000,000,036 | ---- | C] () -- C:\Users\chez\AppData\Local\housecall.guid.cache
[2012/11/23 01:34:20 | 000,134,416 | ---- | C] () -- C:\Users\chez\Desktop\dana website crown.jpg
[2012/11/23 01:28:31 | 000,145,395 | ---- | C] () -- C:\Users\chez\Documents\dana website.jpg
[2012/11/23 00:34:42 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/11/23 00:34:22 | 000,001,167 | ---- | C] () -- C:\Users\chez\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2012/11/23 00:34:22 | 000,001,143 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2012/11/22 10:28:05 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2012/11/21 17:22:06 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/11/21 16:33:31 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/21 16:13:47 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/20 13:46:50 | 000,002,380 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/11/20 13:46:50 | 000,002,279 | ---- | C] () -- C:\Users\chez\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/11/20 13:46:36 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/20 13:46:33 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/20 08:22:59 | 000,001,443 | ---- | C] () -- C:\Users\chez\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/20 08:00:17 | 000,001,415 | ---- | C] () -- C:\Users\chez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/11/20 08:00:08 | 000,001,449 | ---- | C] () -- C:\Users\chez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/11/20 07:59:29 | 000,000,290 | ---- | C] () -- C:\Users\chez\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/11/20 07:59:29 | 000,000,272 | ---- | C] () -- C:\Users\chez\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/03/31 11:00:45 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2011/12/06 13:22:54 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/12/06 13:22:47 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/12/06 13:22:45 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/12/06 13:22:43 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/12/06 13:22:41 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/10/18 06:17:57 | 000,803,700 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

OTL.Txt 161.57KB 62 downloads

CAN SOME ONE PLEASE, PLEASE TELL WHATS GOING ON WITH Virus, Spyware, M

#1
chezy1

Posted 27 November 2012 - 05:56 AM

Advertisements

#2
Essexboy

Posted 27 November 2012 - 09:12 AM

#3
Essexboy

Posted 01 December 2012 - 08:07 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

CAN SOME ONE PLEASE, PLEASE TELL WHATS GOING ON WITH Virus, Spyware, M

#1 chezy1 Posted 27 November 2012 - 05:56 AM

Advertisements

#2 Essexboy Posted 27 November 2012 - 09:12 AM

#3 Essexboy Posted 01 December 2012 - 08:07 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#1
chezy1

Posted 27 November 2012 - 05:56 AM

#2
Essexboy

Posted 27 November 2012 - 09:12 AM

#3
Essexboy

Posted 01 December 2012 - 08:07 AM