OTL logfile created on: 18/11/2013 17:12:58 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Robus\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1.96 Gb Total Physical Memory | 0.46 Gb Available Physical Memory | 23.26% Memory free 4.15 Gb Paging File | 1.81 Gb Available in Paging File | 43.51% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 109.88 Gb Total Space | 42.58 Gb Free Space | 38.75% Space Free | Partition Type: NTFS Drive D: | 3.68 Gb Total Space | 2.58 Gb Free Space | 70.21% Space Free | Partition Type: FAT32 Drive F: | 110.00 Gb Total Space | 27.75 Gb Free Space | 25.23% Space Free | Partition Type: NTFS Computer Name: ROBUS-PC | User Name: Robus | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/11/18 17:11:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Robus\Downloads\OTL.exe PRC - [2013/11/15 17:41:20 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013/11/14 17:57:22 | 000,143,488 | ---- | M] () -- c:\Program Files\Optimizer Pro\OptProCrash.exe PRC - [2013/11/07 09:05:47 | 000,044,784 | ---- | M] (MindSpark) -- C:\Program Files\PackageTracer_69\bar\1.bin\69SrchMn.exe PRC - [2013/11/07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe PRC - [2013/11/07 09:05:47 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files\PackageTracer_69\bar\1.bin\69brmon.exe PRC - [2013/10/29 08:24:24 | 002,886,464 | ---- | M] (Iminent) -- C:\Program Files\Common Files\Umbrella\Umbrella.exe PRC - [2013/10/28 19:22:50 | 001,177,080 | ---- | M] (PC Utilities Pro) -- C:\Program Files\Optimizer Pro\OptProReminder.exe PRC - [2013/10/25 23:45:12 | 002,445,816 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe PRC - [2013/10/25 23:07:48 | 000,073,832 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe PRC - [2013/10/23 20:06:28 | 000,313,208 | ---- | M] (Updater) -- C:\ProgramData\Updater\updater.exe PRC - [2013/10/23 20:06:28 | 000,251,768 | ---- | M] (WatchDog) -- C:\ProgramData\RHelpers\IeHelper\IeHelper.exe PRC - [2013/10/23 20:06:28 | 000,251,768 | ---- | M] (WatchDog) -- C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe PRC - [2013/10/23 20:06:28 | 000,251,768 | ---- | M] (WatchDog) -- C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe PRC - [2013/10/20 08:00:19 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe PRC - [2013/10/15 05:38:52 | 000,050,704 | ---- | M] (Check Point Software Technologies, Ltd.) -- C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe PRC - [2013/10/06 15:41:00 | 000,021,536 | ---- | M] (Smartbar) -- C:\Users\Robus\AppData\Local\Smartbar\Application\SnapDo.exe PRC - [2013/09/25 16:37:00 | 020,133,824 | ---- | M] (Google) -- C:\Program Files\Google\Drive\googledrivesync.exe PRC - [2013/07/10 19:28:16 | 000,109,064 | ---- | M] (Wajam) -- C:\Program Files\Wajam\Updater\WajamUpdater.exe PRC - [2013/05/11 10:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013/04/19 15:35:36 | 002,833,120 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe PRC - [2012/08/07 13:12:07 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Robus\AppData\Local\Facebook\Update\FacebookUpdate.exe PRC - [2011/12/10 11:07:30 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe PRC - [2011/05/03 18:46:18 | 000,047,424 | ---- | M] (The Nielsen Company) -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe PRC - [2008/01/21 02:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013/11/15 17:41:18 | 003,363,952 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2013/11/14 20:31:18 | 000,128,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_elementtree.pyd MOD - [2013/11/14 20:31:18 | 000,098,816 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32api.pyd MOD - [2013/11/14 20:31:18 | 000,044,032 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_socket.pyd MOD - [2013/11/14 20:31:18 | 000,022,528 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32ts.pyd MOD - [2013/11/14 20:31:17 | 000,557,056 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pysqlite2._sqlite.pyd MOD - [2013/11/14 20:31:17 | 000,320,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32com.shell.shell.pyd MOD - [2013/11/14 20:31:17 | 000,026,624 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_multiprocessing.pyd MOD - [2013/11/14 20:31:16 | 000,070,656 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._html2.pyd MOD - [2013/11/14 20:31:16 | 000,011,264 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32crypt.pyd MOD - [2013/11/14 20:31:15 | 000,805,888 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._gdi_.pyd MOD - [2013/11/14 20:31:15 | 000,504,832 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\windows._cacheinvalidation.pyd MOD - [2013/11/14 20:31:14 | 000,087,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_ctypes.pyd MOD - [2013/11/14 20:31:14 | 000,017,408 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32profile.pyd MOD - [2013/11/14 20:31:13 | 000,364,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pythoncom27.dll MOD - [2013/11/14 20:31:12 | 000,735,232 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._misc_.pyd MOD - [2013/11/14 20:31:09 | 000,110,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pywintypes27.dll MOD - [2013/11/14 20:31:08 | 001,175,040 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._core_.pyd MOD - [2013/11/14 20:31:08 | 000,108,544 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32security.pyd MOD - [2013/11/14 20:31:06 | 001,153,024 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_ssl.pyd MOD - [2013/11/14 20:31:04 | 000,035,840 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32process.pyd MOD - [2013/11/14 20:31:04 | 000,025,600 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32pdh.pyd MOD - [2013/11/14 20:31:03 | 000,711,680 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\_hashlib.pyd MOD - [2013/11/14 20:31:02 | 000,811,008 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._windows_.pyd MOD - [2013/11/14 20:31:01 | 000,122,368 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._wizard.pyd MOD - [2013/11/14 20:31:01 | 000,119,808 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32file.pyd MOD - [2013/11/14 20:30:59 | 000,038,912 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32inet.pyd MOD - [2013/11/14 20:30:32 | 001,062,400 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\wx._controls_.pyd MOD - [2013/11/14 20:30:29 | 000,018,432 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\win32event.pyd MOD - [2013/11/14 20:30:27 | 000,686,080 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\unicodedata.pyd MOD - [2013/11/14 20:30:27 | 000,127,488 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\pyexpat.pyd MOD - [2013/11/14 20:30:26 | 000,010,240 | ---- | M] () -- C:\Users\Robus\AppData\Local\Temp\_MEI37962\select.pyd MOD - [2013/11/14 17:54:26 | 000,146,464 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll MOD - [2013/10/20 08:49:48 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f453ecc6bb7fc8d52d61247676944623\System.Configuration.ni.dll MOD - [2013/10/20 08:48:06 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll MOD - [2013/10/20 08:00:16 | 016,233,864 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_117.dll MOD - [2013/10/06 15:41:26 | 000,030,240 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\srut.dll MOD - [2013/10/06 15:41:24 | 000,020,512 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\srsbs.dll MOD - [2013/10/06 15:41:22 | 000,246,304 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\srns.dll MOD - [2013/10/06 15:41:22 | 000,014,880 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\srpdm.dll MOD - [2013/10/06 15:41:18 | 000,055,840 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\srau.dll MOD - [2013/10/06 15:41:16 | 000,055,840 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\spbl.dll MOD - [2013/10/06 15:41:16 | 000,049,184 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\sppsm.dll MOD - [2013/10/06 15:41:12 | 000,053,280 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll MOD - [2013/10/06 15:41:12 | 000,025,632 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll MOD - [2013/10/06 15:41:10 | 000,112,672 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll MOD - [2013/10/06 15:41:10 | 000,017,440 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll MOD - [2013/10/06 15:41:08 | 000,150,560 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll MOD - [2013/10/06 15:41:06 | 000,057,888 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll MOD - [2013/10/06 15:41:04 | 001,808,416 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll MOD - [2013/10/06 15:41:04 | 000,034,848 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll MOD - [2013/10/06 15:41:04 | 000,014,368 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll MOD - [2013/10/06 15:41:02 | 000,726,048 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll MOD - [2013/10/06 15:41:02 | 000,082,464 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll MOD - [2013/10/06 15:40:58 | 000,014,368 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\sgml.dll MOD - [2013/10/06 15:40:58 | 000,013,344 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\siem.dll MOD - [2013/10/06 15:40:26 | 000,048,160 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\MACTrackBarLib.dll MOD - [2013/10/06 15:13:44 | 000,193,056 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\sgmu.dll MOD - [2013/10/06 15:12:46 | 000,068,640 | ---- | M] () -- C:\Users\Robus\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll MOD - [2013/09/30 03:21:03 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\e77e7cdf3072d5a658832b8863ff439e\System.Management.ni.dll MOD - [2013/09/30 03:19:02 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\64fe2235e06dc8fd69a2fd3f6022553c\System.Web.Services.ni.dll MOD - [2013/09/30 02:49:43 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll MOD - [2013/09/30 02:48:52 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll MOD - [2013/09/30 02:46:38 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll MOD - [2013/07/13 08:28:16 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\2cd2c82bbe22932ed5b4d51c3b5059eb\CustomMarshalers.ni.dll MOD - [2013/07/13 08:07:05 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll MOD - [2013/04/19 15:33:50 | 000,502,784 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\nsmmc.dll MOD - [2013/03/20 15:55:22 | 000,753,664 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npfirefoxprocessor.dll MOD - [2013/03/20 15:54:10 | 000,224,768 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npwmi.dll MOD - [2013/03/20 15:53:56 | 000,228,864 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npsurvey.dll MOD - [2013/03/20 15:53:48 | 000,150,528 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\npsp1.dll MOD - [2013/03/20 15:53:38 | 000,503,808 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\communication.dll MOD - [2009/10/08 19:31:44 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll MOD - [2009/03/30 04:42:11 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2013/11/15 17:41:18 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/11/14 17:57:22 | 000,143,488 | ---- | M] () [Auto | Running] -- c:\Program Files\Optimizer Pro\OptProCrash.exe -- (ca82e1a5) SRV - [2013/11/07 09:05:47 | 000,044,752 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\PackageTracer_69\bar\1.bin\69barsvc.exe -- (PackageTracer_69Service) SRV - [2013/10/29 08:24:24 | 002,886,464 | ---- | M] (Iminent) [Auto | Running] -- C:\Program Files\Common Files\Umbrella\Umbrella.exe -- (SProtection) SRV - [2013/10/25 23:45:12 | 002,445,816 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon) SRV - [2013/10/20 08:00:20 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/10/15 05:38:52 | 000,050,704 | ---- | M] (Check Point Software Technologies, Ltd.) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe -- (ZAPrivacyService) SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013/07/10 19:28:16 | 000,109,064 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater) SRV - [2013/05/11 10:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013/04/19 15:35:36 | 002,833,120 | ---- | M] () [Auto | Running] -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe -- (NielsenUpdate) SRV - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008/01/21 02:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/21 02:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008/01/21 02:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_juextctrl.sys -- (huawei_ext_ctrl) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcecm.sys -- (huawei_cdcecm) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcacm.sys -- (huawei_cdcacm) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2013/09/29 23:30:48 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2013/06/13 16:34:06 | 000,452,120 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant) DRV - [2013/03/20 15:52:42 | 000,023,008 | ---- | M] (The Nielsen Company) [Kernel | System | Running] -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\nnfwdk.sys -- (nnfwdk) DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2012/10/05 03:32:50 | 000,093,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2010/05/12 03:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUSB.sys -- (FlashUSB) DRV - [2009/12/17 15:02:20 | 001,203,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009/09/29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009/09/29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009/09/29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2009/07/03 17:21:00 | 000,168,448 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2009/04/11 04:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2009/03/31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009/03/20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2009/03/20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) DRV - [2009/03/20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) DRV - [2008/01/21 02:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2006/11/14 00:11:54 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2006/11/10 14:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc) DRV - [2006/11/02 07:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006/11/02 07:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2006/07/24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013 IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://start.iminent.com/?appId=43A86978-C745-4B94-8801-ECBD2E108515&ref=toolbox&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?babsrc=HP_ss&mntrId=4C05002454208E82&affID=120007&tsp=5027 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.tb.ask.com/index.jhtml?n=77FD35DB&p2=^AFW^xdm004^YYA^gb&ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&si=CPD09PGo0roCFQ7LtAodBmcAtQ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013 IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found IE - HKCU\..\URLSearchHook: {97ef77e6-97be-4204-a890-2485903c5624} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=f35b3d43-735b-29de-1ac7-4e569be965a6&searchtype=ds&q={searchTerms}&installDate=14/11/2013 IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.bing.com/search?FORM=UP31DF&PC=UP31&q={searchTerms}&src=IE-SearchBox IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://start.iminent.com/?appId=43A86978-C745-4B94-8801-ECBD2E108515&ref=toolbox&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "StartWeb" FF - prefs.js..browser.search.order.1: "Secure Search" FF - prefs.js..browser.search.selectedEngine: "StartWeb" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.com/index.jhtml?ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda27e&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ" FF - prefs.js..extensions.enabledAddons: 69ffxtbr%40PackageTracer_69.com:5.40.2.43053 FF - prefs.js..extensions.enabledAddons: %7Bf35b3d43-735b-29de-1ac7-4e569be965a6%7D:1.1 FF - prefs.js..extensions.enabledAddons: TidyNetwork%40TidyNetwork:5.0 FF - prefs.js..extensions.enabledAddons: support%40tubedimmerapp.com:2.6.48 FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119 FF - prefs.js..extensions.enabledAddons: ffxtlbr%40zonealarm.com:1.6.0 FF - prefs.js..extensions.enabledAddons: webbooster%40iminent.com:7.43.4.1 FF - prefs.js..extensions.enabledAddons: ffxtlbr%40iminent.com:1.6.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1 FF - prefs.js..extensions.netassistant.keyword.url: "http://click.w3i.com/?Programid=132&Elementname=Keyword&Applicationid={559CE969-7E04-43B1-BF56-2F90A256442B}&Version=3.6.5&Vintage=20120727&Defaultbrowserid=30&Productid=2869&Vendorid=6413&Offerid=16934&searchterm=" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.defaultenginename.savedPrev: "true" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.defaultenginename.tb: "Ask Web Search" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.selectedEngine.savedPrev: "true" FF - prefs.js..extensions.toolbar.mindspark._69Members_.browser.search.selectedEngine.tb: "Ask Web Search" FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..browser.startup.homepage: "true" FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.com/index.jhtml?ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda27e&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ" FF - prefs.js..keyword.URL: "http://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=564D678E-6D3B-4F46-A4AE-8D19769AFCF2&n=77fda27e&ind=2013110910&p2=^AFW^xdm004^YYA^gb&si=CPD09PGo0roCFQ7LtAodBmcAtQ&searchfor=" FF - prefs.js..network.proxy.type: 4 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nielsen/FirefoxTracker: C:\Program Files\NetRatingsNetSight\NetSight\meter9\FirefoxAddOns\npfirefoxtracker.dll File not found FF - HKLM\Software\MozillaPlugins\@PackageTracer_69.com/Plugin: C:\Program Files\PackageTracer_69\bar\1.bin\NP69Stub.dll (MindSpark) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Robus\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Robus\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp498@crossrider.com: C:\Users\Robus\AppData\Local\RewardsArcade\498\Firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/15 17:40:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/15 17:40:58 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}: C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013/07/10 19:28:16 | 000,037,909 | ---- | M] () FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/15 17:40:54 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/15 17:40:58 | 000,000,000 | ---D | M] [2013/10/04 21:28:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Extensions [2013/11/15 17:25:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions [2013/09/29 23:58:59 | 000,000,000 | ---D | M] ("WinToFlash Suggestor") -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3} [2013/09/29 23:22:45 | 000,000,000 | ---D | M] (Wajam) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2} [2013/02/15 17:56:29 | 000,000,000 | ---D | M] (PriceGong) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} [2013/11/14 19:41:03 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2013/02/04 17:29:55 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} [2013/11/14 17:56:34 | 000,000,000 | ---D | M] ("Snap.Do ") -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\{f35b3d43-735b-29de-1ac7-4e569be965a6} [2012/06/06 21:35:57 | 000,000,000 | ---D | M] (MapsGalaxy) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\39ffxtbr@MapsGalaxy_39.com [2013/11/07 09:05:56 | 000,000,000 | ---D | M] (PackageTracer) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\69ffxtbr@PackageTracer_69.com [2012/07/02 13:29:47 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@funmoods.com [2013/11/15 17:25:48 | 000,000,000 | ---D | M] (Iminent Toolbar) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@iminent.com [2013/11/14 19:41:05 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\ffxtlbr@zonealarm.com [2012/07/02 12:06:26 | 000,000,000 | ---D | M] (RivalGaming) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\links@rivalgaming.com [2013/11/14 19:30:09 | 000,000,000 | ---D | M] (Tube Dimmer) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\support@tubedimmerapp.com [2013/11/14 17:57:33 | 000,000,000 | ---D | M] (TidyNetwork) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\3z1pkp2w.default\extensions\TidyNetwork@TidyNetwork [2013/11/14 17:57:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\pm2306dz.default\extensions [2012/07/02 13:28:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\pm2306dz.default\extensions\staged [2013/11/14 17:57:40 | 000,000,000 | ---D | M] (TidyNetwork) -- C:\Users\Robus\AppData\Roaming\mozilla\Firefox\Profiles\pm2306dz.default\extensions\TidyNetwork@TidyNetwork [2013/11/14 14:22:56 | 000,608,410 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\extensions\webbooster@iminent.com.xpi [2012/05/25 15:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2013/03/21 07:15:42 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\extensions\ffxtlbr@zonealarm.com\content\Abine\chrome\content\ff\view_expiry.js [2012/05/25 15:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\pm2306dz.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2013/11/15 17:25:49 | 000,001,368 | ---- | M] () -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\searchplugins\iminent.xml [2013/11/14 17:56:10 | 000,002,437 | ---- | M] () -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\searchplugins\Web Search.xml [2013/11/14 18:27:01 | 000,001,500 | ---- | M] () -- C:\Users\Robus\AppData\Roaming\mozilla\firefox\profiles\3z1pkp2w.default\searchplugins\zonealarm.xml [2013/11/15 17:40:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013/11/15 17:40:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2013/11/15 17:40:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013/11/15 17:41:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013/01/10 14:08:36 | 000,002,147 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\StartWeb.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://start.iminent.com/?appId=43A86978-C745-4B94-8801-ECBD2E108515 CHR - homepage: http://start.iminent.com/?appId=43A86978-C745-4B94-8801-ECBD2E108515 CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.5\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.4_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.3.1271\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmdlgjgaamffjidnpeddnekffilecamo\5.0.0.0_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\7.46.2.1_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.48_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2191_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ CHR - Extension: No name found = C:\Users\Robus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\ O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll File not found O2 - BHO: (iminent Helper Object) - {112BA211-334C-4A90-90EC-2AD1CDAB287C} - C:\Program Files\IminentToolbar\1.8.26.8\bh\iminent.dll (Iminent) O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.6.4\PriceGongIE.dll (PriceGong) O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll (Check Point Software Technologies LTD) O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll File not found O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found O2 - BHO: (Tube Dimmer) - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\ProgramData\TubeDimmer\IE\common.dll (Creative Island Media, LLC) O2 - BHO: (AppGraffiti) - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files\AppGraffiti\AppGraffiti.dll (Omega Partners Ltd) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (DataMngr) - {7DA17D5A-5718-4130-A605-FC316C827836} - C:\Program Files\Searchcore Toolbar\Datamngr\BrowserConnection.dll (Discordia , LTD) O2 - BHO: (Toolbar BHO) - {87011c4e-fcde-4476-9348-ecf16134fc1f} - C:\Program Files\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark) O2 - BHO: (Search Assistant BHO) - {87eab57c-d0b7-4ca9-8e26-191bfc989e26} - C:\Program Files\PackageTracer_69\bar\1.bin\69SrcAs.dll (MindSpark) O2 - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll (Bandoo Media, inc) O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll (SIEN) O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll File not found O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (Wajam) O2 - BHO: (Searchcore Toolbar) - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - C:\Program Files\Searchcore Toolbar\Datamngr\ToolBar\searchcoredtx.dll () O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (no name) - {CCB69577-088B-4004-9ED8-FF5BCC83A039} - No CLSID value found. O2 - BHO: (no name) - {CF28D96E-985F-43A6-B320-C2186B551472} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No CLSID value found. O2 - BHO: (WinToFlash Suggestor) - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC) O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC) O3 - HKLM\..\Toolbar: (no name) - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - !{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found. O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (Iminent Toolbar) - {1FAFD711-ABF9-4F6A-8130-5166C7371427} - C:\Program Files\IminentToolbar\1.8.26.8\iminentTlbr.dll (Iminent) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll (Check Point Software Technologies LTD) O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found. O3 - HKLM\..\Toolbar: (Searchcore Toolbar) - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - C:\Program Files\Searchcore Toolbar\Datamngr\ToolBar\searchcoredtx.dll () O3 - HKLM\..\Toolbar: (PackageTracer) - {ff343558-d5a5-454a-bdd8-c5c81e179fed} - C:\Program Files\PackageTracer_69\bar\1.bin\69bar.dll (MindSpark) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found. O4 - HKLM..\Run: [Iminent] C:\Program Files\Iminent\Iminent.exe (Iminent) O4 - HKLM..\Run: [IminentMessenger] C:\Program Files\Iminent\Iminent.Messengers.exe (Iminent) O4 - HKLM..\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [PackageTracer Search Scope Monitor] C:\Program Files\PackageTracer_69\bar\1.bin\69SrchMn.exe (MindSpark) O4 - HKLM..\Run: [PackageTracer_69 Browser Plugin Loader] C:\Program Files\PackageTracer_69\bar\1.bin\69brmon.exe (VER_COMPANY_NAME) O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Updater] C:\ProgramData\Updater\updater.exe (Updater) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Users\Robus\AppData\Local\Smartbar\Application\SnapDo.exe (Smartbar) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd) O4 - HKCU..\Run: [Facebook Update] C:\Users\Robus\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google) O4 - HKCU..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe () O4 - HKCU..\Run: [Updater] C:\ProgramData\Updater\updater.exe (Updater) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm File not found O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll File not found O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC) O9 - Extra 'Tools' menuitem : WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC) O13 - gopher Prefix: missing O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.11.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A7C213F-BD10-4507-9ECF-0A4CB9E8F770}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found O18 - Protocol\Handler\rebinfo - No CLSID value found O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Robus\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\Robus\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{06b5badb-821d-11e1-b0d3-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{06b5badb-821d-11e1-b0d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{06b5bb14-821d-11e1-b0d3-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{06b5bb14-821d-11e1-b0d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{06cd51c8-3f69-11e1-95cc-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{06cd51c8-3f69-11e1-95cc-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{06cd51dd-3f69-11e1-95cc-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{06cd51dd-3f69-11e1-95cc-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{070c50b2-9bdb-11e1-9c13-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{070c50b2-9bdb-11e1-9c13-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{0c7092ad-e55e-11e1-9b1d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{0c7092ad-e55e-11e1-9b1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{0c7092d8-e55e-11e1-9b1d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{0c7092d8-e55e-11e1-9b1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{0f0fd768-dbb1-11e1-a0bd-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{0f0fd768-dbb1-11e1-a0bd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{12618484-c74d-11e0-a61f-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{12618484-c74d-11e0-a61f-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{1549a200-68f6-11e1-8edf-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{1549a200-68f6-11e1-8edf-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{1ad50e5b-6529-11e1-a3bf-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{1ad50e5b-6529-11e1-a3bf-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{23075d0c-d15a-11e0-99fd-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{23075d0c-d15a-11e0-99fd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{23075d0f-d15a-11e0-99fd-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{23075d0f-d15a-11e0-99fd-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{238bcd28-e77a-11e1-a5d3-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{238bcd28-e77a-11e1-a5d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{238bce2d-e77a-11e1-a5d3-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{238bce2d-e77a-11e1-a5d3-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{27a83e0d-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{27a83e0d-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{27a8407e-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{27a8407e-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{27a8418d-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{27a8418d-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{27a842cf-767b-11e1-9645-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{27a842cf-767b-11e1-9645-002454208e82}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{2819ac09-7e3d-11df-af43-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{2819ac09-7e3d-11df-af43-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{2819ac5c-7e3d-11df-af43-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{2819ac5c-7e3d-11df-af43-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{28d8d3e7-1819-11e1-94ff-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{28d8d3e7-1819-11e1-94ff-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{360c7105-36ca-11e1-b679-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{360c7105-36ca-11e1-b679-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{362aa6e3-e2ee-11e1-b072-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{362aa6e3-e2ee-11e1-b072-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{362aa6f2-e2ee-11e1-b072-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{362aa6f2-e2ee-11e1-b072-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{364e5016-e212-11e1-9ce9-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{364e5016-e212-11e1-9ce9-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{3912ded5-3c41-11e1-85e6-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{3912ded5-3c41-11e1-85e6-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{3f831bbc-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{3f831bbc-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a O33 - MountPoints2\{3f831bfb-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{3f831bfb-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{3f831bff-ab0b-11e1-b6f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{3f831bff-ab0b-11e1-b6f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4878944f-357c-11e1-bc31-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4878944f-357c-11e1-bc31-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4a75f172-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4a75f172-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4a75f1a3-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4a75f1a3-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4a75f272-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4a75f272-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{4a75f274-a0b7-11e1-b912-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{4a75f274-a0b7-11e1-b912-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{5bb69e98-5f03-11e1-a466-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{5bb69e98-5f03-11e1-a466-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{5c3c43cc-199b-11e1-a214-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{5c3c43cc-199b-11e1-a214-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{6c783c1e-e1e6-11e1-a55e-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{6c783c1e-e1e6-11e1-a55e-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{6c783c28-e1e6-11e1-a55e-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{6c783c28-e1e6-11e1-a55e-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7be162aa-23de-11e1-bb6a-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7be162aa-23de-11e1-bb6a-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7cef6981-dd45-11e1-9f03-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7cef6981-dd45-11e1-9f03-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7cef6ab4-dd45-11e1-9f03-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7cef6ab4-dd45-11e1-9f03-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7dbc8846-ad58-11e1-9e48-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7dbc8846-ad58-11e1-9e48-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{7dbc8897-ad58-11e1-9e48-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{7dbc8897-ad58-11e1-9e48-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{8f9aa80f-837e-11e1-9a1d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{8f9aa80f-837e-11e1-9a1d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{9156b298-4ede-11e1-847c-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{9156b298-4ede-11e1-847c-002454208e82}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\{a0e47c3e-e0aa-11e1-99f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{a0e47c3e-e0aa-11e1-99f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{a0e47c80-e0aa-11e1-99f1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{a0e47c80-e0aa-11e1-99f1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ad51c4f4-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ad51c4f4-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ad51c4f8-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ad51c4f8-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ad51ca3a-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ad51ca3a-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ad51cedd-1b6c-11e1-8113-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ad51cedd-1b6c-11e1-8113-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{b163e4d0-eb97-11e1-b121-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{b163e4d0-eb97-11e1-b121-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{b47b40ce-43e7-11e0-ae9c-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{b47b40ce-43e7-11e0-ae9c-002454208e82}\Shell\AutoRun\command - "" = D:\DPFMate.exe O33 - MountPoints2\{b7f91bcf-f648-11e0-8a5d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{b7f91bcf-f648-11e0-8a5d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c00643fb-c446-11e1-a099-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c00643fb-c446-11e1-a099-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c050d675-6daa-11e1-8824-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c050d675-6daa-11e1-8824-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c050d677-6daa-11e1-8824-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c050d677-6daa-11e1-8824-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c09ca255-36c1-11e1-b84d-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c09ca255-36c1-11e1-b84d-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363f797-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363f797-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363f7c0-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363f7c0-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363f7c3-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363f7c3-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363f7da-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363f7da-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{c363fcdf-703e-11e1-9666-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{c363fcdf-703e-11e1-9666-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{cac41099-e432-11df-9781-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{cac41099-e432-11df-9781-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{e4506d49-3142-11e1-884b-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{e4506d49-3142-11e1-884b-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{e7a4db2a-d924-11e1-9bec-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{e7a4db2a-d924-11e1-9bec-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ee298306-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ee298306-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ee298319-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ee298319-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{ee29838d-c1c1-11e1-9ed1-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{ee29838d-c1c1-11e1-9ed1-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{f10f337d-7f00-11df-924f-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{f10f337d-7f00-11df-924f-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{f55a33eb-9c3e-11e1-8c33-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{f55a33eb-9c3e-11e1-8c33-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{f55a33f8-9c3e-11e1-8c33-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{f55a33f8-9c3e-11e1-8c33-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{fd245ccf-fd7c-11e0-bf19-002454208e82}\Shell - "" = AutoRun O33 - MountPoints2\{fd245ccf-fd7c-11e0-bf19-002454208e82}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (MACHINE BootExecut) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/11/15 17:40:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013/11/15 17:38:41 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2013/11/15 17:38:41 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2013/11/15 17:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\IminentToolbar [2013/11/15 17:25:10 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Iminent [2013/11/15 17:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent [2013/11/15 17:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent [2013/11/15 17:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Umbrella [2013/11/15 17:23:46 | 000,000,000 | ---D | C] -- C:\Program Files\Iminent [2013/11/14 19:51:04 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013/11/14 19:51:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013/11/14 19:51:01 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013/11/14 19:51:01 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013/11/14 19:51:01 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013/11/14 19:50:59 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013/11/14 19:50:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013/11/14 19:50:58 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013/11/14 18:32:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point [2013/11/14 18:31:16 | 000,256,904 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys [2013/11/14 18:26:57 | 000,000,000 | ---D | C] -- C:\Program Files\Check Point Software Technologies LTD [2013/11/14 18:26:44 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Check Point Software Technologies LTD [2013/11/14 18:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint [2013/11/14 18:02:40 | 000,000,000 | ---D | C] -- C:\Users\Robus\Documents\Optimizer Pro [2013/11/14 18:02:40 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Optimizer Pro [2013/11/14 17:57:29 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\TidyNetwork [2013/11/14 17:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 [2013/11/14 17:57:17 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro [2013/11/14 17:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Updater [2013/11/14 17:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RHelpers [2013/11/14 17:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\TubeDimmer [2013/11/14 17:54:19 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\Smartbar [2013/11/14 17:29:52 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Local\Avg2014 [2013/11/13 09:22:52 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL [2013/11/07 09:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\PackageTracer_69 [2013/11/06 11:40:40 | 000,000,000 | ---D | C] -- C:\Program Files\GPLGS [2013/11/06 11:40:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Creator [2013/11/06 11:40:05 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator [2013/11/06 11:38:41 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\DigitalSite [2013/10/29 17:45:32 | 000,000,000 | ---D | C] -- C:\Users\Robus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard [2013/10/20 07:48:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle [2012/03/03 09:17:15 | 002,371,152 | ---- | C] (DownVision ) -- C:\Users\Robus\AppData\Local\setup.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/11/18 17:28:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/11/18 17:20:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2270810218-2394552768-2579885175-1000UA.job [2013/11/18 17:00:00 | 000,000,260 | ---- | M] () -- C:\Windows\tasks\RGames Updater.job [2013/11/18 16:43:00 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job [2013/11/18 16:42:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/11/18 16:39:28 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\DigitalSite.job [2013/11/18 16:39:24 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013/11/18 16:39:24 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013/11/18 14:20:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2270810218-2394552768-2579885175-1000Core.job [2013/11/18 10:36:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/11/17 09:28:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/11/15 17:51:22 | 000,002,523 | ---- | M] () -- C:\Users\Robus\Desktop\HiJackThis.lnk [2013/11/15 17:24:48 | 000,000,596 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog [2013/11/14 20:36:12 | 000,648,680 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013/11/14 20:36:12 | 000,124,648 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013/11/14 20:29:42 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2013/11/14 19:43:05 | 000,417,569 | ---- | M] () -- C:\Windows\System32\drivers\vsconfig.xml [2013/11/14 19:26:12 | 000,001,288 | ---- | M] () -- C:\Windows\DCEBOOT.RST [2013/11/14 19:25:12 | 000,210,992 | ---- | M] () -- C:\Windows\RegBootClean.exe [2013/11/14 19:25:12 | 000,023,088 | ---- | M] () -- C:\Windows\DCEBoot.exe [2013/11/14 19:15:07 | 000,308,980 | ---- | M] () -- C:\Users\Robus\AppData\Local\census.cache [2013/11/14 19:14:36 | 000,196,747 | ---- | M] () -- C:\Users\Robus\AppData\Local\ars.cache [2013/11/14 18:32:26 | 000,000,639 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk [2013/11/14 18:31:03 | 000,000,036 | ---- | M] () -- C:\Users\Robus\AppData\Local\housecall.guid.cache [2013/11/14 17:57:20 | 000,000,859 | ---- | M] () -- C:\Users\Robus\Desktop\Optimizer Pro.lnk [2013/11/14 17:56:10 | 000,002,108 | ---- | M] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk [2013/11/14 17:56:10 | 000,002,084 | ---- | M] () -- C:\Users\Robus\Desktop\Search.lnk [2013/11/13 13:38:27 | 000,000,000 | ---- | M] () -- C:\end [2013/11/09 20:34:04 | 000,001,875 | ---- | M] () -- C:\Users\Robus\Desktop\Wordpad.lnk [2013/11/08 08:20:43 | 001,094,600 | ---- | M] () -- C:\Users\Robus\Desktop\rob and me.jpg [2013/11/06 12:40:08 | 000,000,091 | ---- | M] () -- C:\Users\Robus\AppData\Roaming\WB.CFG [2013/11/05 18:48:26 | 001,608,730 | ---- | M] () -- C:\Users\Robus\Desktop\kino domowe.jpg [2013/11/01 19:26:26 | 006,801,542 | ---- | M] () -- C:\Users\Robus\Desktop\salon1.jpg [2013/11/01 18:43:00 | 002,478,596 | ---- | M] () -- C:\Users\Robus\Desktop\salon.jpg [2013/10/28 10:48:11 | 000,000,223 | ---- | M] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Becky Misseldine.URL [2013/10/20 12:40:58 | 002,127,163 | ---- | M] () -- C:\Users\Robus\Desktop\koza.jpg [2013/10/20 08:40:49 | 000,412,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013/10/20 08:00:20 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013/10/20 08:00:19 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/11/15 18:30:50 | 000,513,136 | ---- | C] () -- C:\Users\Robus\Desktop\Silent Runners.vbs [2013/11/15 17:38:41 | 000,002,523 | ---- | C] () -- C:\Users\Robus\Desktop\HiJackThis.lnk [2013/11/15 17:24:39 | 000,000,596 | ---- | C] () -- C:\Windows\System32\InstallUtil.InstallLog [2013/11/14 19:26:12 | 000,001,288 | ---- | C] () -- C:\Windows\DCEBOOT.RST [2013/11/14 19:24:48 | 000,210,992 | ---- | C] () -- C:\Windows\RegBootClean.exe [2013/11/14 19:24:48 | 000,023,088 | ---- | C] () -- C:\Windows\DCEBoot.exe [2013/11/14 19:15:07 | 000,308,980 | ---- | C] () -- C:\Users\Robus\AppData\Local\census.cache [2013/11/14 19:14:36 | 000,196,747 | ---- | C] () -- C:\Users\Robus\AppData\Local\ars.cache [2013/11/14 18:32:57 | 000,417,569 | ---- | C] () -- C:\Windows\System32\drivers\vsconfig.xml [2013/11/14 18:32:26 | 000,000,639 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk [2013/11/14 18:31:03 | 000,000,036 | ---- | C] () -- C:\Users\Robus\AppData\Local\housecall.guid.cache [2013/11/14 17:57:20 | 000,000,859 | ---- | C] () -- C:\Users\Robus\Desktop\Optimizer Pro.lnk [2013/11/14 17:56:10 | 000,002,108 | ---- | C] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk [2013/11/14 17:56:10 | 000,002,084 | ---- | C] () -- C:\Users\Robus\Desktop\Search.lnk [2013/11/13 09:22:52 | 000,218,228 | ---- | C] () -- C:\Windows\System32\WFP.TMF [2013/11/09 20:34:04 | 000,001,875 | ---- | C] () -- C:\Users\Robus\Desktop\Wordpad.lnk [2013/11/08 08:20:54 | 001,094,600 | ---- | C] () -- C:\Users\Robus\Desktop\rob and me.jpg [2013/11/08 08:18:59 | 002,127,163 | ---- | C] () -- C:\Users\Robus\Desktop\koza.jpg [2013/11/06 12:40:08 | 000,000,091 | ---- | C] () -- C:\Users\Robus\AppData\Roaming\WB.CFG [2013/11/06 11:40:27 | 000,086,016 | ---- | C] () -- C:\Windows\System32\custmon32i.dll [2013/11/06 11:39:00 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\DigitalSite.job [2013/11/05 20:08:53 | 006,801,542 | ---- | C] () -- C:\Users\Robus\Desktop\salon1.jpg [2013/11/05 20:07:51 | 002,478,596 | ---- | C] () -- C:\Users\Robus\Desktop\salon.jpg [2013/11/05 18:45:35 | 005,352,886 | ---- | C] () -- C:\Users\Robus\Desktop\stol2.jpg [2013/11/05 18:45:08 | 004,445,439 | ---- | C] () -- C:\Users\Robus\Desktop\sofa.jpg [2013/11/05 18:44:18 | 005,352,886 | ---- | C] () -- C:\Users\Robus\Desktop\stol1.jpg [2013/11/05 18:44:02 | 005,407,789 | ---- | C] () -- C:\Users\Robus\Desktop\stol.jpg [2013/11/05 18:40:07 | 001,608,730 | ---- | C] () -- C:\Users\Robus\Desktop\kino domowe.jpg [2013/10/28 10:48:11 | 000,000,223 | ---- | C] () -- C:\Users\Robus\Application Data\Microsoft\Internet Explorer\Quick Launch\Becky Misseldine.URL [2013/03/07 19:33:10 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll [2013/03/07 19:33:09 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini [2013/02/09 15:48:57 | 000,026,900 | ---- | C] () -- C:\Users\Robus\AppData\Local\dt.dat [2012/06/30 13:41:12 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2012/03/03 09:17:16 | 000,000,972 | ---- | C] () -- C:\Users\Robus\AppData\Local\Darmowe.Wzory.Ulotek.Reklamowych.torrent [2012/02/15 20:10:02 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2012/02/15 20:10:02 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011/12/08 19:31:23 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2011/12/08 19:31:23 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2011/06/28 07:26:54 | 000,024,334 | ---- | C] () -- C:\Users\Robus\AppData\Local\umowa poadzialu.pdf [2011/06/17 14:34:06 | 000,000,000 | ---- | C] () -- C:\Users\Robus\AppData\Local\{78F2DA2B-44D9-40DC-9367-6AF299E2187A} [2010/08/16 16:05:07 | 000,046,278 | ---- | C] () -- C:\Users\Robus\WSR Invoice - Mr. R. Plummer - 2452.pdf [2010/06/26 21:06:37 | 000,123,392 | ---- | C] () -- C:\Users\Robus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [color=#E56717]========== ZeroAccess Check ==========[/color] [2006/11/02 12:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 17:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 04:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/21 02:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== Files - Unicode (All) ==========[/color] [2013/10/05 12:48:31 | 000,000,000 | ---D | M](C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é) -- C:\ProgramData\䉘é㼈éÄé㍨é8520-1533-40C5-AD09-953C574F14BCÄé㠸é [2013/10/05 12:48:31 | 000,000,000 | ---D | M](C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é) -- C:\ProgramData\䉘é㼈éÄé㍨é8520-1533-40C5-AD09-953C574F14BCÄé㠸é [2013/10/02 13:00:44 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ţ㠘ţ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/10/02 13:00:44 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ţ㠘ţ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/10/01 01:13:02 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠Œ㼐ŒÄŒ㍰Œ8520-1533-40C5-AD09-953C574F14BCČ㡀Œ [2013/10/01 01:13:02 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠Œ㼐ŒÄŒ㍰Œ8520-1533-40C5-AD09-953C574F14BCČ㡀Œ [2013/09/30 11:36:50 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˢ㠘ˢ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/09/30 11:36:50 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˢ㠘ˢ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/09/30 02:44:56 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠ƺ㼐ƺÄƺ㍰ƺ8520-1533-40C5-AD09-953C574F14BCÄƺ㡀ƺ [2013/09/30 02:44:56 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠ƺ㼐ƺÄƺ㍰ƺ8520-1533-40C5-AD09-953C574F14BCÄƺ㡀ƺ [2013/09/29 19:34:37 | 000,000,000 | ---D | M](C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䉠Ē㼐ĒÄĒ㍰Ē8520-1533-40C5-AD09-953C574F14BCÄĒ㡀Ē [2013/09/29 19:34:37 | 000,000,000 | ---D | M](C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䉠Ē㼐ĒÄĒ㍰Ē8520-1533-40C5-AD09-953C574F14BCÄĒ㡀Ē [2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCĬ?¬) -- C:\ProgramData\䉨¬㼘¬Ä¬㍸¬8520-1533-40C5-AD09-953C574F14BCĬ㡈¬ [2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘ˖籐˴ [2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCĬ?¬) -- C:\ProgramData\䉨¬㼘¬Ä¬㍸¬8520-1533-40C5-AD09-953C574F14BCĬ㡈¬ [2013/09/22 14:19:45 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘ˖籐˴ [2013/09/22 14:07:55 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˡ籐˺ [2013/09/22 14:07:55 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˡ籐˺ [2013/07/20 20:43:37 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐œ [2013/07/20 20:43:37 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐œ [2013/07/20 20:43:33 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ƿ㼘ƿÄƿ㍸ƿ8520-1533-40C5-AD09-953C574F14BCÄƿ㡈ƿ [2013/07/20 20:43:33 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ƿ㼘ƿÄƿ㍸ƿ8520-1533-40C5-AD09-953C574F14BCÄƿ㡈ƿ [2013/07/20 20:35:19 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˓㠘˓楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/07/20 20:35:19 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˓㠘˓楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/06/29 20:42:39 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠†㼐†Ä†㍰†8520-1533-40C5-AD09-953C574F14BCĆ㡀† [2013/06/29 20:42:39 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠†㼐†Ä†㍰†8520-1533-40C5-AD09-953C574F14BCĆ㡀† [2013/06/29 13:28:47 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠DŽ㼐DŽÄDŽ㍰DŽ8520-1533-40C5-AD09-953C574F14BCÄDŽ㡀DŽ [2013/06/29 13:28:47 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠DŽ㼐DŽÄDŽ㍰DŽ8520-1533-40C5-AD09-953C574F14BCÄDŽ㡀DŽ [2013/06/28 17:07:36 | 000,000,000 | ---D | M](C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\䉠ǜ㼐ǜÄǜ㍰ǜ8520-1533-40C5-AD09-953C574F14BCÄǜ㡀ǜ [2013/06/28 17:07:36 | 000,000,000 | ---D | M](C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\䉠ǜ㼐ǜÄǜ㍰ǜ8520-1533-40C5-AD09-953C574F14BCÄǜ㡀ǜ [2013/06/28 16:45:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˪㠘˪楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/06/28 16:45:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˪㠘˪楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/06/02 16:53:40 | 000,000,000 | ---D | M](C:\ProgramData\?'?'????????????????????p???????) -- C:\ProgramData\睨ˈ㠘ˈ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/06/02 16:53:40 | 000,000,000 | ---D | M](C:\ProgramData\?'?'????????????????????p???????) -- C:\ProgramData\睨ˈ㠘ˈ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/05/20 11:31:59 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䉠Ǎ㼐ǍÄǍ㍰Ǎ8520-1533-40C5-AD09-953C574F14BCÄǍ㡀Ǎ [2013/05/20 11:31:59 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䉠Ǎ㼐ǍÄǍ㍰Ǎ8520-1533-40C5-AD09-953C574F14BCÄǍ㡀Ǎ [2013/05/13 18:34:26 | 000,000,000 | ---D | M](C:\ProgramData\?¯?¯????????????????????p???????) -- C:\ProgramData\睨ˉ㠘ˉ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/05/13 18:34:26 | 000,000,000 | ---D | M](C:\ProgramData\?¯?¯????????????????????p???????) -- C:\ProgramData\睨ˉ㠘ˉ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/05/07 07:18:32 | 000,000,000 | ---D | M](C:\ProgramData\???S) -- C:\ProgramData\Ꮘ˪籐Ś [2013/05/07 07:18:32 | 000,000,000 | ---D | M](C:\ProgramData\???S) -- C:\ProgramData\Ꮘ˪籐Ś [2013/05/07 07:18:21 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ǵ㼘ǵÄǵ㍸ǵ8520-1533-40C5-AD09-953C574F14BCÄǵ㡈ǵ [2013/05/07 07:18:21 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ǵ㼘ǵÄǵ㍸ǵ8520-1533-40C5-AD09-953C574F14BCÄǵ㡈ǵ [2013/05/06 20:01:51 | 000,000,000 | ---D | M](C:\ProgramData\?U?U????????????????????p???????) -- C:\ProgramData\睨Ǘ㠘Ǘ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/05/06 20:01:51 | 000,000,000 | ---D | M](C:\ProgramData\?U?U????????????????????p???????) -- C:\ProgramData\睨Ǘ㠘Ǘ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/04/29 17:52:04 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ť㠘ť楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/04/29 17:52:04 | 000,000,000 | ---D | M](C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ť㠘ť楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/04/29 08:25:43 | 000,000,000 | ---D | M](C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò) -- C:\ProgramData\䉠Ò㼐ÒÄÒ㍰Ò8520-1533-40C5-AD09-953C574F14BCÄÒ㡀Ò [2013/04/29 08:25:43 | 000,000,000 | ---D | M](C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò) -- C:\ProgramData\䉠Ò㼐ÒÄÒ㍰Ò8520-1533-40C5-AD09-953C574F14BCÄÒ㡀Ò [2013/04/24 13:20:26 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䉠Ǚ㼐ǙÄǙ㍰Ǚ8520-1533-40C5-AD09-953C574F14BCÄǙ㡀Ǚ [2013/04/24 13:20:26 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䉠Ǚ㼐ǙÄǙ㍰Ǚ8520-1533-40C5-AD09-953C574F14BCÄǙ㡀Ǚ [2013/04/22 19:10:11 | 000,000,000 | ---D | M](C:\ProgramData\???`) -- C:\ProgramData\Ꮘʶ籐ˋ [2013/04/22 19:10:11 | 000,000,000 | ---D | M](C:\ProgramData\???`) -- C:\ProgramData\Ꮘʶ籐ˋ [2013/04/22 19:10:09 | 000,000,000 | ---D | M](C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\䉨Ǧ㼘ǦÄǦ㍸Ǧ8520-1533-40C5-AD09-953C574F14BCÄǦ㡈Ǧ [2013/04/22 19:10:09 | 000,000,000 | ---D | M](C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\䉨Ǧ㼘ǦÄǦ㍸Ǧ8520-1533-40C5-AD09-953C574F14BCÄǦ㡈Ǧ [2013/04/22 17:52:06 | 000,000,000 | ---D | M](C:\ProgramData\?G?G????????????????????p???????) -- C:\ProgramData\睨Ǧ㠘Ǧ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/04/22 17:52:06 | 000,000,000 | ---D | M](C:\ProgramData\?G?G????????????????????p???????) -- C:\ProgramData\睨Ǧ㠘Ǧ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/04/17 17:31:49 | 000,000,000 | ---D | M](C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x) -- C:\ProgramData\䉠x㼐xÄx㍰x8520-1533-40C5-AD09-953C574F14BCÄx㡀x [2013/04/17 17:31:49 | 000,000,000 | ---D | M](C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x) -- C:\ProgramData\䉠x㼐xÄx㍰x8520-1533-40C5-AD09-953C574F14BCÄx㡀x [2013/04/17 13:10:27 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘȼ籐ɍ [2013/04/17 13:10:27 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘȼ籐ɍ [2013/04/17 13:10:24 | 000,000,000 | ---D | M](C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š) -- C:\ProgramData\䉨Š㼘ŠÄŠ㍸Š8520-1533-40C5-AD09-953C574F14BCÄŠ㡈Š [2013/04/17 13:10:24 | 000,000,000 | ---D | M](C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š) -- C:\ProgramData\䉨Š㼘ŠÄŠ㍸Š8520-1533-40C5-AD09-953C574F14BCÄŠ㡈Š [2013/04/16 21:12:07 | 000,000,000 | ---D | M](C:\ProgramData\?r?r????????????????????p???????) -- C:\ProgramData\睨ŗ㠘ŗ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/04/16 21:12:07 | 000,000,000 | ---D | M](C:\ProgramData\?r?r????????????????????p???????) -- C:\ProgramData\睨ŗ㠘ŗ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/04/03 18:02:38 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐˗ [2013/04/03 18:02:38 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐˗ [2013/04/03 18:02:37 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ƶ㼘ƵÄƵ㍸Ƶ8520-1533-40C5-AD09-953C574F14BCÄƵ㡈Ƶ [2013/04/03 18:02:37 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ƶ㼘ƵÄƵ㍸Ƶ8520-1533-40C5-AD09-953C574F14BCÄƵ㡈Ƶ [2013/04/03 17:11:25 | 000,000,000 | ---D | M](C:\ProgramData\?8?8????????????????????p???????) -- C:\ProgramData\睨8㠘8楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/04/03 17:11:25 | 000,000,000 | ---D | M](C:\ProgramData\?8?8????????????????????p???????) -- C:\ProgramData\睨8㠘8楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/04/01 13:24:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠Ǿ㼐ǾÄǾ㍰Ǿ8520-1533-40C5-AD09-953C574F14BCÄǾ㡀Ǿ [2013/04/01 13:24:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠Ǿ㼐ǾÄǾ㍰Ǿ8520-1533-40C5-AD09-953C574F14BCÄǾ㡀Ǿ [2013/03/29 18:43:26 | 000,000,000 | ---D | M](C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á) -- C:\ProgramData\䉠á㼐áÄá㍰á8520-1533-40C5-AD09-953C574F14BCÄá㡀á [2013/03/29 18:43:26 | 000,000,000 | ---D | M](C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á) -- C:\ProgramData\䉠á㼐áÄá㍰á8520-1533-40C5-AD09-953C574F14BCÄá㡀á [2013/03/26 19:21:06 | 000,000,000 | ---D | M](C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k) -- C:\ProgramData\䉠ǩ㼐ǩÄǩ㍰ǩ8520-1533-40C5-AD09-953C574F14BCÄǩ㡀ǩ [2013/03/26 19:21:06 | 000,000,000 | ---D | M](C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k) -- C:\ProgramData\䉠ǩ㼐ǩÄǩ㍰ǩ8520-1533-40C5-AD09-953C574F14BCÄǩ㡀ǩ [2013/03/26 11:34:52 | 000,000,000 | ---D | M](C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCď?) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCď㡀 [2013/03/26 11:34:52 | 000,000,000 | ---D | M](C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCď?) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCď㡀 [2013/03/25 19:46:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐ƻ [2013/03/25 19:46:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐ƻ [2013/03/25 19:46:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨lj㼘ljÄlj㍸lj8520-1533-40C5-AD09-953C574F14BCÄlj㡈lj [2013/03/25 19:46:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨lj㼘ljÄlj㍸lj8520-1533-40C5-AD09-953C574F14BCÄlj㡈lj [2013/03/25 18:52:03 | 000,000,000 | ---D | M](C:\ProgramData\?˜?˜????????????????????p???????) -- C:\ProgramData\睨˜㠘˜楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/03/25 18:52:03 | 000,000,000 | ---D | M](C:\ProgramData\?˜?˜????????????????????p???????) -- C:\ProgramData\睨˜㠘˜楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/03/22 03:19:58 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䉠ǟ㼐ǟÄǟ㍰ǟ8520-1533-40C5-AD09-953C574F14BCÄǟ㡀ǟ [2013/03/22 03:19:58 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䉠ǟ㼐ǟÄǟ㍰ǟ8520-1533-40C5-AD09-953C574F14BCÄǟ㡀ǟ [2013/03/20 15:54:16 | 000,000,000 | ---D | M](C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i) -- C:\ProgramData\䉠ǐ㼐ǐÄǐ㍰ǐ8520-1533-40C5-AD09-953C574F14BCÄǐ㡀ǐ [2013/03/20 15:54:16 | 000,000,000 | ---D | M](C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i) -- C:\ProgramData\䉠ǐ㼐ǐÄǐ㍰ǐ8520-1533-40C5-AD09-953C574F14BCÄǐ㡀ǐ [2013/03/18 18:52:18 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˦㠘˦楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/03/18 18:52:18 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˦㠘˦楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/03/14 03:26:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠”㼐”Ä”㍰”8520-1533-40C5-AD09-953C574F14BCĔ㡀” [2013/03/14 03:26:17 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠”㼐”Ä”㍰”8520-1533-40C5-AD09-953C574F14BCĔ㡀” [2013/03/08 08:24:34 | 000,000,000 | ---D | M](C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)) -- C:\ProgramData\䉠)㼐)Ä)㍰)8520-1533-40C5-AD09-953C574F14BCÄ)㡀) [2013/03/08 08:24:34 | 000,000,000 | ---D | M](C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)) -- C:\ProgramData\䉠)㼐)Ä)㍰)8520-1533-40C5-AD09-953C574F14BCÄ)㡀) [2013/03/04 18:58:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˌ籐˧ [2013/03/04 18:58:02 | 000,000,000 | ---D | M](C:\ProgramData\????) -- C:\ProgramData\Ꮘˌ籐˧ [2013/03/04 18:58:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ǣ㼘ǢÄǢ㍸Ǣ8520-1533-40C5-AD09-953C574F14BCÄǢ㡈Ǣ [2013/03/04 18:58:01 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ǣ㼘ǢÄǢ㍸Ǣ8520-1533-40C5-AD09-953C574F14BCÄǢ㡈Ǣ [2013/03/04 18:52:02 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˌ㠘ˌ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/03/04 18:52:02 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˌ㠘ˌ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/02/27 20:25:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˃㠘˃楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/02/27 20:25:46 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˃㠘˃楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/02/27 14:22:20 | 000,000,000 | ---D | M](C:\ProgramData\?a?a0) -- C:\ProgramData\䉠ǎ㼐ǎ0 [2013/02/27 14:22:20 | 000,000,000 | ---D | M](C:\ProgramData\?a?a0) -- C:\ProgramData\䉠ǎ㼐ǎ0 [2013/02/17 19:22:01 | 000,000,000 | ---D | M](C:\ProgramData\?9?9????????????????????p???????) -- C:\ProgramData\睨9㠘9楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/02/17 19:22:01 | 000,000,000 | ---D | M](C:\ProgramData\?9?9????????????????????p???????) -- C:\ProgramData\睨9㠘9楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/02/17 07:50:22 | 000,000,000 | ---D | M](C:\ProgramData\?|?|0) -- C:\ProgramData\䇨ǀ㺘ǀ0 [2013/02/17 07:50:22 | 000,000,000 | ---D | M](C:\ProgramData\?|?|0) -- C:\ProgramData\䇨ǀ㺘ǀ0 [2013/01/06 18:01:43 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\皸˙㝨˙楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/01/06 18:01:43 | 000,000,000 | ---D | M](C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\皸˙㝨˙楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 [2013/01/06 17:59:12 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ʀ㸈Ʀ0 [2013/01/06 17:59:12 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ʀ㸈Ʀ0 [2013/01/04 18:41:43 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ț㸈ț0 [2013/01/04 18:41:43 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ț㸈ț0 [2013/01/02 08:35:39 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȇ㸈ȇ0 [2013/01/02 08:35:39 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȇ㸈ȇ0 [2012/12/22 06:06:03 | 000,000,000 | ---D | M](C:\ProgramData\?.?.0) -- C:\ProgramData\䅘.㸈.0 [2012/12/22 06:06:03 | 000,000,000 | ---D | M](C:\ProgramData\?.?.0) -- C:\ProgramData\䅘.㸈.0 [2012/12/14 03:35:38 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȷ㸈ȷ0 [2012/12/14 03:35:38 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȷ㸈ȷ0 [2012/12/07 13:21:00 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘–㸈–0 [2012/12/07 13:21:00 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘–㸈–0 [2012/12/01 13:18:34 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȴ㸈ȴ0 [2012/12/01 13:18:34 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȴ㸈ȴ0 [2012/11/30 21:04:36 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȅ㸈ȅ0 [2012/11/30 21:04:36 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȅ㸈ȅ0 [2012/11/30 17:56:55 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȥ㸈Ȥ0 [2012/11/30 17:56:55 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȥ㸈Ȥ0 [2012/11/28 17:41:03 | 000,000,000 | ---D | M](C:\ProgramData\?@?@0) -- C:\ProgramData\䅘@㸈@0 [2012/11/28 17:41:03 | 000,000,000 | ---D | M](C:\ProgramData\?@?@0) -- C:\ProgramData\䅘@㸈@0 [2012/11/28 14:07:54 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ǽ㸈ǽ0 [2012/11/28 14:07:54 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ǽ㸈ǽ0 [2012/11/27 13:35:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȳ㸈Ȳ0 [2012/11/27 13:35:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȳ㸈Ȳ0 [2012/11/26 14:40:33 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȏ㸈Ȏ0 [2012/11/26 14:40:33 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘Ȏ㸈Ȏ0 [2012/11/25 16:09:01 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȸ㸈ȸ0 [2012/11/25 16:09:01 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䅘ȸ㸈ȸ0 [2012/11/17 07:42:48 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䃨ǵ㶘ǵ0 [2012/11/17 07:42:48 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䃨ǵ㶘ǵ0 (C:\ProgramData\?x?xÄx?x8520-1533-40C5-AD09-953C574F14BCÄx?x) -- C:\ProgramData\䉠x㼐xÄx㍰x8520-1533-40C5-AD09-953C574F14BCÄx㡀x (C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䉠Ǚ㼐ǙÄǙ㍰Ǚ8520-1533-40C5-AD09-953C574F14BCÄǙ㡀Ǚ (C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\䉠ǜ㼐ǜÄǜ㍰ǜ8520-1533-40C5-AD09-953C574F14BCÄǜ㡀ǜ (C:\ProgramData\?U?U????????????????????p???????) -- C:\ProgramData\睨Ǘ㠘Ǘ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ţ㠘ţ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?t?t????????????????????p???????) -- C:\ProgramData\睨ť㠘ť楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?Š?ŠÄŠ?Š8520-1533-40C5-AD09-953C574F14BCÄŠ?Š) -- C:\ProgramData\䉨Š㼘ŠÄŠ㍸Š8520-1533-40C5-AD09-953C574F14BCÄŠ㡈Š (C:\ProgramData\?r?r????????????????????p???????) -- C:\ProgramData\睨ŗ㠘ŗ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?Ò?ÒÄÒ?Ò8520-1533-40C5-AD09-953C574F14BCÄÒ?Ò) -- C:\ProgramData\䉠Ò㼐ÒÄÒ㍰Ò8520-1533-40C5-AD09-953C574F14BCÄÒ㡀Ò (C:\ProgramData\?k?kÄk?k8520-1533-40C5-AD09-953C574F14BCÄk?k) -- C:\ProgramData\䉠ǩ㼐ǩÄǩ㍰ǩ8520-1533-40C5-AD09-953C574F14BCÄǩ㡀ǩ (C:\ProgramData\?i?iÄi?i8520-1533-40C5-AD09-953C574F14BCÄi?i) -- C:\ProgramData\䉠ǐ㼐ǐÄǐ㍰ǐ8520-1533-40C5-AD09-953C574F14BCÄǐ㡀ǐ (C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\䉨Ǧ㼘ǦÄǦ㍸Ǧ8520-1533-40C5-AD09-953C574F14BCÄǦ㡈Ǧ (C:\ProgramData\?G?G????????????????????p???????) -- C:\ProgramData\睨Ǧ㠘Ǧ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䉠Ē㼐ĒÄĒ㍰Ē8520-1533-40C5-AD09-953C574F14BCÄĒ㡀Ē (C:\ProgramData\?é?éÄé?é8520-1533-40C5-AD09-953C574F14BCÄé?é) -- C:\ProgramData\䉘é㼈éÄé㍨é8520-1533-40C5-AD09-953C574F14BCÄé㠸é (C:\ProgramData\?á?áÄá?á8520-1533-40C5-AD09-953C574F14BCÄá?á) -- C:\ProgramData\䉠á㼐áÄá㍰á8520-1533-40C5-AD09-953C574F14BCÄá㡀á (C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䉠ǟ㼐ǟÄǟ㍰ǟ8520-1533-40C5-AD09-953C574F14BCÄǟ㡀ǟ (C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䉠Ǎ㼐ǍÄǍ㍰Ǎ8520-1533-40C5-AD09-953C574F14BCÄǍ㡀Ǎ (C:\ProgramData\?a?a0) -- C:\ProgramData\䉠ǎ㼐ǎ0 (C:\ProgramData\?9?9????????????????????p???????) -- C:\ProgramData\睨9㠘9楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?8?8????????????????????p???????) -- C:\ProgramData\睨8㠘8楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\??Ä?8520-1533-40C5-AD09-953C574F14BCď?) -- C:\ProgramData\䉠㼐Ä㍰8520-1533-40C5-AD09-953C574F14BCď㡀 (C:\ProgramData\?¬?¬Ä¬?¬8520-1533-40C5-AD09-953C574F14BCĬ?¬) -- C:\ProgramData\䉨¬㼘¬Ä¬㍸¬8520-1533-40C5-AD09-953C574F14BCĬ㡈¬ (C:\ProgramData\?˜?˜????????????????????p???????) -- C:\ProgramData\睨˜㠘˜楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?¯?¯????????????????????p???????) -- C:\ProgramData\睨ˉ㠘ˉ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\?|?|0) -- C:\ProgramData\䇨ǀ㺘ǀ0 (C:\ProgramData\?@?@0) -- C:\ProgramData\䅘@㸈@0 (C:\ProgramData\???S) -- C:\ProgramData\Ꮘ˪籐Ś (C:\ProgramData\???`) -- C:\ProgramData\Ꮘʶ籐ˋ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ƶ㼘ƵÄƵ㍸Ƶ8520-1533-40C5-AD09-953C574F14BCÄƵ㡈Ƶ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ƿ㼘ƿÄƿ㍸ƿ8520-1533-40C5-AD09-953C574F14BCÄƿ㡈ƿ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨lj㼘ljÄlj㍸lj8520-1533-40C5-AD09-953C574F14BCÄlj㡈lj (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨ǵ㼘ǵÄǵ㍸ǵ8520-1533-40C5-AD09-953C574F14BCÄǵ㡈ǵ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉨Ǣ㼘ǢÄǢ㍸Ǣ8520-1533-40C5-AD09-953C574F14BCÄǢ㡈Ǣ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠ƺ㼐ƺÄƺ㍰ƺ8520-1533-40C5-AD09-953C574F14BCÄƺ㡀ƺ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠Ǿ㼐ǾÄǾ㍰Ǿ8520-1533-40C5-AD09-953C574F14BCÄǾ㡀Ǿ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠DŽ㼐DŽÄDŽ㍰DŽ8520-1533-40C5-AD09-953C574F14BCÄDŽ㡀DŽ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠”㼐”Ä”㍰”8520-1533-40C5-AD09-953C574F14BCĔ㡀” (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠Œ㼐ŒÄŒ㍰Œ8520-1533-40C5-AD09-953C574F14BCČ㡀Œ (C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䉠†㼐†Ä†㍰†8520-1533-40C5-AD09-953C574F14BCĆ㡀† (C:\ProgramData\????0) -- C:\ProgramData\䅘Ȥ㸈Ȥ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘Ȳ㸈Ȳ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ț㸈ț0 (C:\ProgramData\????0) -- C:\ProgramData\䅘Ʀ㸈Ʀ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘Ȏ㸈Ȏ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ȴ㸈ȴ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ȷ㸈ȷ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ȇ㸈ȇ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ȅ㸈ȅ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ȸ㸈ȸ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘ǽ㸈ǽ0 (C:\ProgramData\????0) -- C:\ProgramData\䅘–㸈–0 (C:\ProgramData\????0) -- C:\ProgramData\䃨ǵ㶘ǵ0 (C:\ProgramData\?'?'????????????????????p???????) -- C:\ProgramData\睨ˈ㠘ˈ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˦㠘˦楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˓㠘˓楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˃㠘˃楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˌ㠘ˌ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨˪㠘˪楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\睨ˢ㠘ˢ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????????????????????????p???????) -- C:\ProgramData\皸˙㝨˙楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳䌀䰻彃䥔䕍䌽 (C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐ƻ (C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐œ (C:\ProgramData\????) -- C:\ProgramData\Ꮘˁ籐˗ (C:\ProgramData\????) -- C:\ProgramData\Ꮘˌ籐˧ (C:\ProgramData\????) -- C:\ProgramData\Ꮘ˖籐˴ (C:\ProgramData\????) -- C:\ProgramData\Ꮘˡ籐˺ (C:\ProgramData\????) -- C:\ProgramData\Ꮘȼ籐ɍ (C:\ProgramData\?.?.0) -- C:\ProgramData\䅘.㸈.0 (C:\ProgramData\?)?)Ä)?)8520-1533-40C5-AD09-953C574F14BCÄ)?)) -- C:\ProgramData\䉠)㼐)Ä)㍰)8520-1533-40C5-AD09-953C574F14BCÄ)㡀) [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:2683706C @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:373E1720 < End of report >