Here are the notes for OTL
---------
OTL logfile created on: 10/6/2012 6:23:09 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ALEDAN\Documents\apps\softwares\antivirus
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00003409 | Country: Philippines | Language: ENP | Date Format: M/d/yyyy
3.41 Gb Total Physical Memory | 2.09 Gb Available Physical Memory | 61.42% Memory free
6.82 Gb Paging File | 4.71 Gb Available in Paging File | 69.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.66 Gb Total Space | 38.68 Gb Free Space | 8.31% Space Free | Partition Type: NTFS
Computer Name: ALEDAN-PC | User Name: ALEDAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/10/06 18:20:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ALEDAN\My Documents\apps\softwares\antivirus\OTL.exe
PRC - [2012/10/05 23:47:59 | 000,529,744 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2012/10/03 17:11:54 | 001,266,232 | ---- | M] (Soluto) -- C:\Program Files\Soluto\Soluto.exe
PRC - [2012/10/03 17:11:54 | 000,604,216 | ---- | M] (Soluto) -- C:\Program Files\Soluto\SolutoService.exe
PRC - [2012/09/21 21:27:24 | 000,895,376 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2012/09/12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2012/09/12 17:25:22 | 000,280,088 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MpCmdRun.exe
PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/09/11 12:42:20 | 000,175,976 | ---- | M] (Ginger Software) -- C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe
PRC - [2012/09/11 12:41:58 | 001,266,536 | ---- | M] (Ginger Software) -- C:\Program Files\Ginger\GingerServices\GingerServices.exe
PRC - [2012/08/05 06:58:34 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2012/07/25 14:54:06 | 000,092,360 | ---- | M] (Speedbit Ltd.) -- C:\Program Files\Common Files\SpeedBit\SBUpdate\SBUpdate.exe
PRC - [2012/01/05 03:59:50 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011/12/16 12:37:30 | 000,363,800 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/12/16 12:37:26 | 000,277,784 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/12/16 12:37:18 | 000,128,280 | R--- | M] () -- C:\Program Files\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2011/12/16 12:37:10 | 000,161,560 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2011/12/08 16:32:50 | 000,423,136 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe
PRC - [2011/08/04 12:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.4.0.12\ccsvchst.exe
PRC - [2011/02/25 13:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 20:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
========== Modules (No Company Name) ========== MOD - [2012/10/05 23:47:58 | 020,317,008 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2012/10/05 23:47:56 | 001,099,616 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-53.dll
MOD - [2012/10/05 23:47:56 | 000,902,480 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2012/10/05 23:47:56 | 000,190,816 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-53.dll
MOD - [2012/10/05 23:47:56 | 000,123,232 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-51.dll
MOD - [2012/10/05 15:11:24 | 000,656,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPostBootResources\79cafa175250fe23f250c49b1c658a2f\PCGPostBootResources.ni.dll
MOD - [2012/10/05 15:11:24 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGHIDProbe\718efe1eb9393d9593bf1e0144b8f7c6\PCGHIDProbe.ni.dll
MOD - [2012/10/05 15:11:23 | 002,327,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Community.CsharpSql#\91e06f506baa7e67a190d8432e6862ac\Community.CsharpSqlite.ni.dll
MOD - [2012/10/05 15:11:23 | 000,045,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGRSPProbe\53f53896744f58d8aa71f644882a3cdb\PCGRSPProbe.ni.dll
MOD - [2012/10/05 15:11:22 | 000,202,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGWuInfo\954ccc8ed26ad8042da0355a57f55cd1\PCGWuInfo.ni.dll
MOD - [2012/10/05 15:11:22 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\74e83e6971b33297784e96362694dfe0\Interop.IWshRuntimeLibrary.ni.dll
MOD - [2012/10/05 15:11:21 | 000,176,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAppControlPlugin#\9317c819e6468e24e6c7d95a593da23d\PCGAppControlPluginLoader.ni.dll
MOD - [2012/10/05 15:11:21 | 000,067,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGUsersCenter\4793c6d3d5dcf26fe73e6f1747409cd8\PCGUsersCenter.ni.dll
MOD - [2012/10/05 15:11:20 | 004,291,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGClientCommon\2eed2f7c3090fb453dde3998dc60f4de\PCGClientCommon.ni.dll
MOD - [2012/10/05 15:11:18 | 000,259,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDriverProbe\1b561ef15ca43391ed9ef488ef58db32\PCGDriverProbe.ni.dll
MOD - [2012/10/05 15:11:18 | 000,198,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGBootVisualizingC#\2a450b8a0eb6996e98e70d876cd0b79f\PCGBootVisualizingCommon.ni.dll
MOD - [2012/10/05 15:11:17 | 000,068,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGConfiguration\c18bd4cde33b9716d569da26da44de34\PCGConfiguration.ni.dll
MOD - [2012/10/05 15:11:16 | 003,939,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDatabase\a775736257e1bff8de2f7565508d56c2\PCGDatabase.ni.dll
MOD - [2012/10/05 15:11:14 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureEntityFrame#\0d8dbe19a248042ae4d89aa2a52b06fa\PCGAzureEntityFramework.ni.dll
MOD - [2012/10/05 15:11:13 | 001,515,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureShared\5df5a5794a91bd479b27561c5a278084\PCGAzureShared.ni.dll
MOD - [2012/10/05 15:11:13 | 001,303,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGCommunication\3a578b7e23def94fc468b5c063fb9fa1\PCGCommunication.ni.dll
MOD - [2012/10/05 15:11:10 | 002,845,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPreCompiled\cdd82149cdd787b1a3269ca4543b3ee3\PCGPreCompiled.ni.dll
MOD - [2012/10/05 15:11:09 | 000,259,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPrestoSerializer\e55c4f4cc1d3d0b72c6a4916b92ea413\PCGPrestoSerializer.ni.dll
MOD - [2012/10/05 15:11:08 | 000,596,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Ionic.Zip.Reduced\7ad181a648d9254a6b78f68983e90b62\Ionic.Zip.Reduced.ni.dll
MOD - [2012/10/05 15:11:05 | 002,128,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Newtonsoft.Json.Net#\00d4d6fe5f3231cc79bbce7450ab058c\Newtonsoft.Json.Net35.ni.dll
MOD - [2012/10/05 15:11:03 | 002,798,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGFramework\f72a47d03ad26c6760321c762e0ad919\PCGFramework.ni.dll
MOD - [2012/10/05 15:11:01 | 001,725,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Soluto\79964986e8463b367ac4791a06e0389d\Soluto.ni.exe
MOD - [2012/09/25 17:42:58 | 000,460,312 | ---- | M] () -- C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppgooglenaclpluginchrome.dll
MOD - [2012/09/25 17:42:57 | 012,278,808 | ---- | M] () -- C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
MOD - [2012/09/25 17:42:55 | 004,005,912 | ---- | M] () -- C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
MOD - [2012/09/25 17:41:39 | 000,578,072 | ---- | M] () -- C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\libglesv2.dll
MOD - [2012/09/25 17:41:38 | 000,123,416 | ---- | M] () -- C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\libegl.dll
MOD - [2012/09/25 17:41:27 | 000,156,712 | ---- | M] () -- C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\avutil-51.dll
MOD - [2012/09/25 17:41:26 | 000,275,496 | ---- | M] () -- C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\avformat-54.dll
MOD - [2012/09/25 17:41:24 | 002,168,360 | ---- | M] () -- C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll
MOD - [2012/08/15 22:29:49 | 002,516,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\2fe1658f05b0a96fe25c956a31d27b06\System.Data.Linq.ni.dll
MOD - [2012/08/15 22:27:16 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012/08/15 11:33:14 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
MOD - [2012/08/15 11:33:08 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/08/15 11:32:40 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/08/15 11:32:34 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/08/15 11:32:12 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/08/15 11:32:07 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/08/15 11:32:06 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/08/15 11:31:56 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/07/25 14:54:06 | 000,090,824 | ---- | M] () -- C:\Windows\System32\EasyHook32.dll
MOD - [2011/12/15 14:34:34 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
========== Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2012/10/05 23:47:59 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/10/03 17:11:54 | 000,604,216 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV - [2012/09/26 01:28:44 | 000,666,720 | ---- | M] (Wellbia.com Co., Ltd.) [Disabled | Stopped] -- C:\Windows\System32\xsherlock.xem -- (xsherlock)
SRV - [2012/09/12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/09/11 12:42:20 | 000,175,976 | ---- | M] (Ginger Software) [Auto | Running] -- C:\Program Files\Ginger\GingerUpdateService\GingerUpdateService.exe -- (GingerUpdateService)
SRV - [2012/08/02 14:57:06 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/07/30 12:02:10 | 000,018,360 | ---- | M] (Overwolf Ltd) [Disabled | Stopped] -- C:\Program Files\Overwolf\OverwolfUpdater.exe -- (OverwolfUpdaterService)
SRV - [2012/07/28 04:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/05/09 03:51:02 | 004,629,080 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2012/03/19 23:44:18 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011/12/16 12:37:30 | 000,363,800 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/12/16 12:37:26 | 000,277,784 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/12/16 12:37:18 | 000,128,280 | R--- | M] () [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2011/12/16 12:37:10 | 000,161,560 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/12/12 14:07:00 | 000,793,048 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2011/12/08 16:32:50 | 000,423,136 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2011/08/04 12:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\4.4.0.12\ccSvcHst.exe -- (N360)
SRV - [2011/06/12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/14 09:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 09:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 09:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/03/12 17:36:24 | 000,086,016 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe -- (mi-raysat_3dsmax2010_32)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\xhunter1.sys -- (xhunter1)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\vtany.sys -- (vtany)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena Plus\Room\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Running] -- C:\Windows\TEMP\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - [2012/10/06 18:01:35 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2F9FA094-5002-45CA-8014-17A07401D61F}\MpKsl71735bbb.sys -- (MpKsl71735bbb)
DRV - [2012/10/03 17:08:36 | 000,051,144 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Soluto.sys -- (Soluto)
DRV - [2012/09/13 12:53:38 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121004.020\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/09/13 12:53:38 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121004.020\NAVENG.SYS -- (NAVENG)
DRV - [2012/09/06 04:54:30 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20121004.001\IDSvix86.sys -- (IDSVix86)
DRV - [2012/09/01 06:09:14 | 000,995,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20120928.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/08/30 22:03:50 | 000,099,272 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/08/13 01:33:27 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/08/13 01:33:27 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/07/26 07:31:44 | 000,281,344 | ---- | M] (D-vitec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dvitdcnt.sys -- (D-Vitec)
DRV - [2012/07/25 04:11:54 | 000,035,560 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\hssdrv6.sys -- (HssDRV6)
DRV - [2012/07/25 04:11:50 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2012/07/19 17:38:52 | 000,113,104 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2012/07/02 17:35:27 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012/01/05 03:58:50 | 000,789,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV - [2012/01/05 03:58:50 | 000,347,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iusb3hub.sys -- (iusb3hub)
DRV - [2012/01/05 03:58:50 | 000,013,592 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV - [2011/12/06 03:22:00 | 000,280,576 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2011/11/10 00:52:02 | 000,046,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2011/10/24 05:39:40 | 000,278,528 | ---- | M] (AVEO) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVEOdcnt.sys -- (AVEO)
DRV - [2011/08/22 10:53:36 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\symtdiv.sys -- (SYMTDIv)
DRV - [2011/08/22 10:53:35 | 000,173,176 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\symefa.sys -- (SymEFA)
DRV - [2011/08/04 12:19:30 | 000,485,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\cchpx86.sys -- (ccHP)
DRV - [2011/05/31 16:14:56 | 000,010,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Game\SoftnyxGame\RakionIS\Bin\apf001.sys -- (apf001)
DRV - [2011/01/06 20:10:22 | 000,021,624 | ---- | M] (Elitegroup Computer System Co., Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\EZCharger.sys -- (EZCharger)
DRV - [2010/11/20 20:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 20:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 20:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 18:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 18:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 17:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 17:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 17:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/11/01 06:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2010/04/29 13:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\ironx86.sys -- (SymIRON)
DRV - [2010/04/22 10:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\srtsp.sys -- (SRTSP)
DRV - [2010/04/22 10:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\srtspx.sys -- (SRTSPX)
DRV - [2009/12/01 20:42:32 | 000,014,528 | ---- | M] (Elitegroup Computer Systems) [Kernel | On_Demand | Stopped] -- C:\Program Files\ECS Motherboard Utility\eBLU\ECSIoDriver.sys -- (ECSIoDriver_1_1_0_0)
DRV - [2009/10/15 11:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\0404000.00C\symds.sys -- (SymDS)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.bigseekpr...5-585190BD59FC}IE - HKLM\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {E627DC4B-8C04-4234-A2D4-1D634EE01C41}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" =
http://search.condui...&ctid=CT3072253IE - HKLM\..\SearchScopes\{E627DC4B-8C04-4234-A2D4-1D634EE01C41}: "URL" =
http://www.bigseekpr...q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.msn.com/?...OIE9MSE&PC=UP09IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://home.speedbit.../?pid=%s&aid=%sIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ph
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B1 D8 62 F1 32 67 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {7F4EFF06-7032-458e-AE16-1C1D8255C28A}
IE - HKCU\..\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}: "URL" =
http://www.basicscan...s={searchTerms}IE - HKCU\..\SearchScopes\{4FF22553-DC11-4C25-95EC-9267593001D4}: "URL" =
http://search.condui...&ctid=CT3220468IE - HKCU\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKCU\..\SearchScopes\{E627DC4B-8C04-4234-A2D4-1D634EE01C41}: "URL" =
http://www.bigseekpr...q={searchTerms}IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "SpeedBit Search"
FF - prefs.js..browser.search.defaulturl: "
http://home.speedbit...x?s=C7Pa206&q="FF - prefs.js..browser.search.order.1: "SpeedBit Search"
FF - prefs.js..browser.search.selectedEngine: "SpeedBit Search"
FF - prefs.js..browser.startup.homepage: "
http://home.speedbit...?pid=%s&aid=%s"FF - prefs.js..extensions.enabledAddons:
[email protected]:0.1
FF - prefs.js..keyword.URL: "
http://home.speedbit...x?s=C7Pa206&q="FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@qq.com/npqscall: C:\Program Files\Common Files\Tencent\NPQSCALL\npqscall.dll (Tencent)
FF - HKLM\Software\MozillaPlugins\@qq.com/TXSSO: C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.38\Bin\npSSOAxCtrlForPTLogin.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\ALEDAN\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\ALEDAN\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\ALEDAN\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ALEDAN\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ALEDAN\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2012/08/07 17:31:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2012/10/06 17:04:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/07/21 15:31:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\DAP\daplinkchecker [2012/07/25 14:55:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]:
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/10 00:37:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012/09/10 00:38:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALEDAN\AppData\Roaming\Mozilla\Extensions
[2012/08/01 13:52:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALEDAN\AppData\Roaming\Mozilla\Firefox\extensions
[2012/08/01 13:52:22 | 000,000,000 | ---D | M] (uTorrentControl3) -- C:\Users\ALEDAN\AppData\Roaming\Mozilla\Firefox\extensions\{46a3135d-3683-48cf-b94c-82655cbc0e8a}
[2012/07/21 19:06:44 | 000,000,000 | ---D | M] (uTorrentControl2) -- C:\Users\ALEDAN\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012/09/28 20:05:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALEDAN\AppData\Roaming\Mozilla\Firefox\Profiles\9hen101w.default\extensions
[2012/09/25 18:13:00 | 000,002,534 | ---- | M] () -- C:\Users\ALEDAN\AppData\Roaming\Mozilla\Firefox\Profiles\9hen101w.default\searchplugins\speedbit.xml
[2012/09/21 20:35:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/21 20:35:21 | 000,000,000 | ---D | M] ("Ginger") -- C:\Program Files\Mozilla Firefox\extensions\
[email protected][2012/09/06 09:27:05 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/09/06 09:26:22 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/09/06 09:26:22 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ========== CHR - homepage:
http://home.speedbit.com/?s=C7Pa205CHR - default_search_provider: Speedbit (Enabled)
CHR - default_search_provider: search_url =
http://home.speedbit...q={searchTerms}CHR - default_search_provider: suggest_url =
http://api.searchpre...d={searchTerms}CHR - homepage:
http://home.speedbit.com/?s=C7Pa205CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ALEDAN\AppData\Local\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Google Update (Enabled) = C:\Users\ALEDAN\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: DAP Link Checker = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodfdknjhecmadheclfjkhhiofeagdbh\1.0.0.9_0\
CHR - Extension: Google Search = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\2.3.15.10_0\
CHR - Extension: uTorrentControl3 = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoadpabahabkmdndndlimfikephnoka\2.3.15.10_0\
CHR - Extension: Download Accelerator Plus (DAP) = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.10_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: TopLine = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkoifoocjggkggkbdlpcpbbibjlddjem\3.8_0\
CHR - Extension: Skype Click to Call = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\
CHR - Extension: Ginger = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nacnicbpedmjfagkdhpmbpjlgcgcekka\2.7.60_0\
CHR - Extension: uTorrentControl2 = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\
CHR - Extension: Gmail = C:\Users\ALEDAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/09/15 01:58:17 | 000,000,892 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Ginger Grammar & Spell Checker) - {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} - C:\Program Files\Ginger\GingerIEAddin\adxloader.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.4.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Do Not Track Plus) - {6E45F3E8-2683-4824-A6BE-08108022FB36} - C:\Program Files\DoNotTrackPlus\IE\DNTPAddon.dll (Abine)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SpeedBit Link Verification Helper) - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files\DAP\LinkVerifier.dll (Speedbit Ltd.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {60EACC1A-33FA-443D-9846-17B28E2C9BDB} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [USB3MON] C:\Program Files\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: &Verify with DAP - C:\Program Files\DAP\dapverify.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Do Not Track Plus © Abine - {6E45F3E8-2683-4824-A6BE-08108022FB36} - C:\Program Files\DoNotTrackPlus\IE\DNTPAddon.dll (Abine)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E}
https://www.e-games....GamesPlugin.cab (EGamesPlugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{706F3B43-3E11-4922-BAC4-799EF0C4F723}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Overwolf\SKYPE4~2.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 05:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2012/10/06 18:24:01 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\ALEDAN\Desktop\tdsskiller.exe
[2012/10/06 08:17:12 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Local\{B965A7D3-15B2-4492-B32E-27B023564DCD}
[2012/10/05 20:46:08 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Local\DoNotTrackPlus
[2012/10/05 20:45:00 | 000,000,000 | ---D | C] -- C:\Program Files\DoNotTrackPlus
[2012/10/05 15:09:23 | 000,051,144 | ---- | C] (Soluto LTD.) -- C:\Windows\System32\drivers\Soluto.sys
[2012/10/05 15:09:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soluto
[2012/10/05 15:09:19 | 000,000,000 | ---D | C] -- C:\Program Files\Soluto
[2012/10/05 15:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Soluto
[2012/10/05 11:23:36 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\Desktop\MEMBER'S DATA FORM (MDF) PRINT (NO. 912279048342)_files
[2012/10/03 16:01:00 | 000,000,000 | ---D | C] -- C:\VivoxLogs
[2012/10/03 03:38:24 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Local\Solid State Networks
[2012/10/03 03:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\MeteorEntertainment
[2012/10/03 03:37:40 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Meteor Entertainment
[2012/10/01 10:47:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2012/10/01 10:47:03 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2012/10/01 00:48:40 | 000,000,000 | ---D | C] -- C:\Program Files\xC-CS1.6
[2012/09/30 01:19:21 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Local\Aeria Games
[2012/09/30 01:17:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Aeria Games
[2012/09/30 01:09:58 | 000,000,000 | -HSD | C] -- C:\Windows\System32\AI_RecycleBin
[2012/09/30 01:09:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
[2012/09/30 01:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\Aeria Games
[2012/09/28 11:20:07 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\Desktop\RAPRAP.COM
[2012/09/27 18:11:53 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Local\Akamai
[2012/09/27 18:11:47 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2012/09/26 16:26:45 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\Desktop\warkey
[2012/09/25 17:09:00 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\Documents\StarCraft II
[2012/09/25 17:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012/09/25 17:08:59 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II
[2012/09/25 17:08:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2012/09/22 13:02:58 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/09/22 04:37:40 | 000,000,000 | ---D | C] -- C:\MoTemp
[2012/09/21 21:28:05 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrentControl_v2
[2012/09/21 20:35:39 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Roaming\Acapela Group
[2012/09/21 20:35:10 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\Documents\Add-in Express
[2012/09/21 20:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ginger
[2012/09/21 20:34:53 | 000,000,000 | ---D | C] -- C:\Program Files\Ginger
[2012/09/19 00:18:51 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Local\{AA1647C1-CA24-4A22-9B51-4DC778209879}
[2012/09/14 21:51:05 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2012/09/13 21:35:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
[2012/09/13 21:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2012/09/13 21:35:15 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2012/09/13 21:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012/09/13 21:35:14 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2012/09/13 20:44:31 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Roaming\Registry Mechanic
[2012/09/13 16:20:46 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\System32\UniBox210.ocx
[2012/09/13 16:20:46 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\System32\UniBox10.ocx
[2012/09/13 16:20:46 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\System32\UniBoxVB12.ocx
[2012/09/13 16:20:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Registry Mechanic
[2012/09/13 16:20:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2012/09/13 16:20:31 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Registry Mechanic
[2012/09/13 16:17:32 | 000,000,000 | ---D | C] -- C:\Program Files\GreenTree Applications
[2012/09/11 20:06:27 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2012/09/11 20:06:18 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Roaming\SystemRequirementsLab
[2012/09/11 11:15:06 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Roaming\Tific
[2012/09/11 11:15:05 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Local\Symantec
[2012/09/10 16:25:05 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Local\Macromedia
[2012/09/10 00:38:16 | 000,000,000 | ---D | C] -- C:\Users\ALEDAN\AppData\Local\Mozilla
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/10/06 18:25:05 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2482327023-763593763-3706321181-1000UA.job
[2012/10/06 18:24:28 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\ALEDAN\Desktop\tdsskiller.exe
[2012/10/06 18:09:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/06 18:09:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/06 17:42:04 | 000,664,000 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/10/06 17:42:04 | 000,124,736 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/10/06 17:09:28 | 000,021,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/06 17:09:28 | 000,021,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/06 17:03:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/06 17:03:33 | 2744,885,248 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/06 12:53:03 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2482327023-763593763-3706321181-1000UA.job
[2012/10/05 21:53:01 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2482327023-763593763-3706321181-1000Core.job
[2012/10/05 19:25:08 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2482327023-763593763-3706321181-1000Core.job
[2012/10/05 15:09:59 | 000,000,098 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/10/05 11:23:36 | 000,118,975 | ---- | M] () -- C:\Users\ALEDAN\Desktop\MEMBER'S DATA FORM (MDF) PRINT (NO. 912279048342).htm
[2012/10/04 21:24:06 | 000,614,400 | ---- | M] () -- C:\Windows\System32\Image20.dat
[2012/10/03 17:08:36 | 000,051,144 | ---- | M] (Soluto LTD.) -- C:\Windows\System32\drivers\Soluto.sys
[2012/10/02 23:51:27 | 000,316,413 | ---- | M] () -- C:\Users\ALEDAN\Desktop\the_lord_of_the_rings.jpg
[2012/10/01 08:30:38 | 000,007,604 | ---- | M] () -- C:\Users\ALEDAN\AppData\Local\resmon.resmoncfg
[2012/10/01 00:51:12 | 000,001,923 | ---- | M] () -- C:\Users\ALEDAN\Desktop\xCounter-Strike1.6.lnk
[2012/09/30 01:15:04 | 000,001,647 | ---- | M] () -- C:\Users\ALEDAN\Desktop\Shaiya.lnk
[2012/09/30 01:09:58 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\Aeria Ignite.lnk
[2012/09/28 16:27:43 | 000,002,450 | ---- | M] () -- C:\Users\ALEDAN\Desktop\Google Chrome.lnk
[2012/09/27 16:24:17 | 000,045,270 | ---- | M] () -- C:\Users\ALEDAN\AppData\Roaming\room_v3.dat
[2012/09/27 02:01:25 | 000,002,155 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/09/26 02:40:07 | 000,001,488 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Application Manager.lnk
[2012/09/26 01:28:44 | 000,666,720 | ---- | M] (Wellbia.com Co., Ltd.) -- C:\Windows\System32\xsherlock.xem
[2012/09/25 17:19:36 | 000,001,059 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2012/09/21 20:35:02 | 000,003,021 | ---- | M] () -- C:\Users\Public\Desktop\Ginger.lnk
[2012/09/19 20:49:47 | 000,125,521 | ---- | M] () -- C:\Users\ALEDAN\Desktop\SevenDwarfs.jpg
[2012/09/19 20:42:29 | 000,018,014 | ---- | M] () -- C:\Users\ALEDAN\Desktop\grumpy.jpg
[2012/09/19 20:41:43 | 000,017,299 | ---- | M] () -- C:\Users\ALEDAN\Desktop\dopey.jpg
[2012/09/19 20:35:19 | 000,038,819 | ---- | M] () -- C:\Users\ALEDAN\Desktop\snow.jpg
[2012/09/16 01:34:56 | 000,003,222 | ---- | M] () -- C:\Users\ALEDAN\Desktop\PlantsVsZombies - Shortcut.lnk
[2012/09/15 01:58:17 | 000,000,892 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/09/13 21:35:23 | 000,001,148 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012/09/13 21:35:23 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012/09/13 21:22:19 | 000,001,419 | ---- | M] () -- C:\Users\ALEDAN\Desktop\dnlauncher - Shortcut.lnk
[2012/09/13 18:54:47 | 008,233,123 | ---- | M] () -- C:\Users\ALEDAN\Documents\Volcanoes - Andreas Moe.mp3
[2012/09/13 16:31:27 | 005,311,898 | ---- | M] () -- C:\Users\ALEDAN\Documents\Laura Marling - New Romantic cover.mp3
[2012/09/13 16:24:20 | 024,654,128 | ---- | M] () -- C:\Users\ALEDAN\Documents\Laura Marling - New Romantic cover.flv
[2012/09/13 16:20:47 | 000,001,152 | ---- | M] () -- C:\Users\Public\Desktop\PC Tools Registry Mechanic.lnk
[2012/09/12 02:05:39 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/09/10 00:37:56 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/10/05 15:09:59 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/10/05 11:23:35 | 000,118,975 | ---- | C] () -- C:\Users\ALEDAN\Desktop\MEMBER'S DATA FORM (MDF) PRINT (NO. 912279048342).htm
[2012/10/02 23:51:25 | 000,316,413 | ---- | C] () -- C:\Users\ALEDAN\Desktop\the_lord_of_the_rings.jpg
[2012/10/01 00:51:11 | 000,001,923 | ---- | C] () -- C:\Users\ALEDAN\Desktop\xCounter-Strike1.6.lnk
[2012/09/30 01:15:02 | 000,001,647 | ---- | C] () -- C:\Users\ALEDAN\Desktop\Shaiya.lnk
[2012/09/30 01:09:57 | 000,001,990 | ---- | C] () -- C:\Users\Public\Desktop\Aeria Ignite.lnk
[2012/09/26 02:40:07 | 000,001,500 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
[2012/09/26 02:40:05 | 000,001,488 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Application Manager.lnk
[2012/09/25 17:09:00 | 000,001,059 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2012/09/21 20:35:01 | 000,003,021 | ---- | C] () -- C:\Users\Public\Desktop\Ginger.lnk
[2012/09/19 20:49:56 | 000,125,521 | ---- | C] () -- C:\Users\ALEDAN\Desktop\SevenDwarfs.jpg
[2012/09/19 20:42:36 | 000,018,014 | ---- | C] () -- C:\Users\ALEDAN\Desktop\grumpy.jpg
[2012/09/19 20:41:45 | 000,017,299 | ---- | C] () -- C:\Users\ALEDAN\Desktop\dopey.jpg
[2012/09/19 20:35:30 | 000,038,819 | ---- | C] () -- C:\Users\ALEDAN\Desktop\snow.jpg
[2012/09/14 21:51:32 | 000,003,222 | ---- | C] () -- C:\Users\ALEDAN\Desktop\PlantsVsZombies - Shortcut.lnk
[2012/09/13 21:35:23 | 000,001,148 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012/09/13 21:35:23 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012/09/13 21:35:17 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012/09/13 21:22:19 | 000,001,419 | ---- | C] () -- C:\Users\ALEDAN\Desktop\dnlauncher - Shortcut.lnk
[2012/09/13 18:54:42 | 008,233,123 | ---- | C] () -- C:\Users\ALEDAN\Documents\Volcanoes - Andreas Moe.mp3
[2012/09/13 18:54:23 | 006,213,711 | ---- | C] () -- C:\Users\ALEDAN\Desktop\Volcanoes - Andreas Moe.3gp
[2012/09/13 16:31:22 | 005,311,898 | ---- | C] () -- C:\Users\ALEDAN\Documents\Laura Marling - New Romantic cover.mp3
[2012/09/13 16:20:47 | 000,001,152 | ---- | C] () -- C:\Users\Public\Desktop\PC Tools Registry Mechanic.lnk
[2012/09/13 16:20:46 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2012/09/13 16:18:23 | 024,654,128 | ---- | C] () -- C:\Users\ALEDAN\Documents\Laura Marling - New Romantic cover.flv
[2012/09/12 02:05:39 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/09/12 02:05:38 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/09/11 18:10:42 | 000,007,604 | ---- | C] () -- C:\Users\ALEDAN\AppData\Local\resmon.resmoncfg
[2012/09/10 00:37:55 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/09/10 00:37:50 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/09/05 11:50:16 | 000,045,270 | ---- | C] () -- C:\Users\ALEDAN\AppData\Roaming\room_v3.dat
[2012/08/22 15:14:58 | 000,018,760 | ---- | C] () -- C:\Windows\System32\QQVistaHelper.dll
[2012/08/13 13:54:24 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012/08/13 13:52:50 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012/08/11 00:16:54 | 000,000,045 | ---- | C] () -- C:\Users\ALEDAN\jagex_cl_runescape_LIVE.dat
[2012/08/11 00:16:54 | 000,000,024 | ---- | C] () -- C:\Users\ALEDAN\random.dat
[2012/08/09 14:55:04 | 000,000,440 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/08/04 23:06:28 | 000,012,920 | ---- | C] () -- C:\Windows\System32\apl001.sys
[2012/08/04 23:06:28 | 000,010,872 | ---- | C] () -- C:\Windows\System32\apf001.sys
[2012/08/02 12:14:20 | 000,000,560 | -H-- | C] () -- C:\ProgramData\common.data
[2012/08/02 12:14:17 | 000,016,384 | ---- | C] () -- C:\Users\ALEDAN\zpkn.exe.vir
[2012/08/02 05:33:48 | 000,003,584 | ---- | C] () -- C:\Users\ALEDAN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/28 02:47:17 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012/07/28 02:47:17 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012/07/27 23:54:11 | 000,000,000 | ---- | C] () -- C:\ProgramData\49a6be40aade3672d522657b8bda1b38_c
[2012/07/25 14:54:59 | 000,109,256 | ---- | C] () -- C:\Windows\System32\EasyHook64.dll
[2012/07/25 14:54:59 | 000,090,824 | ---- | C] () -- C:\Windows\System32\EasyHook32.dll
[2012/07/25 14:47:58 | 000,000,024 | ---- | C] () -- C:\Users\ALEDAN\AppData\Roaming\MyPhrases.dta
[2012/07/24 17:40:24 | 000,614,400 | ---- | C] () -- C:\Windows\System32\Image20.dat
[2012/07/24 16:56:29 | 000,028,672 | ---- | C] () -- C:\Windows\System32\MFC_InstDrvDLL.dll
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\zzmbkjttcv.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\zyadeizbstq.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\zvxuplfqaiv.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\zmulmsalvp.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\zmpm.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\zlvlgaoro.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\zhbezzk.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\zgtn.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\zbu.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\yztg.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ywcotf.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\yruogei.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\yqwnxmuqkr.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ynbpico.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\yft.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\yfguqg.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\yfddtyco.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\yeqc.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ybcwdcj.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xrjmwls.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xratz.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xnrwoffi.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xkiazoygsu.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xitroqxj.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\xibfo.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xhxj.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xhliavnncf.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xhi.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xhepiahgu.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xei.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xdu.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xbwudob.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xbeumyws.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\xabxrnwognq.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wztapis.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wvpmojcpagc.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wvmaql.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wuienx.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wtkvqxla.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wmcwjfwebcg.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wmaeoulj.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wjjkwjxof.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wjd.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\wgfzxqxc.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\vwx.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\vwvpxtf.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\vuzy.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\vtccpjjxhbl.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\vpymgh.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\vky.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\vhgdwwy.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\vexcv.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\vekhfmquvd.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\uvhkeoo.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\uuknvmo.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\upqsk.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ujupkolaxz.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\uilhoi.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\uhgxcxne.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ugh.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\udixx.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ubomomrwsdk.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\uaqqwmjt.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\tubh.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\tttpgilubhz.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\tmksiwyo.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\tjerrruiu.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\tixbprzs.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\tgysztaa.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\tgp.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\tcu.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\szanch.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\swrosmstc.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\swmx.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\svh.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\surl.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\sthnpbr.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\srt.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\sqrvkkbktxz.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\sntlrnm.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\slfzi.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\skjqlknoa.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\skcx.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\sjzadmi.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\sfsz.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rzuc.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rvitifkhda.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ruwy.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rumiqlhw.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rtsquze.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rpz.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\rnni.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rnaxcorvnpm.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rmkgnn.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\riffaw.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rifbww.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rhw.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rfbddh.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\refyhravcw.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rckntimj.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\rbou.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qzegqoobxiy.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qxbus.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qttwzyei.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qsopsnklrnj.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qrpcq.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qqqt.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qqqewpfdl.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qpghwlpi.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qnretzig.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qheefqe.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\qgqkumwr.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\qbdvroefxtf.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\pxluctu.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pvsbacopgo.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\puxozpwjj.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ptfcgaof.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\psxulyb.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\psuezqksw.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pqognjycvt.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pqjjgvrcrr.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pplmagu.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pjtdqi.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\phcioojd.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pefaimbebk.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pedcjlq.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pcpmvigyknw.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pclkwlz.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\pathdekgnl.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\oxxpcqneqfk.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ousspnt.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\otvbczqzr.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\otorwgb.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\oofzxmm.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\oofsbkfk.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ooaomuyhvz.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\onuhfaqdr.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\olhdsirhbjm.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\olcfhmx.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\okbzdweogsf.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\oicryjbsxhd.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ogn.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ogknbwh.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ocduhsoaeky.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ntpp.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\npuailglpt.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\netcd.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ndpxrjvfik.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\narceunvfsr.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mxdvmytw.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mwzhlh.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mwuwz.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mvhxlyyr.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mpuqpwyjjoe.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mlfml.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\minowwpnhw.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mhymnl.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mhefcltipun.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mflohpswrxl.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mcrrrdylbyb.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mbufohzbd.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\mbpbf.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\maynwlp.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\lxjydaq.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\lwcnbd.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\lvzw.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\lvjfqnrfy.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\lqya.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\lnm.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\lmkwvtfa.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\liif.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\lhlcj.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\lffhqjpt.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ldna.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ktkvvqws.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\kragnbr.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\kppamcnflm.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\kokjkgnayl.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\knk.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\kkrk.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\kjvzwobzke.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\kgqeevfnt.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\kfkegdfzsmf.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\kblu.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\kaddzumq.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\jxqxva.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\jvpytddxshm.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\jvanbm.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\jscxtijpp.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\jecbuzopv.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\jazdltqdat.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ixrmyzmuf.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ivz.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\itshnv.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ithugwck.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\isnvgwxvzx.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\imisiwl.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ilppyukvb.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ikvd.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ifvbafbi.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\iduxw.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ict.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ibqvywo.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hxpuo.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hxokmtz.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hulemjbpzih.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\htzs.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\htubwk.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hrfumedgw.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hqwxnfwmq.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hoboh.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hmzimwaq.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hiushfclfla.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hhxjfatux.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hgu.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hgdxppghmnp.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hfaptb.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\hbqnkzjqm.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gzswrdxw.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gxveh.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gxiglgpq.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gwegf.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gswxesatox.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gksspjwk.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gjrxn.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\giemuzl.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ghdvcccqxcv.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ggjxmqh.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gecrm.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gcgii.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\gbx.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\fzzu.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\fyvyvw.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\fqat.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\fnyj.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\fnxe.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\fmlgoxxnn.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\fkuuzbgv.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\fhagevihj.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\fas.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ezafudvoiyt.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\err.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\epuzw.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ehe.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\egskehx.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\eewo.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\eesejbzog.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\edsljcdivuy.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\ecisfvuhpa.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\dxrnzku.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\dqajfj.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\dmuuqmc.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\dmtlsnues.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\dkfd.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\djzobvavx.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\dgppwo.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\dgckkqqq.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\dfswulgomz.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\detwvkklv.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\defhdp.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ctxnogspj.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\cqbt.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\cntaml.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\civwzqm.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\cfclssx.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\cdntf.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\cbqynozbpo.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\cbgvboorrjj.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\bzyz.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\byoqvakieh.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\bxqecmpfn.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\bulcyfilrrd.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\bsxkwl.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\bsmobir.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\blxcchdo.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\betjex.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\baxqskha.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\azuxhafgo.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ayyyufnvi.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\auemdu.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\aso.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\arembuqqlhl.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\apluecjxljh.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\akjgqsepny.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ajnzyssdz.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\ajfm.ini
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\aesvs.dat
[2012/07/21 18:13:59 | 000,000,028 | ---- | C] () -- C:\Windows\System32\aclcvmx.ini
[2012/07/12 20:07:00 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Techno Kit
[2012/07/12 20:07:00 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Tables
[2012/07/12 20:07:00 | 000,000,268 | RH-- | C] () -- C:\Users\ALEDAN\AppData\Roaming\Synth Textures
[2012/07/12 20:07:00 | 000,000,268 | RH-- | C] () -- C:\Users\ALEDAN\AppData\Roaming\Synth Pads
[2012/07/12 20:07:00 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012/07/12 20:07:00 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012/07/12 20:06:59 | 000,000,268 | RH-- | C] () -- C:\ProgramData\SystemConfiguration
[2012/07/12 20:06:59 | 000,000,268 | RH-- | C] () -- C:\Users\ALEDAN\AppData\Roaming\Synth Leads
[2012/07/12 20:06:59 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012/06/27 15:41:53 | 000,196,676 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012/06/27 14:05:33 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012/06/27 14:05:04 | 000,015,128 | R--- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2012/06/27 14:03:42 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2012/06/27 14:03:42 | 000,000,264 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2012/03/19 23:37:12 | 000,755,188 | ---- | C] () -- C:\Windows\System32\igkrng700.bin
[2012/03/19 23:37:12 | 000,561,508 | ---- | C] () -- C:\Windows\System32\igfcg700m.bin
[2012/03/19 23:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2012/03/19 22:23:38 | 013,024,256 | ---- | C] () -- C:\Windows\System32\ig7icd32.dll
[2012/03/19 22:11:22 | 000,009,216 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2011/12/08 16:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\System32\IusEventLog.dll
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
========== ZeroAccess Check ========== [2009/07/14 12:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 12:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 09:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2012/09/21 20:35:39 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Acapela Group
[2012/08/02 15:11:54 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Autodesk
[2012/08/04 08:47:04 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Babylon
[2012/08/06 16:39:47 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Canon
[2012/07/19 21:11:06 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\fltk.org
[2012/09/28 11:31:54 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\GarenaPlus
[2012/06/27 16:59:42 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Kalypso Media
[2012/08/02 15:52:38 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Lionhead Studios
[2012/08/04 08:49:21 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\OpenCandy
[2012/09/13 20:44:31 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Registry Mechanic
[2012/07/18 13:43:12 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Rovio
[2012/09/11 20:06:18 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\SystemRequirementsLab
[2012/08/22 15:18:02 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Tencent
[2012/07/03 20:32:50 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\TERMINAL Studio
[2012/09/11 11:15:06 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Tific
[2012/07/02 09:42:12 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\TypingMaster7
[2012/08/02 13:15:42 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\updates
[2012/10/06 18:30:42 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\uTorrent
[2012/07/30 22:23:15 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\Windows Live Writer
[2012/08/02 13:15:54 | 000,000,000 | ---D | M] -- C:\Users\ALEDAN\AppData\Roaming\x2pvgb1qvzsknqjetrqkifgdigi3hgwh2
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2011/02/26 13:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 09:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 13:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 13:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 13:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 20:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 13:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 13:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 13:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 13:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 14:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: SERVICES >[2012/07/26 18:34:12 | 000,017,588 | ---- | M] () MD5=83CDF27DD50F7623AB8D3D876D89487A -- C:\Windows\System32\drivers\etc\services
[2009/06/11 05:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services
< MD5 for: SERVICES.CFG >[2012/07/28 04:51:34 | 000,586,083 | ---- | M] () MD5=6DE4EA437EC1FE6DB27CADB0A7EA8DC2 -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 12:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg
< MD5 for: SERVICES.EXE >[2009/07/14 09:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 09:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
< MD5 for: SERVICES.EXE.MUI >[2009/07/14 10:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui
[2009/07/14 10:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui
< MD5 for: SERVICES.LNK >[2009/07/14 12:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 12:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >[2009/06/11 05:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2009/06/11 05:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof
< MD5 for: SERVICES.MSC >[2009/07/14 10:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2009/06/11 05:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2009/07/14 10:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/11 05:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
< MD5 for: SERVICES.PTXML >[2009/07/14 04:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2009/07/14 04:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml
< MD5 for: SERVICES.SETTINGS >[2012/07/03 09:15:28 | 000,001,622 | ---- | M] () MD5=488D8CC923D82E3FADA846EF9587A289 -- C:\Users\ALEDAN\.netbeans\7.1.2\config\Windows2Local\Components\services.settings
< MD5 for: SERVICES.WSTCGRP >[2012/07/03 09:15:29 | 000,000,225 | ---- | M] () MD5=E4AD31A486D75BC449F02775904D2430 -- C:\Users\ALEDAN\.netbeans\7.1.2\config\Windows2Local\Groups\InitialLayout\services.wstcgrp
[2012/07/03 09:15:29 | 000,000,225 | ---- | M] () MD5=E4AD31A486D75BC449F02775904D2430 -- C:\Users\ALEDAN\.netbeans\7.1.2\config\Windows2Local\Groups\OpenedProjects\services.wstcgrp
< MD5 for: SERVICES.WSTCREF >[2012/07/03 09:15:29 | 000,000,178 | ---- | M] () MD5=B7364346EA621263FFE51C6E9579C3CF -- C:\Users\ALEDAN\.netbeans\7.1.2\config\Windows2Local\Modes\leftSlidingSide\services.wstcref
< MD5 for: SVCHOST.EXE >[2009/07/14 09:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 09:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: USERINIT.EXE >[2010/11/20 20:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 20:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 09:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >[2009/10/28 14:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 13:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 20:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 20:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 09:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< %systemroot%\*. /mp /s > ========== Alternate Data Streams ========== @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:862BDB1A
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:CB0AACC9
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:A1EDB939
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:56E2E879
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:D1B5B4F1
< End of report >
---------