Whenever I connect to internet, many files are downloaded in my temp folder like 167.exe 578.exe etc. Then these files begins to execute one by one. These files asks for my permissions. If I deny the permissions, they keep on asking it again and again.
My windows defender detects TrojanDownloader:Win32/Dofoil.R
I think this is the virus that downloads these files and If i select to quarantine it, it says not found and the problem continues. It makes use of my internet bandwidth also.
Scanner- avast
nothing found
-------------- OTL log----------
OTL logfile created on: 12/13/2012 20:33:42 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\manni\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.75 Gb Total Physical Memory | 1.94 Gb Available Physical Memory | 70.58% Memory free
5.49 Gb Paging File | 4.60 Gb Available in Paging File | 83.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 60.00 Gb Total Space | 7.06 Gb Free Space | 11.77% Space Free | Partition Type: NTFS
Drive D: | 80.00 Gb Total Space | 25.10 Gb Free Space | 31.37% Space Free | Partition Type: NTFS
Drive E: | 66.88 Gb Total Space | 6.30 Gb Free Space | 9.42% Space Free | Partition Type: NTFS
Drive F: | 91.21 Gb Total Space | 12.73 Gb Free Space | 13.96% Space Free | Partition Type: NTFS
Drive H: | 26.52 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: BLACKBOX | User Name: manni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/12/13 20:14:56 | 000,630,272 | ---- | M] (OldTimer Tools) -- C:\Users\manni\Desktop\OTL.exe
PRC - [2012/12/13 11:23:47 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2012/10/08 19:43:14 | 000,278,920 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2012/08/29 11:37:30 | 008,224,768 | ---- | M] () -- C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe
PRC - [2012/04/13 14:49:12 | 000,114,688 | ---- | M] () -- C:\ProgramData\ChgService.exe
PRC - [2011/08/09 16:24:36 | 001,449,296 | ---- | M] () -- C:\Program Files\Reliance 3G\UIMain.exe
PRC - [2011/08/09 16:24:36 | 000,270,672 | ---- | M] () -- C:\Program Files\Reliance 3G\AssistantServices.exe
PRC - [2011/08/09 16:24:36 | 000,153,424 | ---- | M] () -- C:\Program Files\Reliance 3G\UIExec.exe
PRC - [2010/05/07 02:29:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/05/07 02:29:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/05/07 02:29:25 | 000,119,200 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe
PRC - [2010/04/12 14:10:16 | 000,208,896 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2009/08/04 20:45:12 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/08/04 20:44:44 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/07/14 06:56:21 | 000,101,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
PRC - [2009/07/14 06:44:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 06:44:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012/12/13 19:15:33 | 000,184,320 | -HS- | M] () -- C:\Windows\System32\aj074b36.ocx
MOD - [2012/10/08 19:42:58 | 000,070,536 | ---- | M] () -- C:\Program Files\TortoiseSVN\bin\libsasl32.dll
MOD - [2012/06/18 20:54:30 | 000,260,096 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_05.dll
MOD - [2011/08/09 16:24:36 | 001,461,584 | ---- | M] () -- C:\Program Files\Reliance 3G\UIPlugin\UISetting.dll
MOD - [2011/08/09 16:24:36 | 001,449,296 | ---- | M] () -- C:\Program Files\Reliance 3G\UIMain.exe
MOD - [2011/08/09 16:24:36 | 000,721,232 | ---- | M] () -- C:\Program Files\Reliance 3G\UIPlugin\UISms.dll
MOD - [2011/08/09 16:24:36 | 000,682,832 | ---- | M] () -- C:\Program Files\Reliance 3G\UIPlugin\UIPhoneBook.dll
MOD - [2011/08/09 16:24:36 | 000,608,080 | ---- | M] () -- C:\Program Files\Reliance 3G\UIPlugin\UIConnectRecord.dll
MOD - [2011/08/09 16:24:36 | 000,386,896 | ---- | M] () -- C:\Program Files\Reliance 3G\UISkin.dll
MOD - [2011/08/09 16:24:36 | 000,324,432 | ---- | M] () -- C:\Program Files\Reliance 3G\UIPlugin\UIUssd.dll
MOD - [2011/08/09 16:24:36 | 000,312,656 | ---- | M] () -- C:\Program Files\Reliance 3G\UIPlugin\UIStk.dll
MOD - [2011/08/09 16:24:36 | 000,284,496 | ---- | M] () -- C:\Program Files\Reliance 3G\Component\BIDataBase.dll
MOD - [2011/08/09 16:24:36 | 000,253,776 | ---- | M] () -- C:\Program Files\Reliance 3G\Component\BISetting.dll
MOD - [2011/08/09 16:24:36 | 000,250,704 | ---- | M] () -- C:\Program Files\Reliance 3G\UICommonDlg.dll
MOD - [2011/08/09 16:24:36 | 000,242,000 | ---- | M] () -- C:\Program Files\Reliance 3G\Component\BKService.dll
MOD - [2011/08/09 16:24:36 | 000,236,368 | ---- | M] () -- C:\Program Files\Reliance 3G\Component\BIConfig.dll
MOD - [2011/08/09 16:24:36 | 000,225,616 | ---- | M] () -- C:\Program Files\Reliance 3G\Component\BISms.dll
MOD - [2011/08/09 16:24:36 | 000,185,168 | ---- | M] () -- C:\Program Files\Reliance 3G\Component\BICodec.dll
MOD - [2011/08/09 16:24:36 | 000,177,488 | ---- | M] () -- C:\Program Files\Reliance 3G\Component\BIXml.dll
MOD - [2011/08/09 16:24:36 | 000,175,440 | ---- | M] () -- C:\Program Files\Reliance 3G\Component\BIPhoneBook.dll
MOD - [2011/08/09 16:24:36 | 000,155,472 | ---- | M] () -- C:\Program Files\Reliance 3G\Component\BIRas.dll
MOD - [2011/08/09 16:24:36 | 000,153,424 | ---- | M] () -- C:\Program Files\Reliance 3G\UIExec.exe
MOD - [2011/08/09 16:24:36 | 000,145,232 | ---- | M] () -- C:\Program Files\Reliance 3G\Component\BIService.dll
MOD - [2011/08/09 16:24:36 | 000,145,232 | ---- | M] () -- C:\Program Files\Reliance 3G\Component\BIDevManager.dll
MOD - [2011/08/09 16:24:36 | 000,135,504 | ---- | M] () -- C:\Program Files\Reliance 3G\Component\BIOptimizationClient.dll
MOD - [2011/08/09 16:24:36 | 000,125,264 | ---- | M] () -- C:\Program Files\Reliance 3G\Component\BILog.dll
MOD - [2011/08/09 16:24:36 | 000,124,752 | ---- | M] () -- C:\Program Files\Reliance 3G\Component\BIConnectRecord.dll
MOD - [2011/08/09 16:24:36 | 000,104,784 | ---- | M] () -- C:\Program Files\Reliance 3G\Component\BIStk.dll
MOD - [2011/08/09 16:24:36 | 000,096,080 | ---- | M] () -- C:\Program Files\Reliance 3G\Component\BIVoice.dll
MOD - [2011/08/09 16:24:36 | 000,096,080 | ---- | M] () -- C:\Program Files\Reliance 3G\Component\BIUssd.dll
MOD - [2011/08/09 16:24:36 | 000,090,448 | ---- | M] () -- C:\Program Files\Reliance 3G\Component\SysService.dll
MOD - [2011/08/09 16:24:36 | 000,089,936 | ---- | M] () -- C:\Program Files\Reliance 3G\Component\BICallRecord.dll
MOD - [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009/07/14 06:45:45 | 000,364,544 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
========== Services (SafeList) ==========
SRV - [2012/11/20 07:42:56 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/08/29 11:37:30 | 008,224,768 | ---- | M] () [Auto | Running] -- C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe -- (MySQL)
SRV - [2012/04/13 14:49:12 | 000,114,688 | ---- | M] () [Auto | Running] -- C:\ProgramData\ChgService.exe -- (Change Modem Device Service)
SRV - [2011/08/09 16:24:36 | 000,270,672 | ---- | M] () [Auto | Running] -- C:\Program Files\Reliance 3G\AssistantServices.exe -- (UI Assistant Service)
SRV - [2010/05/07 02:29:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/05/07 02:29:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/05/07 02:29:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/05/07 02:29:25 | 000,119,200 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2009/08/04 20:44:44 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/14 06:46:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 06:46:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 06:45:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2012/12/13 20:29:29 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\mcsysx.sys -- (msfindsrv01)
DRV - [2011/09/15 11:02:04 | 000,105,984 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cmnsusbser.sys -- (cmnsusbser)
DRV - [2011/03/26 10:37:12 | 000,107,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2011/03/26 10:37:12 | 000,107,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2011/03/26 10:37:12 | 000,107,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2011/03/26 10:37:12 | 000,009,216 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2010/05/07 02:11:30 | 000,099,280 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2010/05/07 02:11:12 | 000,307,280 | ---- | M] (ALWIL Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2010/05/07 02:10:49 | 000,190,416 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2010/05/07 02:09:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/05/07 02:09:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/05/07 02:04:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/05/07 02:04:10 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/05/07 02:03:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/04/12 14:14:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010/03/20 01:40:13 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2009/08/04 21:22:18 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/23 23:48:00 | 000,103,440 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/07/14 06:49:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009/07/14 06:49:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 06:49:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009/07/14 04:58:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 04:58:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/14 03:43:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/14 03:32:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/05/04 21:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://in.msn.com/?r...opt=0&ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7F 46 AF 39 50 CD CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {A32C7A75-E603-47F3-8C8E-5886A8E3A4DF}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{A32C7A75-E603-47F3-8C8E-5886A8E3A4DF}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
[2012/11/18 18:33:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\manni\AppData\Roaming\Mozilla\Extensions
========== Chrome ==========
CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
O1 HOSTS File: ([2009/06/11 03:09:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Shareaza Web Download Hook) - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\RazaWebHook32.dll (Shareaza Development Team)
O2 - BHO: (Adobe PDF Link Helper) - {4F404AF6-7C8D-539D-56D9-6B4663232DD4} - C:\Windows\System32\moriccons.dll ()
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" File not found
O4 - HKLM..\Run: [UIExec] C:\Program Files\Reliance 3G\UIExec.exe ()
O4 - HKCU..\Run: [cdchbhdskuqtyvkitmc] C:\Users\manni\AppData\Roaming\cdchbhdskuqtyvkitmc.exe File not found
O4 - HKCU..\Run: [DeviceMgr] C:\Users\manni\AppData\Roaming\sb123nb.EXE File not found
O4 - HKCU..\Run: [engel] C:\Users\manni\AppData\Roaming\updates\updates.exe ()
O4 - HKCU..\Run: [MSConfig] C:\Users\manni\iryfiywa.exe ()
O4 - HKCU..\Run: [pnlpchd] C:\Users\manni\jsmafsikh.exe ()
O4 - HKCU..\Run: [tnssb] C:\Users\manni\AppData\Roaming\ljysba.EXE File not found
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [VideoMgr] C:\Users\manni\AppData\Roaming\lqc6lb.EXE File not found
O4 - Startup: C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0kfqvvl.exe ()
O4 - Startup: C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4qqqqv5.exe ()
O4 - Startup: C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aa0qgg5l.exe ()
O4 - Startup: C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cnciiic2x2.exe ()
O4 - Startup: C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\gvggvvaqvq.exe ()
O4 - Startup: C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\j8uupuj7z.exe ()
O4 - Startup: C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\llvq8vaa.exe ()
O4 - Startup: C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\p6je9pje.exe ()
O4 - Startup: C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ppe70jzeu.exe ()
O4 - Startup: C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pupzjujj.exe ()
O4 - Startup: C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\s1smmmm6mx.exe ()
O4 - Startup: C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sx81c6hssx.exe ()
O4 - Startup: C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tzj3jjeezeo.exe ()
O4 - Startup: C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vffvvlvql.exe ()
O4 - Startup: C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vlgvvv5qggl.exe ()
O4 - Startup: C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vlqqlaav.exe ()
O4 - Startup: C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xccx9h21s.exe ()
O4 - Startup: C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xx6mscsm.exe ()
O4 - Startup: C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YOUTUBE.PLAYER.exe ()
F3 - HKCU WinNT: Load - (C:\Users\manni\LOCALS~1\Temp\msetwb.com) - C:\Users\manni\Local Settings\Temp\msetwb.com ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 50756 = C:\PROGRA~2\LOCALS~1\Temp\mszamkuh.scr ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Reaper = C:\Users\manni\AppData\Roaming\CBCA59\CBCA59.exe ()
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Download with &Shareaza - C:\Program Files\Shareaza\RazaWebHook32.dll (Shareaza Development Team)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39F75425-3B21-4AEA-9F35-D2BCF366FAE6}: NameServer = 208.67.222.222 208.67.220.220
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\manni\slcwjcml.exe) - C:\Users\manni\slcwjcml.exe ()
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 03:12:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/10/16 23:19:38 | 000,000,034 | R--- | M] () - H:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2011/09/02 14:46:41 | 000,000,061 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{6adad67e-3170-11e2-b659-00238bcf78b2}\Shell - "" = AutoRun
O33 - MountPoints2\{6adad67e-3170-11e2-b659-00238bcf78b2}\Shell\AutoRun\command - "" = H:\Windows/AutoRun.exe -- [2011/08/04 16:11:20 | 000,370,000 | R--- | M] ()
O33 - MountPoints2\{8ac6035f-3d3f-11e2-8190-00238bcf78b2}\Shell - "" = AutoRun
O33 - MountPoints2\{8ac6035f-3d3f-11e2-8190-00238bcf78b2}\Shell\AutoRun\command - "" = J:\.\ShowModem.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\Autorun.exe /dvd
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/12/13 20:13:14 | 000,630,272 | ---- | C] (OldTimer Tools) -- C:\Users\manni\Desktop\OTL.exe
[2012/12/13 19:30:34 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/12/13 18:57:25 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Local\Diagnostics
[2012/12/13 16:59:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/12/13 13:29:55 | 000,000,000 | ---D | C] -- C:\updates
[2012/12/13 13:28:07 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2012/12/13 13:28:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Local Settings
[2012/12/13 13:14:28 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\updates
[2012/12/13 11:22:43 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012/12/12 20:05:21 | 000,000,000 | ---D | C] -- C:\Users\manni\Documents\Floodgate
[2012/12/12 20:02:38 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\PlayFirst
[2012/12/12 20:02:38 | 000,000,000 | ---D | C] -- C:\ProgramData\PlayFirst
[2012/12/12 19:51:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Gogii
[2012/12/12 19:42:10 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\casualArts
[2012/12/12 19:42:10 | 000,000,000 | ---D | C] -- C:\ProgramData\casualArts
[2012/12/12 18:58:32 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\ValuSoft
[2012/12/12 18:39:29 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\PathToSuccess
[2012/12/12 18:37:30 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Big Fish Games
[2012/12/12 16:40:11 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/12/07 16:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2012/12/07 16:41:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012/12/05 16:22:06 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Local\Shareaza
[2012/12/05 16:22:01 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Shareaza
[2012/12/05 16:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shareaza
[2012/12/03 17:37:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MMX352G 3G USB Manager
[2012/12/03 17:37:48 | 000,105,984 | ---- | C] (QUALCOMM Incorporated) -- C:\Windows\System32\drivers\cmnsusbser.sys
[2012/12/03 17:37:48 | 000,103,424 | ---- | C] (Thesycon GmbH) -- C:\Windows\System32\MyDIT_GenClassCoInst.dll
[2012/12/03 17:37:47 | 000,000,000 | ---D | C] -- C:\Program Files\MMX352G 3G USB Manager
[2012/12/03 02:50:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/12/03 02:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LimeWire
[2012/12/03 02:03:23 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LimeWire
[2012/12/02 12:19:41 | 000,000,000 | ---D | C] -- C:\Users\manni\Documents\NetBeansProjects
[2012/12/02 09:27:45 | 000,000,000 | ---D | C] -- C:\Users\manni\.netbeans
[2012/12/01 00:35:26 | 000,000,000 | ---D | C] -- C:\Users\manni\Documents\ValuSoft
[2012/12/01 00:33:38 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tabloid Tycoon
[2012/12/01 00:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tabloid Tycoon
[2012/11/30 22:43:40 | 000,000,000 | ---D | C] -- C:\Users\manni\Documents\LimeWire
[2012/11/30 22:42:12 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\LimeWire
[2012/11/30 22:41:45 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2012/11/30 19:33:23 | 000,000,000 | ---D | C] -- C:\Program Files\Shareaza
[2012/11/29 21:46:41 | 000,000,000 | ---D | C] -- C:\Users\manni\Documents\FIFA MANAGER 12
[2012/11/28 15:51:28 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Local\Iron Sky
[2012/11/28 15:51:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Iron Sky
[2012/11/28 15:49:52 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Local\G2Launcher
[2012/11/28 15:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\G2Launcher
[2012/11/26 10:49:11 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Local\Microsoft Games
[2012/11/25 20:37:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boxing Manager
[2012/11/25 20:19:05 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Friday's games
[2012/11/25 20:18:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com
[2012/11/25 20:18:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\3099
[2012/11/25 19:17:29 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\ProgSense
[2012/11/25 19:17:26 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\GrabPro
[2012/11/25 19:17:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbit
[2012/11/25 19:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\Orbitdownloader
[2012/11/25 19:17:20 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\OpenCandy
[2012/11/25 19:16:23 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Orbit
[2012/11/25 13:51:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wbm
[2012/11/25 13:48:41 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\InstallShield
[2012/11/25 09:53:52 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\KatGames
[2012/11/25 09:53:52 | 000,000,000 | ---D | C] -- C:\ProgramData\KatGames
[2012/11/24 18:49:53 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Local\STARGAZE_IMAGE_CACHE
[2012/11/24 18:49:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Alawar Stargaze
[2012/11/24 14:47:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\playfirst
[2012/11/24 14:02:18 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012/11/23 15:14:50 | 000,000,000 | ---D | C] -- C:\Users\manni\Desktop\dump
[2012/11/20 17:24:28 | 000,000,000 | ---D | C] -- C:\Program Files\glassfish-3.1.1
[2012/11/20 16:50:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
[2012/11/20 16:48:04 | 000,000,000 | ---D | C] -- C:\Program Files\NetBeans 7.0.1
[2012/11/20 16:47:13 | 000,000,000 | ---D | C] -- C:\Users\manni\.nbi
[2012/11/20 16:11:21 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MySQL
[2012/11/20 16:11:15 | 000,000,000 | ---D | C] -- C:\ProgramData\MySQL
[2012/11/20 16:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\MySQL
[2012/11/20 15:08:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2012/11/20 15:07:35 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012/11/19 15:35:23 | 000,000,000 | ---D | C] -- C:\Users\manni\Documents\EA SPORTS Cricket 07
[2012/11/19 15:32:13 | 000,000,000 | ---D | C] -- C:\Users\manni\Documents\NFS Most Wanted
[2012/11/19 14:36:33 | 000,000,000 | ---D | C] -- C:\Users\manni\Documents\FIFA 12
[2012/11/19 05:44:57 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/11/19 05:42:40 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/11/19 05:40:36 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/11/19 05:32:42 | 000,000,000 | ---D | C] -- C:\Windows.old
[2012/11/18 21:13:23 | 000,000,000 | ---D | C] -- C:\Users\manni\.grails
[2012/11/18 21:10:41 | 000,000,000 | ---D | C] -- C:\Users\manni\IdeaProjects
[2012/11/18 21:07:31 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012/11/18 21:06:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/11/18 21:05:16 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/11/18 19:00:43 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Macromedia
[2012/11/18 18:58:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2012/11/18 18:33:21 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Mozilla
[2012/11/18 17:23:44 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\ATI
[2012/11/18 17:23:44 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Local\ATI
[2012/11/18 17:23:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/11/18 17:23:39 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Local\TSVNCache
[2012/11/18 17:20:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2012/11/18 17:17:12 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Subversion
[2012/11/18 17:17:04 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Adobe
[2012/11/18 17:17:04 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Local\Adobe
[2012/11/18 17:16:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN
[2012/11/18 17:16:52 | 000,000,000 | ---D | C] -- C:\Program Files\TortoiseSVN
[2012/11/18 17:16:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TortoiseOverlays
[2012/11/18 17:16:10 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GNU CLISP 2.49
[2012/11/18 17:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GNU CLISP 2.49
[2012/11/18 17:16:03 | 000,000,000 | ---D | C] -- C:\Program Files\clisp-2.49
[2012/11/18 17:15:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/11/18 17:15:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/11/18 17:15:36 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/11/18 17:13:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012/11/18 17:11:10 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012/11/18 17:11:08 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012/11/18 17:10:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/11/18 17:08:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2012/11/18 17:07:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2012/11/18 17:07:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012/11/18 17:06:17 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\WinRAR
[2012/11/18 17:06:10 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/11/18 17:06:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012/11/18 17:03:05 | 000,000,000 | ---D | C] -- C:\Users\manni\.IntelliJIdea11
[2012/11/18 17:02:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2012/11/18 17:00:19 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JetBrains
[2012/11/18 17:00:19 | 000,000,000 | ---D | C] -- C:\Program Files\JetBrains
[2012/11/18 16:59:58 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Local\Microsoft Help
[2012/11/18 16:59:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/11/18 16:59:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/11/18 16:54:01 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012/11/18 16:54:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012/11/18 16:53:59 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Notepad++
[2012/11/18 16:53:59 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2012/11/18 16:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/11/18 16:52:52 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Local\Google
[2012/11/18 16:51:59 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Opera
[2012/11/18 16:51:59 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Local\Opera
[2012/11/18 16:51:56 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012/11/18 16:47:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2012/11/18 16:47:23 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
[2012/11/18 16:47:23 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2012/11/18 16:47:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
[2012/11/18 16:47:04 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2012/11/18 16:46:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2012/11/18 16:46:43 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Winamp
[2012/11/18 16:46:43 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2012/11/18 16:44:55 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\uTorrent
[2012/11/18 16:44:44 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\vlc
[2012/11/18 16:44:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/11/18 16:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012/11/18 16:43:30 | 000,107,776 | ---- | C] (ZTE Incorporated) -- C:\Windows\System32\drivers\ZTEusbser6k.sys
[2012/11/18 16:43:30 | 000,107,776 | ---- | C] (ZTE Incorporated) -- C:\Windows\System32\drivers\ZTEusbnmea.sys
[2012/11/18 16:43:30 | 000,107,776 | ---- | C] (ZTE Incorporated) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys
[2012/11/18 16:43:30 | 000,009,216 | ---- | C] (MBB Incorporated) -- C:\Windows\System32\drivers\massfilter.sys
[2012/11/18 16:43:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reliance 3G
[2012/11/18 16:43:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\SupportAppCB
[2012/11/18 16:43:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/11/18 16:43:12 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/11/18 16:43:12 | 000,000,000 | ---D | C] -- C:\Program Files\Reliance 3G
[2012/11/18 16:43:11 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012/11/18 16:43:02 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/11/18 16:35:51 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/11/18 16:35:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2012/11/18 16:35:50 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/11/18 16:35:49 | 000,307,280 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/11/18 16:35:47 | 000,099,280 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFW.sys
[2012/11/18 16:35:26 | 000,190,416 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2012/11/18 16:35:25 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012/11/18 16:35:24 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/11/18 16:35:22 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/11/18 16:34:44 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/11/18 16:34:41 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2012/11/18 16:34:40 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2012/11/18 16:34:40 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr
[2012/11/18 16:34:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2012/11/18 16:34:37 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2012/11/18 16:32:09 | 000,000,000 | R--D | C] -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/11/18 16:32:09 | 000,000,000 | R--D | C] -- C:\Users\manni\Searches
[2012/11/18 16:32:09 | 000,000,000 | R--D | C] -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/11/18 16:32:09 | 000,000,000 | -H-D | C] -- C:\Users\manni\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/11/18 16:32:00 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Identities
[2012/11/18 16:31:57 | 000,000,000 | R--D | C] -- C:\Users\manni\Contacts
[2012/11/18 16:31:46 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Local\VirtualStore
[2012/11/18 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\manni\AppData\Local\Temporary Internet Files
[2012/11/18 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\manni\Templates
[2012/11/18 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\manni\Start Menu
[2012/11/18 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\manni\SendTo
[2012/11/18 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\manni\Recent
[2012/11/18 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\manni\PrintHood
[2012/11/18 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\manni\NetHood
[2012/11/18 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\manni\Documents\My Videos
[2012/11/18 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\manni\Documents\My Pictures
[2012/11/18 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\manni\Documents\My Music
[2012/11/18 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\manni\My Documents
[2012/11/18 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\manni\Local Settings
[2012/11/18 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\manni\AppData\Local\History
[2012/11/18 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\manni\Cookies
[2012/11/18 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\manni\Application Data
[2012/11/18 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\manni\AppData\Local\Application Data
[2012/11/18 16:31:43 | 000,000,000 | --SD | C] -- C:\Users\manni\AppData\Roaming\Microsoft
[2012/11/18 16:31:43 | 000,000,000 | R--D | C] -- C:\Users\manni\Videos
[2012/11/18 16:31:43 | 000,000,000 | R--D | C] -- C:\Users\manni\Saved Games
[2012/11/18 16:31:43 | 000,000,000 | R--D | C] -- C:\Users\manni\Pictures
[2012/11/18 16:31:43 | 000,000,000 | R--D | C] -- C:\Users\manni\Music
[2012/11/18 16:31:43 | 000,000,000 | R--D | C] -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/11/18 16:31:43 | 000,000,000 | R--D | C] -- C:\Users\manni\Links
[2012/11/18 16:31:43 | 000,000,000 | R--D | C] -- C:\Users\manni\Favorites
[2012/11/18 16:31:43 | 000,000,000 | R--D | C] -- C:\Users\manni\Downloads
[2012/11/18 16:31:43 | 000,000,000 | R--D | C] -- C:\Users\manni\Documents
[2012/11/18 16:31:43 | 000,000,000 | R--D | C] -- C:\Users\manni\Desktop
[2012/11/18 16:31:43 | 000,000,000 | R--D | C] -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/11/18 16:31:43 | 000,000,000 | -H-D | C] -- C:\Users\manni\AppData
[2012/11/18 16:31:43 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Local\Temp
[2012/11/18 16:31:43 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Local\Microsoft
[2012/11/18 16:31:43 | 000,000,000 | ---D | C] -- C:\Users\manni\AppData\Roaming\Media Center Programs
========== Files - Modified Within 30 Days ==========
[2012/12/13 20:36:29 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/13 20:36:29 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/13 20:31:33 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/13 20:31:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/13 20:31:05 | 2212,360,192 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/13 20:29:29 | 000,008,192 | ---- | M] () -- C:\Windows\System32\drivers\mcsysx.sys
[2012/12/13 20:15:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/13 20:14:56 | 000,630,272 | ---- | M] (OldTimer Tools) -- C:\Users\manni\Desktop\OTL.exe
[2012/12/13 20:06:22 | 000,009,248 | ---- | M] () -- C:\Users\manni\Desktop\ComboFix.exe
[2012/12/13 19:51:11 | 000,088,576 | RHS- | M] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pupzjujj.exe
[2012/12/13 19:51:10 | 000,081,408 | RHS- | M] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\j8uupuj7z.exe
[2012/12/13 19:51:08 | 000,088,576 | RHS- | M] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ppe70jzeu.exe
[2012/12/13 19:51:06 | 000,088,576 | RHS- | M] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\p6je9pje.exe
[2012/12/13 19:46:52 | 000,615,360 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/12/13 19:46:52 | 000,103,702 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/12/13 19:15:33 | 000,184,320 | -HS- | M] () -- C:\Windows\System32\aj074b36.ocx
[2012/12/13 19:15:33 | 000,184,320 | -HS- | M] () -- C:\Windows\System32\2eipqd28.dll
[2012/12/13 19:15:33 | 000,184,320 | -HS- | M] () -- C:\Windows\System32\29u5.dll
[2012/12/13 19:14:42 | 000,088,576 | RHS- | M] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vlqqlaav.exe
[2012/12/13 19:14:42 | 000,088,576 | RHS- | M] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vlgvvv5qggl.exe
[2012/12/13 19:14:42 | 000,088,576 | RHS- | M] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aa0qgg5l.exe
[2012/12/13 19:14:42 | 000,081,408 | RHS- | M] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\gvggvvaqvq.exe
[2012/12/13 18:54:24 | 000,088,576 | RHS- | M] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cnciiic2x2.exe
[2012/12/13 17:50:26 | 000,088,576 | RHS- | M] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tzj3jjeezeo.exe
[2012/12/13 16:59:38 | 000,002,241 | ---- | M] () -- C:\Users\manni\Desktop\Google Chrome.lnk
[2012/12/13 13:28:41 | 000,088,576 | RHS- | M] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xx6mscsm.exe
[2012/12/13 13:28:37 | 000,088,576 | RHS- | M] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\s1smmmm6mx.exe
[2012/12/13 13:28:35 | 000,088,576 | RHS- | M] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sx81c6hssx.exe
[2012/12/13 13:28:34 | 000,081,408 | RHS- | M] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xccx9h21s.exe
[2012/12/13 13:24:00 | 000,001,374 | ---- | M] () -- C:\Users\manni\Desktop\Temp - Shortcut.lnk
[2012/12/13 13:19:39 | 000,088,576 | RHS- | M] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\llvq8vaa.exe
[2012/12/13 13:19:31 | 000,088,576 | RHS- | M] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4qqqqv5.exe
[2012/12/13 13:19:27 | 000,081,408 | RHS- | M] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vffvvlvql.exe
[2012/12/13 13:19:17 | 000,088,576 | RHS- | M] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0kfqvvl.exe
[2012/12/13 13:18:32 | 000,137,216 | RHS- | M] () -- C:\Users\manni\slcwjcml.exe
[2012/12/13 13:15:31 | 000,163,840 | -H-- | M] () -- C:\Users\manni\iryfiywa.exe
[2012/12/13 13:14:36 | 000,137,216 | RHS- | M] () -- C:\Users\manni\jsmafsikh.exe
[2012/12/13 13:14:20 | 000,062,464 | ---- | M] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YOUTUBE.PLAYER.exe
[2012/12/09 19:26:49 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At1.job
[2012/12/05 03:24:53 | 000,003,584 | ---- | M] () -- C:\Users\manni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/04 02:57:00 | 000,001,265 | ---- | M] () -- C:\Users\manni\Desktop\New folder (2) - Shortcut.lnk
[2012/12/03 02:03:23 | 000,001,869 | ---- | M] () -- C:\Users\manni\Desktop\LimeWire 5.5.16.lnk
[2012/11/28 15:37:28 | 000,000,600 | ---- | M] () -- C:\Users\manni\PUTTY.RND
[2012/11/27 18:34:09 | 008,363,379 | ---- | M] () -- C:\Users\manni\Desktop\WBM_manual_EN.pdf
[2012/11/27 18:09:19 | 000,000,334 | ---- | M] () -- C:\Users\manni\AppData\Roaming\ribb
[2012/11/27 18:09:13 | 000,000,592 | -H-- | M] () -- C:\Users\manni\AppData\Roaming\tnsb
[2012/11/27 18:09:09 | 000,000,712 | ---- | M] () -- C:\Users\manni\AppData\Roaming\dajj
[2012/11/20 16:10:32 | 027,601,408 | ---- | M] () -- C:\Users\manni\Documents\mysql-workbench-gpl-5.2.44-win32.msi
[2012/11/20 15:44:29 | 032,644,608 | ---- | M] () -- C:\Users\manni\Documents\mysql-5.5.28-win32.msi
[2012/11/19 05:46:16 | 000,042,045 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012/11/19 05:44:18 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012/11/19 05:40:23 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012/11/18 17:23:14 | 000,412,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/11/18 16:48:07 | 000,001,413 | ---- | M] () -- C:\Users\manni\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/18 16:41:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/11/18 16:35:22 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
========== Files Created - No Company Name ==========
[2012/12/13 20:00:59 | 000,009,248 | ---- | C] () -- C:\Users\manni\Desktop\ComboFix.exe
[2012/12/13 19:51:16 | 000,088,576 | RHS- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pupzjujj.exe
[2012/12/13 19:51:15 | 000,081,408 | RHS- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\j8uupuj7z.exe
[2012/12/13 19:51:13 | 000,088,576 | RHS- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ppe70jzeu.exe
[2012/12/13 19:51:11 | 000,088,576 | RHS- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\p6je9pje.exe
[2012/12/13 19:27:59 | 000,184,320 | -HS- | C] () -- C:\Windows\System32\aj074b36.ocx
[2012/12/13 19:17:32 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\mcsysx.sys
[2012/12/13 19:16:10 | 000,184,320 | -HS- | C] () -- C:\Windows\System32\2eipqd28.dll
[2012/12/13 19:15:45 | 000,184,320 | -HS- | C] () -- C:\Windows\System32\29u5.dll
[2012/12/13 19:14:49 | 000,088,576 | RHS- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vlgvvv5qggl.exe
[2012/12/13 19:14:48 | 000,088,576 | RHS- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vlqqlaav.exe
[2012/12/13 19:14:48 | 000,088,576 | RHS- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aa0qgg5l.exe
[2012/12/13 19:14:48 | 000,081,408 | RHS- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\gvggvvaqvq.exe
[2012/12/13 18:54:32 | 000,088,576 | RHS- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cnciiic2x2.exe
[2012/12/13 17:50:33 | 000,088,576 | RHS- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tzj3jjeezeo.exe
[2012/12/13 16:59:38 | 000,002,241 | ---- | C] () -- C:\Users\manni\Desktop\Google Chrome.lnk
[2012/12/13 16:59:13 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/13 16:59:12 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/13 13:28:46 | 000,088,576 | RHS- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xx6mscsm.exe
[2012/12/13 13:28:43 | 000,088,576 | RHS- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\s1smmmm6mx.exe
[2012/12/13 13:28:42 | 000,088,576 | RHS- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sx81c6hssx.exe
[2012/12/13 13:28:41 | 000,081,408 | RHS- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xccx9h21s.exe
[2012/12/13 13:24:00 | 000,001,374 | ---- | C] () -- C:\Users\manni\Desktop\Temp - Shortcut.lnk
[2012/12/13 13:19:44 | 000,088,576 | RHS- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\llvq8vaa.exe
[2012/12/13 13:19:37 | 000,088,576 | RHS- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4qqqqv5.exe
[2012/12/13 13:19:34 | 000,081,408 | RHS- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vffvvlvql.exe
[2012/12/13 13:19:21 | 000,088,576 | RHS- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0kfqvvl.exe
[2012/12/13 13:18:34 | 000,137,216 | RHS- | C] () -- C:\Users\manni\slcwjcml.exe
[2012/12/13 13:15:31 | 000,163,840 | -H-- | C] () -- C:\Users\manni\iryfiywa.exe
[2012/12/13 13:14:38 | 000,137,216 | RHS- | C] () -- C:\Users\manni\jsmafsikh.exe
[2012/12/13 13:14:28 | 000,062,464 | ---- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YOUTUBE.PLAYER.exe
[2012/12/04 02:57:00 | 000,001,265 | ---- | C] () -- C:\Users\manni\Desktop\New folder (2) - Shortcut.lnk
[2012/12/03 17:37:47 | 000,114,688 | ---- | C] () -- C:\ProgramData\ChgService.exe
[2012/12/03 02:03:23 | 000,001,869 | ---- | C] () -- C:\Users\manni\Desktop\LimeWire 5.5.16.lnk
[2012/11/30 20:06:59 | 000,003,584 | ---- | C] () -- C:\Users\manni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/11/27 18:34:08 | 008,363,379 | ---- | C] () -- C:\Users\manni\Desktop\WBM_manual_EN.pdf
[2012/11/27 18:09:13 | 000,000,592 | -H-- | C] () -- C:\Users\manni\AppData\Roaming\tnsb
[2012/11/27 18:09:09 | 000,000,712 | ---- | C] () -- C:\Users\manni\AppData\Roaming\dajj
[2012/11/25 20:18:08 | 000,000,346 | ---- | C] () -- C:\Windows\tasks\At1.job
[2012/11/20 15:55:54 | 027,601,408 | ---- | C] () -- C:\Users\manni\Documents\mysql-workbench-gpl-5.2.44-win32.msi
[2012/11/20 15:41:44 | 032,644,608 | ---- | C] () -- C:\Users\manni\Documents\mysql-5.5.28-win32.msi
[2012/11/20 15:07:35 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012/11/19 05:46:09 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/11/19 05:46:01 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/11/19 05:44:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/11/18 23:19:05 | 000,000,334 | ---- | C] () -- C:\Users\manni\AppData\Roaming\ribb
[2012/11/18 18:35:37 | 000,000,600 | ---- | C] () -- C:\Users\manni\PUTTY.RND
[2012/11/18 17:15:49 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/11/18 16:51:57 | 000,001,793 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012/11/18 16:48:07 | 000,001,413 | ---- | C] () -- C:\Users\manni\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/18 16:41:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/11/18 16:32:12 | 000,001,419 | ---- | C] () -- C:\Users\manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/11/18 16:31:44 | 000,000,290 | ---- | C] () -- C:\Users\manni\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/11/18 16:31:44 | 000,000,272 | ---- | C] () -- C:\Users\manni\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
========== ZeroAccess Check ==========
[2009/07/14 10:12:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 10:16:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 06:45:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 06:46:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012/12/12 18:37:30 | 000,000,000 | ---D | M] -- C:\Users\manni\AppData\Roaming\Big Fish Games
[2012/12/12 19:42:10 | 000,000,000 | ---D | M] -- C:\Users\manni\AppData\Roaming\casualArts
[2012/12/13 13:25:20 | 000,000,000 | -HSD | M] -- C:\Users\manni\AppData\Roaming\CBCA59
[2012/11/25 20:19:05 | 000,000,000 | ---D | M] -- C:\Users\manni\AppData\Roaming\Friday's games
[2012/11/25 19:17:26 | 000,000,000 | ---D | M] -- C:\Users\manni\AppData\Roaming\GrabPro
[2012/11/25 09:53:52 | 000,000,000 | ---D | M] -- C:\Users\manni\AppData\Roaming\KatGames
[2012/12/03 00:48:53 | 000,000,000 | ---D | M] -- C:\Users\manni\AppData\Roaming\LimeWire
[2012/11/20 09:09:55 | 000,000,000 | ---D | M] -- C:\Users\manni\AppData\Roaming\Notepad++
[2012/11/25 19:17:20 | 000,000,000 | ---D | M] -- C:\Users\manni\AppData\Roaming\OpenCandy
[2012/11/18 16:51:59 | 000,000,000 | ---D | M] -- C:\Users\manni\AppData\Roaming\Opera
[2012/12/03 02:02:58 | 000,000,000 | ---D | M] -- C:\Users\manni\AppData\Roaming\Orbit
[2012/12/12 18:39:55 | 000,000,000 | ---D | M] -- C:\Users\manni\AppData\Roaming\PathToSuccess
[2012/12/12 20:02:38 | 000,000,000 | ---D | M] -- C:\Users\manni\AppData\Roaming\PlayFirst
[2012/11/25 19:17:29 | 000,000,000 | ---D | M] -- C:\Users\manni\AppData\Roaming\ProgSense
[2012/12/08 03:43:26 | 000,000,000 | ---D | M] -- C:\Users\manni\AppData\Roaming\Shareaza
[2012/11/18 17:17:12 | 000,000,000 | ---D | M] -- C:\Users\manni\AppData\Roaming\Subversion
[2012/12/13 13:14:28 | 000,000,000 | ---D | M] -- C:\Users\manni\AppData\Roaming\updates
[2012/12/13 20:31:39 | 000,000,000 | ---D | M] -- C:\Users\manni\AppData\Roaming\uTorrent
[2012/12/12 18:58:33 | 000,000,000 | ---D | M] -- C:\Users\manni\AppData\Roaming\ValuSoft
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 780432 bytes -> C:\Users\manni\AppData\Roaming\desktop.ini:init
@Alternate Data Stream - 16 bytes -> C:\Users\manni\Downloads:Shareaza.GUID
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:137E60A0
< End of report >