Don't like ads? PRO users don't see any ads ;-)
Public Pastes
Guest

Untitled

By: a guest on May 7th, 2012  |  syntax: None  |  size: 125.00 KB  |  hits: 26  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. OTL logfile created on: 07/05/2012 12:29:31 - Run 4
  2. OTL by OldTimer - Version 3.2.41.0     Folder = C:\Users\user\Downloads
  3.  Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 8.0.7601.17514)
  5. Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
  6.  
  7. 1023,55 Mb Total Physical Memory | 667,73 Mb Available Physical Memory | 65,24% Memory free
  8. 2,00 Gb Paging File | 1,43 Gb Available in Paging File | 71,50% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
  12. Drive C: | 29,90 Gb Total Space | 21,69 Gb Free Space | 72,54% Space Free | Partition Type: NTFS
  13. Drive D: | 43,37 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
  14.  
  15. Computer Name: USER-PC | User Name: user | Logged in as Administrator.
  16. Boot Mode: Normal | Scan Mode: Current user
  17. Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
  18.  
  19. [color=#E56717]========== Processes (SafeList) ==========[/color]
  20.  
  21. PRC - [2012/04/23 19:27:36 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\user\Downloads\OTL.exe
  22. PRC - [2012/04/17 23:20:10 | 000,738,168 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
  23. PRC - [2012/04/17 23:04:56 | 002,980,016 | ---- | M] (SpeedBit Ltd.) -- C:\Program Files\DAP\DAP.exe
  24. PRC - [2012/02/03 17:50:18 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
  25. PRC - [2012/02/02 12:55:22 | 003,209,216 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe
  26. PRC - [2011/12/12 01:33:46 | 001,760,328 | ---- | M] (ManyCam LLC) -- C:\Program Files\ManyCam\Bin\ManyCam.exe
  27. PRC - [2010/11/20 18:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
  28. PRC - [2010/11/20 18:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
  29.  
  30.  
  31. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  32.  
  33. MOD - [2012/04/17 23:04:54 | 000,053,248 | ---- | M] () -- C:\Program Files\DAP\zlib.dll
  34. MOD - [2011/12/12 01:33:52 | 000,498,760 | ---- | M] () -- C:\Program Files\ManyCam\Bin\cximagecrt.dll
  35. MOD - [2011/12/12 01:33:48 | 000,123,976 | ---- | M] () -- C:\Program Files\ManyCam\Bin\CrashRpt.dll
  36.  
  37.  
  38. [color=#E56717]========== Win32 Services (SafeList) ==========[/color]
  39.  
  40. SRV - [2009/07/13 22:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
  41. SRV - [2009/07/13 22:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
  42.  
  43.  
  44. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  45.  
  46. DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\user\AppData\Local\Temp\catchme.sys -- (catchme)
  47. DRV - [2011/12/19 09:48:24 | 000,227,632 | ---- | M] (Oracle Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\VBoxSF.sys -- (VBoxSF)
  48. DRV - [2011/12/19 09:48:24 | 000,107,312 | ---- | M] (Oracle Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\VBoxGuest.sys -- (VBoxGuest)
  49. DRV - [2011/12/19 09:48:22 | 000,085,808 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxMouse.sys -- (VBoxMouse)
  50. DRV - [2011/12/19 09:48:20 | 000,104,240 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxVideo.sys -- (VBoxVideo)
  51. DRV - [2011/09/29 04:04:22 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
  52. DRV - [2010/11/20 18:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  53. DRV - [2010/11/20 18:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
  54. DRV - [2009/07/13 20:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
  55.  
  56.  
  57. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  58.  
  59.  
  60. [color=#E56717]========== Internet Explorer ==========[/color]
  61.  
  62. IE - HKLM\..\SearchScopes,DefaultScope =
  63.  
  64. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
  65. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
  66. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 12 2E 19 B7 04 1D CD 01  [binary data]
  67. IE - HKCU\..\SearchScopes,DefaultScope =
  68. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  69. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
  70.  
  71. [color=#E56717]========== FireFox ==========[/color]
  72.  
  73. FF - prefs.js..browser.search.defaultengine: "Google"
  74. FF - prefs.js..browser.search.defaultenginename: "Google"
  75. FF - prefs.js..browser.search.defaultthis.engineName: ""
  76. FF - prefs.js..browser.search.defaulturl: ""
  77. FF - prefs.js..browser.search.order.1: ""
  78. FF - prefs.js..browser.search.selectedEngine: ""
  79. FF - prefs.js..network.proxy.type: 2
  80.  
  81.  
  82. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
  83. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\user\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
  84. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\user\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
  85.  
  86. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/17 23:09:12 | 000,000,000 | ---D | M]
  87. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
  88.  
  89. [2012/04/20 14:51:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Extensions
  90. [2012/04/29 15:58:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\extensions
  91. () (No name found) -- C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S3XQ4PCB.DEFAULT\EXTENSIONS\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}.XPI
  92. [2012/01/29 13:34:12 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
  93. [2012/01/29 11:20:59 | 000,001,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\buscape.xml
  94. [2012/01/29 11:20:59 | 000,001,212 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mercadolivre.xml
  95. [2012/01/29 10:55:01 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
  96. [2012/01/29 11:20:59 | 000,001,168 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-br.xml
  97. [2012/01/29 11:20:59 | 000,000,952 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-br.xml
  98.  
  99. [color=#E56717]========== Chrome  ==========[/color]
  100.  
  101. CHR - default_search_provider: Google (Enabled)
  102. CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
  103. CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
  104. CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
  105. CHR - plugin: Native Client (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
  106. CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
  107. CHR - plugin: Shockwave Flash (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
  108. CHR - plugin: registryAccess (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaodnbkkemkkaekocofmphoadofkdh\7.14.1.0_0\background/registryAccess.dll
  109. CHR - plugin: Chrome SVD extension (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcpfkccckpeeghiklnhienllljccglb\2.0.5_0\lib/npdownloaderchrome.dll
  110. CHR - plugin: Chrome DAP extension (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.10_0\lib/npdapchrome.dll
  111. CHR - plugin: Google Update (Enabled) = C:\Users\user\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
  112.  
  113. O1 HOSTS File: ([2012/05/03 22:45:08 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
  114. O1 - Hosts: 127.0.0.1       localhost
  115. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
  116. O2 - BHO: (SBCONVERT Class) - {92A9ACF4-9333-43AE-9698-DB283326F87F} - C:\Program Files\SPEEDbit Video Downloader\Toolbar\tbcore3.dll ()
  117. O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\SPEEDbit Video Downloader\Toolbar\Grabber.dll (SpeedBit)
  118. O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SPEEDbit Video Downloader\Toolbar\tbcore3.dll ()
  119. O3 - HKCU\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SPEEDbit Video Downloader\Toolbar\tbcore3.dll ()
  120. O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
  121. O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
  122. O4 - HKCU..\Run: [DownloadAccelerator] C:\Program Files\DAP\DAP.EXE (SpeedBit Ltd.)
  123. O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
  124. O4 - HKCU..\Run: [ManyCam] C:\Program Files\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
  125. O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
  126. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
  127. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
  128. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
  129. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  130. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
  131. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
  132. O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
  133. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
  134. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
  135. O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
  136. O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
  137. O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
  138. O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
  139. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
  140. O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
  141. O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
  142. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.222.123.101 192.168.0.1
  143. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{22C13D65-2EBE-49EA-BEAE-913F2420F62D}: DhcpNameServer = 200.222.123.101 192.168.0.1
  144. O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  145. O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
  146. O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
  147. O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
  148. O32 - HKLM CDRom: AutoRun - 1
  149. O32 - AutoRun File - [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
  150. O32 - AutoRun File - [2011/08/16 17:00:22 | 000,000,647 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
  151. O32 - AutoRun File - [2011/12/19 10:02:20 | 000,006,966 | R--- | M] () - D:\autorun.sh -- [ CDFS ]
  152. O34 - HKLM BootExecute: (autocheck autochk *)
  153. O35 - HKLM\..comfile [open] -- "%1" %*
  154. O35 - HKLM\..exefile [open] -- "%1" %*
  155. O37 - HKLM\...com [@ = ComFile] -- "%1" %*
  156. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  157.  
  158. NetSvcs: FastUserSwitchingCompatibility -  File not found
  159. NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
  160. NetSvcs: Nla -  File not found
  161. NetSvcs: Ntmssvc -  File not found
  162. NetSvcs: NWCWorkstation -  File not found
  163. NetSvcs: Nwsapagent -  File not found
  164. NetSvcs: SRService -  File not found
  165. NetSvcs: WmdmPmSp -  File not found
  166. NetSvcs: LogonHours -  File not found
  167. NetSvcs: PCAudit -  File not found
  168. NetSvcs: helpsvc -  File not found
  169. NetSvcs: uploadmgr -  File not found
  170.  
  171. CREATERESTOREPOINT
  172. Restore point Set: OTL Restore Point
  173.  
  174. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  175.  
  176. [2012/05/03 23:00:36 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
  177. [2012/05/03 23:00:34 | 000,000,000 | ---D | C] -- C:\Windows\temp
  178. [2012/05/03 22:37:46 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
  179. [2012/05/03 22:37:46 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
  180. [2012/05/03 22:37:46 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
  181. [2012/05/03 22:37:43 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
  182. [2012/05/03 22:37:40 | 000,000,000 | ---D | C] -- C:\Qoobox
  183. [2012/05/03 22:28:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Apple Computer
  184. [2012/05/03 22:28:03 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Apple Computer
  185. [2012/04/29 15:45:19 | 000,000,000 | ---D | C] -- C:\_OTL
  186. [2012/04/23 14:05:47 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\GetRightToGo
  187. [2012/04/23 14:05:47 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Downloads
  188. [2012/04/20 16:32:39 | 000,000,000 | ---D | C] -- C:\Program Files\Social Bookmarking Automation Software Blog Comment Software
  189. [2012/04/20 16:25:31 | 001,140,472 | ---- | C] (Infragistics, Inc.) -- C:\Windows\System32\IGUltraGrid20.ocx
  190. [2012/04/20 16:25:31 | 000,361,256 | ---- | C] (Namtuk.com) -- C:\Windows\System32\MyCommandbutton.ocx
  191. [2012/04/20 16:25:31 | 000,349,968 | ---- | C] (Infragistics, Inc.) -- C:\Windows\System32\IGThreed40.ocx
  192. [2012/04/20 16:25:31 | 000,246,304 | ---- | C] (Namtuk.com) -- C:\Windows\System32\MyFramePanel.ocx
  193. [2012/04/20 16:25:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftwareDepo.com
  194. [2012/04/20 16:25:31 | 000,000,000 | ---D | C] -- C:\Program Files\SoftwareDepo.com
  195. [2012/04/20 16:20:05 | 000,000,000 | ---D | C] -- C:\Config.Msi
  196. [2012/04/20 16:14:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
  197. [2012/04/20 16:14:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
  198. [2012/04/20 16:13:45 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
  199. [2012/04/20 16:13:45 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
  200. [2012/04/20 16:13:45 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
  201. [2012/04/20 16:13:45 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
  202. [2012/04/20 16:13:22 | 000,000,000 | ---D | C] -- C:\Program Files\Java
  203. [2012/04/20 15:36:01 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\WinRAR
  204. [2012/04/20 15:35:51 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
  205. [2012/04/20 15:35:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
  206. [2012/04/20 15:35:46 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
  207. [2012/04/20 15:13:52 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\ElevatedDiagnostics
  208. [2012/04/20 15:07:10 | 000,000,000 | ---D | C] -- C:\temp
  209. [2012/04/20 14:51:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Mozilla
  210. [2012/04/20 14:51:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Mozilla
  211. [2012/04/20 14:31:47 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Samsung
  212. [2012/04/20 14:31:23 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Samsung
  213. [2012/04/20 14:31:11 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\samsung
  214. [2012/04/17 23:20:27 | 000,000,000 | ---D | C] -- C:\1d628acdf504dd45e237e0148547
  215. [2012/04/17 23:19:41 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XP Codec Pack 2.5.1
  216. [2012/04/17 23:19:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XP Codec Pack 2.5.1
  217. [2012/04/17 23:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\XP Codec Pack
  218. [2012/04/17 23:19:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
  219. [2012/04/17 23:19:25 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
  220. [2012/04/17 23:19:02 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
  221. [2012/04/17 23:18:03 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Macromedia
  222. [2012/04/17 23:18:03 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Adobe
  223. [2012/04/17 23:17:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\uTorrent
  224. [2012/04/17 23:16:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
  225. [2012/04/17 23:16:33 | 000,000,000 | ---D | C] -- C:\Program Files\Elaborate Bytes
  226. [2012/04/17 23:15:41 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
  227. [2012/04/17 23:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
  228. [2012/04/17 23:15:07 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
  229. [2012/04/17 23:15:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Apple
  230. [2012/04/17 23:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
  231. [2012/04/17 23:15:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
  232. [2012/04/17 23:14:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxthon
  233. [2012/04/17 23:14:17 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Maxthon3
  234. [2012/04/17 23:14:09 | 000,000,000 | ---D | C] -- C:\Program Files\Maxthon3
  235. [2012/04/17 23:13:39 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\APN
  236. [2012/04/17 23:12:58 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ManyCam
  237. [2012/04/17 23:12:47 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\ManyCam
  238. [2012/04/17 23:12:46 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\ManyCam
  239. [2012/04/17 23:12:42 | 000,000,000 | ---D | C] -- C:\Program Files\ManyCam
  240. [2012/04/17 23:11:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
  241. [2012/04/17 23:11:03 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll
  242. [2012/04/17 23:10:55 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\System32\dgderapi.dll
  243. [2012/04/17 23:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\InstallShield Installation Information
  244. [2012/04/17 23:10:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
  245. [2012/04/17 23:10:29 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
  246. [2012/04/17 23:09:53 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Downloaded Installations
  247. [2012/04/17 23:09:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geany
  248. [2012/04/17 23:09:25 | 000,000,000 | ---D | C] -- C:\Program Files\Geany
  249. [2012/04/17 23:09:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
  250. [2012/04/17 23:08:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPEEDbit Video Downloader
  251. [2012/04/17 23:08:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Speedbit
  252. [2012/04/17 23:08:44 | 000,000,000 | ---D | C] -- C:\Program Files\SPEEDbit Video Downloader
  253. [2012/04/17 23:08:44 | 000,000,000 | ---D | C] -- C:\Program Files\SearchPredict
  254. [2012/04/17 23:08:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink
  255. [2012/04/17 23:08:20 | 000,000,000 | ---D | C] -- C:\ProgramData\DVD Shrink
  256. [2012/04/17 23:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Shrink
  257. [2012/04/17 23:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
  258. [2012/04/17 23:05:08 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedBit
  259. [2012/04/17 23:05:08 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\My DAP Downloads
  260. [2012/04/17 23:05:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Accelerator Plus (DAP)
  261. [2012/04/17 23:05:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeedBit
  262. [2012/04/17 23:05:05 | 000,000,000 | ---D | C] -- C:\Program Files\DAP
  263. [2012/04/17 23:04:54 | 000,172,032 | ---- | C] (Jin Hui    E-mail: jinhui@jcomsoft.com   Web: http://www.jcomsoft.com) -- C:\Windows\System32\AniGIF.ocx
  264. [2012/04/17 23:04:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
  265. [2012/04/17 23:04:38 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
  266. [2012/04/17 23:04:22 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\OpenCandy
  267. [2012/04/17 23:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
  268. [2012/04/17 23:03:34 | 000,000,000 | ---D | C] -- C:\Program Files\DsNET Corp
  269. [2012/04/17 23:02:59 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\My Shared Folder
  270. [2012/04/17 23:02:58 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Ares
  271. [2012/04/17 23:02:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares
  272. [2012/04/17 23:02:55 | 000,000,000 | ---D | C] -- C:\Program Files\Ares
  273. [2012/04/17 23:02:45 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Opera
  274. [2012/04/17 23:02:44 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Opera
  275. [2012/04/17 23:02:40 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
  276. [2012/04/17 23:00:45 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TweetDeck
  277. [2012/04/17 23:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\Twitter
  278. [2012/04/17 23:00:16 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
  279. [2012/04/17 22:54:31 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
  280. [2012/04/17 22:47:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Google
  281. [2012/04/17 22:46:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Apps
  282. [2012/04/17 22:46:48 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Deployment
  283. [2012/04/17 22:41:38 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox Guest Additions
  284. [2012/04/17 22:39:11 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
  285. [2012/04/12 18:03:45 | 000,000,000 | ---D | C] -- C:\Windows\Panther
  286. [2012/04/12 13:31:56 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
  287. [2012/04/12 13:31:56 | 000,000,000 | R--D | C] -- C:\Users\user\Searches
  288. [2012/04/12 13:31:56 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
  289. [2012/04/12 13:31:55 | 000,000,000 | -H-D | C] -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
  290. [2012/04/12 13:31:39 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Identities
  291. [2012/04/12 13:24:55 | 000,000,000 | ---D | C] -- C:\found.000
  292. [2012/04/12 13:18:19 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
  293. [2012/04/12 13:11:38 | 000,000,000 | R--D | C] -- C:\Users\user\Contacts
  294. [2012/04/12 13:11:27 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\VirtualStore
  295. [2012/04/12 13:11:26 | 000,000,000 | --SD | C] -- C:\Users\user\AppData\Roaming\Microsoft
  296. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\Videos
  297. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\Saved Games
  298. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\Pictures
  299. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\Music
  300. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
  301. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\Links
  302. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\Favorites
  303. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\Downloads
  304. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\Documents
  305. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\Desktop
  306. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
  307. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\AppData\Local\Temporary Internet Files
  308. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\Templates
  309. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\Start Menu
  310. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\SendTo
  311. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\Recent
  312. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\PrintHood
  313. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\NetHood
  314. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\Documents\My Videos
  315. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\Documents\My Pictures
  316. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\Documents\My Music
  317. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\My Documents
  318. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\Local Settings
  319. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\AppData\Local\History
  320. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\Cookies
  321. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\Application Data
  322. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\AppData\Local\Application Data
  323. [2012/04/12 13:11:26 | 000,000,000 | -H-D | C] -- C:\Users\user\AppData
  324. [2012/04/12 13:11:26 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Temp
  325. [2012/04/12 13:11:26 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Microsoft
  326. [2012/04/12 13:11:26 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Media Center Programs
  327. [2012/04/12 13:11:10 | 000,000,000 | ---D | C] -- C:\Recovery
  328. [2012/04/12 13:05:21 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
  329. [2012/04/12 13:04:19 | 000,000,000 | -HSD | C] -- C:\System Volume Information
  330.  
  331. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  332.  
  333. [2012/05/07 12:31:15 | 000,028,320 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  334. [2012/05/07 12:31:15 | 000,028,320 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  335. [2012/05/07 12:26:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  336. [2012/05/07 12:22:41 | 000,014,386 | ---- | M] () -- C:\Users\user\Desktop\Untitled.png
  337. [2012/05/03 23:01:28 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-502584883-899378009-3667950772-1001UA.job
  338. [2012/05/03 22:52:17 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-502584883-899378009-3667950772-1001Core.job
  339. [2012/05/03 22:45:08 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
  340. [2012/05/03 22:31:46 | 000,088,280 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
  341. [2012/05/03 22:31:09 | 000,001,388 | ---- | M] () -- C:\Users\user\Desktop\My DAP Downloads.lnk
  342. [2012/04/25 18:55:35 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
  343. [2012/04/25 18:55:35 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
  344. [2012/04/20 16:20:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
  345. [2012/04/20 16:20:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
  346. [2012/04/20 16:20:24 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
  347. [2012/04/20 16:13:24 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
  348. [2012/04/20 16:13:24 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
  349. [2012/04/20 16:13:24 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
  350. [2012/04/20 16:13:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
  351. [2012/04/17 23:20:10 | 000,000,937 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
  352. [2012/04/17 23:20:10 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
  353. [2012/04/17 23:19:44 | 000,001,060 | ---- | M] () -- C:\Users\user\Desktop\Media Player Classic.lnk
  354. [2012/04/17 23:16:55 | 000,001,208 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
  355. [2012/04/17 23:15:53 | 000,002,503 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
  356. [2012/04/17 23:15:53 | 000,002,479 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
  357. [2012/04/17 23:14:19 | 000,001,048 | ---- | M] () -- C:\Users\user\Desktop\Maxthon 3.lnk
  358. [2012/04/17 23:12:58 | 000,001,097 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk
  359. [2012/04/17 23:12:58 | 000,001,073 | ---- | M] () -- C:\Users\user\Desktop\ManyCam.lnk
  360. [2012/04/17 23:12:23 | 000,001,899 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
  361. [2012/04/17 23:11:06 | 000,001,923 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
  362. [2012/04/17 23:09:27 | 000,001,035 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Geany.lnk
  363. [2012/04/17 23:09:27 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\Geany.lnk
  364. [2012/04/17 23:09:13 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
  365. [2012/04/17 23:08:45 | 000,001,991 | ---- | M] () -- C:\Users\user\Desktop\SPEEDbit Video Downloader.lnk
  366. [2012/04/17 23:08:45 | 000,001,614 | ---- | M] () -- C:\Users\user\Desktop\My Video Downloads .lnk
  367. [2012/04/17 23:08:20 | 000,000,953 | ---- | M] () -- C:\Users\user\Desktop\DVD Shrink 3.2.lnk
  368. [2012/04/17 23:07:53 | 000,000,893 | ---- | M] () -- C:\Users\user\Desktop\Download Accelerator Plus (DAP).lnk
  369. [2012/04/17 23:04:56 | 000,109,216 | ---- | M] () -- C:\Windows\System32\EasyHook64.dll
  370. [2012/04/17 23:04:56 | 000,084,480 | ---- | M] () -- C:\Windows\System32\EasyHook32.dll
  371. [2012/04/17 23:04:54 | 000,172,032 | ---- | M] (Jin Hui    E-mail: jinhui@jcomsoft.com   Web: http://www.jcomsoft.com) -- C:\Windows\System32\AniGIF.ocx
  372. [2012/04/17 23:04:39 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
  373. [2012/04/17 23:04:22 | 000,002,072 | ---- | M] () -- C:\Users\Public\Desktop\MP3 Downloader.lnk
  374. [2012/04/17 23:04:22 | 000,002,068 | ---- | M] () -- C:\Users\Public\Desktop\Video Search.lnk
  375. [2012/04/17 23:04:21 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
  376. [2012/04/17 23:02:56 | 000,000,909 | ---- | M] () -- C:\Users\Public\Desktop\Ares.lnk
  377. [2012/04/17 23:02:41 | 000,001,775 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
  378. [2012/04/17 22:54:32 | 000,002,306 | ---- | M] () -- C:\Users\user\Desktop\Google Chrome.lnk
  379. [2012/04/17 22:43:49 | 000,001,407 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
  380. [2012/04/12 13:09:42 | 000,265,944 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
  381. [2012/04/12 13:07:01 | 000,115,640 | ---- | M] () -- C:\Windows\System32\license.rtf
  382.  
  383. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  384.  
  385. [2012/05/07 12:22:41 | 000,014,386 | ---- | C] () -- C:\Users\user\Desktop\Untitled.png
  386. [2012/05/03 22:37:46 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
  387. [2012/05/03 22:37:46 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
  388. [2012/05/03 22:37:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
  389. [2012/05/03 22:37:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
  390. [2012/05/03 22:37:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
  391. [2012/05/03 22:31:46 | 000,088,280 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
  392. [2012/04/23 14:13:42 | 000,001,576 | ---- | C] () -- C:\Users\user\Desktop\Online Business Komplett Paket.LNK
  393. [2012/04/20 16:32:39 | 000,000,920 | ---- | C] () -- C:\Users\user\Desktop\Social Bookmarking Automation Software Blog Comment Software.LNK
  394. [2012/04/20 16:20:31 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
  395. [2012/04/20 16:20:31 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
  396. [2012/04/20 14:42:40 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
  397. [2012/04/17 23:19:44 | 000,001,060 | ---- | C] () -- C:\Users\user\Desktop\Media Player Classic.lnk
  398. [2012/04/17 23:19:42 | 000,421,888 | ---- | C] () -- C:\Windows\System32\ac3filter.acm
  399. [2012/04/17 23:19:02 | 000,000,937 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
  400. [2012/04/17 23:19:02 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
  401. [2012/04/17 23:16:55 | 000,001,208 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
  402. [2012/04/17 23:15:53 | 000,002,503 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
  403. [2012/04/17 23:15:53 | 000,002,491 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
  404. [2012/04/17 23:15:53 | 000,002,479 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
  405. [2012/04/17 23:15:04 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
  406. [2012/04/17 23:14:19 | 000,001,048 | ---- | C] () -- C:\Users\user\Desktop\Maxthon 3.lnk
  407. [2012/04/17 23:12:58 | 000,001,097 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk
  408. [2012/04/17 23:12:58 | 000,001,073 | ---- | C] () -- C:\Users\user\Desktop\ManyCam.lnk
  409. [2012/04/17 23:12:23 | 000,001,899 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
  410. [2012/04/17 23:11:06 | 000,001,923 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
  411. [2012/04/17 23:09:27 | 000,001,035 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Geany.lnk
  412. [2012/04/17 23:09:27 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\Geany.lnk
  413. [2012/04/17 23:09:13 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
  414. [2012/04/17 23:09:13 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
  415. [2012/04/17 23:08:45 | 000,001,991 | ---- | C] () -- C:\Users\user\Desktop\SPEEDbit Video Downloader.lnk
  416. [2012/04/17 23:08:45 | 000,001,614 | ---- | C] () -- C:\Users\user\Desktop\My Video Downloads .lnk
  417. [2012/04/17 23:08:20 | 000,000,953 | ---- | C] () -- C:\Users\user\Desktop\DVD Shrink 3.2.lnk
  418. [2012/04/17 23:07:53 | 000,001,388 | ---- | C] () -- C:\Users\user\Desktop\My DAP Downloads.lnk
  419. [2012/04/17 23:07:53 | 000,000,893 | ---- | C] () -- C:\Users\user\Desktop\Download Accelerator Plus (DAP).lnk
  420. [2012/04/17 23:05:06 | 000,109,216 | ---- | C] () -- C:\Windows\System32\EasyHook64.dll
  421. [2012/04/17 23:05:06 | 000,084,480 | ---- | C] () -- C:\Windows\System32\EasyHook32.dll
  422. [2012/04/17 23:04:39 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
  423. [2012/04/17 23:04:22 | 000,002,072 | ---- | C] () -- C:\Users\Public\Desktop\MP3 Downloader.lnk
  424. [2012/04/17 23:04:22 | 000,002,068 | ---- | C] () -- C:\Users\Public\Desktop\Video Search.lnk
  425. [2012/04/17 23:04:21 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
  426. [2012/04/17 23:02:56 | 000,000,909 | ---- | C] () -- C:\Users\Public\Desktop\Ares.lnk
  427. [2012/04/17 23:02:42 | 000,001,787 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
  428. [2012/04/17 23:02:41 | 000,001,775 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
  429. [2012/04/17 22:54:32 | 000,002,306 | ---- | C] () -- C:\Users\user\Desktop\Google Chrome.lnk
  430. [2012/04/17 22:47:20 | 000,001,074 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-502584883-899378009-3667950772-1001UA.job
  431. [2012/04/17 22:47:20 | 000,001,022 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-502584883-899378009-3667950772-1001Core.job
  432. [2012/04/17 22:43:49 | 000,001,407 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
  433. [2012/04/12 13:31:59 | 000,001,413 | ---- | C] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
  434. [2012/04/12 13:11:26 | 000,000,290 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
  435. [2012/04/12 13:11:26 | 000,000,272 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
  436. [2012/04/12 13:06:54 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
  437. [2012/04/12 13:06:48 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
  438. [2012/01/31 18:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
  439. [2012/01/31 18:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
  440. [2012/01/31 18:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
  441. [2012/01/31 18:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
  442. [2012/01/31 18:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
  443.  
  444. [color=#E56717]========== LOP Check ==========[/color]
  445.  
  446. [2012/04/23 14:06:26 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GetRightToGo
  447. [2012/04/20 14:30:48 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ManyCam
  448. [2012/04/17 23:14:26 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Maxthon3
  449. [2012/04/17 23:04:33 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\OpenCandy
  450. [2012/04/17 23:02:44 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Opera
  451. [2012/04/20 14:31:23 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Samsung
  452. [2012/05/07 12:31:26 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\uTorrent
  453. [2009/07/14 01:53:46 | 000,009,320 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
  454.  
  455. [color=#E56717]========== Purity Check ==========[/color]
  456.  
  457.  
  458.  
  459. [color=#E56717]========== Custom Scans ==========[/color]
  460.  
  461. [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
  462. [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
  463. [2012/05/03 23:00:32 | 000,015,088 | ---- | M] () -- C:\ComboFix.txt
  464. [2009/06/10 18:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
  465. [2012/04/20 16:20:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
  466. [2012/04/20 16:20:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
  467. [2012/05/07 12:26:06 | 1073,741,824 | -HS- | M] () -- C:\pagefile.sys
  468. [2012/04/29 15:57:38 | 000,000,361 | ---- | M] () -- C:\rkill.log
  469. [2012/05/03 22:32:35 | 000,003,544 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_03.05.2012_22.32.24_log.txt
  470. [2012/05/03 22:35:54 | 000,111,990 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_03.05.2012_22.32.48_log.txt
  471. [2012/05/07 12:17:26 | 000,112,344 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_07.05.2012_12.11.57_log.txt
  472.  
  473. [color=#A23BEC]< %systemdrive%\drivers\*.exe >[/color]
  474.  
  475. [color=#A23BEC]< %systemroot%\system32\drivers\*.* /90 >[/color]
  476. [2012/02/17 01:14:08 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\rdpwd.sys
  477. [2012/02/17 01:13:22 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\tdtcp.sys
  478.  
  479. [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
  480. [2009/07/14 01:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
  481.  
  482. [color=#A23BEC]< %LOCALAPPDATA%\*.exe >[/color]
  483.  
  484. [color=#A23BEC]< %LOCALAPPDATA%\*.txt >[/color]
  485.  
  486. [color=#A23BEC]< %LOCALAPPDATA%\*.ini >[/color]
  487.  
  488. [color=#A23BEC]< %LOCALAPPDATA%\*.dll >[/color]
  489.  
  490. [color=#A23BEC]< %LOCALAPPDATA%\*.dat >[/color]
  491. [2012/04/17 22:46:51 | 000,057,560 | ---- | M] () -- C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
  492.  
  493. [color=#A23BEC]< %USERPROFILE%\*.exe >[/color]
  494.  
  495. [color=#A23BEC]< %USERPROFILE%\*.txt >[/color]
  496.  
  497. [color=#A23BEC]< %USERPROFILE%\*.ini >[/color]
  498. [2012/04/12 13:11:26 | 000,000,020 | -HS- | M] () -- C:\Users\user\ntuser.ini
  499.  
  500. [color=#A23BEC]< %USERPROFILE%\*.dll >[/color]
  501.  
  502. [color=#A23BEC]< %USERPROFILE%\*.dat /30 >[/color]
  503. [2012/05/07 12:32:42 | 002,621,440 | -HS- | M] () -- C:\Users\user\NTUSER.DAT
  504.  
  505. [color=#A23BEC]< %appdata%\*.* >[/color]
  506.  
  507. [color=#A23BEC]< %systemroot%\system32\tasks\*.* >[/color]
  508. [2012/04/17 22:47:20 | 000,003,650 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-502584883-899378009-3667950772-1001Core
  509. [2012/04/17 22:47:20 | 000,004,046 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-502584883-899378009-3667950772-1001UA
  510.  
  511. [color=#A23BEC]< %windir%\tasks\*.* >[/color]
  512. [2012/05/03 22:52:17 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-502584883-899378009-3667950772-1001Core.job
  513. [2012/05/03 23:01:28 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-502584883-899378009-3667950772-1001UA.job
  514. [2012/05/07 12:26:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
  515. [2009/07/14 01:53:46 | 000,009,320 | ---- | M] () -- C:\Windows\tasks\SCHEDLGU.TXT
  516.  
  517. [color=#A23BEC]< C:\Users\user\AppData\Roaming\*.* /10 /s >[/color]
  518. [2012/05/03 22:32:27 | 000,002,390 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Preferences\com.apple.Safari.plist
  519. [2012/05/03 22:28:19 | 000,005,472 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Safari\Bookmarks.plist
  520. [2012/05/03 22:28:28 | 000,019,555 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Safari\Configurations.plist.signed
  521. [2012/05/03 22:32:19 | 000,000,449 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Safari\History.plist
  522. [2012/05/03 22:32:37 | 000,001,118 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Safari\LastSession.plist
  523. [2012/05/03 22:28:41 | 000,000,822 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Safari\TopSites.plist
  524. [2012/05/03 22:32:37 | 000,001,406 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Safari\Cookies\Cookies.binarycookies
  525. [2012/05/03 22:30:10 | 000,001,023 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Safari\PubSub\Clients.plist
  526. [2012/05/03 22:31:43 | 000,123,904 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Safari\PubSub\Database\Database.sqlite3
  527. [2012/05/03 22:31:40 | 000,050,091 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Safari\PubSub\Feeds\98faf8d5aa51181d8bc7cd3a329798a89e67d2b2.xml
  528. [2012/05/07 12:17:17 | 000,000,037 | ---- | M] () -- C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LQ9PD5YC\mail.google.com\wakeup.sol
  529. [2012/05/07 12:18:15 | 000,000,068 | ---- | M] () -- C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LQ9PD5YC\static.anonymousdmp.com\pus.sol
  530. [2012/05/07 12:18:15 | 000,000,403 | ---- | M] () -- C:\Users\user\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol
  531. [2012/05/07 12:17:17 | 000,000,085 | ---- | M] () -- C:\Users\user\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#mail.google.com\settings.sol
  532. [2012/05/07 12:18:15 | 000,000,093 | ---- | M] () -- C:\Users\user\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.anonymousdmp.com\settings.sol
  533. [2012/05/07 12:25:38 | 000,182,059 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Avatars\Bear Mask.mce
  534. [2012/05/07 12:25:38 | 000,116,641 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Avatars\Cow Mask.mce
  535. [2012/05/07 12:25:38 | 000,165,606 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Avatars\Frog Mask.mce
  536. [2012/05/07 12:25:38 | 000,140,218 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Avatars\Rabbit Mask.mce
  537. [2012/05/07 12:25:38 | 000,182,457 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Avatars\Santa Mask.mce
  538. [2012/05/07 12:25:38 | 000,165,891 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Flags\Canadian Flag.mce
  539. [2012/05/07 12:25:38 | 000,139,185 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Flags\French Flag.mce
  540. [2012/05/07 12:25:38 | 000,138,619 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Flags\German Flag.mce
  541. [2012/05/07 12:25:38 | 000,152,862 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Flags\Italian Flag.mce
  542. [2012/05/07 12:25:38 | 000,302,579 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Flags\UK Flag.mce
  543. [2012/05/07 12:25:38 | 000,280,846 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Flags\USA Flag.mce
  544. [2012/05/07 12:25:38 | 000,083,659 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Fun\Ballon.mce
  545. [2012/05/07 12:25:38 | 000,738,913 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Fun\Be Right Back.mce
  546. [2012/05/07 12:25:38 | 000,084,325 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Fun\Frog.mce
  547. [2012/05/07 12:25:38 | 000,026,872 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Fun\Gun.mce
  548. [2012/05/07 12:25:38 | 000,138,793 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Fun\Hearts.mce
  549. [2012/05/07 12:25:38 | 000,096,690 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Fun\Sun.mce
  550. [2012/05/07 12:25:38 | 000,072,412 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Holidays\Bell.mce
  551. [2012/05/07 12:25:38 | 000,181,553 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Holidays\Candle.mce
  552. [2012/05/07 12:25:38 | 000,113,940 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Holidays\Candy Cane.mce
  553. [2012/05/07 12:25:38 | 000,155,707 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Holidays\Christmas Tree.mce
  554. [2012/05/07 12:25:38 | 000,097,213 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Holidays\Snow Man.mce
  555. [2012/05/07 12:25:38 | 000,001,907 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Settings\Profile.xml
  556. [2012/05/07 12:25:38 | 000,000,202 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Settings\Layer0\Playlist.pst
  557. [2012/05/07 12:25:38 | 000,000,202 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Settings\Layer0\PlaylistImages.pst
  558. [2012/05/07 12:25:38 | 000,000,202 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Settings\Layer0\PlaylistMovies.pst
  559. [2012/05/07 12:25:38 | 000,000,202 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Settings\Layer0\PlaylistSnapshots.pst
  560. [2012/05/07 12:25:38 | 000,000,850 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Settings\Layer0\Profile.xml
  561. [2012/04/29 15:27:19 | 000,001,483 | --S- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-502584883-899378009-3667950772-1001\354d1e6dd896821481eceb6b6d98e358_147c45ed-c645-4a42-a6f1-692c606382e3
  562. [2012/05/02 16:40:49 | 000,001,483 | --S- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-502584883-899378009-3667950772-1001\3c9fe8b3ea6152be71a4622b06bc9994_147c45ed-c645-4a42-a6f1-692c606382e3
  563. [2012/05/03 22:27:17 | 000,001,483 | --S- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-502584883-899378009-3667950772-1001\607f8bd8106e111b63b6aec6c55b27b6_147c45ed-c645-4a42-a6f1-692c606382e3
  564. [2012/05/07 12:26:26 | 000,001,483 | --S- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-502584883-899378009-3667950772-1001\6affdd226ed39a5fa79c3e10cbc8bea5_147c45ed-c645-4a42-a6f1-692c606382e3
  565. [2012/05/07 12:10:33 | 000,001,483 | --S- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-502584883-899378009-3667950772-1001\aa171eaf484a69d982d3688e6a5ad587_147c45ed-c645-4a42-a6f1-692c606382e3
  566. [2012/05/02 15:20:03 | 000,001,483 | --S- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-502584883-899378009-3667950772-1001\b7d3d6213566f49e3aa12073fd6622ea_147c45ed-c645-4a42-a6f1-692c606382e3
  567. [2012/05/02 21:45:42 | 000,001,483 | --S- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-502584883-899378009-3667950772-1001\cdc240ef9e6a171148ab9eb6cb634a5a_147c45ed-c645-4a42-a6f1-692c606382e3
  568. [2012/04/29 15:52:18 | 000,001,483 | --S- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-502584883-899378009-3667950772-1001\e4405e8fa71ed0bdba16a296444c26dc_147c45ed-c645-4a42-a6f1-692c606382e3
  569. [2012/05/07 12:02:41 | 000,001,483 | --S- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-502584883-899378009-3667950772-1001\f7d6794d1ba34a5f731c9b258e0cc114_147c45ed-c645-4a42-a6f1-692c606382e3
  570. [2012/05/07 12:32:39 | 000,032,768 | -HS- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
  571. [2012/05/07 12:11:22 | 000,000,704 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@ad.yieldmanager[2].txt
  572. [2012/04/29 15:28:22 | 000,000,100 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@adnetwork[1].txt
  573. [2012/05/02 21:48:44 | 000,000,404 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@adnxs[1].txt
  574. [2012/04/29 15:27:52 | 000,000,897 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@ask[2].txt
  575. [2012/05/02 21:48:43 | 000,000,192 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@atdmt[1].txt
  576. [2012/05/02 21:48:40 | 000,000,649 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@br.msn[2].txt
  577. [2012/04/29 15:32:59 | 000,000,419 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@brothersoftextreme.ourtoolbar[2].txt
  578. [2012/05/02 21:48:31 | 000,000,210 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@c.atdmt[2].txt
  579. [2012/05/02 21:48:36 | 000,000,071 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@c.br.msn[1].txt
  580. [2012/05/02 21:48:33 | 000,000,101 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@doubleclick[1].txt
  581. [2012/05/07 12:11:16 | 000,000,365 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@fileratings[1].txt
  582. [2012/05/02 21:48:42 | 000,000,113 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@ia.nspmotion[1].txt
  583. [2012/05/02 21:48:37 | 000,000,696 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@mfa.unilever.predicta[2].txt
  584. [2012/05/02 21:48:36 | 000,000,388 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@msn[2].txt
  585. [2012/05/02 21:48:42 | 000,000,109 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@nspmotion[2].txt
  586. [2012/05/02 15:20:53 | 000,000,297 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@pixer.meaningtool[2].txt
  587. [2012/05/02 21:48:37 | 000,000,110 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@predicta[1].txt
  588. [2012/04/29 15:32:14 | 000,000,365 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@printitgreen[3].txt
  589. [2012/04/29 15:28:23 | 000,000,099 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@quantserve[1].txt
  590. [2012/05/02 21:48:29 | 000,000,206 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@scorecardresearch[2].txt
  591. [2012/04/29 15:31:24 | 000,000,164 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@search.conduit[2].txt
  592. [2012/05/02 21:48:37 | 000,000,202 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@unilever.predicta[1].txt
  593. [2012/04/29 15:28:20 | 000,000,089 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@yahoo[1].txt
  594. [2012/04/29 15:32:52 | 000,032,768 | -HS- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Low\index.dat
  595. [2012/05/07 12:18:53 | 000,262,144 | -HS- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
  596. [2012/05/02 21:48:17 | 000,065,536 | -HS- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\PrivacIE\index.dat
  597. [2012/05/03 22:31:10 | 000,000,429 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\Downloads.lnk
  598. [2012/05/07 12:15:41 | 000,000,357 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\Local Disk (C).lnk
  599. [2012/05/03 22:34:27 | 000,000,676 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\TDSSKiller.2.7.34.0_03.05.2012_22.32.24_log.txt.lnk
  600. [2012/05/07 12:13:59 | 000,000,676 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\TDSSKiller.2.7.34.0_03.05.2012_22.32.48_log.txt.lnk
  601. [2012/05/07 12:15:41 | 000,000,676 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\TDSSKiller.2.7.34.0_07.05.2012_12.11.57_log.txt.lnk
  602. [2012/05/03 22:31:09 | 000,000,482 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\tdsskiller.zip.lnk
  603. [2012/05/07 12:22:41 | 000,000,456 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\Untitled.png.lnk
  604. [2012/05/07 12:22:41 | 000,010,240 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\1b4dd67f29cb1962.automaticDestinations-ms
  605. [2012/05/07 12:14:39 | 000,008,704 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\7e4dca80246863e3.automaticDestinations-ms
  606. [2012/05/07 12:15:41 | 000,007,680 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\918e0ecb43d17e23.automaticDestinations-ms
  607. [2012/05/07 12:22:41 | 000,003,072 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\b3f13480c2785ae.automaticDestinations-ms
  608. [2012/05/03 22:31:14 | 000,017,120 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\16ec093b8f51508f.customDestinations-ms
  609. [2012/04/29 15:35:22 | 000,006,648 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\28c8b86deab549a1.customDestinations-ms
  610. [2012/05/07 12:27:26 | 000,013,492 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
  611. [2012/04/29 16:10:04 | 000,018,812 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
  612. [2012/04/29 15:35:58 | 000,008,336 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ed7a5cc3cca8d52a.customDestinations-ms
  613. [2012/04/29 15:58:02 | 000,425,984 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\addons.sqlite
  614. [2012/04/29 15:58:02 | 000,131,616 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\addons.sqlite-journal
  615. [2012/04/29 16:00:03 | 000,013,339 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\blocklist.xml
  616. [2012/05/03 22:35:45 | 000,065,536 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\cert8.db
  617. [2012/05/03 22:35:29 | 000,098,304 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\chromeappsstore.sqlite
  618. [2012/05/03 22:35:16 | 000,000,186 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\compatibility.ini
  619. [2012/05/03 22:35:45 | 000,524,288 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\cookies.sqlite
  620. [2012/04/29 15:56:10 | 000,065,536 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\downloads.sqlite
  621. [2012/05/02 21:46:52 | 000,000,170 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\extensions.ini
  622. [2012/05/02 21:46:52 | 000,393,216 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\extensions.sqlite
  623. [2012/05/03 22:35:45 | 000,016,384 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\key3.db
  624. [2012/05/03 22:35:45 | 000,001,885 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\localstore.rdf
  625. [2012/05/02 21:48:26 | 010,485,760 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\places.sqlite
  626. [2012/05/03 22:47:26 | 000,878,949 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\prefs.js
  627. [2012/05/03 22:47:26 | 000,878,955 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\prefs.js.BAK
  628. [2012/04/29 15:53:54 | 000,008,550 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\search.json
  629. [2012/04/29 15:53:54 | 000,065,536 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\search.sqlite
  630. [2012/05/02 21:48:26 | 000,000,883 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\sessionstore.bak
  631. [2012/05/03 22:35:45 | 000,000,784 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\sessionstore.js
  632. [2012/05/03 22:35:20 | 000,000,154 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\urlclassifierkey3.txt
  633. [2012/05/03 22:47:26 | 000,000,326 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\user.js
  634. [2012/05/03 22:47:26 | 000,000,328 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\user.js.BAK
  635. [2012/05/02 21:48:26 | 000,003,199 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\bookmarkbackups\bookmarks-2012-05-02.json
  636. [2012/05/03 22:35:45 | 000,003,199 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\bookmarkbackups\bookmarks-2012-05-03.json
  637. [2012/05/03 22:28:08 | 000,001,440 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\autoupdate_response.xml
  638. [2012/05/03 22:31:16 | 000,000,862 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\cookies4.dat
  639. [2012/05/03 22:31:16 | 000,000,437 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\download.dat
  640. [2012/05/03 22:31:14 | 000,002,009 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\global_history.dat
  641. [2012/05/03 22:31:16 | 000,026,258 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\opcacrt6.dat
  642. [2012/05/03 22:31:14 | 000,001,709 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\operaprefs.ini
  643. [2012/05/03 22:31:16 | 000,009,042 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\opicacrt6.dat
  644. [2012/05/03 22:31:16 | 000,004,096 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\oprand.dat
  645. [2012/05/03 22:31:16 | 000,011,635 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\opssl6.dat
  646. [2012/05/03 22:31:16 | 000,000,012 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\optrust.dat
  647. [2012/05/03 22:31:16 | 000,000,012 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\opuntrust.dat
  648. [2012/05/03 22:27:49 | 000,000,431 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\tasks.xml
  649. [2012/05/03 22:31:14 | 000,000,291 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\tips.ini
  650. [2012/05/03 22:31:14 | 000,000,473 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\typed_history.xml
  651. [2012/05/03 22:31:16 | 000,000,012 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\vlink4.dat
  652. [2012/05/03 22:31:14 | 000,001,559 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\sessions\autosave.win
  653. [2012/05/03 22:31:14 | 000,001,559 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\sessions\autosave.win.bak
  654. [2012/05/03 22:31:14 | 000,000,035 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\webserver\users.xml
  655. [2012/05/07 12:25:38 | 000,004,456 | ---- | M] () -- C:\Users\user\AppData\Roaming\uTorrent\dht.dat
  656. [2012/05/07 12:31:26 | 000,000,002 | ---- | M] () -- C:\Users\user\AppData\Roaming\uTorrent\dht_feed.dat
  657. [2012/05/07 12:25:38 | 000,000,002 | ---- | M] () -- C:\Users\user\AppData\Roaming\uTorrent\dht_feed.dat.old
  658. [2012/05/07 12:25:38 | 000,000,099 | ---- | M] () -- C:\Users\user\AppData\Roaming\uTorrent\resume.dat
  659. [2012/05/07 12:20:52 | 000,000,099 | ---- | M] () -- C:\Users\user\AppData\Roaming\uTorrent\resume.dat.old
  660. [2012/05/07 12:26:27 | 000,010,658 | ---- | M] () -- C:\Users\user\AppData\Roaming\uTorrent\settings.dat
  661. [2012/05/07 12:26:26 | 000,010,658 | ---- | M] () -- C:\Users\user\AppData\Roaming\uTorrent\settings.dat.old
  662. [2012/05/07 12:26:29 | 000,039,755 | ---- | M] () -- C:\Users\user\AppData\Roaming\uTorrent\dlimagecache\32F529521A3DEC709F97F761F192AABF29BDC408
  663.  
  664. [color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >[/color]
  665. "DefaultConnectionSettings" = [Binary data over 100 bytes]
  666. "SavedLegacySettings" = [Binary data over 100 bytes]
  667.  
  668. [color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations >[/color]
  669.  
  670. [color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments >[/color]
  671.  
  672. [color=#E56717]========== Alternate Data Streams ==========[/color]
  673.  
  674. @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:553CA6CA
  675.  
  676. < End of report >OTL logfile created on: 07/05/2012 12:29:31 - Run 4
  677. OTL by OldTimer - Version 3.2.41.0     Folder = C:\Users\user\Downloads
  678.  Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  679. Internet Explorer (Version = 8.0.7601.17514)
  680. Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
  681.  
  682. 1023,55 Mb Total Physical Memory | 667,73 Mb Available Physical Memory | 65,24% Memory free
  683. 2,00 Gb Paging File | 1,43 Gb Available in Paging File | 71,50% Paging File free
  684. Paging file location(s): ?:\pagefile.sys [binary data]
  685.  
  686. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
  687. Drive C: | 29,90 Gb Total Space | 21,69 Gb Free Space | 72,54% Space Free | Partition Type: NTFS
  688. Drive D: | 43,37 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
  689.  
  690. Computer Name: USER-PC | User Name: user | Logged in as Administrator.
  691. Boot Mode: Normal | Scan Mode: Current user
  692. Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
  693.  
  694. [color=#E56717]========== Processes (SafeList) ==========[/color]
  695.  
  696. PRC - [2012/04/23 19:27:36 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\user\Downloads\OTL.exe
  697. PRC - [2012/04/17 23:20:10 | 000,738,168 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
  698. PRC - [2012/04/17 23:04:56 | 002,980,016 | ---- | M] (SpeedBit Ltd.) -- C:\Program Files\DAP\DAP.exe
  699. PRC - [2012/02/03 17:50:18 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
  700. PRC - [2012/02/02 12:55:22 | 003,209,216 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe
  701. PRC - [2011/12/12 01:33:46 | 001,760,328 | ---- | M] (ManyCam LLC) -- C:\Program Files\ManyCam\Bin\ManyCam.exe
  702. PRC - [2010/11/20 18:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
  703. PRC - [2010/11/20 18:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
  704.  
  705.  
  706. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  707.  
  708. MOD - [2012/04/17 23:04:54 | 000,053,248 | ---- | M] () -- C:\Program Files\DAP\zlib.dll
  709. MOD - [2011/12/12 01:33:52 | 000,498,760 | ---- | M] () -- C:\Program Files\ManyCam\Bin\cximagecrt.dll
  710. MOD - [2011/12/12 01:33:48 | 000,123,976 | ---- | M] () -- C:\Program Files\ManyCam\Bin\CrashRpt.dll
  711.  
  712.  
  713. [color=#E56717]========== Win32 Services (SafeList) ==========[/color]
  714.  
  715. SRV - [2009/07/13 22:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
  716. SRV - [2009/07/13 22:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
  717.  
  718.  
  719. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  720.  
  721. DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\user\AppData\Local\Temp\catchme.sys -- (catchme)
  722. DRV - [2011/12/19 09:48:24 | 000,227,632 | ---- | M] (Oracle Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\VBoxSF.sys -- (VBoxSF)
  723. DRV - [2011/12/19 09:48:24 | 000,107,312 | ---- | M] (Oracle Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\VBoxGuest.sys -- (VBoxGuest)
  724. DRV - [2011/12/19 09:48:22 | 000,085,808 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxMouse.sys -- (VBoxMouse)
  725. DRV - [2011/12/19 09:48:20 | 000,104,240 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxVideo.sys -- (VBoxVideo)
  726. DRV - [2011/09/29 04:04:22 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
  727. DRV - [2010/11/20 18:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  728. DRV - [2010/11/20 18:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
  729. DRV - [2009/07/13 20:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
  730.  
  731.  
  732. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  733.  
  734.  
  735. [color=#E56717]========== Internet Explorer ==========[/color]
  736.  
  737. IE - HKLM\..\SearchScopes,DefaultScope =
  738.  
  739. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
  740. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
  741. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 12 2E 19 B7 04 1D CD 01  [binary data]
  742. IE - HKCU\..\SearchScopes,DefaultScope =
  743. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  744. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
  745.  
  746. [color=#E56717]========== FireFox ==========[/color]
  747.  
  748. FF - prefs.js..browser.search.defaultengine: "Google"
  749. FF - prefs.js..browser.search.defaultenginename: "Google"
  750. FF - prefs.js..browser.search.defaultthis.engineName: ""
  751. FF - prefs.js..browser.search.defaulturl: ""
  752. FF - prefs.js..browser.search.order.1: ""
  753. FF - prefs.js..browser.search.selectedEngine: ""
  754. FF - prefs.js..network.proxy.type: 2
  755.  
  756.  
  757. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
  758. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\user\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
  759. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\user\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
  760.  
  761. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/17 23:09:12 | 000,000,000 | ---D | M]
  762. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
  763.  
  764. [2012/04/20 14:51:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Extensions
  765. [2012/04/29 15:58:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\extensions
  766. () (No name found) -- C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S3XQ4PCB.DEFAULT\EXTENSIONS\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}.XPI
  767. [2012/01/29 13:34:12 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
  768. [2012/01/29 11:20:59 | 000,001,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\buscape.xml
  769. [2012/01/29 11:20:59 | 000,001,212 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mercadolivre.xml
  770. [2012/01/29 10:55:01 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
  771. [2012/01/29 11:20:59 | 000,001,168 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-br.xml
  772. [2012/01/29 11:20:59 | 000,000,952 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-br.xml
  773.  
  774. [color=#E56717]========== Chrome  ==========[/color]
  775.  
  776. CHR - default_search_provider: Google (Enabled)
  777. CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
  778. CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
  779. CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
  780. CHR - plugin: Native Client (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
  781. CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
  782. CHR - plugin: Shockwave Flash (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
  783. CHR - plugin: registryAccess (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaodnbkkemkkaekocofmphoadofkdh\7.14.1.0_0\background/registryAccess.dll
  784. CHR - plugin: Chrome SVD extension (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcpfkccckpeeghiklnhienllljccglb\2.0.5_0\lib/npdownloaderchrome.dll
  785. CHR - plugin: Chrome DAP extension (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.10_0\lib/npdapchrome.dll
  786. CHR - plugin: Google Update (Enabled) = C:\Users\user\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
  787.  
  788. O1 HOSTS File: ([2012/05/03 22:45:08 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
  789. O1 - Hosts: 127.0.0.1       localhost
  790. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
  791. O2 - BHO: (SBCONVERT Class) - {92A9ACF4-9333-43AE-9698-DB283326F87F} - C:\Program Files\SPEEDbit Video Downloader\Toolbar\tbcore3.dll ()
  792. O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\SPEEDbit Video Downloader\Toolbar\Grabber.dll (SpeedBit)
  793. O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SPEEDbit Video Downloader\Toolbar\tbcore3.dll ()
  794. O3 - HKCU\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SPEEDbit Video Downloader\Toolbar\tbcore3.dll ()
  795. O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
  796. O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
  797. O4 - HKCU..\Run: [DownloadAccelerator] C:\Program Files\DAP\DAP.EXE (SpeedBit Ltd.)
  798. O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
  799. O4 - HKCU..\Run: [ManyCam] C:\Program Files\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
  800. O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
  801. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
  802. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
  803. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
  804. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  805. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
  806. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
  807. O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
  808. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
  809. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
  810. O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
  811. O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
  812. O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
  813. O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
  814. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
  815. O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
  816. O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
  817. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.222.123.101 192.168.0.1
  818. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{22C13D65-2EBE-49EA-BEAE-913F2420F62D}: DhcpNameServer = 200.222.123.101 192.168.0.1
  819. O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  820. O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
  821. O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
  822. O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
  823. O32 - HKLM CDRom: AutoRun - 1
  824. O32 - AutoRun File - [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
  825. O32 - AutoRun File - [2011/08/16 17:00:22 | 000,000,647 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
  826. O32 - AutoRun File - [2011/12/19 10:02:20 | 000,006,966 | R--- | M] () - D:\autorun.sh -- [ CDFS ]
  827. O34 - HKLM BootExecute: (autocheck autochk *)
  828. O35 - HKLM\..comfile [open] -- "%1" %*
  829. O35 - HKLM\..exefile [open] -- "%1" %*
  830. O37 - HKLM\...com [@ = ComFile] -- "%1" %*
  831. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  832.  
  833. NetSvcs: FastUserSwitchingCompatibility -  File not found
  834. NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
  835. NetSvcs: Nla -  File not found
  836. NetSvcs: Ntmssvc -  File not found
  837. NetSvcs: NWCWorkstation -  File not found
  838. NetSvcs: Nwsapagent -  File not found
  839. NetSvcs: SRService -  File not found
  840. NetSvcs: WmdmPmSp -  File not found
  841. NetSvcs: LogonHours -  File not found
  842. NetSvcs: PCAudit -  File not found
  843. NetSvcs: helpsvc -  File not found
  844. NetSvcs: uploadmgr -  File not found
  845.  
  846. CREATERESTOREPOINT
  847. Restore point Set: OTL Restore Point
  848.  
  849. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  850.  
  851. [2012/05/03 23:00:36 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
  852. [2012/05/03 23:00:34 | 000,000,000 | ---D | C] -- C:\Windows\temp
  853. [2012/05/03 22:37:46 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
  854. [2012/05/03 22:37:46 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
  855. [2012/05/03 22:37:46 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
  856. [2012/05/03 22:37:43 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
  857. [2012/05/03 22:37:40 | 000,000,000 | ---D | C] -- C:\Qoobox
  858. [2012/05/03 22:28:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Apple Computer
  859. [2012/05/03 22:28:03 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Apple Computer
  860. [2012/04/29 15:45:19 | 000,000,000 | ---D | C] -- C:\_OTL
  861. [2012/04/23 14:05:47 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\GetRightToGo
  862. [2012/04/23 14:05:47 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Downloads
  863. [2012/04/20 16:32:39 | 000,000,000 | ---D | C] -- C:\Program Files\Social Bookmarking Automation Software Blog Comment Software
  864. [2012/04/20 16:25:31 | 001,140,472 | ---- | C] (Infragistics, Inc.) -- C:\Windows\System32\IGUltraGrid20.ocx
  865. [2012/04/20 16:25:31 | 000,361,256 | ---- | C] (Namtuk.com) -- C:\Windows\System32\MyCommandbutton.ocx
  866. [2012/04/20 16:25:31 | 000,349,968 | ---- | C] (Infragistics, Inc.) -- C:\Windows\System32\IGThreed40.ocx
  867. [2012/04/20 16:25:31 | 000,246,304 | ---- | C] (Namtuk.com) -- C:\Windows\System32\MyFramePanel.ocx
  868. [2012/04/20 16:25:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftwareDepo.com
  869. [2012/04/20 16:25:31 | 000,000,000 | ---D | C] -- C:\Program Files\SoftwareDepo.com
  870. [2012/04/20 16:20:05 | 000,000,000 | ---D | C] -- C:\Config.Msi
  871. [2012/04/20 16:14:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
  872. [2012/04/20 16:14:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
  873. [2012/04/20 16:13:45 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
  874. [2012/04/20 16:13:45 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
  875. [2012/04/20 16:13:45 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
  876. [2012/04/20 16:13:45 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
  877. [2012/04/20 16:13:22 | 000,000,000 | ---D | C] -- C:\Program Files\Java
  878. [2012/04/20 15:36:01 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\WinRAR
  879. [2012/04/20 15:35:51 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
  880. [2012/04/20 15:35:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
  881. [2012/04/20 15:35:46 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
  882. [2012/04/20 15:13:52 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\ElevatedDiagnostics
  883. [2012/04/20 15:07:10 | 000,000,000 | ---D | C] -- C:\temp
  884. [2012/04/20 14:51:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Mozilla
  885. [2012/04/20 14:51:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Mozilla
  886. [2012/04/20 14:31:47 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Samsung
  887. [2012/04/20 14:31:23 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Samsung
  888. [2012/04/20 14:31:11 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\samsung
  889. [2012/04/17 23:20:27 | 000,000,000 | ---D | C] -- C:\1d628acdf504dd45e237e0148547
  890. [2012/04/17 23:19:41 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XP Codec Pack 2.5.1
  891. [2012/04/17 23:19:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XP Codec Pack 2.5.1
  892. [2012/04/17 23:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\XP Codec Pack
  893. [2012/04/17 23:19:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
  894. [2012/04/17 23:19:25 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
  895. [2012/04/17 23:19:02 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
  896. [2012/04/17 23:18:03 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Macromedia
  897. [2012/04/17 23:18:03 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Adobe
  898. [2012/04/17 23:17:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\uTorrent
  899. [2012/04/17 23:16:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
  900. [2012/04/17 23:16:33 | 000,000,000 | ---D | C] -- C:\Program Files\Elaborate Bytes
  901. [2012/04/17 23:15:41 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
  902. [2012/04/17 23:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
  903. [2012/04/17 23:15:07 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
  904. [2012/04/17 23:15:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Apple
  905. [2012/04/17 23:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
  906. [2012/04/17 23:15:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
  907. [2012/04/17 23:14:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxthon
  908. [2012/04/17 23:14:17 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Maxthon3
  909. [2012/04/17 23:14:09 | 000,000,000 | ---D | C] -- C:\Program Files\Maxthon3
  910. [2012/04/17 23:13:39 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\APN
  911. [2012/04/17 23:12:58 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ManyCam
  912. [2012/04/17 23:12:47 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\ManyCam
  913. [2012/04/17 23:12:46 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\ManyCam
  914. [2012/04/17 23:12:42 | 000,000,000 | ---D | C] -- C:\Program Files\ManyCam
  915. [2012/04/17 23:11:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
  916. [2012/04/17 23:11:03 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll
  917. [2012/04/17 23:10:55 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\System32\dgderapi.dll
  918. [2012/04/17 23:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\InstallShield Installation Information
  919. [2012/04/17 23:10:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
  920. [2012/04/17 23:10:29 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
  921. [2012/04/17 23:09:53 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Downloaded Installations
  922. [2012/04/17 23:09:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geany
  923. [2012/04/17 23:09:25 | 000,000,000 | ---D | C] -- C:\Program Files\Geany
  924. [2012/04/17 23:09:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
  925. [2012/04/17 23:08:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPEEDbit Video Downloader
  926. [2012/04/17 23:08:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Speedbit
  927. [2012/04/17 23:08:44 | 000,000,000 | ---D | C] -- C:\Program Files\SPEEDbit Video Downloader
  928. [2012/04/17 23:08:44 | 000,000,000 | ---D | C] -- C:\Program Files\SearchPredict
  929. [2012/04/17 23:08:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink
  930. [2012/04/17 23:08:20 | 000,000,000 | ---D | C] -- C:\ProgramData\DVD Shrink
  931. [2012/04/17 23:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Shrink
  932. [2012/04/17 23:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
  933. [2012/04/17 23:05:08 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedBit
  934. [2012/04/17 23:05:08 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\My DAP Downloads
  935. [2012/04/17 23:05:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Accelerator Plus (DAP)
  936. [2012/04/17 23:05:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeedBit
  937. [2012/04/17 23:05:05 | 000,000,000 | ---D | C] -- C:\Program Files\DAP
  938. [2012/04/17 23:04:54 | 000,172,032 | ---- | C] (Jin Hui    E-mail: jinhui@jcomsoft.com   Web: http://www.jcomsoft.com) -- C:\Windows\System32\AniGIF.ocx
  939. [2012/04/17 23:04:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
  940. [2012/04/17 23:04:38 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
  941. [2012/04/17 23:04:22 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\OpenCandy
  942. [2012/04/17 23:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
  943. [2012/04/17 23:03:34 | 000,000,000 | ---D | C] -- C:\Program Files\DsNET Corp
  944. [2012/04/17 23:02:59 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\My Shared Folder
  945. [2012/04/17 23:02:58 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Ares
  946. [2012/04/17 23:02:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares
  947. [2012/04/17 23:02:55 | 000,000,000 | ---D | C] -- C:\Program Files\Ares
  948. [2012/04/17 23:02:45 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Opera
  949. [2012/04/17 23:02:44 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Opera
  950. [2012/04/17 23:02:40 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
  951. [2012/04/17 23:00:45 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TweetDeck
  952. [2012/04/17 23:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\Twitter
  953. [2012/04/17 23:00:16 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
  954. [2012/04/17 22:54:31 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
  955. [2012/04/17 22:47:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Google
  956. [2012/04/17 22:46:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Apps
  957. [2012/04/17 22:46:48 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Deployment
  958. [2012/04/17 22:41:38 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox Guest Additions
  959. [2012/04/17 22:39:11 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
  960. [2012/04/12 18:03:45 | 000,000,000 | ---D | C] -- C:\Windows\Panther
  961. [2012/04/12 13:31:56 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
  962. [2012/04/12 13:31:56 | 000,000,000 | R--D | C] -- C:\Users\user\Searches
  963. [2012/04/12 13:31:56 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
  964. [2012/04/12 13:31:55 | 000,000,000 | -H-D | C] -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
  965. [2012/04/12 13:31:39 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Identities
  966. [2012/04/12 13:24:55 | 000,000,000 | ---D | C] -- C:\found.000
  967. [2012/04/12 13:18:19 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
  968. [2012/04/12 13:11:38 | 000,000,000 | R--D | C] -- C:\Users\user\Contacts
  969. [2012/04/12 13:11:27 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\VirtualStore
  970. [2012/04/12 13:11:26 | 000,000,000 | --SD | C] -- C:\Users\user\AppData\Roaming\Microsoft
  971. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\Videos
  972. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\Saved Games
  973. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\Pictures
  974. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\Music
  975. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
  976. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\Links
  977. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\Favorites
  978. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\Downloads
  979. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\Documents
  980. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\Desktop
  981. [2012/04/12 13:11:26 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
  982. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\AppData\Local\Temporary Internet Files
  983. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\Templates
  984. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\Start Menu
  985. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\SendTo
  986. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\Recent
  987. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\PrintHood
  988. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\NetHood
  989. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\Documents\My Videos
  990. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\Documents\My Pictures
  991. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\Documents\My Music
  992. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\My Documents
  993. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\Local Settings
  994. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\AppData\Local\History
  995. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\Cookies
  996. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\Application Data
  997. [2012/04/12 13:11:26 | 000,000,000 | -HSD | C] -- C:\Users\user\AppData\Local\Application Data
  998. [2012/04/12 13:11:26 | 000,000,000 | -H-D | C] -- C:\Users\user\AppData
  999. [2012/04/12 13:11:26 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Temp
  1000. [2012/04/12 13:11:26 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Microsoft
  1001. [2012/04/12 13:11:26 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Media Center Programs
  1002. [2012/04/12 13:11:10 | 000,000,000 | ---D | C] -- C:\Recovery
  1003. [2012/04/12 13:05:21 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
  1004. [2012/04/12 13:04:19 | 000,000,000 | -HSD | C] -- C:\System Volume Information
  1005.  
  1006. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  1007.  
  1008. [2012/05/07 12:31:15 | 000,028,320 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  1009. [2012/05/07 12:31:15 | 000,028,320 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  1010. [2012/05/07 12:26:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  1011. [2012/05/07 12:22:41 | 000,014,386 | ---- | M] () -- C:\Users\user\Desktop\Untitled.png
  1012. [2012/05/03 23:01:28 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-502584883-899378009-3667950772-1001UA.job
  1013. [2012/05/03 22:52:17 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-502584883-899378009-3667950772-1001Core.job
  1014. [2012/05/03 22:45:08 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
  1015. [2012/05/03 22:31:46 | 000,088,280 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
  1016. [2012/05/03 22:31:09 | 000,001,388 | ---- | M] () -- C:\Users\user\Desktop\My DAP Downloads.lnk
  1017. [2012/04/25 18:55:35 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
  1018. [2012/04/25 18:55:35 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
  1019. [2012/04/20 16:20:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
  1020. [2012/04/20 16:20:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
  1021. [2012/04/20 16:20:24 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
  1022. [2012/04/20 16:13:24 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
  1023. [2012/04/20 16:13:24 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
  1024. [2012/04/20 16:13:24 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
  1025. [2012/04/20 16:13:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
  1026. [2012/04/17 23:20:10 | 000,000,937 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
  1027. [2012/04/17 23:20:10 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
  1028. [2012/04/17 23:19:44 | 000,001,060 | ---- | M] () -- C:\Users\user\Desktop\Media Player Classic.lnk
  1029. [2012/04/17 23:16:55 | 000,001,208 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
  1030. [2012/04/17 23:15:53 | 000,002,503 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
  1031. [2012/04/17 23:15:53 | 000,002,479 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
  1032. [2012/04/17 23:14:19 | 000,001,048 | ---- | M] () -- C:\Users\user\Desktop\Maxthon 3.lnk
  1033. [2012/04/17 23:12:58 | 000,001,097 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk
  1034. [2012/04/17 23:12:58 | 000,001,073 | ---- | M] () -- C:\Users\user\Desktop\ManyCam.lnk
  1035. [2012/04/17 23:12:23 | 000,001,899 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
  1036. [2012/04/17 23:11:06 | 000,001,923 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
  1037. [2012/04/17 23:09:27 | 000,001,035 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Geany.lnk
  1038. [2012/04/17 23:09:27 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\Geany.lnk
  1039. [2012/04/17 23:09:13 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
  1040. [2012/04/17 23:08:45 | 000,001,991 | ---- | M] () -- C:\Users\user\Desktop\SPEEDbit Video Downloader.lnk
  1041. [2012/04/17 23:08:45 | 000,001,614 | ---- | M] () -- C:\Users\user\Desktop\My Video Downloads .lnk
  1042. [2012/04/17 23:08:20 | 000,000,953 | ---- | M] () -- C:\Users\user\Desktop\DVD Shrink 3.2.lnk
  1043. [2012/04/17 23:07:53 | 000,000,893 | ---- | M] () -- C:\Users\user\Desktop\Download Accelerator Plus (DAP).lnk
  1044. [2012/04/17 23:04:56 | 000,109,216 | ---- | M] () -- C:\Windows\System32\EasyHook64.dll
  1045. [2012/04/17 23:04:56 | 000,084,480 | ---- | M] () -- C:\Windows\System32\EasyHook32.dll
  1046. [2012/04/17 23:04:54 | 000,172,032 | ---- | M] (Jin Hui    E-mail: jinhui@jcomsoft.com   Web: http://www.jcomsoft.com) -- C:\Windows\System32\AniGIF.ocx
  1047. [2012/04/17 23:04:39 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
  1048. [2012/04/17 23:04:22 | 000,002,072 | ---- | M] () -- C:\Users\Public\Desktop\MP3 Downloader.lnk
  1049. [2012/04/17 23:04:22 | 000,002,068 | ---- | M] () -- C:\Users\Public\Desktop\Video Search.lnk
  1050. [2012/04/17 23:04:21 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
  1051. [2012/04/17 23:02:56 | 000,000,909 | ---- | M] () -- C:\Users\Public\Desktop\Ares.lnk
  1052. [2012/04/17 23:02:41 | 000,001,775 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
  1053. [2012/04/17 22:54:32 | 000,002,306 | ---- | M] () -- C:\Users\user\Desktop\Google Chrome.lnk
  1054. [2012/04/17 22:43:49 | 000,001,407 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
  1055. [2012/04/12 13:09:42 | 000,265,944 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
  1056. [2012/04/12 13:07:01 | 000,115,640 | ---- | M] () -- C:\Windows\System32\license.rtf
  1057.  
  1058. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  1059.  
  1060. [2012/05/07 12:22:41 | 000,014,386 | ---- | C] () -- C:\Users\user\Desktop\Untitled.png
  1061. [2012/05/03 22:37:46 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
  1062. [2012/05/03 22:37:46 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
  1063. [2012/05/03 22:37:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
  1064. [2012/05/03 22:37:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
  1065. [2012/05/03 22:37:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
  1066. [2012/05/03 22:31:46 | 000,088,280 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
  1067. [2012/04/23 14:13:42 | 000,001,576 | ---- | C] () -- C:\Users\user\Desktop\Online Business Komplett Paket.LNK
  1068. [2012/04/20 16:32:39 | 000,000,920 | ---- | C] () -- C:\Users\user\Desktop\Social Bookmarking Automation Software Blog Comment Software.LNK
  1069. [2012/04/20 16:20:31 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
  1070. [2012/04/20 16:20:31 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
  1071. [2012/04/20 14:42:40 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
  1072. [2012/04/17 23:19:44 | 000,001,060 | ---- | C] () -- C:\Users\user\Desktop\Media Player Classic.lnk
  1073. [2012/04/17 23:19:42 | 000,421,888 | ---- | C] () -- C:\Windows\System32\ac3filter.acm
  1074. [2012/04/17 23:19:02 | 000,000,937 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
  1075. [2012/04/17 23:19:02 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
  1076. [2012/04/17 23:16:55 | 000,001,208 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
  1077. [2012/04/17 23:15:53 | 000,002,503 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
  1078. [2012/04/17 23:15:53 | 000,002,491 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
  1079. [2012/04/17 23:15:53 | 000,002,479 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
  1080. [2012/04/17 23:15:04 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
  1081. [2012/04/17 23:14:19 | 000,001,048 | ---- | C] () -- C:\Users\user\Desktop\Maxthon 3.lnk
  1082. [2012/04/17 23:12:58 | 000,001,097 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk
  1083. [2012/04/17 23:12:58 | 000,001,073 | ---- | C] () -- C:\Users\user\Desktop\ManyCam.lnk
  1084. [2012/04/17 23:12:23 | 000,001,899 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
  1085. [2012/04/17 23:11:06 | 000,001,923 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
  1086. [2012/04/17 23:09:27 | 000,001,035 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Geany.lnk
  1087. [2012/04/17 23:09:27 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\Geany.lnk
  1088. [2012/04/17 23:09:13 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
  1089. [2012/04/17 23:09:13 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
  1090. [2012/04/17 23:08:45 | 000,001,991 | ---- | C] () -- C:\Users\user\Desktop\SPEEDbit Video Downloader.lnk
  1091. [2012/04/17 23:08:45 | 000,001,614 | ---- | C] () -- C:\Users\user\Desktop\My Video Downloads .lnk
  1092. [2012/04/17 23:08:20 | 000,000,953 | ---- | C] () -- C:\Users\user\Desktop\DVD Shrink 3.2.lnk
  1093. [2012/04/17 23:07:53 | 000,001,388 | ---- | C] () -- C:\Users\user\Desktop\My DAP Downloads.lnk
  1094. [2012/04/17 23:07:53 | 000,000,893 | ---- | C] () -- C:\Users\user\Desktop\Download Accelerator Plus (DAP).lnk
  1095. [2012/04/17 23:05:06 | 000,109,216 | ---- | C] () -- C:\Windows\System32\EasyHook64.dll
  1096. [2012/04/17 23:05:06 | 000,084,480 | ---- | C] () -- C:\Windows\System32\EasyHook32.dll
  1097. [2012/04/17 23:04:39 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
  1098. [2012/04/17 23:04:22 | 000,002,072 | ---- | C] () -- C:\Users\Public\Desktop\MP3 Downloader.lnk
  1099. [2012/04/17 23:04:22 | 000,002,068 | ---- | C] () -- C:\Users\Public\Desktop\Video Search.lnk
  1100. [2012/04/17 23:04:21 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
  1101. [2012/04/17 23:02:56 | 000,000,909 | ---- | C] () -- C:\Users\Public\Desktop\Ares.lnk
  1102. [2012/04/17 23:02:42 | 000,001,787 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
  1103. [2012/04/17 23:02:41 | 000,001,775 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
  1104. [2012/04/17 22:54:32 | 000,002,306 | ---- | C] () -- C:\Users\user\Desktop\Google Chrome.lnk
  1105. [2012/04/17 22:47:20 | 000,001,074 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-502584883-899378009-3667950772-1001UA.job
  1106. [2012/04/17 22:47:20 | 000,001,022 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-502584883-899378009-3667950772-1001Core.job
  1107. [2012/04/17 22:43:49 | 000,001,407 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
  1108. [2012/04/12 13:31:59 | 000,001,413 | ---- | C] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
  1109. [2012/04/12 13:11:26 | 000,000,290 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
  1110. [2012/04/12 13:11:26 | 000,000,272 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
  1111. [2012/04/12 13:06:54 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
  1112. [2012/04/12 13:06:48 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
  1113. [2012/01/31 18:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
  1114. [2012/01/31 18:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
  1115. [2012/01/31 18:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
  1116. [2012/01/31 18:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
  1117. [2012/01/31 18:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
  1118.  
  1119. [color=#E56717]========== LOP Check ==========[/color]
  1120.  
  1121. [2012/04/23 14:06:26 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GetRightToGo
  1122. [2012/04/20 14:30:48 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ManyCam
  1123. [2012/04/17 23:14:26 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Maxthon3
  1124. [2012/04/17 23:04:33 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\OpenCandy
  1125. [2012/04/17 23:02:44 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Opera
  1126. [2012/04/20 14:31:23 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Samsung
  1127. [2012/05/07 12:31:26 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\uTorrent
  1128. [2009/07/14 01:53:46 | 000,009,320 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
  1129.  
  1130. [color=#E56717]========== Purity Check ==========[/color]
  1131.  
  1132.  
  1133.  
  1134. [color=#E56717]========== Custom Scans ==========[/color]
  1135.  
  1136. [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
  1137. [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
  1138. [2012/05/03 23:00:32 | 000,015,088 | ---- | M] () -- C:\ComboFix.txt
  1139. [2009/06/10 18:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
  1140. [2012/04/20 16:20:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
  1141. [2012/04/20 16:20:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
  1142. [2012/05/07 12:26:06 | 1073,741,824 | -HS- | M] () -- C:\pagefile.sys
  1143. [2012/04/29 15:57:38 | 000,000,361 | ---- | M] () -- C:\rkill.log
  1144. [2012/05/03 22:32:35 | 000,003,544 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_03.05.2012_22.32.24_log.txt
  1145. [2012/05/03 22:35:54 | 000,111,990 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_03.05.2012_22.32.48_log.txt
  1146. [2012/05/07 12:17:26 | 000,112,344 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_07.05.2012_12.11.57_log.txt
  1147.  
  1148. [color=#A23BEC]< %systemdrive%\drivers\*.exe >[/color]
  1149.  
  1150. [color=#A23BEC]< %systemroot%\system32\drivers\*.* /90 >[/color]
  1151. [2012/02/17 01:14:08 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\rdpwd.sys
  1152. [2012/02/17 01:13:22 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\tdtcp.sys
  1153.  
  1154. [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
  1155. [2009/07/14 01:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
  1156.  
  1157. [color=#A23BEC]< %LOCALAPPDATA%\*.exe >[/color]
  1158.  
  1159. [color=#A23BEC]< %LOCALAPPDATA%\*.txt >[/color]
  1160.  
  1161. [color=#A23BEC]< %LOCALAPPDATA%\*.ini >[/color]
  1162.  
  1163. [color=#A23BEC]< %LOCALAPPDATA%\*.dll >[/color]
  1164.  
  1165. [color=#A23BEC]< %LOCALAPPDATA%\*.dat >[/color]
  1166. [2012/04/17 22:46:51 | 000,057,560 | ---- | M] () -- C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
  1167.  
  1168. [color=#A23BEC]< %USERPROFILE%\*.exe >[/color]
  1169.  
  1170. [color=#A23BEC]< %USERPROFILE%\*.txt >[/color]
  1171.  
  1172. [color=#A23BEC]< %USERPROFILE%\*.ini >[/color]
  1173. [2012/04/12 13:11:26 | 000,000,020 | -HS- | M] () -- C:\Users\user\ntuser.ini
  1174.  
  1175. [color=#A23BEC]< %USERPROFILE%\*.dll >[/color]
  1176.  
  1177. [color=#A23BEC]< %USERPROFILE%\*.dat /30 >[/color]
  1178. [2012/05/07 12:32:42 | 002,621,440 | -HS- | M] () -- C:\Users\user\NTUSER.DAT
  1179.  
  1180. [color=#A23BEC]< %appdata%\*.* >[/color]
  1181.  
  1182. [color=#A23BEC]< %systemroot%\system32\tasks\*.* >[/color]
  1183. [2012/04/17 22:47:20 | 000,003,650 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-502584883-899378009-3667950772-1001Core
  1184. [2012/04/17 22:47:20 | 000,004,046 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-502584883-899378009-3667950772-1001UA
  1185.  
  1186. [color=#A23BEC]< %windir%\tasks\*.* >[/color]
  1187. [2012/05/03 22:52:17 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-502584883-899378009-3667950772-1001Core.job
  1188. [2012/05/03 23:01:28 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-502584883-899378009-3667950772-1001UA.job
  1189. [2012/05/07 12:26:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
  1190. [2009/07/14 01:53:46 | 000,009,320 | ---- | M] () -- C:\Windows\tasks\SCHEDLGU.TXT
  1191.  
  1192. [color=#A23BEC]< C:\Users\user\AppData\Roaming\*.* /10 /s >[/color]
  1193. [2012/05/03 22:32:27 | 000,002,390 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Preferences\com.apple.Safari.plist
  1194. [2012/05/03 22:28:19 | 000,005,472 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Safari\Bookmarks.plist
  1195. [2012/05/03 22:28:28 | 000,019,555 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Safari\Configurations.plist.signed
  1196. [2012/05/03 22:32:19 | 000,000,449 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Safari\History.plist
  1197. [2012/05/03 22:32:37 | 000,001,118 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Safari\LastSession.plist
  1198. [2012/05/03 22:28:41 | 000,000,822 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Safari\TopSites.plist
  1199. [2012/05/03 22:32:37 | 000,001,406 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Safari\Cookies\Cookies.binarycookies
  1200. [2012/05/03 22:30:10 | 000,001,023 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Safari\PubSub\Clients.plist
  1201. [2012/05/03 22:31:43 | 000,123,904 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Safari\PubSub\Database\Database.sqlite3
  1202. [2012/05/03 22:31:40 | 000,050,091 | ---- | M] () -- C:\Users\user\AppData\Roaming\Apple Computer\Safari\PubSub\Feeds\98faf8d5aa51181d8bc7cd3a329798a89e67d2b2.xml
  1203. [2012/05/07 12:17:17 | 000,000,037 | ---- | M] () -- C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LQ9PD5YC\mail.google.com\wakeup.sol
  1204. [2012/05/07 12:18:15 | 000,000,068 | ---- | M] () -- C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LQ9PD5YC\static.anonymousdmp.com\pus.sol
  1205. [2012/05/07 12:18:15 | 000,000,403 | ---- | M] () -- C:\Users\user\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol
  1206. [2012/05/07 12:17:17 | 000,000,085 | ---- | M] () -- C:\Users\user\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#mail.google.com\settings.sol
  1207. [2012/05/07 12:18:15 | 000,000,093 | ---- | M] () -- C:\Users\user\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.anonymousdmp.com\settings.sol
  1208. [2012/05/07 12:25:38 | 000,182,059 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Avatars\Bear Mask.mce
  1209. [2012/05/07 12:25:38 | 000,116,641 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Avatars\Cow Mask.mce
  1210. [2012/05/07 12:25:38 | 000,165,606 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Avatars\Frog Mask.mce
  1211. [2012/05/07 12:25:38 | 000,140,218 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Avatars\Rabbit Mask.mce
  1212. [2012/05/07 12:25:38 | 000,182,457 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Avatars\Santa Mask.mce
  1213. [2012/05/07 12:25:38 | 000,165,891 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Flags\Canadian Flag.mce
  1214. [2012/05/07 12:25:38 | 000,139,185 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Flags\French Flag.mce
  1215. [2012/05/07 12:25:38 | 000,138,619 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Flags\German Flag.mce
  1216. [2012/05/07 12:25:38 | 000,152,862 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Flags\Italian Flag.mce
  1217. [2012/05/07 12:25:38 | 000,302,579 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Flags\UK Flag.mce
  1218. [2012/05/07 12:25:38 | 000,280,846 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Flags\USA Flag.mce
  1219. [2012/05/07 12:25:38 | 000,083,659 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Fun\Ballon.mce
  1220. [2012/05/07 12:25:38 | 000,738,913 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Fun\Be Right Back.mce
  1221. [2012/05/07 12:25:38 | 000,084,325 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Fun\Frog.mce
  1222. [2012/05/07 12:25:38 | 000,026,872 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Fun\Gun.mce
  1223. [2012/05/07 12:25:38 | 000,138,793 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Fun\Hearts.mce
  1224. [2012/05/07 12:25:38 | 000,096,690 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Fun\Sun.mce
  1225. [2012/05/07 12:25:38 | 000,072,412 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Holidays\Bell.mce
  1226. [2012/05/07 12:25:38 | 000,181,553 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Holidays\Candle.mce
  1227. [2012/05/07 12:25:38 | 000,113,940 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Holidays\Candy Cane.mce
  1228. [2012/05/07 12:25:38 | 000,155,707 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Holidays\Christmas Tree.mce
  1229. [2012/05/07 12:25:38 | 000,097,213 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Effects\Objects\Holidays\Snow Man.mce
  1230. [2012/05/07 12:25:38 | 000,001,907 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Settings\Profile.xml
  1231. [2012/05/07 12:25:38 | 000,000,202 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Settings\Layer0\Playlist.pst
  1232. [2012/05/07 12:25:38 | 000,000,202 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Settings\Layer0\PlaylistImages.pst
  1233. [2012/05/07 12:25:38 | 000,000,202 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Settings\Layer0\PlaylistMovies.pst
  1234. [2012/05/07 12:25:38 | 000,000,202 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Settings\Layer0\PlaylistSnapshots.pst
  1235. [2012/05/07 12:25:38 | 000,000,850 | ---- | M] () -- C:\Users\user\AppData\Roaming\ManyCam\Settings\Layer0\Profile.xml
  1236. [2012/04/29 15:27:19 | 000,001,483 | --S- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-502584883-899378009-3667950772-1001\354d1e6dd896821481eceb6b6d98e358_147c45ed-c645-4a42-a6f1-692c606382e3
  1237. [2012/05/02 16:40:49 | 000,001,483 | --S- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-502584883-899378009-3667950772-1001\3c9fe8b3ea6152be71a4622b06bc9994_147c45ed-c645-4a42-a6f1-692c606382e3
  1238. [2012/05/03 22:27:17 | 000,001,483 | --S- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-502584883-899378009-3667950772-1001\607f8bd8106e111b63b6aec6c55b27b6_147c45ed-c645-4a42-a6f1-692c606382e3
  1239. [2012/05/07 12:26:26 | 000,001,483 | --S- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-502584883-899378009-3667950772-1001\6affdd226ed39a5fa79c3e10cbc8bea5_147c45ed-c645-4a42-a6f1-692c606382e3
  1240. [2012/05/07 12:10:33 | 000,001,483 | --S- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-502584883-899378009-3667950772-1001\aa171eaf484a69d982d3688e6a5ad587_147c45ed-c645-4a42-a6f1-692c606382e3
  1241. [2012/05/02 15:20:03 | 000,001,483 | --S- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-502584883-899378009-3667950772-1001\b7d3d6213566f49e3aa12073fd6622ea_147c45ed-c645-4a42-a6f1-692c606382e3
  1242. [2012/05/02 21:45:42 | 000,001,483 | --S- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-502584883-899378009-3667950772-1001\cdc240ef9e6a171148ab9eb6cb634a5a_147c45ed-c645-4a42-a6f1-692c606382e3
  1243. [2012/04/29 15:52:18 | 000,001,483 | --S- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-502584883-899378009-3667950772-1001\e4405e8fa71ed0bdba16a296444c26dc_147c45ed-c645-4a42-a6f1-692c606382e3
  1244. [2012/05/07 12:02:41 | 000,001,483 | --S- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-502584883-899378009-3667950772-1001\f7d6794d1ba34a5f731c9b258e0cc114_147c45ed-c645-4a42-a6f1-692c606382e3
  1245. [2012/05/07 12:32:39 | 000,032,768 | -HS- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
  1246. [2012/05/07 12:11:22 | 000,000,704 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@ad.yieldmanager[2].txt
  1247. [2012/04/29 15:28:22 | 000,000,100 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@adnetwork[1].txt
  1248. [2012/05/02 21:48:44 | 000,000,404 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@adnxs[1].txt
  1249. [2012/04/29 15:27:52 | 000,000,897 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@ask[2].txt
  1250. [2012/05/02 21:48:43 | 000,000,192 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@atdmt[1].txt
  1251. [2012/05/02 21:48:40 | 000,000,649 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@br.msn[2].txt
  1252. [2012/04/29 15:32:59 | 000,000,419 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@brothersoftextreme.ourtoolbar[2].txt
  1253. [2012/05/02 21:48:31 | 000,000,210 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@c.atdmt[2].txt
  1254. [2012/05/02 21:48:36 | 000,000,071 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@c.br.msn[1].txt
  1255. [2012/05/02 21:48:33 | 000,000,101 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@doubleclick[1].txt
  1256. [2012/05/07 12:11:16 | 000,000,365 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@fileratings[1].txt
  1257. [2012/05/02 21:48:42 | 000,000,113 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@ia.nspmotion[1].txt
  1258. [2012/05/02 21:48:37 | 000,000,696 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@mfa.unilever.predicta[2].txt
  1259. [2012/05/02 21:48:36 | 000,000,388 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@msn[2].txt
  1260. [2012/05/02 21:48:42 | 000,000,109 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@nspmotion[2].txt
  1261. [2012/05/02 15:20:53 | 000,000,297 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@pixer.meaningtool[2].txt
  1262. [2012/05/02 21:48:37 | 000,000,110 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@predicta[1].txt
  1263. [2012/04/29 15:32:14 | 000,000,365 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@printitgreen[3].txt
  1264. [2012/04/29 15:28:23 | 000,000,099 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@quantserve[1].txt
  1265. [2012/05/02 21:48:29 | 000,000,206 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@scorecardresearch[2].txt
  1266. [2012/04/29 15:31:24 | 000,000,164 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@search.conduit[2].txt
  1267. [2012/05/02 21:48:37 | 000,000,202 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@unilever.predicta[1].txt
  1268. [2012/04/29 15:28:20 | 000,000,089 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@yahoo[1].txt
  1269. [2012/04/29 15:32:52 | 000,032,768 | -HS- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Low\index.dat
  1270. [2012/05/07 12:18:53 | 000,262,144 | -HS- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
  1271. [2012/05/02 21:48:17 | 000,065,536 | -HS- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\PrivacIE\index.dat
  1272. [2012/05/03 22:31:10 | 000,000,429 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\Downloads.lnk
  1273. [2012/05/07 12:15:41 | 000,000,357 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\Local Disk (C).lnk
  1274. [2012/05/03 22:34:27 | 000,000,676 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\TDSSKiller.2.7.34.0_03.05.2012_22.32.24_log.txt.lnk
  1275. [2012/05/07 12:13:59 | 000,000,676 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\TDSSKiller.2.7.34.0_03.05.2012_22.32.48_log.txt.lnk
  1276. [2012/05/07 12:15:41 | 000,000,676 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\TDSSKiller.2.7.34.0_07.05.2012_12.11.57_log.txt.lnk
  1277. [2012/05/03 22:31:09 | 000,000,482 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\tdsskiller.zip.lnk
  1278. [2012/05/07 12:22:41 | 000,000,456 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\Untitled.png.lnk
  1279. [2012/05/07 12:22:41 | 000,010,240 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\1b4dd67f29cb1962.automaticDestinations-ms
  1280. [2012/05/07 12:14:39 | 000,008,704 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\7e4dca80246863e3.automaticDestinations-ms
  1281. [2012/05/07 12:15:41 | 000,007,680 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\918e0ecb43d17e23.automaticDestinations-ms
  1282. [2012/05/07 12:22:41 | 000,003,072 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\b3f13480c2785ae.automaticDestinations-ms
  1283. [2012/05/03 22:31:14 | 000,017,120 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\16ec093b8f51508f.customDestinations-ms
  1284. [2012/04/29 15:35:22 | 000,006,648 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\28c8b86deab549a1.customDestinations-ms
  1285. [2012/05/07 12:27:26 | 000,013,492 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
  1286. [2012/04/29 16:10:04 | 000,018,812 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
  1287. [2012/04/29 15:35:58 | 000,008,336 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ed7a5cc3cca8d52a.customDestinations-ms
  1288. [2012/04/29 15:58:02 | 000,425,984 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\addons.sqlite
  1289. [2012/04/29 15:58:02 | 000,131,616 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\addons.sqlite-journal
  1290. [2012/04/29 16:00:03 | 000,013,339 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\blocklist.xml
  1291. [2012/05/03 22:35:45 | 000,065,536 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\cert8.db
  1292. [2012/05/03 22:35:29 | 000,098,304 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\chromeappsstore.sqlite
  1293. [2012/05/03 22:35:16 | 000,000,186 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\compatibility.ini
  1294. [2012/05/03 22:35:45 | 000,524,288 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\cookies.sqlite
  1295. [2012/04/29 15:56:10 | 000,065,536 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\downloads.sqlite
  1296. [2012/05/02 21:46:52 | 000,000,170 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\extensions.ini
  1297. [2012/05/02 21:46:52 | 000,393,216 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\extensions.sqlite
  1298. [2012/05/03 22:35:45 | 000,016,384 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\key3.db
  1299. [2012/05/03 22:35:45 | 000,001,885 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\localstore.rdf
  1300. [2012/05/02 21:48:26 | 010,485,760 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\places.sqlite
  1301. [2012/05/03 22:47:26 | 000,878,949 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\prefs.js
  1302. [2012/05/03 22:47:26 | 000,878,955 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\prefs.js.BAK
  1303. [2012/04/29 15:53:54 | 000,008,550 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\search.json
  1304. [2012/04/29 15:53:54 | 000,065,536 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\search.sqlite
  1305. [2012/05/02 21:48:26 | 000,000,883 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\sessionstore.bak
  1306. [2012/05/03 22:35:45 | 000,000,784 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\sessionstore.js
  1307. [2012/05/03 22:35:20 | 000,000,154 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\urlclassifierkey3.txt
  1308. [2012/05/03 22:47:26 | 000,000,326 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\user.js
  1309. [2012/05/03 22:47:26 | 000,000,328 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\user.js.BAK
  1310. [2012/05/02 21:48:26 | 000,003,199 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\bookmarkbackups\bookmarks-2012-05-02.json
  1311. [2012/05/03 22:35:45 | 000,003,199 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s3xq4pcb.default\bookmarkbackups\bookmarks-2012-05-03.json
  1312. [2012/05/03 22:28:08 | 000,001,440 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\autoupdate_response.xml
  1313. [2012/05/03 22:31:16 | 000,000,862 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\cookies4.dat
  1314. [2012/05/03 22:31:16 | 000,000,437 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\download.dat
  1315. [2012/05/03 22:31:14 | 000,002,009 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\global_history.dat
  1316. [2012/05/03 22:31:16 | 000,026,258 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\opcacrt6.dat
  1317. [2012/05/03 22:31:14 | 000,001,709 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\operaprefs.ini
  1318. [2012/05/03 22:31:16 | 000,009,042 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\opicacrt6.dat
  1319. [2012/05/03 22:31:16 | 000,004,096 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\oprand.dat
  1320. [2012/05/03 22:31:16 | 000,011,635 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\opssl6.dat
  1321. [2012/05/03 22:31:16 | 000,000,012 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\optrust.dat
  1322. [2012/05/03 22:31:16 | 000,000,012 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\opuntrust.dat
  1323. [2012/05/03 22:27:49 | 000,000,431 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\tasks.xml
  1324. [2012/05/03 22:31:14 | 000,000,291 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\tips.ini
  1325. [2012/05/03 22:31:14 | 000,000,473 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\typed_history.xml
  1326. [2012/05/03 22:31:16 | 000,000,012 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\vlink4.dat
  1327. [2012/05/03 22:31:14 | 000,001,559 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\sessions\autosave.win
  1328. [2012/05/03 22:31:14 | 000,001,559 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\sessions\autosave.win.bak
  1329. [2012/05/03 22:31:14 | 000,000,035 | ---- | M] () -- C:\Users\user\AppData\Roaming\Opera\Opera\webserver\users.xml
  1330. [2012/05/07 12:25:38 | 000,004,456 | ---- | M] () -- C:\Users\user\AppData\Roaming\uTorrent\dht.dat
  1331. [2012/05/07 12:31:26 | 000,000,002 | ---- | M] () -- C:\Users\user\AppData\Roaming\uTorrent\dht_feed.dat
  1332. [2012/05/07 12:25:38 | 000,000,002 | ---- | M] () -- C:\Users\user\AppData\Roaming\uTorrent\dht_feed.dat.old
  1333. [2012/05/07 12:25:38 | 000,000,099 | ---- | M] () -- C:\Users\user\AppData\Roaming\uTorrent\resume.dat
  1334. [2012/05/07 12:20:52 | 000,000,099 | ---- | M] () -- C:\Users\user\AppData\Roaming\uTorrent\resume.dat.old
  1335. [2012/05/07 12:26:27 | 000,010,658 | ---- | M] () -- C:\Users\user\AppData\Roaming\uTorrent\settings.dat
  1336. [2012/05/07 12:26:26 | 000,010,658 | ---- | M] () -- C:\Users\user\AppData\Roaming\uTorrent\settings.dat.old
  1337. [2012/05/07 12:26:29 | 000,039,755 | ---- | M] () -- C:\Users\user\AppData\Roaming\uTorrent\dlimagecache\32F529521A3DEC709F97F761F192AABF29BDC408
  1338.  
  1339. [color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >[/color]
  1340. "DefaultConnectionSettings" = [Binary data over 100 bytes]
  1341. "SavedLegacySettings" = [Binary data over 100 bytes]
  1342.  
  1343. [color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations >[/color]
  1344.  
  1345. [color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments >[/color]
  1346.  
  1347. [color=#E56717]========== Alternate Data Streams ==========[/color]
  1348.  
  1349. @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:553CA6CA
  1350.  
  1351. < End of report >
create a new version of this paste RAW Paste Data