OTL logfile created on: 8/26/2011 7:26:23 PM - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\User\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.25 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 55.38% Memory free
6.50 Gb Paging File | 5.05 Gb Available in Paging File | 77.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 134.86 Gb Total Space | 8.63 Gb Free Space | 6.40% Space Free | Partition Type: NTFS
Drive D: | 9.76 Gb Total Space | 6.97 Gb Free Space | 71.45% Space Free | Partition Type: NTFS
Drive E: | 82.37 Gb Total Space | 13.51 Gb Free Space | 16.40% Space Free | Partition Type: NTFS
Drive F: | 288.33 Gb Total Space | 34.89 Gb Free Space | 12.10% Space Free | Partition Type: NTFS
Drive H: | 15.65 Gb Total Space | 10.45 Gb Free Space | 66.79% Space Free | Partition Type: HFSJ
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
[COLOR=#E56717]========== Processes (SafeList) ==========[/COLOR]
PRC - [2011/08/26 19:25:41 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\User\Downloads\OTL.exe
PRC - [2011/08/25 20:16:28 | 000,159,232 | ---- | M] () -- C:\Windows\System32\drivers\kmhfoot.exe
PRC - [2011/08/25 20:15:59 | 000,226,304 | ---- | M] () -- C:\Windows\System32\drivers\svajnager.exe
PRC - [2011/08/24 23:44:09 | 000,917,504 | ---- | M] (Mozilla Corporation) -- C:\Program Files\UX\firefox.exe
PRC - [2011/08/24 23:44:09 | 000,009,728 | ---- | M] (Mozilla Corporation) -- C:\Program Files\UX\plugin-container.exe
PRC - [2011/08/09 22:04:38 | 000,741,224 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files\Tunngle\TnglCtrl.exe
PRC - [2011/07/16 22:21:04 | 000,302,592 | ---- | M] () -- C:\Users\User\Desktop\gmer.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/06/05 17:33:52 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/06/05 17:33:46 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011/05/25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011/04/20 02:04:38 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011/04/20 02:04:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011/02/23 07:59:00 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe
PRC - [2010/10/08 12:11:50 | 000,131,584 | ---- | M] (Mediafour Corporation) -- C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe
PRC - [2009/11/07 15:57:40 | 000,239,336 | ---- | M] (Systweak Inc.) -- C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
PRC - [2009/09/15 12:51:40 | 000,017,408 | ---- | M] () -- C:\Program Files\NeoSmart Technologies\iReboot\iRebootd.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
[COLOR=#E56717]========== Modules (No Company Name) ==========[/COLOR]
MOD - [2011/08/25 20:17:20 | 000,812,032 | ---- | M] () -- C:\Windows\System32\vnfuiwqq.dll
MOD - [2011/08/24 23:44:09 | 001,953,792 | ---- | M] () -- C:\Program Files\UX\mozjs.dll
MOD - [2011/07/16 22:21:04 | 000,302,592 | ---- | M] () -- C:\Users\User\Desktop\gmer.exe
MOD - [2011/07/10 08:07:04 | 006,271,648 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
[COLOR=#E56717]========== Win32 Services (SafeList) ==========[/COLOR]
SRV - File not found [Auto | Stopped] -- -- (zsubwnxaon)
SRV - [2011/08/25 20:17:20 | 000,812,032 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\vnfuiwqq.dll -- (jofaiffg)
SRV - [2011/08/25 20:16:28 | 000,159,232 | ---- | M] () [Auto | Running] -- C:\Windows\System32\drivers\kmhfoot.exe -- (kmhfoot)
SRV - [2011/08/25 20:15:59 | 000,226,304 | ---- | M] () [Auto | Running] -- C:\Windows\System32\drivers\svajnager.exe -- (svajnag)
SRV - [2011/08/09 22:04:38 | 000,741,224 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2011/07/12 04:54:53 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/07/10 23:31:32 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/04/20 02:04:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011/02/23 07:59:00 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe -- (mi-raysat_3dsmax2012_32)
SRV - [2010/10/08 12:11:50 | 000,131,584 | ---- | M] (Mediafour Corporation) [Auto | Running] -- C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe -- (MacDrive8Service)
SRV - [2009/11/07 15:57:40 | 000,239,336 | ---- | M] (Systweak Inc.) [Auto | Running] -- C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe -- (ASO3DiskOptimizer)
SRV - [2009/09/15 12:51:40 | 000,017,408 | ---- | M] () [Auto | Running] -- C:\Program Files\NeoSmart Technologies\iReboot\iRebootd.exe -- (iReboot)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
[COLOR=#E56717]========== Driver Services (SafeList) ==========[/COLOR]
DRV - [2011/08/26 19:20:26 | 000,107,256 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Users\User\AppData\Local\Temp\esihdrv.sys -- (esihdrv)
DRV - [2011/07/19 13:18:42 | 000,104,752 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2011/07/19 13:18:40 | 000,158,000 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2011/07/19 13:18:40 | 000,116,016 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2011/07/19 13:18:40 | 000,093,488 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2011/06/05 17:33:58 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011/06/05 17:33:13 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\TsUsbGD.sys -- (TsUsbGD)
DRV - [2011/05/06 14:30:36 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdrvio.sys -- (pwdrvio)
DRV - [2011/05/06 14:30:28 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdspio.sys -- (pwdspio)
DRV - [2011/04/20 02:43:42 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/04/20 01:22:10 | 000,243,712 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/11/17 14:04:24 | 000,101,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010/10/07 15:36:04 | 000,234,160 | ---- | M] (Mediafour Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\MDFSYSNT.SYS -- (MDFSYSNT)
DRV - [2010/05/12 14:51:34 | 000,029,792 | ---- | M] (Mediafour Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\MDPMGRNT.SYS -- (MDPMGRNT)
DRV - [2010/05/12 14:42:50 | 000,057,800 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\CBDisk.sys -- (CBDisk)
DRV - [2009/09/16 08:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV - [2009/07/14 00:02:52 | 000,043,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009/03/18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
[COLOR=#E56717]========== Standard Registry (SafeList) ==========[/COLOR]
[COLOR=#E56717]========== Internet Explorer ==========[/COLOR]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [URL="http://www.msn.com/?ocid=iehp"]MSN.com[/URL]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 51 99 0E 92 E3 60 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[COLOR=#E56717]========== FireFox ==========[/COLOR]
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\UX 9.0a1\extensions\\Components: C:\Program Files\UX\components [2011/08/24 23:44:09 | 000,000,000 | ---D | M]
[2011/08/22 17:24:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Extensions
File not found (No name found) --
Hosts file not found
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\User\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - No CLSID value found.
O2 - BHO: () - {E9AF00D1-5B6E-7E84-C833-22575AEBFD8B} - C:\Windows\System32\vnfuiwqq.dll ()
O3 - HKLM\..\Toolbar: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [WinDLL (service.exe)] C:\Windows\service.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\User\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\User\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.13.2 10.2.1.2
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\tumioro: DllName - C:\Windows\system32\config\systemprofile\AppData\Local\tumioro.dll - C:\Windows\System32\config\systemprofile\AppData\Local\tumioro.dll ()
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[COLOR=#E56717]========== Files/Folders - Created Within 30 Days ==========[/COLOR]
[2011/08/26 19:14:51 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2011/08/26 18:37:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/08/26 18:37:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/08/26 18:37:46 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/08/26 03:09:34 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Windows Loader
[2011/08/25 16:27:27 | 000,000,000 | ---D | C] -- C:\Program Files\BurnAware Free
[2011/08/24 19:01:38 | 000,071,527 | -HS- | C] (SenseLog LLC) -- C:\Windows\digtss.exe
[2011/08/24 19:01:35 | 000,065,894 | -HS- | C] (SenseLog LLC) -- C:\Windows\pfbstar.exe
[2011/08/24 19:01:32 | 000,071,527 | -HS- | C] (SenseLog LLC) -- C:\Windows\cpdat.exe
[2011/08/24 19:01:30 | 000,071,526 | -HS- | C] (SenseLog LLC) -- C:\Windows\ptw32.exe
[2011/08/24 17:04:40 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\KONAMI
[2011/08/24 17:03:16 | 000,000,000 | ---D | C] -- C:\Program Files\KONAMI
[2011/08/24 13:19:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\GHISLER
[2011/08/23 20:23:44 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\UniExtract
[2011/08/23 20:10:54 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Installshield 2011 Cab Viewer
[2011/08/23 18:58:04 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Codemasters
[2011/08/23 18:58:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters
[2011/08/23 18:40:40 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Grid
[2011/08/22 17:24:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Mozilla
[2011/08/22 12:28:51 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\maya
[2011/08/22 12:27:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Alias Shared
[2011/08/22 03:19:58 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\CryEngine3
[2011/08/22 01:34:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Google
[2011/08/22 01:34:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2011/08/22 01:32:53 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011/08/21 17:04:02 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Scirra
[2011/08/21 17:03:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2011/08/21 17:03:31 | 000,000,000 | ---D | C] -- C:\Program Files\Scirra
[2011/08/21 13:12:26 | 000,000,000 | ---D | C] -- C:\Program Files\Leadwerks Engine SDK
[2011/08/20 19:44:38 | 000,000,000 | ---D | C] -- C:\Program Files\UX
[2011/08/20 10:37:20 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\USB
[2011/08/20 03:09:22 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\GameStart
[2011/08/20 03:08:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameStart
[2011/08/20 03:08:15 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2011/08/20 03:08:15 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2011/08/20 03:08:13 | 000,000,000 | ---D | C] -- C:\Program Files\GameStart
[2011/08/19 22:48:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PACE Anti-Piracy
[2011/08/19 22:25:58 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\World
[2011/08/19 14:56:38 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Apple Computer
[2011/08/19 14:53:52 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Apple Computer
[2011/08/19 05:03:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Development Kit
[2011/08/19 04:58:19 | 000,000,000 | ---D | C] -- C:\UDK
[2011/08/19 03:22:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\PACE Anti-Piracy
[2011/08/19 01:59:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Mozilla
[2011/08/18 04:22:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\FFSJ
[2011/08/17 22:35:09 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Unity3D Tutorials
[2011/08/17 15:27:14 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Unity Projects
[2011/08/17 15:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\Unity
[2011/08/17 14:22:24 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Unity
[2011/08/17 14:16:20 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\PACE Anti-Piracy
[2011/08/17 14:16:20 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy
[2011/08/17 14:16:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Unity
[2011/08/17 14:14:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
[2011/08/15 05:01:07 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Downloads
[2011/08/15 04:59:06 | 000,000,000 | ---D | C] -- C:\Users\User\ultracopier
[2011/08/15 04:58:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\qBittorrent
[2011/08/15 04:58:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\qBittorrent
[2011/08/14 17:09:00 | 000,000,000 | ---D | C] -- C:\Gjera te Zbritura
[2011/08/13 15:12:54 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FL DataStorm
[2011/08/13 15:12:54 | 000,000,000 | ---D | C] -- C:\Program Files\FL DataStorm
[2011/08/13 11:45:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/08/13 08:22:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\ChemTable Software
[2011/08/13 08:21:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Full Uninstall
[2011/08/13 08:21:54 | 000,000,000 | ---D | C] -- C:\Program Files\Full Uninstall
[2011/08/13 08:21:54 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\ChemTable Software
[2011/08/13 08:21:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Life
[2011/08/13 08:21:52 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Life
[2011/08/12 22:42:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Chart Controls
[2011/08/12 19:51:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2011/08/12 00:10:54 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle
[2011/08/11 18:07:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2011/08/10 14:11:22 | 000,000,000 | ---D | C] -- C:\Program Files\Freelancer Companion
[2011/08/08 16:59:26 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2011/08/07 08:39:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\PunkBuster
[2011/08/07 07:20:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Spotmau
[2011/08/07 07:20:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
[2011/08/07 07:19:29 | 000,000,000 | ---D | C] -- C:\Program Files\Wondershare
[2011/08/05 21:52:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/08/04 18:02:45 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2011/08/03 05:04:15 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\iMacros
[2011/08/01 14:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freelancer Mod Manager
[2011/08/01 14:20:27 | 000,000,000 | ---D | C] -- C:\Program Files\Freelancer Mod Manager
[2011/07/31 05:33:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2011/07/31 05:33:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
[2011/07/31 05:33:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2011/07/31 05:32:15 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2011/07/31 05:26:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Corel
[2011/07/31 02:34:37 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\My Games
[2011/07/31 02:34:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Freelancer
[2011/07/31 02:33:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011/07/31 01:52:44 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Tunngle
[2011/07/30 19:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STDUtility
[2011/07/30 19:04:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\STDUtility
[2011/07/30 19:04:51 | 000,000,000 | ---D | C] -- C:\Program Files\STDU Explorer
[2011/07/30 18:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\EIGHT- start page
[2011/07/29 23:22:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak
[2011/07/29 11:56:53 | 000,000,000 | ---D | C] -- C:\Users\User\VirtualBox VMs
[2011/07/28 22:31:49 | 000,000,000 | ---D | C] -- C:\Users\User\.VirtualBox
[2011/07/28 21:14:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2011/07/28 21:14:10 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2011/07/28 17:32:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8 Skin Pack
[2011/07/28 16:39:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2011/07/28 16:39:01 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2011/07/28 16:30:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Chromium
[2011/07/28 16:19:33 | 000,000,000 | ---D | C] -- C:\Program Files\Skin Pack
[2011/07/28 16:19:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\MetroClock
[2011/07/28 16:19:23 | 000,000,000 | -H-D | C] -- C:\Windows\8 Skin Pack
[2011/07/28 16:19:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\TempDIR
[2011/07/28 04:06:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Professional Edition 6.0
[2011/07/28 04:06:09 | 000,000,000 | ---D | C] -- C:\Program Files\MiniTool Partition Wizard Professional Edition 6.0
[2011/07/28 03:52:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SelfImage
[2011/07/28 03:52:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SelfImage
[2011/07/28 03:52:35 | 000,000,000 | ---D | C] -- C:\Program Files\SelfImage
[2011/07/28 03:20:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011/07/28 03:05:21 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\VMware
[2011/07/28 03:01:24 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[COLOR=#E56717]========== Files - Modified Within 30 Days ==========[/COLOR]
[2011/08/26 19:00:13 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\At1.job
[2011/08/26 18:37:50 | 000,001,244 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/08/26 18:37:50 | 000,001,220 | ---- | M] () -- C:\Users\User\Desktop\Spybot - Search & Destroy.lnk
[2011/08/26 18:01:02 | 000,014,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/26 18:01:02 | 000,014,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/26 17:52:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/26 17:51:55 | 2616,057,856 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/26 04:15:32 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat
[2011/08/26 03:10:13 | 000,289,967 | RHS- | M] () -- C:\UERXV
[2011/08/26 03:10:13 | 000,000,000 | RHS- | M] () -- C:\bscu.ld
[2011/08/26 01:59:35 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2011/08/26 01:26:22 | 000,000,436 | ---- | M] () -- C:\Windows\tasks\At30.job
[2011/08/25 20:17:20 | 000,812,032 | ---- | M] () -- C:\Windows\System32\vnfuiwqq.dll
[2011/08/25 20:16:28 | 000,159,232 | ---- | M] () -- C:\Windows\System32\drivers\kmhfoot.exe
[2011/08/25 20:16:27 | 000,016,437 | ---- | M] () -- C:\Windows\System32\drivers\str.sys
[2011/08/25 20:16:12 | 000,062,464 | ---- | M] () -- C:\Windows\service.exe
[2011/08/25 20:15:59 | 000,226,304 | ---- | M] () -- C:\Windows\System32\drivers\svajnager.exe
[2011/08/25 20:15:59 | 000,000,017 | ---- | M] () -- C:\Windows\keys.ini
[2011/08/25 20:15:25 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\At4.job
[2011/08/25 20:10:05 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\At3.job
[2011/08/25 20:05:31 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\At2.job
[2011/08/25 19:00:11 | 000,071,527 | -HS- | M] (SenseLog LLC) -- C:\Windows\digtss.exe
[2011/08/25 19:00:08 | 000,065,894 | -HS- | M] (SenseLog LLC) -- C:\Windows\pfbstar.exe
[2011/08/25 19:00:05 | 000,071,527 | -HS- | M] (SenseLog LLC) -- C:\Windows\cpdat.exe
[2011/08/25 19:00:02 | 000,071,526 | -HS- | M] (SenseLog LLC) -- C:\Windows\ptw32.exe
[2011/08/25 16:30:01 | 000,001,443 | ---- | M] () -- C:\Users\User\Desktop\BurnAware Free.lnk
[2011/08/25 16:29:33 | 000,000,072 | ---- | M] () -- C:\Users\User\AppData\Roaming\burnaware.ini
[2011/08/25 11:07:15 | 000,000,432 | ---- | M] () -- C:\Windows\tasks\ASOService.job
[2011/08/24 22:18:28 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\At5.job
[2011/08/23 18:57:47 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2011/08/23 18:57:16 | 000,000,582 | ---- | M] () -- C:\Users\User\Desktop\Race Driver GRID.lnk
[2011/08/23 11:57:08 | 000,659,634 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/23 11:57:08 | 000,120,562 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/22 17:24:51 | 000,001,003 | ---- | M] () -- C:\Users\Public\Desktop\UX.lnk
[2011/08/22 12:22:31 | 000,001,120 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Autodesk Maya 2011.lnk
[2011/08/22 12:22:31 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk Maya 2011.lnk
[2011/08/22 00:05:11 | 012,723,595 | ---- | M] () -- C:\Users\User\Desktop\CryENGINE_3_Cookbook.pdf
[2011/08/21 13:12:37 | 000,001,041 | ---- | M] () -- C:\Users\User\Desktop\LeadWerks Engine Editor.lnk
[2011/08/20 03:08:36 | 000,001,079 | ---- | M] () -- C:\Users\User\Desktop\GameStart Editor.lnk
[2011/08/17 15:27:14 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\Unity.lnk
[2011/08/13 15:12:54 | 000,001,991 | ---- | M] () -- C:\Users\User\Desktop\FL DataStorm v4.0.lnk
[2011/08/13 08:26:33 | 000,001,036 | ---- | M] () -- C:\Users\User\Desktop\Full Uninstall - a complete software removal tool.lnk
[2011/08/13 08:26:32 | 000,001,024 | ---- | M] () -- C:\Users\User\Desktop\Registry Life.lnk
[2011/08/12 00:10:54 | 000,000,927 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2011/08/12 00:10:54 | 000,000,903 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2011/08/11 18:07:30 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Freelancer.lnk
[2011/08/09 00:25:49 | 000,002,910 | ---- | M] () -- C:\Users\User\Desktop\Freelancer.reg
[2011/08/08 16:59:27 | 000,001,799 | ---- | M] () -- C:\Users\Public\Desktop\Recuva.lnk
[2011/08/07 07:20:02 | 000,002,107 | ---- | M] () -- C:\Users\Public\Desktop\Wondershare LiveBoot 2012.lnk
[2011/08/06 14:20:53 | 000,077,959 | ---- | M] () -- C:\Users\User\Desktop\Internet.JPG
[2011/08/06 14:10:01 | 000,072,553 | ---- | M] () -- C:\Users\User\Desktop\Capture.JPG
[2011/08/01 14:20:27 | 000,002,035 | ---- | M] () -- C:\Users\Public\Desktop\Freelancer Mod Manager.lnk
[2011/07/31 19:50:45 | 003,657,232 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/07/31 05:34:26 | 000,003,140 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2011/07/31 05:33:21 | 000,000,088 | RHS- | M] () -- C:\ProgramData\5F471B7158.sys
[2011/07/30 19:04:52 | 000,001,039 | ---- | M] () -- C:\Users\Public\Desktop\STDU Explorer.lnk
[2011/07/29 22:33:40 | 000,000,449 | ---- | M] () -- C:\Users\User\Desktop\Top Youngsters.slf
[2011/07/28 21:14:13 | 000,001,080 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2011/07/28 16:08:36 | 000,353,752 | ---- | M] () -- C:\Windows\UTP.exe
[2011/07/28 04:06:11 | 000,001,164 | ---- | M] () -- C:\Users\Public\Desktop\MiniTool Partition Wizard Professional Edition.lnk
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[COLOR=#E56717]========== Files Created - No Company Name ==========[/COLOR]
[2011/08/26 18:37:50 | 000,001,244 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/08/26 18:37:50 | 000,001,220 | ---- | C] () -- C:\Users\User\Desktop\Spybot - Search & Destroy.lnk
[2011/08/26 03:10:13 | 000,289,967 | RHS- | C] () -- C:\UERXV
[2011/08/26 03:10:13 | 000,000,000 | RHS- | C] () -- C:\bscu.ld
[2011/08/25 20:17:21 | 000,000,436 | ---- | C] () -- C:\Windows\tasks\At30.job
[2011/08/25 20:17:20 | 000,812,032 | ---- | C] () -- C:\Windows\System32\vnfuiwqq.dll
[2011/08/25 20:16:28 | 000,159,232 | ---- | C] () -- C:\Windows\System32\drivers\kmhfoot.exe
[2011/08/25 20:16:23 | 000,016,437 | ---- | C] () -- C:\Windows\System32\drivers\str.sys
[2011/08/25 20:16:12 | 000,062,464 | ---- | C] () -- C:\Windows\service.exe
[2011/08/25 20:15:59 | 000,226,304 | ---- | C] () -- C:\Windows\System32\drivers\svajnager.exe
[2011/08/25 20:15:59 | 000,000,017 | ---- | C] () -- C:\Windows\keys.ini
[2011/08/25 16:30:01 | 000,001,443 | ---- | C] () -- C:\Users\User\Desktop\BurnAware Free.lnk
[2011/08/25 16:29:32 | 000,000,072 | ---- | C] () -- C:\Users\User\AppData\Roaming\burnaware.ini
[2011/08/24 13:19:58 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2011/08/24 13:19:58 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2011/08/24 13:19:58 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2011/08/24 13:19:58 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2011/08/24 13:19:58 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2011/08/24 13:19:58 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2011/08/24 13:19:58 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2011/08/24 13:19:39 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\At5.job
[2011/08/24 13:19:38 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\At4.job
[2011/08/24 13:19:37 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\At3.job
[2011/08/24 13:19:37 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\At2.job
[2011/08/24 13:19:36 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\At1.job
[2011/08/23 18:57:16 | 000,000,582 | ---- | C] () -- C:\Users\User\Desktop\Race Driver GRID.lnk
[2011/08/22 17:24:51 | 000,001,015 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UX.lnk
[2011/08/22 17:24:51 | 000,001,003 | ---- | C] () -- C:\Users\Public\Desktop\UX.lnk
[2011/08/22 12:22:31 | 000,001,120 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Autodesk Maya 2011.lnk
[2011/08/22 12:22:31 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk Maya 2011.lnk
[2011/08/22 00:05:06 | 012,723,595 | ---- | C] () -- C:\Users\User\Desktop\CryENGINE_3_Cookbook.pdf
[2011/08/21 13:12:37 | 000,001,041 | ---- | C] () -- C:\Users\User\Desktop\LeadWerks Engine Editor.lnk
[2011/08/20 03:08:36 | 000,001,079 | ---- | C] () -- C:\Users\User\Desktop\GameStart Editor.lnk
[2011/08/17 15:27:14 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\Unity.lnk
[2011/08/13 15:12:54 | 000,001,991 | ---- | C] () -- C:\Users\User\Desktop\FL DataStorm v4.0.lnk
[2011/08/13 11:46:47 | 000,001,169 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
[2011/08/13 11:46:16 | 000,001,131 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
[2011/08/13 11:46:00 | 000,001,224 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
[2011/08/13 11:45:07 | 000,001,315 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
[2011/08/13 11:45:03 | 000,001,481 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
[2011/08/13 08:21:54 | 000,001,036 | ---- | C] () -- C:\Users\User\Desktop\Full Uninstall - a complete software removal tool.lnk
[2011/08/13 08:21:53 | 000,001,024 | ---- | C] () -- C:\Users\User\Desktop\Registry Life.lnk
[2011/08/12 22:48:26 | 120,845,150 | ---- | C] () -- C:\Users\User\Desktop\fm2011_semicolon.csv
[2011/08/12 22:22:25 | 005,025,045 | ---- | C] () -- C:\Users\User\Desktop\FM 2010 14000 players.csv
[2011/08/11 18:07:30 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Freelancer.lnk
[2011/08/10 14:11:22 | 000,001,080 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freelancer Companion.lnk
[2011/08/09 00:25:49 | 000,002,910 | ---- | C] () -- C:\Users\User\Desktop\Freelancer.reg
[2011/08/08 16:59:27 | 000,001,799 | ---- | C] () -- C:\Users\Public\Desktop\Recuva.lnk
[2011/08/07 08:39:23 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011/08/07 08:18:05 | 001,132,960 | ---- | C] () -- C:\Users\User\Desktop\Pallati.JPG
[2011/08/07 07:20:02 | 000,002,107 | ---- | C] () -- C:\Users\Public\Desktop\Wondershare LiveBoot 2012.lnk
[2011/08/06 14:20:53 | 000,077,959 | ---- | C] () -- C:\Users\User\Desktop\Internet.JPG
[2011/08/06 14:10:00 | 000,072,553 | ---- | C] () -- C:\Users\User\Desktop\Capture.JPG
[2011/08/01 14:20:27 | 000,002,035 | ---- | C] () -- C:\Users\Public\Desktop\Freelancer Mod Manager.lnk
[2011/07/31 05:32:24 | 000,002,009 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Painter 11.lnk
[2011/07/31 05:26:42 | 000,003,140 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/07/31 05:26:42 | 000,000,088 | RHS- | C] () -- C:\ProgramData\5F471B7158.sys
[2011/07/30 19:04:52 | 000,001,039 | ---- | C] () -- C:\Users\Public\Desktop\STDU Explorer.lnk
[2011/07/29 03:00:31 | 000,000,449 | ---- | C] () -- C:\Users\User\Desktop\Top Youngsters.slf
[2011/07/28 21:14:13 | 000,001,080 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2011/07/28 16:11:15 | 000,895,251 | ---- | C] () -- C:\Users\User\Desktop\Se7en File Replacer.exe
[2011/07/28 04:06:33 | 000,747,592 | ---- | C] () -- C:\Windows\System32\pwNative.exe
[2011/07/28 04:06:29 | 000,016,472 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys
[2011/07/28 04:06:20 | 000,011,104 | ---- | C] () -- C:\Windows\System32\pwdspio.sys
[2011/07/28 04:06:11 | 000,001,164 | ---- | C] () -- C:\Users\Public\Desktop\MiniTool Partition Wizard Professional Edition.lnk
[2011/07/28 01:37:50 | 000,353,752 | ---- | C] () -- C:\Windows\UTP.exe
[2011/07/18 20:58:36 | 000,000,092 | ---- | C] () -- C:\Windows\BackupManager.INI
[2011/07/18 20:57:25 | 000,017,136 | ---- | C] () -- C:\Windows\System32\sasnative32.exe
[2011/07/13 03:54:51 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2011/07/12 22:24:16 | 000,000,204 | ---- | C] () -- C:\Windows\System32\secustat.dat
[2011/07/12 22:21:30 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2011/07/10 07:47:03 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/04/20 01:21:02 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2011/04/19 22:10:32 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2011/03/17 17:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011/02/28 21:30:06 | 000,233,012 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 06:33:53 | 003,657,232 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,659,634 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,120,562 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/14 01:11:12 | 000,409,344 | ---- | C] () -- C:\Windows\System32\kscarjei.dat
[2009/07/14 01:11:12 | 000,365,824 | ---- | C] () -- C:\Windows\System32\ebechrld.dat
[2009/07/14 01:11:12 | 000,154,368 | ---- | C] () -- C:\Windows\System32\cqtrojte.dat
[2009/07/14 01:11:12 | 000,138,496 | ---- | C] () -- C:\Windows\System32\oujngjyc.dat
[2009/07/14 01:11:12 | 000,058,112 | ---- | C] () -- C:\Windows\System32\ctemghgp.dat
[2009/07/14 01:11:12 | 000,055,040 | ---- | C] () -- C:\Windows\System32\wrspqyjc.dat
[2009/07/14 01:11:12 | 000,041,728 | ---- | C] () -- C:\Windows\System32\zgjuldaf.dat
[2009/07/14 01:11:12 | 000,034,048 | ---- | C] () -- C:\Windows\System32\cjwjudpa.dat
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2000/07/15 00:00:00 | 000,030,720 | ---- | C] () -- C:\Windows\regtlib.exe
[COLOR=#E56717]========== LOP Check ==========[/COLOR]
[2011/08/22 12:30:49 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Autodesk
[2011/07/18 20:58:36 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Backup Manager
[2011/08/26 18:39:11 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BITS
[2011/08/25 12:34:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BitTorrent
[2011/08/13 08:22:00 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ChemTable Software
[2011/07/13 02:11:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Echo Software
[2011/08/18 04:22:50 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FFSJ
[2011/07/12 22:21:21 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FlashGet
[2011/07/12 22:21:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FlashGetBHO
[2011/08/24 13:28:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GHISLER
[2011/07/18 14:24:19 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\iolo
[2011/08/19 03:22:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PACE Anti-Piracy
[2011/08/15 05:01:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\qBittorrent
[2011/07/12 21:23:08 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\QuickScan
[2011/08/21 17:04:02 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Scirra
[2011/07/12 14:56:14 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Sports Interactive
[2011/07/18 20:57:38 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Systweak
[2011/08/26 10:02:08 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Tunngle
[2011/07/10 22:59:34 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TweakNow RegCleaner 2011
[2011/08/18 19:27:22 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Unity
[2011/07/14 10:50:13 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\YoudaGames
[2011/07/18 20:58:21 | 000,000,216 | ---- | M] () -- C:\Windows\Tasks\Advanced System Optimizer Scheduler.job
[2011/08/25 11:07:15 | 000,000,432 | ---- | M] () -- C:\Windows\Tasks\ASOService.job
[2011/08/26 19:00:13 | 000,000,332 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011/08/25 20:05:31 | 000,000,326 | ---- | M] () -- C:\Windows\Tasks\At2.job
[2011/08/25 20:10:05 | 000,000,330 | ---- | M] () -- C:\Windows\Tasks\At3.job
[2011/08/26 01:26:22 | 000,000,436 | ---- | M] () -- C:\Windows\Tasks\At30.job
[2011/08/25 20:15:25 | 000,000,328 | ---- | M] () -- C:\Windows\Tasks\At4.job
[2011/08/24 22:18:28 | 000,000,326 | ---- | M] () -- C:\Windows\Tasks\At5.job
[2011/08/26 18:25:28 | 000,032,572 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[COLOR=#E56717]========== Purity Check ==========[/COLOR]
[COLOR=#E56717]========== Alternate Data Streams ==========[/COLOR]
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:07BF512B
@Alternate Data Stream - 1208 bytes -> C:\ProgramData\Microsoft:bXLebRnv0FPMzslUiOVF6
@Alternate Data Stream - 1169 bytes -> C:\Program Files\Common Files\microsoft shared:BUHNHJOEUEUQuMCKmlcFD
@Alternate Data Stream - 1086 bytes -> C:\Users\User\AppData\Local\Temp:bMnd0S4faPk5Eo4BluJvm5
@Alternate Data Stream - 1081 bytes -> C:\ProgramData\Microsoft:dzuC4FVqn1G0VGiLkCvqIh0qb
< End of report >
I am trying to get to grips with these logs and its really useful to see some new infected ones:
