GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-07-21 14:42:49 Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST9320325AS rev.0010LVM1 Running: rekpo1gm.exe; Driver: C:\Users\VOLDEM~1\AppData\Local\Temp\ugtdiuog.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwCreateThread [0x8FE6E7F0] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwLoadDriver [0x8FE6E8B0] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetSystemInformation [0x8FE6E870] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSystemDebugControl [0x8FE6E830] ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82E625D9 1 Byte [06] .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82E87092 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} .text ntkrnlpa.exe!RtlSidHashLookup + 37C 82E8E9BC 4 Bytes [F0, E7, E6, 8F] .text ntkrnlpa.exe!RtlSidHashLookup + 48C 82E8EACC 4 Bytes CALL EE057AB7 .text ntkrnlpa.exe!RtlSidHashLookup + 798 82E8EDD8 4 Bytes CALL 865E7DC3 .text ntkrnlpa.exe!RtlSidHashLookup + 7E0 82E8EE20 4 Bytes CALL 9B677E0B PAGE spsys.sys!?SPRevision@@3PADA + 4F90 9E740000 290 Bytes [8B, FF, 55, 8B, EC, 33, C0, ...] PAGE spsys.sys!?SPRevision@@3PADA + 50B3 9E740123 629 Bytes [B5, 73, 9E, FE, 05, 34, B5, ...] PAGE spsys.sys!?SPRevision@@3PADA + 5329 9E740399 101 Bytes [6A, 28, 59, A5, 5E, C6, 03, ...] PAGE spsys.sys!?SPRevision@@3PADA + 538F 9E7403FF 148 Bytes [18, 5D, C2, 14, 00, 8B, FF, ...] PAGE spsys.sys!?SPRevision@@3PADA + 543B 9E7404AB 2228 Bytes [8B, FF, 55, 8B, EC, FF, 75, ...] PAGE ... ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[1668] kernel32.dll!SetUnhandledExceptionFilter 764B30E2 4 Bytes [C2, 04, 00, 00] ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2932] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75B35E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2932] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75B35E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2932] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75B35E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2932] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75B35E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2932] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [75B35E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2932] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [75B35E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume7 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) Device \Driver\ACPI_HAL \Device\0000004f halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076e0db33 Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076e0db33 (not active ControlSet) ---- Files - GMER 1.0.15 ---- File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\0\84 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\0\84\FE84Bd01 17215 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\0\92 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\0\92\F4B1Fd01 25511 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\0\9D 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\0\9D\A22E7d01 97618 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\0\9E 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\0\9E\A8CD1d01 29635 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\0\B8 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\0\B8\A25D0d01 43133 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\1\03 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\1\03\454CCd01 36021 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\1\0F 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\1\0F\F0B1Ad01 47863 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\1\20 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\1\20\E1393d01 21308 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\1\65 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\1\65\F4F22d01 28601 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\1\74 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\1\74\85E9Fd01 26027 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\1\79 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\1\79\1ED13d01 24861 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\1\A9 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\1\A9\CBB10d01 31232 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\1\AF 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\1\AF\BE031d01 51356 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\2\5E 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\2\5E\CFFFBd01 19556 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\2\60 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\2\60\BA95Dd01 24863 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\2\64 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\2\64\F4726d01 31232 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\2\6B 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\2\6B\DAC39d01 76588 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\2\95 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\2\95\0B888d01 20567 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\2\B0 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\2\B0\A53CCd01 18947 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\2\D3 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\2\D3\D216Bd01 76863 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\2\DC 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\2\DC\3BAC8d01 24002 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\2\FE 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\2\FE\A3EF1d01 24086 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\1F 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\1F\CD72Cd01 40287 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\45 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\45\65554d01 127429 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\70 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\70\77B92d01 320805 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\7E 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\7E\B738Fd01 22722 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\82 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\82\D0663d01 24864 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\8F 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\8F\18E82d01 53210 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\B0 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\B0\ED5FAd01 22168 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\B2 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\B2\760F3d01 26252 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\D0 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\D0\648D7d01 24858 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\E3 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\3\E3\AECC1d01 24865 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\36 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\36\39295d01 29561 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\6B 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\6B\6A022d01 19610 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\76 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\76\E02D0d01 26961 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\85 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\85\6EEC6d01 98251 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\9F 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\9F\EC044d01 33972 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\AE 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\AE\4EDA5d01 53572 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\BF 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\BF\44C75d01 25872 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\C7 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\C7\134A6d01 22063 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\D8 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\D8\ED524d01 24863 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\E9 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\4\E9\6E215d01 28693 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\5\0F 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\5\0F\EF0A4d01 18193 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\5\3A 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\5\3A\872B2d01 57635 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\5\76 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\5\76\818F7d01 16633 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\5\E3 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\5\E3\5899Fd01 40560 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\02 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\02\8A468d01 24864 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\03 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\03\38443d01 27106 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\24 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\24\694E4d01 24077 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\62 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\62\2405Ad01 24052 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\6B 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\6B\F836Ed01 21308 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\6D 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\6D\2F652d01 30326 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\AE 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\AE\B16C3d01 30684 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\B8 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\B8\C7D4Dd01 21445 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\C1 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\C1\15784d01 18287 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\C5 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\C5\33668d01 16931 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\C8 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\C8\1DE29d01 24865 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\D3 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\E5 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\6\EB 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\8\07 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\8\15 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\8\26 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\8\34 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\8\63 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\8\75 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\8\78 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\8\C0 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\8\C3 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\8\CE 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\8\F0 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\8\FF 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\D\00 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\D\0C 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\D\13 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\D\21 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\D\54 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\D\62 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\D\A7 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\D\B2 0 bytes File C:\Users\voldemort\AppData\Local\Mozilla\Firefox\Profiles\uc43nzga.default\Cache\D\DA 0 bytes ---- EOF - GMER 1.0.15 ----