OTL logfile created on: 2014-12-06 17:12:38 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = E:\Documents and Settings\Jesse Pinkman\My Documents\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,30 Gb Available Physical Memory | 70,71% Memory free 5,09 Gb Paging File | 3,96 Gb Available in Paging File | 77,75% Paging File free Paging file location(s): E:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files Drive C: | 480,42 Gb Total Space | 126,36 Gb Free Space | 26,30% Space Free | Partition Type: NTFS Drive E: | 30,00 Gb Total Space | 21,22 Gb Free Space | 70,74% Space Free | Partition Type: NTFS Drive F: | 391,09 Gb Total Space | 185,29 Gb Free Space | 47,38% Space Free | Partition Type: NTFS Drive G: | 30,00 Gb Total Space | 10,61 Gb Free Space | 35,38% Space Free | Partition Type: NTFS Computer Name: HEISENBERG | User Name: Jesse Pinkman | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-12-06 16:01:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Jesse Pinkman\My Documents\Downloads\OTL.exe PRC - [2014-12-06 15:15:43 | 000,303,176 | ---- | M] () -- E:\Program Files\Arcabit\ArcaVir\arcascan\scanenginecon.exe PRC - [2014-12-06 15:15:42 | 000,208,304 | ---- | M] (Arcabit) -- E:\Program Files\Arcabit\ArcaUpdate\update.exe PRC - [2014-12-01 19:56:39 | 000,579,104 | ---- | M] (Arcabit) -- E:\Program Files\Arcabit\ArcaAgent\ArcaRemoteSvc.exe PRC - [2014-12-01 19:56:37 | 000,142,384 | ---- | M] (Arcabit) -- E:\Program Files\Arcabit\Common\ArcaConfSV.exe PRC - [2014-11-25 07:39:27 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2014-07-11 20:25:52 | 001,033,728 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-12-06 15:15:43 | 000,303,176 | ---- | M] () -- E:\Program Files\Arcabit\ArcaVir\arcascan\scanenginecon.exe MOD - [2014-12-01 19:56:36 | 000,195,944 | ---- | M] () -- E:\Program Files\Arcabit\ArcaVir\AVShell.dll MOD - [2014-11-25 07:39:25 | 014,910,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll MOD - [2014-11-25 07:39:24 | 009,009,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll MOD - [2014-11-25 07:39:17 | 001,677,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll MOD - [2014-07-11 20:26:00 | 000,014,336 | ---- | M] () -- E:\WINDOWS\system32\msdmo.dll MOD - [2014-07-11 20:25:50 | 000,059,904 | ---- | M] () -- E:\WINDOWS\system32\devenum.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- E:\Program Files\SafePCRepair\ioloToolService.exe -- (ioloService) SRV - [2014-12-06 15:15:42 | 000,208,304 | ---- | M] (Arcabit) [Auto | Running] -- E:\Program Files\Arcabit\ArcaUpdate\update.exe -- (AVUpdate) SRV - [2014-12-01 19:56:39 | 000,579,104 | ---- | M] (Arcabit) [Auto | Running] -- E:\Program Files\Arcabit\ArcaAgent\ArcaRemoteSvc.exe -- (ArcaRemoteService) SRV - [2014-12-01 19:56:39 | 000,187,704 | ---- | M] (Arcabit) [Auto | Stopped] -- E:\Program Files\Arcabit\ArcaTools\ArcaBackup\ArcaBackupService.exe -- (AVBackup) SRV - [2014-12-01 19:56:37 | 000,142,384 | ---- | M] (Arcabit) [Auto | Running] -- E:\Program Files\Arcabit\Common\ArcaConfSV.exe -- (ABConfSV) SRV - [2014-12-01 19:56:37 | 000,130,024 | ---- | M] (ArcaBit) [Auto | Stopped] -- E:\Program Files\Arcabit\Common\ArcaTasksService.exe -- (AVTasks2) SRV - [2014-12-01 19:56:35 | 000,167,104 | ---- | M] (Arcabit) [Auto | Stopped] -- E:\Program Files\Arcabit\ArcaVir\ArcaMainSV.exe -- (ABMainSV) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- F:\CDriver.sys -- (MSICDSetup) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | System | Stopped] -- E:\Program Files\Arcabit\ArcaVir\ABTDI.sys -- (ABTDI) DRV - [2014-12-06 15:30:31 | 000,054,200 | ---- | M] (NetFilterSDK.com) [Kernel | System | Running] -- E:\WINDOWS\system32\drivers\arcawfp.sys -- (arcawfp) DRV - [2014-12-01 19:56:35 | 000,066,800 | ---- | M] (ArcaBit) [File_System | On_Demand | Running] -- E:\Program Files\Arcabit\ArcaVir\ABFLT.sys -- (ABFLT) DRV - [2014-12-01 19:56:35 | 000,041,712 | ---- | M] (ArcaBit) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\abndis.sys -- (ABndisMP) DRV - [2014-12-01 19:56:35 | 000,041,712 | ---- | M] (ArcaBit) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\abndis.sys -- (ABndis) DRV - [2010-03-10 02:48:30 | 000,058,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA) DRV - [2009-10-06 11:54:16 | 005,922,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2009-08-04 10:40:04 | 000,165,920 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- E:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts) DRV - [2009-07-30 09:46:24 | 000,013,824 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2009-07-30 09:46:20 | 000,066,816 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2008-08-05 13:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2007-04-16 15:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- E:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM) DRV - [2006-01-04 08:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-436374069-2147134463-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: (Enabled) CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - plugin: Error reading preferences file CHR - Extension: No name found = E:\Documents and Settings\Jesse Pinkman\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\ CHR - Extension: No name found = E:\Documents and Settings\Jesse Pinkman\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: No name found = E:\Documents and Settings\Jesse Pinkman\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\ CHR - Extension: No name found = E:\Documents and Settings\Jesse Pinkman\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: No name found = E:\Documents and Settings\Jesse Pinkman\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: No name found = E:\Documents and Settings\Jesse Pinkman\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: No name found = E:\Documents and Settings\Jesse Pinkman\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2014-07-11 20:25:58 | 000,000,768 | ---- | M]) - E:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O4 - HKLM..\Run: [ARCACLEAN] E:\Program Files\Arcabit\ArcaVir\ArcaClean.exe (ArcaBit) O4 - HKLM..\Run: [AVMENU] E:\Program Files\Arcabit\ArcaVir\AVMenu.exe (Arcabit) O4 - HKLM..\Run: [NvCplDaemon] E:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-436374069-2147134463-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8988C62-9D4A-468D-A229-2F6F5654FC72}: DhcpNameServer = 192.168.1.254 O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (E:\WINDOWS\system32\userinit.exe) - E:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: E:\WINDOWS\Web\Wallpaper\Bliss.bmp O24 - Desktop BackupWallPaper: E:\WINDOWS\Web\Wallpaper\Bliss.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2014-07-11 22:14:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{6b6dc5ee-093d-11e4-a39f-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{6b6dc5ee-093d-11e4-a39f-806d6172696f}\Shell\AutoRun - "" = Auto&Play O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2014-12-06 17:08:51 | 000,000,000 | ---D | C] -- E:\FRST [2014-12-06 15:37:26 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Jesse Pinkman\Local Settings\Application Data\iolo [2014-12-06 15:37:26 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Application Data\iolo [2014-12-06 15:36:18 | 000,000,000 | ---D | C] -- E:\WINDOWS\assembly [2014-12-06 15:36:01 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft.NET [2014-12-06 15:36:00 | 000,000,000 | ---D | C] -- E:\WINDOWS\Microsoft.NET [2014-12-06 15:20:23 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Jesse Pinkman\Application Data\ParetoLogic [2014-12-06 15:19:34 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Application Data\ParetoLogic [2014-12-06 14:55:04 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Jesse Pinkman\Desktop\Copy of Euro Truck Simulator 2 [2014-12-01 20:54:06 | 000,000,000 | R--D | C] -- E:\Documents and Settings\Jesse Pinkman\Start Menu\Programs\Administrative Tools [2014-12-01 20:07:00 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\arcabit [2014-12-01 19:57:11 | 000,054,200 | ---- | C] (NetFilterSDK.com) -- E:\WINDOWS\System32\drivers\arcawfp.sys [2014-12-01 19:56:47 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Application Data\ArcaBit [2014-12-01 19:56:39 | 000,041,712 | ---- | C] (ArcaBit) -- E:\WINDOWS\System32\drivers\abndis.sys [2014-12-01 19:56:38 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Start Menu\Programs\Arcabit [2014-12-01 19:56:35 | 000,000,000 | ---D | C] -- E:\Program Files\Arcabit [2014-12-01 19:56:20 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Application Data\Package Cache [2014-11-28 16:52:32 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Jesse Pinkman\My Documents\Downloads [2014-11-28 16:52:30 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Jesse Pinkman\Application Data\NapiProjekt [2014-11-28 16:52:25 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Jesse Pinkman\Start Menu\Programs\1-click run [2014-11-28 16:51:29 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\Lang [2014-11-28 16:51:29 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\DRVSTORE [2014-11-28 16:49:28 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Jesse Pinkman\My Documents\MAMA [2014-11-28 16:04:44 | 000,000,000 | ---D | C] -- E:\Program Files\Free Window Registry Repair [2014-11-28 15:35:29 | 000,000,000 | -H-D | C] -- E:\WINDOWS\System32\GroupPolicy [2014-11-26 11:19:58 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\LogFiles [2014-10-30 21:45:44 | 000,011,136 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\dllcache\slip.sys [2014-10-13 20:58:34 | 000,091,136 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\kswdmcap.ax [2014-10-13 20:58:34 | 000,061,952 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\kstvtune.ax [2014-10-13 20:58:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\vidcap.ax [2014-10-13 20:58:33 | 000,053,760 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\vfwwdm32.dll [2014-10-13 20:58:33 | 000,043,008 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\ksxbar.ax [2014-10-13 20:58:33 | 000,020,992 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\System32\dshowext.ax [4 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2014-12-06 15:37:21 | 000,405,342 | ---- | M] () -- E:\WINDOWS\System32\perfh009.dat [2014-12-06 15:37:21 | 000,054,560 | ---- | M] () -- E:\WINDOWS\System32\perfc009.dat [2014-12-06 15:30:31 | 000,054,200 | ---- | M] (NetFilterSDK.com) -- E:\WINDOWS\System32\drivers\arcawfp.sys [2014-12-06 14:53:24 | 000,002,206 | ---- | M] () -- E:\WINDOWS\System32\wpa.dbl [2014-12-06 14:53:22 | 000,002,048 | --S- | M] () -- E:\WINDOWS\bootstat.dat [2014-12-01 21:00:55 | 000,000,008 | RHS- | M] () -- E:\Documents and Settings\Jesse Pinkman\ntuser.pol [2014-12-01 19:56:35 | 000,041,712 | ---- | M] (ArcaBit) -- E:\WINDOWS\System32\drivers\abndis.sys [2014-11-30 17:28:17 | 000,145,000 | ---- | M] (NVIDIA Corporation) -- E:\WINDOWS\System32\nvcolor.exe [2014-11-30 17:25:23 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- E:\WINDOWS\SOUNDMAN.EXE [2014-11-30 17:25:09 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- E:\WINDOWS\ALCMTR.EXE [2014-11-28 16:45:28 | 000,004,608 | ---- | M] () -- E:\Documents and Settings\Jesse Pinkman\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-11-26 11:23:48 | 000,000,810 | ---- | M] () -- E:\Documents and Settings\Jesse Pinkman\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk [2014-10-13 20:52:32 | 000,000,195 | RHS- | M] () -- E:\boot.ini [4 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-11-28 15:36:27 | 000,000,008 | RHS- | C] () -- E:\Documents and Settings\Jesse Pinkman\ntuser.pol [2014-11-26 11:23:48 | 000,000,810 | ---- | C] () -- E:\Documents and Settings\Jesse Pinkman\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk [2014-11-26 11:18:36 | 000,004,608 | ---- | C] () -- E:\Documents and Settings\Jesse Pinkman\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-10-13 20:56:57 | 000,250,048 | RHS- | C] () -- E:\ntldr [2014-07-13 11:11:09 | 000,508,560 | R--- | C] () -- E:\WINDOWS\System32\drivers\rtvienna.dat [2014-07-13 11:09:57 | 000,006,136 | R--- | C] () -- E:\WINDOWS\System32\drivers\nvphy.bin [2014-07-13 11:03:59 | 000,228,632 | ---- | C] () -- E:\WINDOWS\System32\nvdrsdb0.bin [2014-07-13 11:03:57 | 000,228,632 | ---- | C] () -- E:\WINDOWS\System32\nvdrsdb1.bin [2014-07-13 11:03:57 | 000,000,001 | ---- | C] () -- E:\WINDOWS\System32\nvdrssel.bin [2014-07-12 00:06:04 | 000,004,161 | ---- | C] () -- E:\WINDOWS\ODBCINST.INI [2014-07-12 00:05:22 | 000,090,296 | ---- | C] () -- E:\WINDOWS\System32\FNTCACHE.DAT [2014-07-11 22:16:42 | 000,002,048 | --S- | C] () -- E:\WINDOWS\bootstat.dat [2014-07-11 22:13:13 | 000,021,640 | ---- | C] () -- E:\WINDOWS\System32\emptyregdb.dat [2014-07-11 20:26:06 | 000,004,569 | ---- | C] () -- E:\WINDOWS\System32\secupd.dat [2014-07-11 20:26:01 | 000,405,342 | ---- | C] () -- E:\WINDOWS\System32\perfh009.dat [2014-07-11 20:26:01 | 000,272,128 | ---- | C] () -- E:\WINDOWS\System32\perfi009.dat [2014-07-11 20:26:01 | 000,054,560 | ---- | C] () -- E:\WINDOWS\System32\perfc009.dat [2014-07-11 20:26:01 | 000,028,626 | ---- | C] () -- E:\WINDOWS\System32\perfd009.dat [2014-07-11 20:26:00 | 013,107,200 | ---- | C] () -- E:\WINDOWS\System32\oembios.bin [2014-07-11 20:26:00 | 000,004,463 | ---- | C] () -- E:\WINDOWS\System32\oembios.dat [2014-07-11 20:26:00 | 000,000,741 | ---- | C] () -- E:\WINDOWS\System32\noise.dat [2014-07-11 20:25:59 | 000,673,088 | ---- | C] () -- E:\WINDOWS\System32\mlang.dat [2014-07-11 20:25:59 | 000,046,258 | ---- | C] () -- E:\WINDOWS\System32\mib.bin [2014-07-11 20:25:50 | 000,218,003 | ---- | C] () -- E:\WINDOWS\System32\dssec.dat [2014-07-11 20:25:49 | 000,001,804 | ---- | C] () -- E:\WINDOWS\System32\Dcache.bin [color=#E56717]========== ZeroAccess Check ==========[/color] [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2014-07-11 20:26:08 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = E:\WINDOWS\system32\wbem\fastprox.dll -- [2014-07-11 18:25:52 | 000,472,064 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = E:\WINDOWS\system32\wbem\wbemess.dll -- [2014-07-11 18:26:10 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2014-12-01 19:57:11 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\ArcaBit [2014-12-06 15:37:26 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\iolo [2014-12-02 15:12:08 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Package Cache [2014-12-06 15:30:29 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\ParetoLogic [2014-11-28 16:50:51 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Jesse Pinkman\Application Data\AIMP3 [2014-11-28 16:52:30 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Jesse Pinkman\Application Data\NapiProjekt [2014-12-06 15:20:23 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Jesse Pinkman\Application Data\ParetoLogic [color=#E56717]========== Purity Check ==========[/color] < End of report >