Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

the connection was interrupted [Closed]

Started by orcid , Feb 25 2013 06:47 AM

  • This topic is locked This topic is locked

#1
orcid
Posted 25 February 2013 - 06:47 AM

orcid

    New Member

  • Member
  • Pip
  • 1 posts
please help me when i open a facebook ,facebook can't open and always : the connection was interrupted

please help me ,i'm can't fix the problem

OTL logfile created on: 2/25/2013 7:27:55 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\SERVER\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.93 Gb Total Physical Memory | 0.75 Gb Available Physical Memory | 38.71% Memory free
3.87 Gb Paging File | 2.47 Gb Available in Paging File | 63.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 38.96 Gb Total Space | 16.29 Gb Free Space | 41.82% Space Free | Partition Type: NTFS
Drive D: | 195.31 Gb Total Space | 158.17 Gb Free Space | 80.98% Space Free | Partition Type: NTFS
Drive E: | 231.38 Gb Total Space | 207.95 Gb Free Space | 89.87% Space Free | Partition Type: NTFS

Computer Name: SERVER-PC | User Name: SERVER | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/02/25 19:27:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\SERVER\Desktop\OTL.exe
PRC - [2013/02/25 18:49:35 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/02/24 15:56:25 | 001,169,408 | ---- | M] (wj32) -- C:\Program Files\Process Hacker 2\ProcessHacker.exe
PRC - [2013/02/24 08:27:10 | 003,565,432 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2013/02/24 08:21:51 | 000,268,248 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2013/02/20 21:23:41 | 000,247,728 | ---- | M] (Facebook) -- C:\Users\SERVER\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe
PRC - [2013/02/20 21:09:49 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\SERVER\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2013/02/19 17:05:02 | 006,326,272 | ---- | M] (Informer Technologies, Inc.) -- C:\Program Files\Software Informer\softinfo.exe
PRC - [2013/02/19 16:43:26 | 000,061,440 | ---- | M] () -- C:\Windows\System32\secpro.exe
PRC - [2013/02/14 20:36:27 | 001,090,040 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2013/02/14 20:34:31 | 000,732,648 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2013/02/14 20:34:31 | 000,179,176 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2013/02/14 20:34:29 | 000,149,480 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2013/02/12 18:41:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2013/02/11 17:49:35 | 001,808,240 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe
PRC - [2013/01/31 00:45:12 | 001,552,384 | ---- | M] (Smadsoft) -- C:\Program Files\Smadav\SMΔRTP.exe
PRC - [2012/11/15 14:46:38 | 000,312,168 | ---- | M] (Skillbrains) -- C:\Users\SERVER\AppData\Local\Skillbrains\lightshot\3.2.0.5\Lightshot.exe
PRC - [2012/10/31 05:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/10/31 05:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/12/21 16:40:56 | 000,578,264 | ---- | M] (Pandora.TV) -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
PRC - [2011/07/18 09:20:24 | 003,757,168 | ---- | M] (VIA) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
PRC - [2011/07/12 20:51:50 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\ViakaraokeSrv.exe
PRC - [2010/11/20 19:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/07/05 02:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2008/08/04 06:02:20 | 000,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe


========== Modules (No Company Name) ==========

MOD - [2013/02/25 18:49:37 | 003,022,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/02/20 21:23:58 | 022,423,984 | ---- | M] () -- C:\Users\SERVER\AppData\Local\Facebook\Messenger\2.1.4651.0\libcef.dll
MOD - [2013/02/20 21:23:46 | 000,286,640 | ---- | M] () -- C:\Users\SERVER\AppData\Local\Facebook\Messenger\2.1.4651.0\CefSharp.dll
MOD - [2013/02/20 21:23:46 | 000,181,680 | ---- | M] () -- C:\Users\SERVER\AppData\Local\Facebook\Messenger\2.1.4651.0\CefSharp.WinForms.dll
MOD - [2013/02/16 04:59:11 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\42db1fc7f3917c3603cb328f5b9b9073\System.Web.ni.dll
MOD - [2013/02/16 04:58:34 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0627a65d240944ade2509ccd8be9232\System.Windows.Forms.ni.dll
MOD - [2013/02/16 04:58:25 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e736f827abbbdd8cf700a35090b2001\System.Drawing.ni.dll
MOD - [2013/02/14 20:37:14 | 000,276,984 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\phonon4.dll
MOD - [2013/02/14 20:37:14 | 000,035,832 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll
MOD - [2013/02/14 20:37:14 | 000,033,272 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll
MOD - [2013/02/14 20:37:12 | 002,354,168 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtCore4.dll
MOD - [2013/02/14 20:37:10 | 002,481,144 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2013/02/14 20:37:09 | 000,207,352 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
MOD - [2013/02/14 20:36:55 | 000,059,280 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\securestorage.dll
MOD - [2013/02/14 20:36:53 | 002,653,176 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2013/02/14 20:36:51 | 000,364,536 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXml4.dll
MOD - [2013/02/14 20:36:49 | 011,166,712 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2013/02/14 20:36:44 | 008,507,384 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtGui4.dll
MOD - [2013/02/14 20:36:44 | 001,347,064 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtScript4.dll
MOD - [2013/02/14 20:36:44 | 001,014,776 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2013/02/14 20:36:44 | 000,720,888 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2013/02/14 20:36:44 | 000,206,328 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtSql4.dll
MOD - [2013/02/14 20:36:39 | 000,446,456 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2013/02/14 20:36:32 | 000,391,600 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\ssoengine.dll
MOD - [2013/02/14 20:36:30 | 000,520,696 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2013/02/14 20:36:28 | 000,093,176 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\qjson.dll
MOD - [2013/02/14 20:36:27 | 000,606,200 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2013/02/14 20:36:26 | 000,438,264 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\NService.dll
MOD - [2013/02/14 20:36:17 | 000,110,080 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll
MOD - [2013/02/11 17:49:28 | 014,586,736 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_149.dll
MOD - [2013/02/05 21:28:32 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2013/02/01 14:15:17 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\1e85062785e286cd9eae9c26d2c61f73\System.Data.ni.dll
MOD - [2013/02/01 14:14:53 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2013/02/01 14:14:49 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2013/02/01 14:14:48 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2013/02/01 14:14:42 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2013/01/31 00:45:12 | 001,552,384 | ---- | M] () -- C:\Program Files\Smadav\SM?RTP.exe
MOD - [2011/07/18 09:20:12 | 000,623,216 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\skin.dll
MOD - [2011/07/18 09:20:12 | 000,080,496 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
MOD - [2011/07/18 09:20:10 | 000,113,264 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
MOD - [2010/11/05 08:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/07/05 04:32:36 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2010/07/05 02:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2008/08/04 06:02:20 | 000,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Users\SERVER\AppData\Local\Temp\QMFWAR.exe -- (QMFWAR)
SRV - File not found [On_Demand | Stopped] -- C:\Users\SERVER\AppData\Local\Temp\OXZGR.exe -- (OXZGR)
SRV - File not found [On_Demand | Stopped] -- C:\Users\SERVER\AppData\Local\Temp\MEBVHTNOWP.exe -- (MEBVHTNOWP)
SRV - File not found [On_Demand | Stopped] -- C:\Users\SERVER\AppData\Local\Temp\JQMAUWIQDS.exe -- (JQMAUWIQDS)
SRV - [2013/02/24 06:42:36 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2013/02/19 16:43:26 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Windows\System32\secpro.exe -- (SecStore)
SRV - [2013/02/14 20:34:31 | 000,732,648 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2013/02/11 17:49:27 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/10 18:04:13 | 000,115,624 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/31 01:05:18 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/10/31 05:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/10/31 05:50:56 | 000,133,912 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2011/12/21 16:40:56 | 000,578,264 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2011/07/12 20:51:50 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\System32\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/01/21 17:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/07/14 08:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 08:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 08:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - [2013/02/24 15:56:27 | 000,026,624 | ---- | M] (wj32) [Kernel | System | Running] -- C:\Program Files\Process Hacker 2\kprocesshacker.sys -- (KProcessHacker2)
DRV - [2013/02/24 06:42:37 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2013/02/17 22:13:30 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2013/02/17 09:02:37 | 000,100,216 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2012/11/26 18:58:41 | 000,206,872 | ---- | M] (SHADOWDEFENDER.COM) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\diskpt.sys -- (diskpt)
DRV - [2012/10/31 05:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/31 05:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/31 05:51:58 | 000,199,320 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2012/10/31 05:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/31 05:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/10/31 05:51:56 | 000,106,560 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2012/10/31 05:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/10/31 05:51:56 | 000,020,624 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012/10/15 22:59:28 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2011/07/12 20:51:38 | 001,810,032 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2011/02/23 01:21:54 | 000,319,592 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010/11/20 19:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 19:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 19:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 17:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 17:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 16:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 16:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/09/07 21:24:46 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2010/07/05 02:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.goo...422&lg=EN&cc=ID
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.goo...422&lg=EN&cc=ID

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.co...13038_54_hao_pg
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-sea...0001078d2eb0645
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...soft:{language}
IE - HKCU\..\SearchScopes\{72B173C3-26A4-4444-B7D6-6011D8671CD2}: "URL" = http://websearch.ask...BD-412EC949147E
IE - HKCU\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.goo...422&lg=EN&cc=ID
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://google.co.id"
FF - prefs.js..extensions.enabledAddons: support%40superhideip.com:1.0
FF - prefs.js..extensions.enabledAddons: mozilla_cc%40internetdownloadmanager.com:7.3.37
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@duomi.com/Duomi: File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@leeuu.com/npgboxruner;version=: C:\Users\SERVER\AppData\Roaming\gbox\npgboxruner.dll (leeuu.com )
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\SERVER\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 20.0a2\extensions\\Components: C:\Program Files\Aurora\components [2013/02/10 16:25:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013/01/31 23:18:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/25 18:49:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/16 15:33:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/16 15:33:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\SERVER\AppData\Roaming\IDM\idmmzcc5 [2013/02/24 08:23:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\SERVER\AppData\Roaming\IDM\idmmzcc5 [2013/02/24 08:23:44 | 000,000,000 | ---D | M]

[2013/01/30 10:41:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SERVER\AppData\Roaming\Mozilla\Extensions
[2013/02/23 16:57:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\opugb47m.default-1360495341128\extensions
[2013/02/23 16:57:54 | 000,004,544 | ---- | M] () (No name found) -- C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\opugb47m.default-1360495341128\extensions\[email protected]
[2013/02/23 16:07:57 | 000,009,619 | ---- | M] () -- C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\opugb47m.default-1360495341128\searchplugins\my-web-search.xml
[2013/02/15 17:45:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/02/20 05:04:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions
[2013/02/20 05:05:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/02/24 08:23:44 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\SERVER\APPDATA\ROAMING\IDM\IDMMZCC5
[2013/02/25 18:49:51 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/02/15 17:45:35 | 000,006,484 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml

========== Chrome ==========

CHR - homepage: http://www.google.co.id/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.co.id/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\SERVER\AppData\Local\Google\Chrome\Application\23.0.1271.17\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\SERVER\AppData\Local\Google\Chrome\Application\23.0.1271.17\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\SERVER\AppData\Local\Google\Chrome\Application\23.0.1271.17\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - Extension: Ask Toolbar = C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaapnjeoabhkpdiinmomghdncekhiib\7.15.15.36580_0\
CHR - Extension: Search-NewTab = C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiecmhhgblhdnckpjapohjdplikpoeme\1\
CHR - Extension: Browse2save = C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjdkgceokigcojlomlpclhjnimojkboj\1\
CHR - Extension: avast! WebRep = C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: IDM Integration = C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.3_0\

O1 HOSTS File: ([2013/02/24 17:23:32 | 000,001,167 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 184.172.198.63 http://gmail.com
O1 - Hosts: 184.172.198.63 gmail.com
O1 - Hosts: 184.172.198.63 www.gmail.com
O1 - Hosts: 184.172.198.63 http://www.gmail.com
O1 - Hosts: 184.172.198.63 https://gmail.com
O1 - Hosts: 184.172.198.63 http://facebook.com
O1 - Hosts: 184.172.198.63 facebook.com
O1 - Hosts: 184.172.198.63 www.facebook.com
O1 - Hosts: 184.172.198.63 http://www.facebook.com
O1 - Hosts: 184.172.198.63 https://facebook.com
O1 - Hosts: 184.172.198.63 http://hotmail.com
O1 - Hosts: 184.172.198.63 hotmail.com
O1 - Hosts: 184.172.198.63 www.hotmail.com
O1 - Hosts: 184.172.198.63 http://www.hotmail.com
O1 - Hosts: 184.172.198.63 https://hotmail.com
O1 - Hosts: 184.172.198.63 http://live.com
O1 - Hosts: 184.172.198.63 live.com
O1 - Hosts: 184.172.198.63 www.live.com
O1 - Hosts: 184.172.198.63 http://www.live.com
O1 - Hosts: 184.172.198.63 https://live.com
O1 - Hosts: 184.172.198.63 http://paypal.com
O1 - Hosts: 184.172.198.63 paypal.com
O1 - Hosts: 184.172.198.63 www.paypal.com
O1 - Hosts: 184.172.198.63 http://www.paypal.com
O1 - Hosts: 184.172.198.63 https://paypal.com
O1 - Hosts: 11 more lines...
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\SERVER\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [LightShot] C:\Users\SERVER\AppData\Local\Skillbrains\lightshot\LightShot.exe ()
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKCU..\Run: [Process Hacker 2] C:\Program Files\Process Hacker 2\ProcessHacker.exe (wj32)
O4 - HKCU..\Run: [SMΔRT-Protection] C:\Program Files\Smadav\SMΔRTP.exe (Smadsoft)
O4 - HKCU..\Run: [Software Informer] C:\Program Files\Software Informer\softinfo.exe (Informer Technologies, Inc.)
O4 - HKCU..\Run: [Super Hide IP] C:\Program Files\SuperHideIP\SuperHideIP.exe (SuperHideIP.Com)
O4 - Startup: C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\SERVER\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (Facebook)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: ?????360???? - Reg Error: Value error. File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.9.1 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9692BF9C-FC76-48C9-A67E-16CFE3642425}: DhcpNameServer = 192.168.9.1 192.168.1.254
O20 - AppInit_DLLs: (c:\progra~2\browse~2\261095~1.52\{c16c1~1\browse~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9fc7b731-6ecb-11e2-b33a-1078d2eb0645}\Shell - "" = AutoRun
O33 - MountPoints2\{9fc7b731-6ecb-11e2-b33a-1078d2eb0645}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/02/25 19:27:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\SERVER\Desktop\OTL.exe
[2013/02/24 17:03:52 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/02/24 16:22:47 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Process Hacker 2
[2013/02/24 15:56:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
[2013/02/24 15:56:24 | 000,000,000 | ---D | C] -- C:\Program Files\Process Hacker 2
[2013/02/24 08:30:29 | 000,000,000 | ---D | C] -- C:\Users\SERVER\Desktop\DDos
[2013/02/24 08:30:22 | 000,000,000 | ---D | C] -- C:\Users\SERVER\Desktop\data
[2013/02/24 07:10:43 | 000,000,000 | ---D | C] -- C:\Users\SERVER\Desktop\Ddos notpad
[2013/02/24 07:03:37 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Wireshark
[2013/02/24 06:42:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2013/02/24 06:42:35 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2013/02/24 06:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\Wireshark
[2013/02/23 16:57:17 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\SuperHideIP
[2013/02/23 16:57:17 | 000,000,000 | ---D | C] -- C:\ProgramData\SuperHideIP
[2013/02/23 16:49:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Hide IP
[2013/02/23 16:49:51 | 000,000,000 | ---D | C] -- C:\Program Files\SuperHideIP
[2013/02/21 19:01:41 | 000,000,000 | ---D | C] -- C:\Users\SERVER\Desktop\Musik
[2013/02/21 19:01:15 | 000,000,000 | ---D | C] -- C:\Users\SERVER\Desktop\Percobaan deface
[2013/02/21 18:46:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chrono Tales
[2013/02/21 18:46:43 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\gbox
[2013/02/20 21:23:41 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2013/02/20 21:09:47 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\Facebook
[2013/02/19 17:53:11 | 000,000,000 | ---D | C] -- C:\Users\SERVER\Desktop\Mini
[2013/02/19 17:05:01 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Software Informer
[2013/02/19 17:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer
[2013/02/19 17:05:00 | 000,000,000 | ---D | C] -- C:\Program Files\Software Informer
[2013/02/19 16:43:22 | 000,000,000 | ---D | C] -- C:\Program Files\iSafe
[2013/02/19 16:08:52 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\BPK
[2013/02/19 16:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\BPK
[2013/02/19 16:07:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlazingTools Perfect Keylogger
[2013/02/17 21:11:21 | 000,000,000 | ---D | C] -- C:\Users\SERVER\Desktop\TUGAS
[2013/02/17 15:26:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DragonCityBot
[2013/02/17 15:26:15 | 000,000,000 | ---D | C] -- C:\Program Files\DragonCityBot
[2013/02/16 23:37:54 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\FlashPlayerTemp
[2013/02/16 18:10:34 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\360Safe
[2013/02/16 18:02:35 | 000,100,216 | ---- | C] (Tonec Inc.) -- C:\Windows\System32\drivers\idmwfp.sys
[2013/02/15 23:16:18 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\360Notify
[2013/02/15 22:44:26 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\360mobilemgr
[2013/02/15 22:37:39 | 000,000,000 | ---D | C] -- C:\ProgramData\360safe
[2013/02/15 22:13:09 | 000,000,000 | ---D | C] -- C:\Program Files\DuoMi
[2013/02/15 20:13:32 | 000,000,000 | ---D | C] -- C:\Users\SERVER\Desktop\FOTO TKJ
[2013/02/15 17:45:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/02/15 14:16:08 | 000,000,000 | ---D | C] -- C:\Users\SERVER\Desktop\Defacer
[2013/02/14 20:42:42 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\NokiaAccount
[2013/02/14 20:37:28 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\Nokia
[2013/02/14 20:37:20 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\PC Suite
[2013/02/14 20:37:19 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2013/02/14 20:36:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2013/02/14 20:35:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2013/02/14 20:35:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2013/02/14 20:34:38 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2013/02/14 20:34:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2013/02/14 20:34:10 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2013/02/14 20:33:32 | 000,075,264 | ---- | C] (Nokia) -- C:\Windows\System32\nmwcdcls.dll
[2013/02/14 20:32:32 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2013/02/14 20:32:32 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2013/02/14 20:27:32 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\TrustPort
[2013/02/14 15:54:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Havij 1.13 Free
[2013/02/14 15:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\Havij 1.14 Free
[2013/02/14 15:53:52 | 000,000,000 | ---D | C] -- C:\Users\SERVER\Desktop\Havij 1.14 Full Crack
[2013/02/12 18:42:02 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\Babylon
[2013/02/12 04:57:33 | 000,000,000 | ---D | C] -- C:\Users\SERVER\Documents\Outlook Files
[2013/02/11 19:00:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013/02/11 19:00:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/02/10 16:25:35 | 000,000,000 | ---D | C] -- C:\Program Files\Aurora
[2013/02/10 03:01:21 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Ahead
[2013/02/09 20:34:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2013/02/09 13:11:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/02/07 17:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CJ Netmarble
[2013/02/07 17:05:40 | 000,000,000 | ---D | C] -- C:\CJ Netmarble
[2013/02/07 14:44:14 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2013/02/07 14:43:43 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\APN
[2013/02/07 14:41:03 | 000,000,000 | ---D | C] -- C:\Program Files\AutoHideIP
[2013/02/07 00:07:44 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\C__Program Files_AutoHideIP_AutoHideIP.exe
[2013/02/07 00:07:44 | 000,000,000 | ---D | C] -- C:\ProgramData\C__Program Files_AutoHideIP_AutoHideIP.exe
[2013/02/06 23:22:57 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\AutoHideIP
[2013/02/06 23:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\AutoHideIP
[2013/02/05 19:58:44 | 000,000,000 | ---D | C] -- C:\Users\SERVER\Documents\My Cheat Tables
[2013/02/05 19:18:18 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\AutoShutdown
[2013/02/05 19:15:23 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\Easy_BioSolutions_Inc
[2013/02/05 19:13:59 | 000,000,000 | ---D | C] -- C:\Program Files\Easy Trinity
[2013/02/05 18:00:08 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013/02/05 17:56:38 | 000,000,000 | ---D | C] -- C:\Program Files\SkinPack
[2013/02/05 17:56:27 | 000,000,000 | ---D | C] -- C:\Program Files\Skin Pack
[2013/02/05 16:19:32 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\MoMo - Web Browser Optimize
[2013/02/05 16:16:37 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KellySoftware
[2013/02/05 16:16:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KellySoftware
[2013/02/05 16:16:37 | 000,000,000 | ---D | C] -- C:\Program Files\KellySoftware
[2013/02/05 04:42:43 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Babylon
[2013/02/05 04:42:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013/02/05 04:42:09 | 000,000,000 | ---D | C] -- C:\Program Files\SecurityXploded
[2013/02/04 00:30:01 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2013/02/04 00:30:00 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Borland C++ 5.02
[2013/02/04 00:12:45 | 000,000,000 | ---D | C] -- C:\BC5
[2013/02/03 22:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Port Scanner
[2013/02/03 19:50:48 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\IsolatedStorage
[2013/02/03 19:50:30 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\IObit
[2013/02/03 16:28:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/02/03 16:28:28 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\MFAData
[2013/02/03 16:28:28 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/02/03 16:28:28 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\Avg2013
[2013/02/03 14:59:15 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Alawar
[2013/02/03 08:03:49 | 000,000,000 | ---D | C] -- C:\Program Files\Fiddler2
[2013/02/03 05:01:35 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2013/02/03 04:30:28 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\IDM
[2013/02/03 04:30:24 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2013/02/03 04:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2013/02/03 04:30:17 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2013/02/01 19:43:09 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Shadow Defender
[2013/02/01 19:30:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/02/01 19:30:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/02/01 19:10:17 | 000,206,872 | ---- | C] (SHADOWDEFENDER.COM) -- C:\Windows\System32\drivers\diskpt.sys
[2013/02/01 19:10:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shadow Defender
[2013/02/01 18:09:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/02/01 18:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/02/01 15:56:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
[2013/02/01 15:56:16 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\AIMP3
[2013/02/01 15:56:13 | 000,000,000 | ---D | C] -- C:\Program Files\AIMP3
[2013/02/01 15:47:10 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2013/02/01 15:47:09 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2013/02/01 15:13:41 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/02/01 13:57:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2013/02/01 13:57:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2013/02/01 00:13:48 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2013/01/31 23:19:14 | 000,044,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013/01/31 23:18:16 | 000,020,624 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2013/01/31 22:39:31 | 000,000,000 | ---D | C] -- C:\Program Files\Skillbrains
[2013/01/31 22:39:30 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot
[2013/01/31 22:39:29 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\Skillbrains
[2013/01/31 22:39:28 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\Programs
[2013/01/31 21:07:35 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\Yodao
[2013/01/31 20:42:42 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\Youdao
[2013/01/31 20:42:41 | 000,000,000 | ---D | C] -- C:\Program Files\Youdao
[2013/01/31 14:24:18 | 000,000,000 | ---D | C] -- C:\ProgramData\RightClick
[2013/01/31 14:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/01/31 14:02:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Search-NewTab
[2013/01/31 14:02:24 | 000,000,000 | ---D | C] -- C:\Program Files\WebSearch
[2013/01/31 13:56:32 | 000,000,000 | ---D | C] -- C:\Program Files\BrowseToSave
[2013/01/31 13:55:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Browse2save
[2013/01/31 13:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2013/01/31 04:18:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2013/01/31 01:04:34 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2013/01/31 01:00:22 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/01/31 00:59:53 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/01/31 00:59:14 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013/01/31 00:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arcai.com
[2013/01/30 22:51:55 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Optimizer Pro
[2013/01/30 22:51:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro
[2013/01/30 22:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\PC Optimizer Pro
[2013/01/30 21:43:20 | 000,000,000 | ---D | C] -- C:\Users\SERVER\Documents\code like
[2013/01/30 21:42:58 | 000,000,000 | ---D | C] -- C:\Users\SERVER\Documents\EMAIL &
[2013/01/30 19:00:18 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\GRETECH
[2013/01/30 18:40:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2
[2013/01/30 18:40:41 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine 6.2
[2013/01/30 18:35:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2013/01/30 18:35:43 | 000,361,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/01/30 18:35:43 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/01/30 18:35:42 | 000,738,504 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/01/30 18:35:41 | 000,106,560 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2013/01/30 18:35:33 | 000,199,320 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2013/01/30 18:35:32 | 000,023,376 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2013/01/30 18:35:31 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013/01/30 18:35:30 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/01/30 18:35:22 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/01/30 18:35:22 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2013/01/30 18:35:21 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/01/30 18:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2013/01/30 18:35:19 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2013/01/30 18:20:24 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\Macromedia
[2013/01/30 18:02:08 | 000,000,000 | ---D | C] -- C:\Program Files\360
[2013/01/30 17:59:15 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Macromedia
[2013/01/30 17:56:34 | 000,000,000 | ---D | C] -- C:\ProgramData\AMMYY
[2013/01/30 17:54:38 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\360Login
[2013/01/30 17:53:47 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\360se
[2013/01/30 17:34:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
[2013/01/30 17:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\GRETECH
[2013/01/30 17:31:07 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\DMCache
[2013/01/30 17:30:41 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\Adobe
[2013/01/30 17:30:37 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Adobe
[2013/01/30 17:30:25 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5
[2013/01/30 17:29:40 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Meitu
[2013/01/30 17:29:39 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ĂÀͼ
[2013/01/30 17:29:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ĂÀͼ
[2013/01/30 17:29:28 | 000,000,000 | ---D | C] -- C:\Program Files\Meitu
[2013/01/30 17:27:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
[2013/01/30 17:27:59 | 000,000,000 | ---D | C] -- C:\Program Files\eSupport.com
[2013/01/30 11:14:39 | 000,000,000 | ---D | C] -- C:\Users\SERVER\Documents\VirtualDJ
[2013/01/30 11:14:39 | 000,000,000 | ---D | C] -- C:\Users\SERVER\Documents\INTERNET DATA
[2013/01/30 11:01:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2013/01/30 11:01:56 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Corel
[2013/01/30 11:00:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameHouse
[2013/01/30 10:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\GameHouse
[2013/01/30 10:57:31 | 000,000,000 | ---D | C] -- C:\Users\SERVER\Documents\Corel
[2013/01/30 10:56:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2013/01/30 10:56:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0
[2013/01/30 10:56:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2013/01/30 10:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
[2013/01/30 10:55:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2013/01/30 10:52:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5
[2013/01/30 10:52:42 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2013/01/30 10:51:40 | 000,000,000 | ---D | C] -- C:\ProgramData\CorelDRAW Graphics Suite X5
[2013/01/30 10:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2013/01/30 10:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/01/30 10:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013/01/30 10:46:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2013/01/30 10:46:17 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/01/30 10:46:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013/01/30 10:46:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2013/01/30 10:46:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2013/01/30 10:45:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2013/01/30 10:45:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2013/01/30 10:45:11 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\Microsoft Help
[2013/01/30 10:45:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/01/30 10:45:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/01/30 10:44:53 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013/01/30 10:42:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/01/30 10:42:53 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/01/30 10:42:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/01/30 10:42:04 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/01/30 10:41:26 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Mozilla
[2013/01/30 10:41:26 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\Mozilla
[2013/01/30 10:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/01/30 10:40:06 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\Ahead
[2013/01/30 10:40:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials
[2013/01/30 10:39:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2013/01/30 10:39:41 | 000,000,000 | ---D | C] -- C:\Program Files\Kamus2
[2013/01/30 10:39:41 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kamus 2.04
[2013/01/30 10:39:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kamus 2.04
[2013/01/30 10:39:35 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\WinRAR
[2013/01/30 10:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2013/01/30 10:39:27 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2013/01/30 10:39:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2013/01/30 10:38:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PANDORATV
[2013/01/30 10:38:31 | 000,000,000 | ---D | C] -- C:\Program Files\PANDORA.TV
[2013/01/30 10:38:27 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
[2013/01/30 10:38:19 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer
[2013/01/30 10:37:50 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Opera
[2013/01/30 10:37:50 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\Opera
[2013/01/30 10:37:48 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2013/01/30 10:37:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[2013/01/30 10:37:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2013/01/30 10:37:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2013/01/30 10:37:25 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoScape
[2013/01/30 10:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2013/01/30 10:37:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\IOSUBSYS
[2013/01/30 10:37:13 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\Google
[2013/01/30 10:37:09 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/01/30 10:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2013/01/30 10:36:04 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Winamp
[2013/01/30 10:36:04 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2013/01/30 10:35:47 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013/01/30 10:35:21 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Smadav
[2013/01/30 10:35:20 | 000,000,000 | ---D | C] -- C:\Program Files\Smadav
[2013/01/30 10:35:18 | 000,000,000 | -HSD | C] -- C:\[Smad-Cage]
[2013/01/30 10:30:12 | 000,319,592 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rtlh86.sys
[2013/01/30 10:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/01/30 10:25:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/01/30 10:16:19 | 000,000,000 | ---D | C] -- C:\Program Files\InstallShield Installation Information
[2013/01/30 10:15:19 | 000,218,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\Dts2APO.dll
[2013/01/30 10:15:19 | 000,076,288 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\nQPropPageExt.dll
[2013/01/30 10:15:19 | 000,073,728 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\nQAPO.dll
[2013/01/30 10:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\VIA
[2013/01/30 10:14:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2013/01/30 10:14:51 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013/01/30 10:13:20 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/01/30 10:05:19 | 000,000,000 | R--D | C] -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/01/30 10:05:19 | 000,000,000 | R--D | C] -- C:\Users\SERVER\Searches
[2013/01/30 10:05:19 | 000,000,000 | R--D | C] -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/01/30 10:05:19 | 000,000,000 | -H-D | C] -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/01/30 10:05:12 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Identities
[2013/01/30 10:05:11 | 000,000,000 | R--D | C] -- C:\Users\SERVER\Contacts
[2013/01/30 10:04:24 | 000,000,000 | --SD | C] -- C:\Users\SERVER\AppData\Roaming\Microsoft
[2013/01/30 10:04:24 | 000,000,000 | R--D | C] -- C:\Users\SERVER\Videos
[2013/01/30 10:04:24 | 000,000,000 | R--D | C] -- C:\Users\SERVER\Saved Games
[2013/01/30 10:04:24 | 000,000,000 | R--D | C] -- C:\Users\SERVER\Pictures
[2013/01/30 10:04:24 | 000,000,000 | R--D | C] -- C:\Users\SERVER\Music
[2013/01/30 10:04:24 | 000,000,000 | R--D | C] -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/01/30 10:04:24 | 000,000,000 | R--D | C] -- C:\Users\SERVER\Links
[2013/01/30 10:04:24 | 000,000,000 | R--D | C] -- C:\Users\SERVER\Favorites
[2013/01/30 10:04:24 | 000,000,000 | R--D | C] -- C:\Users\SERVER\Downloads
[2013/01/30 10:04:24 | 000,000,000 | R--D | C] -- C:\Users\SERVER\Documents
[2013/01/30 10:04:24 | 000,000,000 | R--D | C] -- C:\Users\SERVER\Desktop
[2013/01/30 10:04:24 | 000,000,000 | R--D | C] -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/01/30 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\SERVER\AppData\Local\Temporary Internet Files
[2013/01/30 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\SERVER\Templates
[2013/01/30 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\SERVER\Start Menu
[2013/01/30 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\SERVER\SendTo
[2013/01/30 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\SERVER\Recent
[2013/01/30 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\SERVER\PrintHood
[2013/01/30 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\SERVER\NetHood
[2013/01/30 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\SERVER\Documents\My Videos
[2013/01/30 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\SERVER\Documents\My Pictures
[2013/01/30 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\SERVER\Documents\My Music
[2013/01/30 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\SERVER\My Documents
[2013/01/30 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\SERVER\Local Settings
[2013/01/30 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\SERVER\AppData\Local\History
[2013/01/30 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\SERVER\Cookies
[2013/01/30 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\SERVER\Application Data
[2013/01/30 10:04:24 | 000,000,000 | -HSD | C] -- C:\Users\SERVER\AppData\Local\Application Data
[2013/01/30 10:04:24 | 000,000,000 | -H-D | C] -- C:\Users\SERVER\AppData
[2013/01/30 10:04:24 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\VirtualStore
[2013/01/30 10:04:24 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\Temp
[2013/01/30 10:04:24 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Local\Microsoft
[2013/01/30 10:04:24 | 000,000,000 | ---D | C] -- C:\Users\SERVER\AppData\Roaming\Media Center Programs
[2013/01/30 10:03:37 | 000,000,000 | -HSD | C] -- C:\Recovery

========== Files - Modified Within 30 Days ==========

[2013/02/25 19:27:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\SERVER\Desktop\OTL.exe
[2013/02/25 19:16:51 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro Scan.job
[2013/02/25 19:16:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/25 19:16:29 | 1558,110,208 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/25 18:50:03 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/02/25 18:33:01 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-3029224366-2691295330-1888983494-1000.job
[2013/02/25 18:26:05 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\update-sys.job
[2013/02/25 18:23:19 | 000,000,017 | ---- | M] () -- C:\Users\SERVER\AppData\Local\resmon.resmoncfg
[2013/02/25 05:22:33 | 000,001,394 | ---- | M] () -- C:\Users\SERVER\Documents\a.facebook.com
[2013/02/25 05:04:42 | 000,430,584 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/02/25 05:02:49 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3029224366-2691295330-1888983494-1000UA.job
[2013/02/25 05:02:49 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3029224366-2691295330-1888983494-1000Core.job
[2013/02/25 03:01:00 | 000,000,440 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro Updates.job
[2013/02/24 17:37:35 | 000,033,925 | ---- | M] () -- C:\Users\SERVER\Desktop\anonymous-mask.jpg
[2013/02/24 15:56:37 | 000,001,998 | ---- | M] () -- C:\Users\SERVER\Desktop\Process Hacker 2.lnk
[2013/02/24 09:05:44 | 001,903,419 | ---- | M] () -- C:\Users\SERVER\Desktop\indonesia_bhineka tunggal ika_2_1.mp3
[2013/02/24 08:30:22 | 000,416,768 | ---- | M] () -- C:\Users\SERVER\Desktop\UDP Unicorn.exe
[2013/02/24 07:07:03 | 000,178,176 | ---- | M] () -- C:\Users\SERVER\Desktop\LOIC.exe
[2013/02/24 06:42:37 | 000,096,784 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\System32\Packet.dll
[2013/02/24 06:42:37 | 000,053,299 | ---- | M] () -- C:\Windows\System32\pthreadVC.dll
[2013/02/24 06:42:37 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\System32\drivers\npf.sys
[2013/02/24 06:42:36 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\System32\wpcap.dll
[2013/02/24 06:42:14 | 000,001,714 | ---- | M] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\Wireshark.lnk
[2013/02/23 20:19:16 | 000,001,023 | ---- | M] () -- C:\Users\SERVER\Desktop\Super Hide IP.lnk
[2013/02/23 16:49:59 | 000,001,005 | ---- | M] () -- C:\Users\Public\Desktop\Super Hide IP.lnk
[2013/02/22 15:51:22 | 000,010,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/22 15:51:22 | 000,010,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/21 18:46:49 | 000,000,938 | ---- | M] () -- C:\Users\Public\Desktop\Chrono Tales.lnk
[2013/02/21 18:46:47 | 000,001,780 | ---- | M] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\Chrono Tales.lnk
[2013/02/20 21:24:22 | 000,001,322 | ---- | M] () -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
[2013/02/20 19:45:18 | 000,622,702 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/02/20 19:45:18 | 000,105,216 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/02/20 19:38:34 | 002,505,130 | ---- | M] () -- C:\Users\SERVER\Desktop\09 mother how are you today.mp3
[2013/02/19 16:43:26 | 000,235,008 | ---- | M] () -- C:\Windows\System32\FltEng.dll
[2013/02/19 16:43:26 | 000,061,440 | ---- | M] () -- C:\Windows\System32\secpro.exe
[2013/02/17 22:13:34 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/02/17 18:07:08 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS
[2013/02/17 18:07:08 | 000,000,000 | ---- | M] () -- C:\IO.SYS
[2013/02/17 15:26:51 | 000,001,004 | ---- | M] () -- C:\Users\Public\Desktop\DragonCityBot.lnk
[2013/02/17 09:02:37 | 000,100,216 | ---- | M] (Tonec Inc.) -- C:\Windows\System32\drivers\idmwfp.sys
[2013/02/15 23:36:58 | 000,000,274 | ---- | M] () -- C:\Windows\wininit.ini
[2013/02/14 20:37:04 | 000,002,047 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2013/02/14 20:34:21 | 000,075,264 | ---- | M] (Nokia) -- C:\Windows\System32\nmwcdcls.dll
[2013/02/14 15:54:34 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Havij.lnk
[2013/02/14 04:48:52 | 022,219,300 | ---- | M] () -- C:\Users\SERVER\Desktop\Cara Deface website Bagi pemula - YouTube.MP4
[2013/02/07 17:06:46 | 000,000,796 | ---- | M] () -- C:\Users\Public\Desktop\ModooMarble.lnk
[2013/02/06 14:14:21 | 000,000,056 | ---- | M] () -- C:\Windows\SpeedGear.INI
[2013/02/06 06:05:00 | 000,000,291 | ---- | M] () -- C:\Windows\SumitSoft.ini
[2013/02/05 21:28:34 | 000,001,184 | ---- | M] () -- C:\Users\SERVER\Desktop\QuickStores.lnk
[2013/02/05 21:28:34 | 000,001,184 | ---- | M] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickStores.lnk
[2013/02/05 16:35:04 | 000,001,353 | ---- | M] () -- C:\Users\SERVER\Desktop\FacebookPasswordDecryptor.lnk
[2013/02/05 16:16:44 | 000,254,976 | ---- | M] (MpegTV) -- C:\Windows\xaudio.dll
[2013/02/05 16:16:44 | 000,035,878 | ---- | M] () -- C:\Windows\Matrix_ks.BMP
[2013/02/05 16:16:42 | 003,013,120 | ---- | M] (KellySoftware) -- C:\Windows\Matrix_ks.SCR
[2013/02/04 00:50:59 | 000,000,009 | ---- | M] () -- C:\Windows\WINHELP.INI
[2013/02/04 00:30:15 | 000,002,499 | ---- | M] () -- C:\Windows\System32\CONFIG.NT
[2013/02/04 00:15:27 | 000,091,136 | ---- | M] () -- C:\Windows\BC5RMV.EXE
[2013/02/03 18:19:49 | 000,001,498 | ---- | M] () -- C:\Users\SERVER\Desktop\UndeletePlus - Shortcut.lnk
[2013/02/03 15:02:16 | 000,000,016 | ---- | M] () -- C:\Windows\popcinfo.dat
[2013/02/03 08:01:15 | 000,313,991 | ---- | M] () -- C:\Users\SERVER\Desktop\data_library_en.swf
[2013/02/01 19:42:48 | 022,081,536 | -HS- | M] () -- C:\diskpt0.sys
[2013/02/01 19:41:39 | 000,001,004 | ---- | M] () -- C:\Windows\diskpt.dat
[2013/02/01 19:30:46 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/02/01 19:10:17 | 000,000,048 | ---- | M] () -- C:\Windows\diskpt.crt
[2013/02/01 15:56:18 | 000,000,879 | ---- | M] () -- C:\Users\Public\Desktop\AIMP3.lnk
[2013/01/31 23:18:13 | 000,002,577 | ---- | M] () -- C:\Windows\System32\CONFIG.OLD
[2013/01/31 22:54:16 | 000,000,997 | ---- | M] () -- C:\Users\SERVER\Desktop\KMPlayer.lnk
[2013/01/31 22:39:34 | 000,000,544 | ---- | M] () -- C:\Users\SERVER\AppData\Local\UserProducts.xml
[2013/01/31 04:57:05 | 000,001,411 | ---- | M] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/01/31 04:40:13 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2013/01/31 01:02:00 | 000,042,045 | ---- | M] () -- C:\Windows\System32\license.rtf
[2013/01/30 22:51:49 | 000,001,079 | ---- | M] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Optimizer Pro.lnk
[2013/01/30 22:51:49 | 000,001,055 | ---- | M] () -- C:\Users\Public\Desktop\PC Optimizer Pro.lnk
[2013/01/30 22:07:08 | 000,003,247 | ---- | M] () -- C:\Users\SERVER\Desktop\baseball heroes.CT
[2013/01/30 18:40:42 | 000,001,047 | ---- | M] () -- C:\Users\SERVER\Desktop\Cheat Engine.lnk
[2013/01/30 18:35:44 | 000,002,009 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2013/01/30 17:34:11 | 000,001,095 | ---- | M] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2013/01/30 17:34:11 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2013/01/30 17:30:25 | 000,001,159 | ---- | M] () -- C:\Users\SERVER\Desktop\Adobe Photoshop CS5.lnk
[2013/01/30 17:10:00 | 000,000,396 | ---- | M] () -- C:\Users\SERVER\Desktop\Local Area Connection - Shortcut.lnk
[2013/01/30 11:07:19 | 000,002,623 | ---- | M] () -- C:\Users\SERVER\Desktop\GameHouse.lnk
[2013/01/30 11:06:45 | 000,002,613 | ---- | M] () -- C:\Users\SERVER\Desktop\CorelDRAW X5.lnk
[2013/01/30 10:55:20 | 000,003,021 | ---- | M] () -- C:\Users\SERVER\Desktop\Microsoft Word 2010.lnk
[2013/01/30 10:55:16 | 000,002,937 | ---- | M] () -- C:\Users\SERVER\Desktop\Microsoft PowerPoint 2010.lnk
[2013/01/30 10:55:13 | 000,002,951 | ---- | M] () -- C:\Users\SERVER\Desktop\Microsoft Excel 2010.lnk
[2013/01/30 10:43:01 | 000,000,959 | ---- | M] () -- C:\Users\SERVER\Desktop\Kamus2.lnk
[2013/01/30 10:42:05 | 000,002,369 | ---- | M] () -- C:\Users\SERVER\Desktop\Google Chrome.lnk
[2013/01/30 10:40:04 | 000,002,716 | ---- | M] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk
[2013/01/30 10:40:04 | 000,002,692 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2013/01/30 10:37:35 | 000,001,017 | ---- | M] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk
[2013/01/30 10:37:35 | 000,000,993 | ---- | M] () -- C:\Users\SERVER\Desktop\PhotoScape.lnk
[2013/01/30 10:37:26 | 000,001,092 | ---- | M] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2013/01/30 10:37:26 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2013/01/30 10:36:09 | 000,000,975 | ---- | M] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2013/01/30 10:36:09 | 000,000,951 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2013/01/30 10:34:53 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/01/30 10:15:23 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\HD VDeck.lnk
[2013/01/29 12:47:38 | 109,408,728 | ---- | M] () -- C:\Users\SERVER\Documents\sound_VIA.zip

========== Files Created - No Company Name ==========

[2013/02/25 18:23:04 | 000,000,017 | ---- | C] () -- C:\Users\SERVER\AppData\Local\resmon.resmoncfg
[2013/02/25 05:22:32 | 000,001,394 | ---- | C] () -- C:\Users\SERVER\Documents\a.facebook.com
[2013/02/25 05:02:14 | 000,430,584 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/02/24 17:37:25 | 000,033,925 | ---- | C] () -- C:\Users\SERVER\Desktop\anonymous-mask.jpg
[2013/02/24 15:56:25 | 000,001,998 | ---- | C] () -- C:\Users\SERVER\Desktop\Process Hacker 2.lnk
[2013/02/24 09:04:44 | 001,903,419 | ---- | C] () -- C:\Users\SERVER\Desktop\indonesia_bhineka tunggal ika_2_1.mp3
[2013/02/24 08:30:22 | 000,416,768 | ---- | C] () -- C:\Users\SERVER\Desktop\UDP Unicorn.exe
[2013/02/24 07:07:02 | 000,178,176 | ---- | C] () -- C:\Users\SERVER\Desktop\LOIC.exe
[2013/02/24 06:42:02 | 000,001,714 | ---- | C] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\Wireshark.lnk
[2013/02/24 06:42:02 | 000,001,702 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
[2013/02/23 20:19:15 | 000,001,023 | ---- | C] () -- C:\Users\SERVER\Desktop\Super Hide IP.lnk
[2013/02/23 16:49:54 | 000,001,005 | ---- | C] () -- C:\Users\Public\Desktop\Super Hide IP.lnk
[2013/02/21 18:46:44 | 000,001,780 | ---- | C] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\Chrono Tales.lnk
[2013/02/21 18:46:44 | 000,000,938 | ---- | C] () -- C:\Users\Public\Desktop\Chrono Tales.lnk
[2013/02/20 21:23:41 | 000,001,322 | ---- | C] () -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
[2013/02/20 21:09:54 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3029224366-2691295330-1888983494-1000UA.job
[2013/02/20 21:09:52 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3029224366-2691295330-1888983494-1000Core.job
[2013/02/20 19:32:43 | 002,505,130 | ---- | C] () -- C:\Users\SERVER\Desktop\09 mother how are you today.mp3
[2013/02/19 16:43:24 | 000,235,008 | ---- | C] () -- C:\Windows\System32\FltEng.dll
[2013/02/19 16:43:24 | 000,061,440 | ---- | C] () -- C:\Windows\System32\secpro.exe
[2013/02/17 22:13:34 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/02/17 18:07:08 | 000,000,000 | ---- | C] () -- C:\MSDOS.SYS
[2013/02/17 18:07:08 | 000,000,000 | ---- | C] () -- C:\IO.SYS
[2013/02/17 15:26:21 | 000,001,004 | ---- | C] () -- C:\Users\Public\Desktop\DragonCityBot.lnk
[2013/02/14 20:36:27 | 000,002,047 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2013/02/14 15:54:26 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Havij.lnk
[2013/02/14 04:48:26 | 022,219,300 | ---- | C] () -- C:\Users\SERVER\Desktop\Cara Deface website Bagi pemula - YouTube.MP4
[2013/02/10 19:06:55 | 000,001,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/02/10 19:06:55 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/02/07 17:06:00 | 000,000,796 | ---- | C] () -- C:\Users\Public\Desktop\ModooMarble.lnk
[2013/02/06 06:03:55 | 000,000,291 | ---- | C] () -- C:\Windows\SumitSoft.ini
[2013/02/05 21:28:33 | 000,001,184 | ---- | C] () -- C:\Users\SERVER\Desktop\QuickStores.lnk
[2013/02/05 20:07:20 | 000,000,056 | ---- | C] () -- C:\Windows\SpeedGear.INI
[2013/02/05 04:42:09 | 000,001,353 | ---- | C] () -- C:\Users\SERVER\Desktop\FacebookPasswordDecryptor.lnk
[2013/02/04 00:51:30 | 000,000,274 | ---- | C] () -- C:\Windows\wininit.ini
[2013/02/04 00:30:00 | 000,000,009 | ---- | C] () -- C:\Windows\WINHELP.INI
[2013/02/04 00:14:58 | 000,091,136 | ---- | C] () -- C:\Windows\BC5RMV.EXE
[2013/02/03 18:19:48 | 000,001,498 | ---- | C] () -- C:\Users\SERVER\Desktop\UndeletePlus - Shortcut.lnk
[2013/02/03 15:02:11 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
[2013/02/03 08:01:12 | 000,313,991 | ---- | C] () -- C:\Users\SERVER\Desktop\data_library_en.swf
[2013/02/01 19:42:48 | 022,081,536 | -HS- | C] () -- C:\diskpt0.sys
[2013/02/01 19:30:46 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/02/01 19:19:09 | 000,001,004 | ---- | C] () -- C:\Windows\diskpt.dat
[2013/02/01 19:10:17 | 000,000,048 | ---- | C] () -- C:\Windows\diskpt.crt
[2013/02/01 15:56:18 | 000,000,879 | ---- | C] () -- C:\Users\Public\Desktop\AIMP3.lnk
[2013/02/01 15:47:11 | 000,001,184 | ---- | C] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickStores.lnk
[2013/02/01 00:14:37 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2013/02/01 00:14:28 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2013/02/01 00:13:33 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2013/02/01 00:13:30 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2013/02/01 00:13:21 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2013/01/31 22:39:34 | 000,000,544 | ---- | C] () -- C:\Users\SERVER\AppData\Local\UserProducts.xml
[2013/01/31 22:39:34 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\update-S-1-5-21-3029224366-2691295330-1888983494-1000.job
[2013/01/31 22:39:32 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\update-sys.job
[2013/01/31 04:40:13 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2013/01/31 01:10:19 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/01/31 01:09:40 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/01/31 01:01:57 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/01/31 01:01:52 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013/01/31 00:59:53 | 1558,110,208 | -HS- | C] () -- C:\hiberfil.sys
[2013/01/30 22:58:15 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\PC Optimizer Pro Scan.job
[2013/01/30 22:58:00 | 000,000,440 | ---- | C] () -- C:\Windows\tasks\PC Optimizer Pro Updates.job
[2013/01/30 22:51:49 | 000,001,079 | ---- | C] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Optimizer Pro.lnk
[2013/01/30 22:51:49 | 000,001,055 | ---- | C] () -- C:\Users\Public\Desktop\PC Optimizer Pro.lnk
[2013/01/30 22:07:08 | 000,003,247 | ---- | C] () -- C:\Users\SERVER\Desktop\baseball heroes.CT
[2013/01/30 18:40:42 | 000,001,047 | ---- | C] () -- C:\Users\SERVER\Desktop\Cheat Engine.lnk
[2013/01/30 18:35:44 | 000,002,009 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2013/01/30 17:34:11 | 000,001,095 | ---- | C] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2013/01/30 17:34:11 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2013/01/30 17:10:00 | 000,000,396 | ---- | C] () -- C:\Users\SERVER\Desktop\Local Area Connection - Shortcut.lnk
[2013/01/30 11:15:15 | 000,001,411 | ---- | C] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/01/30 11:14:36 | 109,408,728 | ---- | C] () -- C:\Users\SERVER\Documents\sound_VIA.zip
[2013/01/30 11:06:54 | 000,002,623 | ---- | C] () -- C:\Users\SERVER\Desktop\GameHouse.lnk
[2013/01/30 11:06:45 | 000,002,613 | ---- | C] () -- C:\Users\SERVER\Desktop\CorelDRAW X5.lnk
[2013/01/30 10:55:20 | 000,003,021 | ---- | C] () -- C:\Users\SERVER\Desktop\Microsoft Word 2010.lnk
[2013/01/30 10:55:16 | 000,002,937 | ---- | C] () -- C:\Users\SERVER\Desktop\Microsoft PowerPoint 2010.lnk
[2013/01/30 10:55:13 | 000,002,951 | ---- | C] () -- C:\Users\SERVER\Desktop\Microsoft Excel 2010.lnk
[2013/01/30 10:53:36 | 000,001,159 | ---- | C] () -- C:\Users\SERVER\Desktop\Adobe Photoshop CS5.lnk
[2013/01/30 10:43:01 | 000,000,959 | ---- | C] () -- C:\Users\SERVER\Desktop\Kamus2.lnk
[2013/01/30 10:42:05 | 000,002,369 | ---- | C] () -- C:\Users\SERVER\Desktop\Google Chrome.lnk
[2013/01/30 10:40:04 | 000,002,716 | ---- | C] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk
[2013/01/30 10:40:04 | 000,002,692 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2013/01/30 10:38:28 | 000,000,997 | ---- | C] () -- C:\Users\SERVER\Desktop\KMPlayer.lnk
[2013/01/30 10:37:35 | 000,001,017 | ---- | C] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk
[2013/01/30 10:37:35 | 000,000,993 | ---- | C] () -- C:\Users\SERVER\Desktop\PhotoScape.lnk
[2013/01/30 10:37:26 | 000,001,092 | ---- | C] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2013/01/30 10:37:26 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2013/01/30 10:36:09 | 000,000,975 | ---- | C] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2013/01/30 10:36:09 | 000,000,951 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2013/01/30 10:35:03 | 000,791,432 | ---- | C] () -- C:\Users\SERVER\Documents\smadav91.exe
[2013/01/30 10:34:53 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/01/30 10:30:11 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2013/01/30 10:15:23 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\HD VDeck.lnk
[2013/01/30 10:15:22 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
[2013/01/30 10:05:21 | 000,001,417 | ---- | C] () -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/01/30 10:04:24 | 000,000,290 | ---- | C] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/01/30 10:04:24 | 000,000,272 | ---- | C] () -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

========== ZeroAccess Check ==========

[2009/07/14 11:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 11:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 08:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/01/30 17:54:38 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\360Login
[2013/02/16 03:01:03 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\360mobilemgr
[2013/02/16 18:10:58 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\360Notify
[2013/02/16 18:22:00 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\360Safe
[2013/02/16 05:11:46 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\360se
[2013/02/10 18:33:23 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\AIMP3
[2013/02/03 14:59:15 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\Alawar
[2013/02/06 23:22:57 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\AutoHideIP
[2013/02/05 04:42:43 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\Babylon
[2013/02/19 16:18:40 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\BPK
[2013/02/07 00:07:44 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\C__Program Files_AutoHideIP_AutoHideIP.exe
[2013/02/25 19:05:12 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\DMCache
[2013/02/16 23:38:00 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\FlashPlayerTemp
[2013/02/21 18:46:46 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\gbox
[2013/02/24 17:28:12 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\IDM
[2013/02/03 19:50:30 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\IObit
[2013/01/30 17:29:40 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\Meitu
[2013/02/05 16:19:32 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\MoMo - Web Browser Optimize
[2013/02/05 20:33:37 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\Opera
[2013/02/14 20:37:20 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\PC Suite
[2013/02/24 16:22:47 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\Process Hacker 2
[2013/02/01 19:43:09 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\Shadow Defender
[2013/01/30 10:35:21 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\Smadav
[2013/02/25 19:17:29 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\Software Informer
[2013/02/23 16:57:17 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\SuperHideIP
[2013/02/15 04:42:17 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\TrustPort
[2013/02/24 07:03:37 | 000,000,000 | ---D | M] -- C:\Users\SERVER\AppData\Roaming\Wireshark

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2013/02/17 19:55:29 | 000,000,000 | ---D | M](C:\Users\SERVER\Documents\????) -- C:\Users\SERVER\Documents\美图图库
[2013/02/17 19:49:29 | 000,001,855 | ---- | M] ()(C:\Users\Public\Desktop\???????.lnk) -- C:\Users\Public\Desktop\美图秀秀批处理.lnk
[2013/02/17 19:49:13 | 000,001,855 | ---- | C] ()(C:\Users\Public\Desktop\???????.lnk) -- C:\Users\Public\Desktop\美图秀秀批处理.lnk
[2013/02/15 22:07:52 | 000,001,057 | ---- | M] ()(C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\????.lnk) -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\美图秀秀.lnk
[2013/02/15 22:07:52 | 000,001,033 | ---- | M] ()(C:\Users\Public\Desktop\????.lnk) -- C:\Users\Public\Desktop\美图秀秀.lnk
[2013/02/15 22:07:47 | 000,001,057 | ---- | C] ()(C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\????.lnk) -- C:\Users\SERVER\Application Data\Microsoft\Internet Explorer\Quick Launch\美图秀秀.lnk
[2013/02/15 22:07:47 | 000,001,033 | ---- | C] ()(C:\Users\Public\Desktop\????.lnk) -- C:\Users\Public\Desktop\美图秀秀.lnk
[2013/02/15 22:07:47 | 000,000,000 | ---D | C](C:\ProgramData\Microsoft\Windows\Start Menu\Programs\??) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\美图
[2013/02/15 22:07:46 | 000,000,000 | ---D | C](C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\??) -- C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\美图
[2013/02/09 19:05:35 | 000,020,476 | ---- | M] ()(C:\Users\SERVER\Desktop\31012013727_??.jpg) -- C:\Users\SERVER\Desktop\31012013727_副本.jpg
[2013/02/09 19:05:35 | 000,020,476 | ---- | C] ()(C:\Users\SERVER\Desktop\31012013727_??.jpg) -- C:\Users\SERVER\Desktop\31012013727_副本.jpg
[2013/01/31 00:45:12 | 000,000,692 | ---- | M] ()(C:\Users\Public\Desktop\SMAD?V.lnk) -- C:\Users\Public\Desktop\SMADΔV.lnk
[2013/01/30 11:14:41 | 000,000,000 | ---D | C](C:\Users\SERVER\Documents\????) -- C:\Users\SERVER\Documents\美图图库
[2013/01/30 10:35:21 | 000,000,692 | ---- | C] ()(C:\Users\Public\Desktop\SMAD?V.lnk) -- C:\Users\Public\Desktop\SMADΔV.lnk

========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:097CF772

< End of report >

Edited by orcid, 25 February 2013 - 06:49 AM.

  • 0

Advertisements

#2
Essexboy
Posted 25 February 2013 - 09:38 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
It is probably Avast blocking the page display as your Host file has been compromised. On completion of this can you let me know whether you are still getting blocked

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:OTL
SRV - File not found [On_Demand | Stopped] -- C:\Users\SERVER\AppData\Local\Temp\QMFWAR.exe -- (QMFWAR)
SRV - File not found [On_Demand | Stopped] -- C:\Users\SERVER\AppData\Local\Temp\OXZGR.exe -- (OXZGR)
SRV - File not found [On_Demand | Stopped] -- C:\Users\SERVER\AppData\Local\Temp\MEBVHTNOWP.exe -- (MEBVHTNOWP)
SRV - File not found [On_Demand | Stopped] -- C:\Users\SERVER\AppData\Local\Temp\JQMAUWIQDS.exe -- (JQMAUWIQDS)
SRV - [2013/02/19 16:43:26 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Windows\System32\secpro.exe -- (SecStore)
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-sea...0001078d2eb0645
[2013/02/23 16:07:57 | 000,009,619 | ---- | M] () -- C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\opugb47m.default-1360495341128\searchplugins\my-web-search.xml
[2013/02/25 18:33:01 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-3029224366-2691295330-1888983494-1000.job
[2013/02/25 18:26:05 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\update-sys.job

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#3
Essexboy
Posted 02 March 2013 - 09:53 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP