Currently my laptop is infected with the virus named WIN32/Injector.AFFI Trojan that is infecting svchost.exe(54136) which I tried removing using NOD32 antivirus but apparently it is impossible to remove it, ever since this virus has infected my laptop, the files in USB drives and External Hard discs that were plugged into my laptop turns into shortcuts, in addition,whenever I turn my laptop on and when it reaches the desktop, two internet explorer pages automatically opens and shows a website that I've never been to before, and some other problems such as messing with my registry.In need of help and would really be really thankful and appreciate it really much
this is the log from OTL
OTL logfile created on: 1/5/2013 8:09:38 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Software
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00004409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy
7.91 Gb Total Physical Memory | 4.41 Gb Available Physical Memory | 55.80% Memory free
15.81 Gb Paging File | 11.95 Gb Available in Paging File | 75.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 172.69 Gb Total Space | 39.96 Gb Free Space | 23.14% Space Free | Partition Type: NTFS
Drive D: | 292.97 Gb Total Space | 122.42 Gb Free Space | 41.79% Space Free | Partition Type: NTFS
Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/05/01 20:09:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Software\OTL.exe
PRC - [2013/04/13 02:36:20 | 000,555,304 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
PRC - [2013/04/13 02:36:04 | 000,390,440 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
PRC - [2013/04/13 02:35:46 | 000,453,928 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2013/04/13 02:35:44 | 001,279,784 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
PRC - [2013/04/04 17:56:10 | 000,087,344 | ---- | M] () -- D:\Games\GarenaLoL\GameData\bbtalk\GarenaTalkOverlay.exe
PRC - [2013/03/21 15:19:46 | 001,341,664 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2013/03/18 17:47:58 | 000,448,736 | ---- | M] (Sony) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2013/03/15 13:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/03/14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/03/13 18:05:36 | 009,655,088 | ---- | M] () -- D:\Games\GarenaLoL\GameData\GarenaMessenger.exe
PRC - [2013/02/04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
PRC - [2013/02/04 17:13:54 | 000,070,832 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2013/01/29 20:00:26 | 003,565,432 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2013/01/21 17:48:28 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/12/18 22:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/12 21:44:48 | 000,268,248 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2012/12/12 07:20:50 | 000,542,104 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2012/11/30 10:06:58 | 001,263,512 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2012/07/03 09:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/06/28 23:40:52 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2012/04/13 21:40:15 | 000,624,856 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
PRC - [2012/03/26 17:29:56 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011/07/07 16:32:30 | 000,088,704 | ---- | M] (ASUS) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
PRC - [2011/07/06 15:20:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
PRC - [2011/06/29 16:16:10 | 000,503,728 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2011/05/25 22:53:36 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2011/05/20 11:01:06 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2011/05/10 15:55:40 | 000,338,208 | -H-- | M] (Splashtop Inc.) -- C:\ASUS.SYS\config\SIONExportService.exe
PRC - [2011/03/13 10:59:18 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011/01/14 15:41:58 | 001,839,616 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2010/11/23 18:31:56 | 000,965,728 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2010/11/15 10:42:12 | 000,305,792 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2010/10/07 14:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/10/05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/10/05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/09/23 16:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010/09/07 14:15:28 | 002,787,224 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Imperator\RazerImperatorTray.exe
PRC - [2010/08/17 14:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/07/23 11:24:24 | 000,138,552 | ---- | M] () -- C:\Program Files (x86)\Celcom Broadband\UIExec.exe
PRC - [2010/07/23 11:24:20 | 000,255,800 | ---- | M] () -- C:\Program Files (x86)\Celcom Broadband\AssistantServices.exe
PRC - [2010/07/09 22:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
PRC - [2010/02/03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009/12/24 05:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009/12/15 10:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/07/14 09:14:26 | 006,376,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mspaint.exe
PRC - [2009/06/19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/08/13 21:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2007/11/30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
========== Modules (No Company Name) ==========
MOD - [2013/04/09 16:57:07 | 000,390,096 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
MOD - [2013/04/09 16:57:06 | 013,130,704 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
MOD - [2013/04/09 16:57:05 | 004,050,896 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 16:56:15 | 000,598,480 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013/04/09 16:56:14 | 000,124,368 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013/04/09 16:56:13 | 001,606,096 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2013/04/04 17:56:11 | 001,846,272 | ---- | M] () -- D:\Games\GarenaLoL\GameData\bbtalk\Overlay.dll
MOD - [2013/04/04 17:56:10 | 000,087,344 | ---- | M] () -- D:\Games\GarenaLoL\GameData\bbtalk\GarenaTalkOverlay.exe
MOD - [2013/03/19 16:55:53 | 000,432,944 | ---- | M] () -- D:\Games\GarenaLoL\GameData\Plugins\GarenaTalkPlugin.dll
MOD - [2013/03/19 16:55:50 | 000,027,952 | ---- | M] () -- D:\Games\GarenaLoL\GameData\VersionModule.dll
MOD - [2013/03/19 16:55:42 | 000,793,392 | ---- | M] () -- D:\Games\GarenaLoL\GameData\gagmhook.dll
MOD - [2013/03/13 18:06:04 | 001,543,984 | ---- | M] () -- D:\Games\GarenaLoL\GameData\lib\delay_load\FileSender.dll
MOD - [2013/03/13 18:06:02 | 000,949,552 | ---- | M] () -- D:\Games\GarenaLoL\GameData\lib\XLL.dll
MOD - [2013/03/13 18:05:59 | 000,374,064 | ---- | M] () -- D:\Games\GarenaLoL\GameData\lib\Http.dll
MOD - [2013/03/13 18:05:57 | 000,236,336 | ---- | M] () -- D:\Games\GarenaLoL\GameData\Plugins\PluginNews.dll
MOD - [2013/03/13 18:05:55 | 000,813,360 | ---- | M] () -- D:\Games\GarenaLoL\GameData\Plugins\ggplugin.dll
MOD - [2013/03/13 18:05:54 | 000,286,000 | ---- | M] () -- D:\Games\GarenaLoL\GameData\Plugins\DailyTaskPlugin.dll
MOD - [2013/03/13 18:05:36 | 009,655,088 | ---- | M] () -- D:\Games\GarenaLoL\GameData\GarenaMessenger.exe
MOD - [2013/03/07 10:10:42 | 000,106,288 | ---- | M] () -- D:\Games\GarenaLoL\GameData\lib\UILayout.dll
MOD - [2013/03/07 10:10:39 | 000,224,560 | ---- | M] () -- D:\Games\GarenaLoL\GameData\Plugins\StatsPlugin.dll
MOD - [2013/03/07 10:10:22 | 000,487,216 | ---- | M] () -- D:\Games\GarenaLoL\GameData\CxImage.dll
MOD - [2013/02/28 17:17:36 | 000,188,208 | ---- | M] () -- D:\Games\GarenaLoL\GameData\ggspawn.dll
MOD - [2013/02/07 17:11:25 | 000,025,392 | ---- | M] () -- D:\Games\GarenaLoL\GameData\PluginModule.dll
MOD - [2013/02/07 17:11:24 | 000,087,344 | ---- | M] () -- D:\Games\GarenaLoL\GameData\PluginKernel.dll
MOD - [2013/02/07 17:11:22 | 000,192,816 | ---- | M] () -- D:\Games\GarenaLoL\GameData\ImageModule.dll
MOD - [2013/02/07 17:11:17 | 000,051,504 | ---- | M] () -- D:\Games\GarenaLoL\GameData\FileLoader.dll
MOD - [2013/02/07 17:11:15 | 000,033,584 | ---- | M] () -- D:\Games\GarenaLoL\GameData\DibModule.dll
MOD - [2013/02/04 17:13:54 | 000,070,832 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2013/02/01 13:42:29 | 000,153,088 | ---- | M] () -- D:\Games\GarenaLoL\GameData\libzmq.dll
MOD - [2013/01/30 16:26:41 | 002,941,232 | ---- | M] () -- D:\Games\GarenaLoL\GameData\ggdownloader.dll
MOD - [2013/01/30 16:26:38 | 000,104,752 | ---- | M] () -- D:\Games\GarenaLoL\GameData\CommonLib.dll
MOD - [2013/01/16 18:30:17 | 000,098,608 | ---- | M] () -- D:\Games\GarenaLoL\GameData\Plugins\PlatformPlugin.dll
MOD - [2013/01/14 19:57:56 | 000,170,288 | ---- | M] () -- D:\Games\GarenaLoL\GameData\lib\fs\YYFileSystem.dll
MOD - [2013/01/14 19:57:52 | 001,092,912 | ---- | M] () -- D:\Games\GarenaLoL\GameData\lib\delay_load\GaFileTransfer.dll
MOD - [2013/01/14 19:57:46 | 000,219,952 | ---- | M] () -- D:\Games\GarenaLoL\GameData\lib\TaskManagerLib.dll
MOD - [2013/01/09 20:53:24 | 000,605,049 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
MOD - [2013/01/09 13:11:40 | 000,599,040 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
MOD - [2012/12/27 11:34:07 | 000,181,760 | ---- | M] () -- D:\Games\GarenaLoL\GameData\bbtalk\ggspawn.dll
MOD - [2012/11/30 10:07:48 | 000,100,248 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2012/11/30 10:06:58 | 001,263,512 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2012/11/07 16:25:36 | 000,204,288 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
MOD - [2012/09/13 14:19:19 | 000,048,640 | ---- | M] () -- D:\Games\GarenaLoL\GameData\lib\XmlUIModule.dll
MOD - [2012/07/27 14:59:42 | 000,010,240 | ---- | M] () -- D:\Games\GarenaLoL\GameData\lib\delay_load\ClientTcp.dll
MOD - [2012/07/27 14:59:28 | 000,061,952 | ---- | M] () -- D:\Games\GarenaLoL\GameData\lib\delay_load\UdtLib.dll
MOD - [2012/07/26 11:51:52 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll
MOD - [2012/04/30 10:57:42 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2012/04/24 09:19:16 | 000,238,592 | ---- | M] () -- D:\Games\GarenaLoL\GameData\lib\delay_load\MediaEngine.dll
MOD - [2012/04/13 11:12:18 | 000,059,392 | ---- | M] () -- D:\Games\GarenaLoL\GameData\lib\delay_load\AudioMixerLib.dll
MOD - [2012/04/13 11:12:18 | 000,019,968 | ---- | M] () -- D:\Games\GarenaLoL\GameData\ServerMemAlloc.dll
MOD - [2012/04/04 14:33:24 | 000,139,776 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll
MOD - [2012/03/16 12:51:02 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll
MOD - [2012/03/08 16:56:40 | 000,510,464 | ---- | M] () -- D:\Games\GarenaLoL\GameData\lib\delay_load\RSALib.dll
MOD - [2012/03/01 08:02:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2012/02/22 16:52:18 | 000,162,304 | ---- | M] () -- D:\Games\GarenaLoL\GameData\lame_enc.dll
MOD - [2012/02/22 16:52:16 | 000,573,100 | ---- | M] () -- D:\Games\GarenaLoL\GameData\sqlite3.dll
MOD - [2012/02/22 16:52:16 | 000,178,176 | ---- | M] () -- D:\Games\GarenaLoL\GameData\lib\MP3Module.dll
MOD - [2012/02/22 16:52:16 | 000,122,136 | ---- | M] () -- D:\Games\GarenaLoL\GameData\ggcode.dll
MOD - [2012/02/13 09:53:50 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll
MOD - [2011/10/18 09:54:24 | 000,097,792 | ---- | M] () -- D:\Games\GarenaLoL\GameData\bbtalk\CommonLib.dll
MOD - [2011/10/18 09:54:24 | 000,056,832 | ---- | M] () -- D:\Games\GarenaLoL\GameData\bbtalk\PluginKernel.dll
MOD - [2011/07/07 14:54:36 | 000,233,984 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
MOD - [2010/09/23 16:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2010/07/23 11:24:24 | 000,138,552 | ---- | M] () -- C:\Program Files (x86)\Celcom Broadband\UIExec.exe
MOD - [2010/01/11 15:44:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
MOD - [2009/04/15 15:04:38 | 000,104,520 | ---- | M] () -- C:\Windows\SysWOW64\OSD.dll
MOD - [2007/11/30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007/09/02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll
========== Services (SafeList) ==========
SRV:64bit: - File not found [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:64bit: - [2013/03/21 15:19:46 | 001,341,664 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2011/01/25 14:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010/04/16 16:07:42 | 000,134,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/04/13 02:57:46 | 000,078,512 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HSSTrayService.exe -- (HssTrayService)
SRV - [2013/04/13 02:36:20 | 000,555,304 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2013/04/13 02:36:04 | 000,390,440 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2013/04/13 02:35:46 | 000,453,928 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2013/03/15 13:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/03/14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/03/14 02:10:48 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Running] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2013/01/21 17:48:28 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/12/18 22:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/04 10:51:05 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/10/17 23:49:25 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2012/10/10 02:22:26 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/10/02 21:19:04 | 000,743,320 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/13 21:40:15 | 000,624,856 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2011/08/31 00:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/07/07 16:32:30 | 000,088,704 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011/05/10 15:55:40 | 000,338,208 | -H-- | M] (Splashtop Inc.) [Auto | Running] -- C:\ASUS.SYS\config\SIONExportService.exe -- (Splashtop MDES)
SRV - [2011/04/20 09:57:02 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2011/03/13 10:59:18 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011/03/13 10:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011/01/14 15:41:58 | 001,839,616 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2010/10/05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/10/05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/07/23 11:24:20 | 000,255,800 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Celcom Broadband\AssistantServices.exe -- (UI Assistant Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/24 05:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009/12/15 10:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/08/07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/04/26 11:26:57 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/04/13 02:53:02 | 000,046,280 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:64bit: - [2013/03/15 13:53:06 | 000,284,448 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nvkflt.sys -- (nvkflt)
DRV:64bit: - [2013/03/15 13:53:06 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/02/20 11:07:38 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013/02/08 08:31:57 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013/01/11 03:44:02 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013/01/10 15:08:16 | 000,139,768 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2013/01/10 15:08:14 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012/11/22 08:43:14 | 000,165,112 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2012/10/10 02:22:28 | 005,343,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/08/23 22:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 22:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 22:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/13 21:58:22 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2012/08/13 21:58:22 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2012/08/10 16:27:23 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2012/08/10 16:27:23 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2012/04/07 02:15:10 | 000,038,632 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2012/03/01 14:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/07 10:49:50 | 002,770,944 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/06/02 10:32:50 | 000,401,896 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/06/02 10:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/05/05 20:32:56 | 001,439,792 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/04/26 11:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/03/13 10:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/03/13 10:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/03/13 10:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/03/13 10:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/03/13 10:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/03/13 10:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/03/13 10:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/03/11 14:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 14:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/25 17:42:18 | 000,016,768 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2010/11/21 11:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/17 16:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2010/09/17 16:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2010/09/17 16:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2010/09/17 16:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2010/08/24 17:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/06/03 11:14:18 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2010/05/19 14:12:46 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2010/05/19 14:12:46 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2010/05/19 14:12:46 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:64bit: - [2010/04/28 07:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010/04/28 07:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010/04/28 05:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010/04/28 05:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010/04/16 16:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/09/16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009/08/21 01:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/20 17:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/23 17:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2011/05/25 19:06:20 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 17:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?src=maxpc
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://malaysia.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-MY
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 06 82 47 2E D0 12 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{00EAE8D7-C9E7-42AB-A239-F7CDAB47E92E}: "URL" = http://websearch.ask...DD-48011ADD1BD5
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?...?l=dis&o=15187"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0.6.8
FF - prefs.js..extensions.enabledAddons: [email protected]:1.20.00
FF - prefs.js..extensions.enabledAddons: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..extensions.enabledAddons: [email protected]:7.3.35
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: D:\Games\GarenaLoL\GameData\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\user\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\user\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2013/04/05 01:11:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/01/27 15:59:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/02 15:01:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/03/02 15:01:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013/04/05 01:11:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\user\AppData\Roaming\IDM\idmmzcc5 [2013/02/14 10:54:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\user\AppData\Roaming\IDM\idmmzcc5 [2013/02/14 10:54:20 | 000,000,000 | ---D | M]
[2012/03/27 11:59:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions
[2013/03/23 01:06:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\7ckcpcgj.default\extensions
[2013/01/13 10:15:46 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\7ckcpcgj.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012/07/13 01:32:52 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\7ckcpcgj.default\extensions\[email protected]
[2012/07/24 23:47:49 | 000,075,325 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\7ckcpcgj.default\extensions\[email protected]
[2012/04/28 09:33:12 | 000,002,572 | ---- | M] () -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\7ckcpcgj.default\searchplugins\askcom.xml
[2013/01/27 01:15:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/05/06 13:57:46 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2011/07/08 15:16:28 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/28 23:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010/01/01 16:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Internet Download Manager Plugin (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.3_0\IDMGCExt.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Java Platform SE 7 U15 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\user\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.150.3 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Google Translate = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: YouTube = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Slinky Elegant = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln\19.6_1\
CHR - Extension: Google Search = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Photo Zoom for Facebook = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: AdBlock = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.62_0\
CHR - Extension: instant translate = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke\1.7.3_0\
CHR - Extension: IDM Integration = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.9.1_0\
CHR - Extension: Smooth Scrollerator = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmicgfcegednlkdhgbhgickcgndjeeig\1.1.5_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\7.0.8_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013/03/15 18:09:36 | 000,000,860 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 q4master.idsoftware.com
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FiltrateIE Class) - {B5D4581D-ED6A-4905-A267-25BAF7BE79C1} - C:\Windows\SysWOW64\SafeIE.dll ()
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AutoRunExterminator] D:\Software\AutoRunExterminator.exe (Inside Core)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Razer Imperator Driver] C:\Program Files (x86)\Razer\Imperator\RazerImperatorTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [UIExec] C:\Program Files (x86)\Celcom Broadband\UIExec.exe ()
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Ekbcbg] C:\Users\user\AppData\Roaming\Microsoft\Ekbcbg.exe (Hause)
O4 - HKCU..\Run: [Facebook Update] C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GarenaPlus] D:\Games\GarenaLoL\GameData\GarenaMessenger.exe ()
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [Screen Saver Pro 3.1] C:\Users\user\AppData\Roaming\ScreenSaverPro.scr (Hause)
O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutorun = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: &Download all by WellGet - C:\Program Files (x86)\WellGet\Nxall.htm ()
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download by &WellGet - C:\Program Files (x86)\WellGet\NxCatch.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: &Download all by WellGet - C:\Program Files (x86)\WellGet\Nxall.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download by &WellGet - C:\Program Files (x86)\WellGet\NxCatch.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra Button: WellGet - {35980F6E-A258-4E50-953D-813BB8556899} - C:\Program Files (x86)\WellGet\WellGet.exe ()
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2D7496B7-07D2-4C75-ADC0-EDA6E6B8567B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A4E1371F-DDF8-4C0B-8778-3411E69BF455}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC307C51-D912-47C4-A048-41E952CC316C}: DhcpNameServer = 8.8.8.8
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\KuGoo - No CLSID value found
O18:64bit: - Protocol\Handler\KuGoo3 - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp - No CLSID value found
O18:64bit: - Protocol\Handler\tmpx - No CLSID value found
O18 - Protocol\Handler\KuGoo - No CLSID value found
O18 - Protocol\Handler\KuGoo3 - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmbp - No CLSID value found
O18 - Protocol\Handler\tmpx - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{30701185-fa4a-11e1-82d6-001e101fe70e}\Shell - "" = AutoRun
O33 - MountPoints2\{30701185-fa4a-11e1-82d6-001e101fe70e}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{53c9c7cf-fbda-11e1-83b9-001e101f4da1}\Shell - "" = AutoRun
O33 - MountPoints2\{53c9c7cf-fbda-11e1-83b9-001e101f4da1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{715e1c80-f99d-11e1-8daa-742f68e53958}\Shell - "" = AutoRun
O33 - MountPoints2\{715e1c80-f99d-11e1-8daa-742f68e53958}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{715e1c8d-f99d-11e1-8daa-742f68e53958}\Shell - "" = AutoRun
O33 - MountPoints2\{715e1c8d-f99d-11e1-8daa-742f68e53958}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{7cb68dfc-fca4-11e1-9d43-5404a67634e4}\Shell - "" = AutoRun
O33 - MountPoints2\{7cb68dfc-fca4-11e1-9d43-5404a67634e4}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{827be6b0-2a3f-11e2-9a8b-5404a67634e4}\Shell - "" = AutoRun
O33 - MountPoints2\{827be6b0-2a3f-11e2-9a8b-5404a67634e4}\Shell\AutoRun\command - "" = G:\Install.exe
O33 - MountPoints2\{827be709-2a3f-11e2-9a8b-5404a67634e4}\Shell - "" = AutoRun
O33 - MountPoints2\{827be709-2a3f-11e2-9a8b-5404a67634e4}\Shell\AutoRun\command - "" = I:\Install.exe
O33 - MountPoints2\{e223f41b-e290-11e1-82b8-742f68e53958}\Shell - "" = AutoRun
O33 - MountPoints2\{e223f41b-e290-11e1-82b8-742f68e53958}\Shell\AutoRun\command - "" = G:\Startme.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Install.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\Install.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/05/01 13:27:59 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2013/04/29 16:12:54 | 000,230,400 | ---- | C] (Hause) -- C:\Users\user\AppData\Roaming\ScreenSaverPro.scr
[2013/04/26 23:18:27 | 000,134,904 | ---- | C] (J@u?) -- C:\Users\user\AppData\Roaming\C4E5.exe
[2013/04/26 11:26:57 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/04/25 18:07:19 | 000,069,496 | ---- | C] (House) -- C:\Users\user\AppData\Roaming\38D7.exe
[2013/04/24 12:58:07 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/04/24 00:26:22 | 000,000,000 | ---D | C] -- C:\RECYCLER
[2013/04/24 00:26:10 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/04/24 00:26:10 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/04/24 00:26:10 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/04/24 00:26:05 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/04/24 00:26:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/04/24 00:25:49 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/04/15 20:54:23 | 000,230,400 | -HS- | C] (Hause) -- C:\Users\user\AppData\Roaming\C68D.exe
[2013/04/13 09:26:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/04/13 02:53:02 | 000,046,280 | ---- | C] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
[2013/04/05 01:11:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2013/04/05 01:11:11 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2013/04/05 01:11:11 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/04/04 18:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/05/01 20:10:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/01 19:58:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4270355918-3397995266-1241077080-1000UA.job
[2013/05/01 19:42:45 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\AE27.exe
[2013/05/01 19:42:42 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\A273.exe
[2013/05/01 19:42:40 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\9C2B.exe
[2013/05/01 19:42:38 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\9612.exe
[2013/05/01 19:42:37 | 000,010,870 | ---- | M] () -- C:\Users\user\AppData\Roaming\8FF9.exe
[2013/05/01 19:41:46 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4270355918-3397995266-1241077080-1000UA.job
[2013/05/01 19:41:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/01 13:35:35 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/01 13:35:35 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/01 13:33:58 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\E63.exe
[2013/05/01 13:33:56 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\81B.exe
[2013/05/01 13:33:55 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\1D4.exe
[2013/05/01 13:33:47 | 000,730,652 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/01 13:33:47 | 000,619,146 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/01 13:33:47 | 000,107,466 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/01 13:27:44 | 000,000,012 | -H-- | M] () -- C:\dvmexp.idx
[2013/05/01 13:27:27 | 2072,027,135 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/01 12:15:13 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2013/05/01 05:06:53 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\C392.exe
[2013/05/01 05:06:50 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\BAF9.exe
[2013/05/01 05:06:46 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\A95C.exe
[2013/05/01 05:06:44 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\A130.exe
[2013/04/30 23:58:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4270355918-3397995266-1241077080-1000Core.job
[2013/04/30 23:10:26 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\6C92.exe
[2013/04/30 23:10:24 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\64B4.exe
[2013/04/30 23:10:22 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\5CE7.exe
[2013/04/30 18:08:40 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\281A.exe
[2013/04/30 18:08:38 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\20AA.exe
[2013/04/30 18:08:36 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\18EC.exe
[2013/04/29 22:52:53 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\78E9.exe
[2013/04/29 22:52:07 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\C1DA.exe
[2013/04/29 22:52:02 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\B193.exe
[2013/04/29 22:52:00 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\A6D9.exe
[2013/04/29 22:41:59 | 000,526,136 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/04/29 20:35:47 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\E744.exe
[2013/04/29 20:35:43 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\D51A.exe
[2013/04/29 20:35:41 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\CCFE.exe
[2013/04/29 20:35:39 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\C502.exe
[2013/04/29 20:35:37 | 000,010,870 | ---- | M] () -- C:\Users\user\AppData\Roaming\BCE6.exe
[2013/04/29 20:23:10 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\59BF.exe
[2013/04/29 20:23:05 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\463E.exe
[2013/04/29 20:23:03 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\3DE4.exe
[2013/04/29 20:23:01 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\35F7.exe
[2013/04/29 20:22:59 | 000,010,870 | ---- | M] () -- C:\Users\user\AppData\Roaming\2DDB.exe
[2013/04/29 16:15:44 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\D1F1.exe
[2013/04/29 16:15:39 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\BC9C.exe
[2013/04/29 16:15:37 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\B367.exe
[2013/04/29 16:15:34 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\AA52.exe
[2013/04/29 00:56:45 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\B84A.exe
[2013/04/29 00:56:38 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\9D69.exe
[2013/04/29 00:56:35 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\90EA.exe
[2013/04/29 00:23:38 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\65C4.exe
[2013/04/29 00:22:28 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\5639.exe
[2013/04/29 00:22:23 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\4067.exe
[2013/04/29 00:21:44 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\AABC.exe
[2013/04/29 00:21:30 | 000,230,400 | ---- | M] (Hause) -- C:\Users\user\AppData\Roaming\ScreenSaverPro.scr
[2013/04/28 21:30:07 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\8C5F.exe
[2013/04/28 21:30:05 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\8397.exe
[2013/04/28 21:30:03 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\7B7C.exe
[2013/04/28 21:03:19 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\13C.exe
[2013/04/28 21:03:15 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\F3C4.exe
[2013/04/28 21:03:11 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\E0FE.exe
[2013/04/28 19:45:14 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\862F.exe
[2013/04/28 19:43:26 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\E010.exe
[2013/04/28 19:43:12 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\A699.exe
[2013/04/28 19:42:57 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\6F43.exe
[2013/04/28 18:27:20 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\329E.exe
[2013/04/28 18:27:01 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\EA96.exe
[2013/04/28 18:26:51 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\C3B4.exe
[2013/04/28 18:26:41 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\9C55.exe
[2013/04/28 15:43:51 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\86AF.exe
[2013/04/28 15:43:49 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\7EB3.exe
[2013/04/28 15:43:47 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\76A7.exe
[2013/04/28 14:15:45 | 000,002,198 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2013/04/27 21:01:26 | 000,130,816 | ---- | M] () -- C:\Users\user\AppData\Roaming\400E.exe
[2013/04/27 17:13:43 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\C76F.exe
[2013/04/27 17:13:26 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\8263.exe
[2013/04/27 17:13:18 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\6512.exe
[2013/04/27 17:13:13 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\501B.exe
[2013/04/27 17:13:10 | 000,010,870 | ---- | M] () -- C:\Users\user\AppData\Roaming\43F9.exe
[2013/04/27 13:50:41 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\E523.exe
[2013/04/27 13:50:36 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\D115.exe
[2013/04/27 13:50:31 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\BD66.exe
[2013/04/27 13:50:29 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\B4CD.exe
[2013/04/26 23:18:27 | 000,134,904 | ---- | M] (J@u?) -- C:\Users\user\AppData\Roaming\C4E5.exe
[2013/04/26 19:52:49 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\831F.exe
[2013/04/26 19:52:47 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\7AB5.exe
[2013/04/26 19:52:45 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\7049.exe
[2013/04/26 19:52:42 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\662A.exe
[2013/04/26 18:39:52 | 000,130,816 | ---- | M] () -- C:\Users\user\AppData\Roaming\B994.exe
[2013/04/26 18:18:33 | 000,130,816 | ---- | M] () -- C:\Users\user\AppData\Roaming\34D8.exe
[2013/04/26 11:37:36 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\1D67.exe
[2013/04/26 11:37:33 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\155B.exe
[2013/04/26 11:37:31 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\D8D.exe
[2013/04/26 11:37:29 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\5B0.exe
[2013/04/26 11:27:08 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\88F1.exe
[2013/04/26 11:27:06 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\8097.exe
[2013/04/26 11:27:03 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\781D.exe
[2013/04/26 11:27:01 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\6F56.exe
[2013/04/26 11:26:58 | 000,010,870 | ---- | M] () -- C:\Users\user\AppData\Roaming\645D.exe
[2013/04/26 11:26:57 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/04/25 22:20:21 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\E909.exe
[2013/04/25 22:20:19 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\DECB.exe
[2013/04/25 22:20:16 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\D549.exe
[2013/04/25 22:20:14 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\CBF5.exe
[2013/04/25 18:42:39 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\92BA.exe
[2013/04/25 18:07:19 | 000,069,496 | ---- | M] (House) -- C:\Users\user\AppData\Roaming\38D7.exe
[2013/04/25 18:06:22 | 000,130,816 | ---- | M] () -- C:\Users\user\AppData\Roaming\5B34.exe
[2013/04/25 18:03:29 | 000,012,264 | ---- | M] () -- C:\Users\user\AppData\Roaming\B737.exe
[2013/04/25 12:03:24 | 000,130,816 | ---- | M] () -- C:\Users\user\AppData\Roaming\BE3.exe
[2013/04/24 20:31:15 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\3D64.exe
[2013/04/24 20:31:10 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\2D7A.exe
[2013/04/24 20:31:08 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\259D.exe
[2013/04/24 19:47:05 | 000,151,256 | ---- | M] () -- C:\Users\user\AppData\Roaming\CDBC.exe
[2013/04/24 00:19:53 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\44F0.exe
[2013/04/23 23:13:37 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\97FA.exe
[2013/04/23 19:27:17 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\C4A0.exe
[2013/04/23 19:26:59 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\7D24.exe
[2013/04/23 19:26:46 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\4B3B.exe
[2013/04/23 19:25:23 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\574.exe
[2013/04/22 10:52:19 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4270355918-3397995266-1241077080-1000Core.job
[2013/04/21 19:28:38 | 000,010,869 | ---- | M] () -- C:\Users\user\AppData\Roaming\8FB5.exe
[2013/04/21 18:14:46 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\EFFB.exe
[2013/04/21 18:14:44 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\E7A1.exe
[2013/04/21 18:14:42 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\DF76.exe
[2013/04/21 18:14:40 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\D779.exe
[2013/04/21 18:14:38 | 000,010,869 | ---- | M] () -- C:\Users\user\AppData\Roaming\CF5D.exe
[2013/04/21 17:39:08 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\50F9.exe
[2013/04/21 17:39:06 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\47B5.exe
[2013/04/21 17:39:04 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\3EED.exe
[2013/04/21 17:39:02 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\36A3.exe
[2013/04/21 17:39:00 | 000,010,870 | ---- | M] () -- C:\Users\user\AppData\Roaming\2E68.exe
[2013/04/21 16:21:18 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\DCA.exe
[2013/04/21 16:21:16 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\551.exe
[2013/04/21 16:21:14 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\FD35.exe
[2013/04/21 16:21:10 | 000,010,870 | ---- | M] () -- C:\Users\user\AppData\Roaming\EF8D.exe
[2013/04/21 13:46:52 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\A9E3.exe
[2013/04/21 13:46:50 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\A1B7.exe
[2013/04/21 13:46:48 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\99AB.exe
[2013/04/21 13:46:46 | 000,010,870 | ---- | M] () -- C:\Users\user\AppData\Roaming\919F.exe
[2013/04/21 11:39:45 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\4A01.exe
[2013/04/21 11:39:43 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\411B.exe
[2013/04/21 11:39:38 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\2CFE.exe
[2013/04/21 11:22:25 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\68B4.exe
[2013/04/21 11:22:22 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\603A.exe
[2013/04/21 11:22:20 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\57E0.exe
[2013/04/21 11:22:18 | 000,010,870 | ---- | M] () -- C:\Users\user\AppData\Roaming\4F09.exe
[2013/04/21 01:31:14 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\755C.exe
[2013/04/21 01:31:12 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\6B5C.exe
[2013/04/21 01:31:08 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\5F4A.exe
[2013/04/21 01:31:06 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\554B.exe
[2013/04/21 01:31:03 | 000,010,869 | ---- | M] () -- C:\Users\user\AppData\Roaming\4ADE.exe
[2013/04/21 00:04:08 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\AB91.exe
[2013/04/21 00:04:04 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\9D00.exe
[2013/04/21 00:04:00 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\8F39.exe
[2013/04/20 23:58:04 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\1D04.exe
[2013/04/20 23:57:37 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\B710.exe
[2013/04/20 23:56:59 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\1FA1.exe
[2013/04/20 23:54:37 | 000,010,869 | ---- | M] () -- C:\Users\user\AppData\Roaming\F4C9.exe
[2013/04/20 00:47:34 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\138C.exe
[2013/04/20 00:47:29 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\FFAE.exe
[2013/04/20 00:47:24 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\EB91.exe
[2013/04/20 00:47:19 | 000,010,870 | ---- | M] () -- C:\Users\user\AppData\Roaming\D7C2.exe
[2013/04/19 21:28:06 | 000,001,986 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013/04/19 21:19:56 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\FC5D.exe
[2013/04/19 21:19:54 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\F29C.exe
[2013/04/19 21:19:51 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\E977.exe
[2013/04/19 21:19:49 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\DFF4.exe
[2013/04/19 21:19:46 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\D5F5.exe
[2013/04/19 21:19:44 | 000,010,869 | ---- | M] () -- C:\Users\user\AppData\Roaming\CCDF.exe
[2013/04/19 19:14:45 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\60A2.exe
[2013/04/19 19:14:38 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\45FF.exe
[2013/04/19 19:14:36 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\3DA5.exe
[2013/04/19 14:18:01 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\B52D.exe
[2013/04/19 14:17:59 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\AD4F.exe
[2013/04/19 14:17:57 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\A572.exe
[2013/04/19 14:17:55 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\9DA4.exe
[2013/04/19 14:17:52 | 000,010,869 | ---- | M] () -- C:\Users\user\AppData\Roaming\93D3.exe
[2013/04/19 11:46:38 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\1B66.exe
[2013/04/19 11:46:34 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\B9B.exe
[2013/04/19 11:46:32 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\3BE.exe
[2013/04/19 11:46:30 | 000,010,869 | ---- | M] () -- C:\Users\user\AppData\Roaming\FBF0.exe
[2013/04/19 11:04:39 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\ABCC.exe
[2013/04/19 11:04:34 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\9B28.exe
[2013/04/19 11:04:29 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\86DD.exe
[2013/04/19 11:04:26 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\78D8.exe
[2013/04/18 22:47:11 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\679E.exe
[2013/04/18 22:46:07 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\6EED.exe
[2013/04/18 22:45:55 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\3FEF.exe
[2013/04/18 22:45:51 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\2ECF.exe
[2013/04/18 22:45:47 | 000,010,869 | ---- | M] () -- C:\Users\user\AppData\Roaming\207C.exe
[2013/04/18 18:52:25 | 000,010,869 | ---- | M] () -- C:\Users\user\AppData\Roaming\78A4.exe
[2013/04/18 18:52:23 | 000,010,870 | ---- | M] () -- C:\Users\user\AppData\Roaming\70E6.exe
[2013/04/18 18:52:19 | 000,010,869 | ---- | M] () -- C:\Users\user\AppData\Roaming\613A.exe
[2013/04/18 18:52:17 | 000,010,869 | ---- | M] () -- C:\Users\user\AppData\Roaming\599B.exe
[2013/04/18 18:52:15 | 000,010,873 | ---- | M] () -- C:\Users\user\AppData\Roaming\518F.exe
[2013/04/18 18:52:13 | 000,010,873 | ---- | M] () -- C:\Users\user\AppData\Roaming\49C1.exe
[2013/04/18 18:52:11 | 000,010,869 | ---- | M] () -- C:\Users\user\AppData\Roaming\41F4.exe
[2013/04/18 18:52:09 | 000,010,871 | ---- | M] () -- C:\Users\user\AppData\Roaming\3A45.exe
[2013/04/18 18:52:01 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\190B.exe
[2013/04/18 16:34:20 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\C98.exe
[2013/04/18 16:32:57 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\C75D.exe
[2013/04/18 16:30:45 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\C6A1.exe
[2013/04/18 16:25:28 | 000,010,869 | ---- | M] () -- C:\Users\user\AppData\Roaming\EEA9.exe
[2013/04/18 14:09:11 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\2B28.exe
[2013/04/18 14:09:09 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\231C.exe
[2013/04/18 14:09:07 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\1AD2.exe
[2013/04/18 14:09:05 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\12A6.exe
[2013/04/18 14:09:03 | 000,010,870 | ---- | M] () -- C:\Users\user\AppData\Roaming\A2D.exe
[2013/04/17 17:00:48 | 000,010,870 | ---- | M] () -- C:\Users\user\AppData\Roaming\A6E8.exe
[2013/04/17 01:51:34 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\B51D.exe
[2013/04/16 23:46:55 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\98E2.exe
[2013/04/16 23:46:52 | 000,010,870 | ---- | M] () -- C:\Users\user\AppData\Roaming\8ADD.exe
[2013/04/16 23:46:48 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\7A78.exe
[2013/04/16 23:46:44 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\6BB8.exe
[2013/04/16 23:46:40 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\5AD5.exe
[2013/04/16 23:46:35 | 000,010,870 | ---- | M] () -- C:\Users\user\AppData\Roaming\47B2.exe
[2013/04/16 23:46:19 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\AFF.exe
[2013/04/16 23:46:15 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\FBD2.exe
[2013/04/16 23:46:12 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\ED60.exe
[2013/04/16 23:46:08 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\DEBF.exe
[2013/04/16 23:46:04 | 000,010,869 | ---- | M] () -- C:\Users\user\AppData\Roaming\CF62.exe
[2013/04/16 23:45:59 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\BBD2.exe
[2013/04/16 19:53:55 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\46DC.exe
[2013/04/16 19:53:11 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\990F.exe
[2013/04/16 19:53:04 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\7F19.exe
[2013/04/16 19:19:09 | 000,010,869 | ---- | M] () -- C:\Users\user\AppData\Roaming\6F6E.exe
[2013/04/16 18:48:16 | 000,010,870 | ---- | M] () -- C:\Users\user\AppData\Roaming\2C07.exe
[2013/04/16 15:28:04 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\E14C.exe
[2013/04/16 15:28:01 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\D6C0.exe
[2013/04/16 15:27:57 | 000,010,868 | ---- | M] () -- C:\Users\user\AppData\Roaming\C5BF.exe
[2013/04/16 15:20:48 | 000,010,870 | ---- | M] () -- C:\Users\user\AppData\Roaming\386D.exe
[2013/04/16 13:48:32 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\D6D2.exe
[2013/04/16 13:48:24 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\B7DC.exe
[2013/04/16 13:48:20 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\A7F3.exe
[2013/04/16 13:17:43 | 000,010,869 | ---- | M] () -- C:\Users\user\AppData\Roaming\9F4A.exe
[2013/04/15 23:23:59 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\6FAC.exe
[2013/04/15 23:23:54 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\5C0C.exe
[2013/04/15 23:23:50 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\4F20.exe
[2013/04/15 22:30:56 | 000,010,869 | ---- | M] () -- C:\Users\user\AppData\Roaming\DEDE.exe
[2013/04/15 21:43:33 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\7D4D.exe
[2013/04/15 21:41:17 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\6B61.exe
[2013/04/15 21:39:36 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\DDF0.exe
[2013/04/15 21:38:26 | 000,010,869 | ---- | M] () -- C:\Users\user\AppData\Roaming\CCEF.exe
[2013/04/15 20:55:25 | 000,010,866 | ---- | M] () -- C:\Users\user\AppData\Roaming\B968.exe
[2013/04/15 20:55:23 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\B14C.exe
[2013/04/15 20:55:21 | 000,010,867 | ---- | M] () -- C:\Users\user\AppData\Roaming\A950.exe
[2013/04/15 20:55:19 | 000,010,869 | ---- | M] () -- C:\Users\user\AppData\Roaming\A163.exe
[2013/04/15 20:54:23 | 000,230,400 | -HS- | M] (Hause) -- C:\Users\user\AppData\Roaming\C68D.exe
[2013/04/13 02:53:02 | 000,046,280 | ---- | M] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
[2013/04/04 20:56:58 | 000,001,294 | ---- | M] () -- C:\Windows\SysNative\SKY-202 - SkyHigh Jukujo Premium 8 (30 Women) - Ageha Kinoshita, Aiko Hirose, Arisa Ebihara, Ayami, Chika Ishihara, Emi Orihara, Emiri Senoo, Emiri Seo, Kanna Harumi, Rica, Riko Oshima, Saki Kozakura.lnk
[2013/04/04 20:50:02 | 000,001,274 | ---- | M] () -- C:\Windows\SysNative\While the Husband and Children Are Playing By the Water… a Mama Who is Having An Esthetic Treatment in a Place By the Sea Subjected to Indecent Fingering Stifles Her Voice and Quickly Becomes Inflamed .lnk
[2013/04/04 20:48:36 | 000,001,268 | ---- | M] () -- C:\Windows\SysNative\Watch Online [Cd 01] RHJ-239 - Red Hot Jam Vol.239 - Ageha Kinoshita, Chiharu Miyashita, Hikari Sakamoto, Jun, Kaoru Hirayama, Kotomi Asakura, Miina Yoshihara, Nao Yuzumiya, Nene Masaki, Sayuri Ito, Ya.lnk
[2013/04/04 18:35:40 | 000,001,812 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2013/04/04 18:34:33 | 000,000,000 | ---- | M] () -- C:\END
[2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/04/02 19:37:41 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/04/02 19:37:40 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/05/01 19:42:45 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\AE27.exe
[2013/05/01 19:42:42 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\A273.exe
[2013/05/01 19:42:40 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\9C2B.exe
[2013/05/01 19:42:38 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\9612.exe
[2013/05/01 19:42:37 | 000,010,870 | ---- | C] () -- C:\Users\user\AppData\Roaming\8FF9.exe
[2013/05/01 13:33:58 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\E63.exe
[2013/05/01 13:33:56 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\81B.exe
[2013/05/01 13:33:55 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\1D4.exe
[2013/05/01 05:06:53 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\C392.exe
[2013/05/01 05:06:50 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\BAF9.exe
[2013/05/01 05:06:46 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\A95C.exe
[2013/05/01 05:06:44 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\A130.exe
[2013/04/30 23:10:26 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\6C92.exe
[2013/04/30 23:10:24 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\64B4.exe
[2013/04/30 23:10:22 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\5CE7.exe
[2013/04/30 18:08:40 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\281A.exe
[2013/04/30 18:08:38 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\20AA.exe
[2013/04/30 18:08:36 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\18EC.exe
[2013/04/29 22:52:53 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\78E9.exe
[2013/04/29 22:52:07 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\C1DA.exe
[2013/04/29 22:52:02 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\B193.exe
[2013/04/29 22:52:00 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\A6D9.exe
[2013/04/29 20:35:47 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\E744.exe
[2013/04/29 20:35:43 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\D51A.exe
[2013/04/29 20:35:41 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\CCFE.exe
[2013/04/29 20:35:39 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\C502.exe
[2013/04/29 20:35:37 | 000,010,870 | ---- | C] () -- C:\Users\user\AppData\Roaming\BCE6.exe
[2013/04/29 20:23:10 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\59BF.exe
[2013/04/29 20:23:05 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\463E.exe
[2013/04/29 20:23:03 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\3DE4.exe
[2013/04/29 20:23:01 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\35F7.exe
[2013/04/29 20:22:59 | 000,010,870 | ---- | C] () -- C:\Users\user\AppData\Roaming\2DDB.exe
[2013/04/29 16:15:44 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\D1F1.exe
[2013/04/29 16:15:39 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\BC9C.exe
[2013/04/29 16:15:37 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\B367.exe
[2013/04/29 16:15:34 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\AA52.exe
[2013/04/29 00:56:45 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\B84A.exe
[2013/04/29 00:56:38 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\9D69.exe
[2013/04/29 00:56:35 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\90EA.exe
[2013/04/29 00:23:38 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\65C4.exe
[2013/04/29 00:22:28 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\5639.exe
[2013/04/29 00:22:23 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\4067.exe
[2013/04/29 00:21:44 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\AABC.exe
[2013/04/28 21:30:07 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\8C5F.exe
[2013/04/28 21:30:05 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\8397.exe
[2013/04/28 21:30:03 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\7B7C.exe
[2013/04/28 21:03:19 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\13C.exe
[2013/04/28 21:03:15 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\F3C4.exe
[2013/04/28 21:03:11 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\E0FE.exe
[2013/04/28 19:45:14 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\862F.exe
[2013/04/28 19:43:26 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\E010.exe
[2013/04/28 19:43:12 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\A699.exe
[2013/04/28 19:42:57 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\6F43.exe
[2013/04/28 18:27:20 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\329E.exe
[2013/04/28 18:27:01 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\EA96.exe
[2013/04/28 18:26:51 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\C3B4.exe
[2013/04/28 18:26:41 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\9C55.exe
[2013/04/28 15:43:51 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\86AF.exe
[2013/04/28 15:43:49 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\7EB3.exe
[2013/04/28 15:43:47 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\76A7.exe
[2013/04/27 21:01:26 | 000,130,816 | ---- | C] () -- C:\Users\user\AppData\Roaming\400E.exe
[2013/04/27 17:13:43 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\C76F.exe
[2013/04/27 17:13:26 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\8263.exe
[2013/04/27 17:13:18 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\6512.exe
[2013/04/27 17:13:13 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\501B.exe
[2013/04/27 17:13:10 | 000,010,870 | ---- | C] () -- C:\Users\user\AppData\Roaming\43F9.exe
[2013/04/27 13:50:41 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\E523.exe
[2013/04/27 13:50:36 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\D115.exe
[2013/04/27 13:50:31 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\BD66.exe
[2013/04/27 13:50:29 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\B4CD.exe
[2013/04/26 19:52:49 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\831F.exe
[2013/04/26 19:52:47 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\7AB5.exe
[2013/04/26 19:52:45 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\7049.exe
[2013/04/26 19:52:42 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\662A.exe
[2013/04/26 18:39:52 | 000,130,816 | ---- | C] () -- C:\Users\user\AppData\Roaming\B994.exe
[2013/04/26 18:18:33 | 000,130,816 | ---- | C] () -- C:\Users\user\AppData\Roaming\34D8.exe
[2013/04/26 11:37:36 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\1D67.exe
[2013/04/26 11:37:33 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\155B.exe
[2013/04/26 11:37:31 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\D8D.exe
[2013/04/26 11:37:29 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\5B0.exe
[2013/04/26 11:27:08 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\88F1.exe
[2013/04/26 11:27:06 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\8097.exe
[2013/04/26 11:27:03 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\781D.exe
[2013/04/26 11:27:01 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\6F56.exe
[2013/04/26 11:26:58 | 000,010,870 | ---- | C] () -- C:\Users\user\AppData\Roaming\645D.exe
[2013/04/25 22:20:21 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\E909.exe
[2013/04/25 22:20:19 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\DECB.exe
[2013/04/25 22:20:16 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\D549.exe
[2013/04/25 22:20:14 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\CBF5.exe
[2013/04/25 18:42:39 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\92BA.exe
[2013/04/25 18:06:22 | 000,130,816 | ---- | C] () -- C:\Users\user\AppData\Roaming\5B34.exe
[2013/04/25 18:03:29 | 000,012,264 | ---- | C] () -- C:\Users\user\AppData\Roaming\B737.exe
[2013/04/25 12:03:24 | 000,130,816 | ---- | C] () -- C:\Users\user\AppData\Roaming\BE3.exe
[2013/04/24 20:31:15 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\3D64.exe
[2013/04/24 20:31:10 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\2D7A.exe
[2013/04/24 20:31:08 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\259D.exe
[2013/04/24 19:47:05 | 000,151,256 | ---- | C] () -- C:\Users\user\AppData\Roaming\CDBC.exe
[2013/04/24 00:26:10 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/04/24 00:26:10 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/04/24 00:26:10 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/04/24 00:26:10 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/04/24 00:26:10 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/04/24 00:19:53 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\44F0.exe
[2013/04/23 23:13:37 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\97FA.exe
[2013/04/23 19:27:17 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\C4A0.exe
[2013/04/23 19:26:59 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\7D24.exe
[2013/04/23 19:26:46 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\4B3B.exe
[2013/04/23 19:25:23 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\574.exe
[2013/04/21 19:28:38 | 000,010,869 | ---- | C] () -- C:\Users\user\AppData\Roaming\8FB5.exe
[2013/04/21 18:14:46 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\EFFB.exe
[2013/04/21 18:14:44 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\E7A1.exe
[2013/04/21 18:14:42 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\DF76.exe
[2013/04/21 18:14:40 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\D779.exe
[2013/04/21 18:14:38 | 000,010,869 | ---- | C] () -- C:\Users\user\AppData\Roaming\CF5D.exe
[2013/04/21 17:39:08 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\50F9.exe
[2013/04/21 17:39:06 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\47B5.exe
[2013/04/21 17:39:04 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\3EED.exe
[2013/04/21 17:39:02 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\36A3.exe
[2013/04/21 17:39:00 | 000,010,870 | ---- | C] () -- C:\Users\user\AppData\Roaming\2E68.exe
[2013/04/21 16:21:18 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\DCA.exe
[2013/04/21 16:21:16 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\551.exe
[2013/04/21 16:21:14 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\FD35.exe
[2013/04/21 16:21:10 | 000,010,870 | ---- | C] () -- C:\Users\user\AppData\Roaming\EF8D.exe
[2013/04/21 13:46:52 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\A9E3.exe
[2013/04/21 13:46:50 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\A1B7.exe
[2013/04/21 13:46:48 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\99AB.exe
[2013/04/21 13:46:46 | 000,010,870 | ---- | C] () -- C:\Users\user\AppData\Roaming\919F.exe
[2013/04/21 11:39:45 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\4A01.exe
[2013/04/21 11:39:43 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\411B.exe
[2013/04/21 11:39:38 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\2CFE.exe
[2013/04/21 11:22:25 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\68B4.exe
[2013/04/21 11:22:22 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\603A.exe
[2013/04/21 11:22:20 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\57E0.exe
[2013/04/21 11:22:18 | 000,010,870 | ---- | C] () -- C:\Users\user\AppData\Roaming\4F09.exe
[2013/04/21 01:31:14 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\755C.exe
[2013/04/21 01:31:12 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\6B5C.exe
[2013/04/21 01:31:08 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\5F4A.exe
[2013/04/21 01:31:06 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\554B.exe
[2013/04/21 01:31:03 | 000,010,869 | ---- | C] () -- C:\Users\user\AppData\Roaming\4ADE.exe
[2013/04/21 00:04:08 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\AB91.exe
[2013/04/21 00:04:04 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\9D00.exe
[2013/04/21 00:04:00 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\8F39.exe
[2013/04/20 23:58:04 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\1D04.exe
[2013/04/20 23:57:37 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\B710.exe
[2013/04/20 23:56:59 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\1FA1.exe
[2013/04/20 23:54:37 | 000,010,869 | ---- | C] () -- C:\Users\user\AppData\Roaming\F4C9.exe
[2013/04/20 00:47:34 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\138C.exe
[2013/04/20 00:47:29 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\FFAE.exe
[2013/04/20 00:47:24 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\EB91.exe
[2013/04/20 00:47:19 | 000,010,870 | ---- | C] () -- C:\Users\user\AppData\Roaming\D7C2.exe
[2013/04/19 21:28:06 | 000,001,986 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013/04/19 21:19:56 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\FC5D.exe
[2013/04/19 21:19:54 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\F29C.exe
[2013/04/19 21:19:51 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\E977.exe
[2013/04/19 21:19:49 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\DFF4.exe
[2013/04/19 21:19:46 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\D5F5.exe
[2013/04/19 21:19:44 | 000,010,869 | ---- | C] () -- C:\Users\user\AppData\Roaming\CCDF.exe
[2013/04/19 19:14:45 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\60A2.exe
[2013/04/19 19:14:38 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\45FF.exe
[2013/04/19 19:14:36 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\3DA5.exe
[2013/04/19 14:18:01 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\B52D.exe
[2013/04/19 14:17:59 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\AD4F.exe
[2013/04/19 14:17:57 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\A572.exe
[2013/04/19 14:17:55 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\9DA4.exe
[2013/04/19 14:17:52 | 000,010,869 | ---- | C] () -- C:\Users\user\AppData\Roaming\93D3.exe
[2013/04/19 11:46:38 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\1B66.exe
[2013/04/19 11:46:34 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\B9B.exe
[2013/04/19 11:46:32 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\3BE.exe
[2013/04/19 11:46:30 | 000,010,869 | ---- | C] () -- C:\Users\user\AppData\Roaming\FBF0.exe
[2013/04/19 11:04:39 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\ABCC.exe
[2013/04/19 11:04:34 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\9B28.exe
[2013/04/19 11:04:29 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\86DD.exe
[2013/04/19 11:04:26 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\78D8.exe
[2013/04/18 22:47:11 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\679E.exe
[2013/04/18 22:46:07 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\6EED.exe
[2013/04/18 22:45:55 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\3FEF.exe
[2013/04/18 22:45:51 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\2ECF.exe
[2013/04/18 22:45:47 | 000,010,869 | ---- | C] () -- C:\Users\user\AppData\Roaming\207C.exe
[2013/04/18 18:52:25 | 000,010,869 | ---- | C] () -- C:\Users\user\AppData\Roaming\78A4.exe
[2013/04/18 18:52:23 | 000,010,870 | ---- | C] () -- C:\Users\user\AppData\Roaming\70E6.exe
[2013/04/18 18:52:19 | 000,010,869 | ---- | C] () -- C:\Users\user\AppData\Roaming\613A.exe
[2013/04/18 18:52:17 | 000,010,869 | ---- | C] () -- C:\Users\user\AppData\Roaming\599B.exe
[2013/04/18 18:52:15 | 000,010,873 | ---- | C] () -- C:\Users\user\AppData\Roaming\518F.exe
[2013/04/18 18:52:13 | 000,010,873 | ---- | C] () -- C:\Users\user\AppData\Roaming\49C1.exe
[2013/04/18 18:52:11 | 000,010,869 | ---- | C] () -- C:\Users\user\AppData\Roaming\41F4.exe
[2013/04/18 18:52:09 | 000,010,871 | ---- | C] () -- C:\Users\user\AppData\Roaming\3A45.exe
[2013/04/18 18:52:01 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\190B.exe
[2013/04/18 16:34:20 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\C98.exe
[2013/04/18 16:32:57 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\C75D.exe
[2013/04/18 16:30:45 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\C6A1.exe
[2013/04/18 16:25:28 | 000,010,869 | ---- | C] () -- C:\Users\user\AppData\Roaming\EEA9.exe
[2013/04/18 14:09:11 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\2B28.exe
[2013/04/18 14:09:09 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\231C.exe
[2013/04/18 14:09:07 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\1AD2.exe
[2013/04/18 14:09:05 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\12A6.exe
[2013/04/18 14:09:03 | 000,010,870 | ---- | C] () -- C:\Users\user\AppData\Roaming\A2D.exe
[2013/04/17 17:00:48 | 000,010,870 | ---- | C] () -- C:\Users\user\AppData\Roaming\A6E8.exe
[2013/04/17 01:51:34 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\B51D.exe
[2013/04/16 23:46:55 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\98E2.exe
[2013/04/16 23:46:52 | 000,010,870 | ---- | C] () -- C:\Users\user\AppData\Roaming\8ADD.exe
[2013/04/16 23:46:48 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\7A78.exe
[2013/04/16 23:46:44 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\6BB8.exe
[2013/04/16 23:46:40 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\5AD5.exe
[2013/04/16 23:46:35 | 000,010,870 | ---- | C] () -- C:\Users\user\AppData\Roaming\47B2.exe
[2013/04/16 23:46:19 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\AFF.exe
[2013/04/16 23:46:15 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\FBD2.exe
[2013/04/16 23:46:12 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\ED60.exe
[2013/04/16 23:46:08 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\DEBF.exe
[2013/04/16 23:46:04 | 000,010,869 | ---- | C] () -- C:\Users\user\AppData\Roaming\CF62.exe
[2013/04/16 23:45:59 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\BBD2.exe
[2013/04/16 19:53:55 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\46DC.exe
[2013/04/16 19:53:11 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\990F.exe
[2013/04/16 19:53:04 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\7F19.exe
[2013/04/16 19:19:09 | 000,010,869 | ---- | C] () -- C:\Users\user\AppData\Roaming\6F6E.exe
[2013/04/16 18:48:16 | 000,010,870 | ---- | C] () -- C:\Users\user\AppData\Roaming\2C07.exe
[2013/04/16 15:28:04 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\E14C.exe
[2013/04/16 15:28:01 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\D6C0.exe
[2013/04/16 15:27:57 | 000,010,868 | ---- | C] () -- C:\Users\user\AppData\Roaming\C5BF.exe
[2013/04/16 15:20:48 | 000,010,870 | ---- | C] () -- C:\Users\user\AppData\Roaming\386D.exe
[2013/04/16 13:48:32 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\D6D2.exe
[2013/04/16 13:48:24 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\B7DC.exe
[2013/04/16 13:48:20 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\A7F3.exe
[2013/04/16 13:17:43 | 000,010,869 | ---- | C] () -- C:\Users\user\AppData\Roaming\9F4A.exe
[2013/04/15 23:23:59 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\6FAC.exe
[2013/04/15 23:23:54 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\5C0C.exe
[2013/04/15 23:23:50 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\4F20.exe
[2013/04/15 22:30:56 | 000,010,869 | ---- | C] () -- C:\Users\user\AppData\Roaming\DEDE.exe
[2013/04/15 21:43:33 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\7D4D.exe
[2013/04/15 21:41:17 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\6B61.exe
[2013/04/15 21:39:36 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\DDF0.exe
[2013/04/15 21:38:26 | 000,010,869 | ---- | C] () -- C:\Users\user\AppData\Roaming\CCEF.exe
[2013/04/15 20:55:25 | 000,010,866 | ---- | C] () -- C:\Users\user\AppData\Roaming\B968.exe
[2013/04/15 20:55:23 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\B14C.exe
[2013/04/15 20:55:21 | 000,010,867 | ---- | C] () -- C:\Users\user\AppData\Roaming\A950.exe
[2013/04/15 20:55:19 | 000,010,869 | ---- | C] () -- C:\Users\user\AppData\Roaming\A163.exe
[2013/04/04 18:34:33 | 000,000,000 | ---- | C] () -- C:\END
[2013/04/02 19:37:41 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/04/02 19:37:40 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/02 13:42:21 | 000,007,603 | ---- | C] () -- C:\Users\user\AppData\Local\Resmon.ResmonCfg
[2013/01/19 19:12:50 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/01/19 19:12:48 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/01/13 10:12:43 | 000,005,329 | ---- | C] () -- C:\Users\user\AppData\Roaming\F421.exe
[2013/01/13 10:12:41 | 000,005,331 | ---- | C] () -- C:\Users\user\AppData\Roaming\EC82.exe
[2013/01/13 10:12:39 | 000,005,329 | ---- | C] () -- C:\Users\user\AppData\Roaming\E4C4.exe
[2013/01/13 10:12:37 | 000,005,324 | ---- | C] () -- C:\Users\user\AppData\Roaming\DD25.exe
[2013/01/01 22:07:57 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2012/11/21 21:10:20 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/10/21 23:14:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012/10/10 02:22:34 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/10/10 02:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012/10/10 02:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012/08/13 16:13:10 | 000,045,270 | ---- | C] () -- C:\Users\user\AppData\Roaming\room_v3.dat
[2012/08/12 19:01:11 | 000,001,830 | ---- | C] () -- C:\Users\user\AppData\Roaming\ImperatorProfile0.dat
[2012/08/12 19:01:11 | 000,001,822 | ---- | C] () -- C:\Users\user\AppData\Roaming\ImperatorProfile1.dat
[2012/07/23 10:09:30 | 000,146,146 | ---- | C] () -- C:\ProgramData\1343009285.bdinstall.bin
[2012/07/22 19:46:35 | 000,735,434 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/29 14:53:54 | 000,243,935 | ---- | C] () -- C:\ProgramData\1335663704.bdinstall.bin
[2012/04/29 08:12:38 | 000,000,503 | ---- | C] () -- C:\ProgramData\1335658352.bdinstall.bin
[2012/03/28 15:33:10 | 000,497,152 | ---- | C] () -- C:\Windows\Uninstall.exe
[2012/03/26 14:00:54 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2012/02/14 18:47:06 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/02/14 18:47:06 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/08/19 10:33:36 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011/08/19 10:32:34 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/05/10 15:55:50 | 000,368,400 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
========== ZeroAccess Check ==========
[2009/07/14 12:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 13:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 12:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 09:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 11:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 09:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012/04/17 07:23:40 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\2K Sports
[2012/04/17 08:37:49 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\7 Sticky Notes
[2013/01/13 10:14:51 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Ad-Aware Antivirus
[2012/09/01 17:49:22 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AnvSoft
[2012/10/17 23:55:51 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Autodesk
[2013/04/16 14:01:18 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Azureus
[2012/12/14 23:01:33 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Bioshock2
[2013/04/16 14:01:18 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DAEMON Tools Lite
[2013/02/22 12:14:28 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DmC - Devil May Cry
[2013/05/01 12:20:04 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DMCache
[2012/09/26 17:08:08 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\fltk.org
[2012/08/08 13:24:18 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Garena
[2013/05/01 13:32:33 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GarenaPlus
[2013/04/05 10:18:27 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\IDM
[2013/03/02 01:53:29 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\KuGou7
[2012/03/30 10:30:24 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\LolClient
[2012/03/26 17:15:53 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\MAGIX
[2012/07/08 08:49:42 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mkvtoolnix
[2013/01/27 10:41:30 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ooVoo Details
[2012/03/26 14:43:20 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\OpenOffice.org
[2012/04/29 11:39:03 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\QuickScan
[2012/03/29 10:53:37 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TeamViewer
[2012/10/21 23:08:15 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Tunngle
[2012/08/13 22:18:05 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Ubisoft
[2013/01/12 15:38:19 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\xim
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 186 bytes -> C:\ProgramData\Temp:FB1B13D8
< End of report >