OTL logfile created on: 2012-04-16 14:52:23 - Run 1
OTL by OldTimer - Version 3.2.39.2     Folder = D:\Users\Kubs\Downloads
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
4,00 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 57,89% Memory free
7,99 Gb Paging File | 6,17 Gb Available in Paging File | 77,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 34,65 Gb Total Space | 9,47 Gb Free Space | 27,34% Space Free | Partition Type: NTFS
Drive D: | 133,17 Gb Total Space | 22,16 Gb Free Space | 16,64% Space Free | Partition Type: NTFS
Drive E: | 128,83 Gb Total Space | 36,10 Gb Free Space | 28,02% Space Free | Partition Type: NTFS
Drive F: | 97,28 Gb Total Space | 25,70 Gb Free Space | 26,42% Space Free | Partition Type: NTFS
 
Computer Name: KUBSON-PC | User Name: Kubson | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-04-16 14:47:07 | 000,593,920 | ---- | M] (OldTimer Tools) -- D:\Users\Kubs\Downloads\OTL.exe
PRC - [2012-03-18 10:50:34 | 000,924,600 | ---- | M] (Mozilla Corporation) -- E:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011-11-18 17:33:52 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Program Files (x86)\Steam\Steam.exe
PRC - [2011-11-10 15:11:19 | 001,294,336 | ---- | M] () -- E:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
PRC - [2011-10-14 15:49:38 | 000,745,832 | ---- | M] (Tunngle.net GmbH) -- D:\Program Files (x86)\Tunngle\TnglCtrl.exe
PRC - [2011-09-08 19:22:28 | 002,592,768 | ---- | M] () -- E:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.54\deploy\LoLLauncher.exe
PRC - [2010-09-16 15:06:22 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010-09-08 10:09:02 | 000,144,384 | ---- | M] (Adobe Systems Inc.) -- E:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.134\deploy\LolClient.exe
PRC - [2010-06-24 18:50:50 | 006,806,144 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010-05-03 15:45:50 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010-05-03 15:41:46 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009-12-15 11:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009-06-19 11:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009-06-19 11:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009-06-15 18:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2008-12-22 18:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-03-21 20:52:54 | 020,297,512 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012-03-21 20:52:53 | 001,099,576 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012-03-21 20:52:53 | 000,907,048 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012-03-21 20:52:53 | 000,190,776 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012-03-21 20:52:53 | 000,123,192 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012-03-18 10:50:33 | 001,969,080 | ---- | M] () -- E:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012-03-08 12:52:56 | 000,085,288 | ---- | M] () -- C:\Users\Kubson\AppData\Roaming\Mozilla\Firefox\Profiles\ykzfweph.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCoreGecko11.dll
MOD - [2011-11-10 15:11:19 | 001,294,336 | ---- | M] () -- E:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
MOD - [2011-10-22 11:16:18 | 000,070,424 | ---- | M] () -- E:\Program Files\TortoiseSVN\bin\libsasl32.dll
MOD - [2011-09-08 19:22:28 | 002,592,768 | ---- | M] () -- E:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.54\deploy\LoLLauncher.exe
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2011-11-18 15:55:52 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-02-28 18:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- E:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012-02-15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-02-14 14:13:30 | 000,481,064 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011-10-14 15:49:38 | 000,745,832 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- D:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2010-09-16 15:06:22 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-12-15 11:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009-06-15 18:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012-03-01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011-12-03 21:29:40 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2011-11-18 15:55:54 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2011-11-18 15:55:53 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:[b]64bit:[/b] - [2011-11-18 15:55:52 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2011-11-18 15:55:52 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2011-07-29 13:54:56 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:[b]64bit:[/b] - [2011-07-29 13:54:56 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:[b]64bit:[/b] - [2011-03-11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-06-25 17:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:[b]64bit:[/b] - [2009-09-16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 01:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2009-06-20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-13 10:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2009-03-18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2011-07-29 13:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2011-07-29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-07-02 18:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1333657004_114557
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = pl.v9.com/idg/idg_1333657004_114557
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2445345992-889435995-341603494-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1333657004_114557
IE - HKU\S-1-5-21-2445345992-889435995-341603494-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = pl.v9.com/idg/idg_1333657004_114557
IE - HKU\S-1-5-21-2445345992-889435995-341603494-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1E 31 5A 63 04 A6 CC 01  [binary data]
IE - HKU\S-1-5-21-2445345992-889435995-341603494-1001\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKU\S-1-5-21-2445345992-889435995-341603494-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2445345992-889435995-341603494-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2445345992-889435995-341603494-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
IE - HKU\S-1-5-21-2445345992-889435995-341603494-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "google.pl"
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: E:\Program Files (x86)\Mozilla Firefox\components [2012-03-18 10:50:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: E:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011-11-18 17:19:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kubson\AppData\Roaming\mozilla\Extensions
[2012-04-04 12:26:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kubson\AppData\Roaming\mozilla\Firefox\Profiles\ykzfweph.default\extensions
[2012-04-04 12:27:00 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Kubson\AppData\Roaming\mozilla\Firefox\Profiles\ykzfweph.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012-03-08 18:56:44 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Kubson\AppData\Roaming\mozilla\Firefox\Profiles\ykzfweph.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
() (No name found) -- C:\USERS\KUBSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZFWEPH.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
 
O1 HOSTS File: ([2011-12-05 00:48:13 | 000,000,896 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activation.guitar-pro.com
O1 - Hosts: 127.0.0.1 activation.guitar-pro.com
O2 - BHO: (Adobe PDF Link Helper) - {41BB127A-4977-6382-6F68-1D88048C656B} - C:\Windows\SysWOW64\KBDTTUQ.DLL (Microsoft Corporation)
O3 - HKU\S-1-5-21-2445345992-889435995-341603494-1001\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 0
O7 - HKU\S-1-5-21-2445345992-889435995-341603494-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5694311D-DB90-405E-A97D-E8429FC76EC3}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7540A453-C418-45D4-B744-7C75507B05C5}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{85a3e3e0-2d41-11e1-9ecb-f2f08ee87663}\Shell - "" = AutoRun
O33 - MountPoints2\{85a3e3e0-2d41-11e1-9ecb-f2f08ee87663}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-04-16 12:30:18 | 000,000,000 | ---D | C] -- C:\Users\Kubson\AppData\Roaming\Hi-Rez Studios
[2012-04-16 12:29:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012-04-15 14:57:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\2021
[2012-04-14 21:44:34 | 000,000,000 | -HSD | C] -- C:\found.000
[2012-04-14 15:49:54 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012-04-14 15:49:54 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-04-14 15:49:52 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012-04-14 15:49:52 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012-04-14 15:49:52 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012-04-14 15:49:52 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-04-14 15:49:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-04-14 15:49:51 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012-04-14 15:49:51 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-04-14 15:49:51 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012-04-14 15:49:51 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-04-14 08:07:04 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012-04-14 08:07:04 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012-04-14 08:07:04 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012-04-14 08:07:04 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012-04-14 08:07:04 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012-04-14 08:07:04 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012-04-14 08:07:04 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012-04-14 08:07:04 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012-04-14 08:07:04 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012-04-14 08:07:04 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012-04-14 08:07:04 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012-04-14 08:07:04 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012-04-14 08:07:04 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012-04-14 08:07:04 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012-04-14 08:07:04 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012-04-14 08:07:04 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012-04-14 08:07:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012-04-14 08:07:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012-04-14 08:07:04 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012-04-14 08:07:04 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012-04-14 08:07:04 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012-04-14 08:07:04 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012-04-14 08:07:04 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012-04-14 08:07:04 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012-04-14 08:07:04 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012-04-14 08:07:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012-04-14 08:07:04 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012-04-14 08:07:04 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012-04-14 08:07:04 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012-04-14 08:07:04 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012-04-14 08:07:04 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012-04-14 08:07:04 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012-04-14 08:07:04 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012-04-14 08:07:04 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012-04-14 08:07:04 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012-04-14 08:07:04 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012-04-14 08:07:04 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012-04-14 08:07:04 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012-04-14 08:07:04 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012-04-14 08:07:04 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012-04-14 08:07:04 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012-04-14 08:07:04 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012-04-14 08:07:04 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012-04-14 08:07:04 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012-04-14 08:07:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012-04-14 08:07:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012-04-14 08:07:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012-04-14 08:07:04 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012-04-14 08:07:04 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012-04-14 08:07:04 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012-04-14 08:07:04 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012-04-14 08:07:04 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012-04-14 08:07:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012-04-14 08:07:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012-04-14 08:07:04 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012-04-14 08:07:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012-04-14 08:07:04 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012-04-14 08:07:04 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012-04-14 08:07:04 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012-04-14 08:07:04 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012-04-14 08:07:04 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012-04-14 08:05:58 | 005,504,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012-04-14 08:05:58 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012-04-14 08:05:57 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012-04-12 16:48:38 | 000,000,000 | ---D | C] -- C:\Users\Kubson\AppData\Roaming\Adobe
[2012-04-12 15:39:06 | 000,000,000 | ---D | C] -- C:\Users\Kubson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012-04-12 12:59:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EASEUS Partition Master 9.1.1 Home Edition
[2012-04-12 12:53:12 | 000,000,000 | R--D | C] -- C:\Users\Kubson\Documents\Notes
[2012-04-12 11:38:14 | 000,000,000 | ---D | C] -- C:\Users\Kubson\c****
[2012-04-12 08:37:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-04-11 13:14:38 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012-04-11 13:14:38 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012-04-11 13:14:38 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012-04-09 13:26:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1066
[2012-04-08 20:05:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012-04-08 18:37:52 | 000,000,000 | ---D | C] -- C:\Users\Kubson\AppData\Roaming\SplitMediaLabs
[2012-04-06 16:15:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\2016
[2012-04-05 22:16:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\v9Soft
[2012-04-05 21:38:26 | 000,182,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft3.dll
[2012-04-05 21:38:26 | 000,155,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LMRT.dll
[2012-04-05 21:38:26 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\Windows\SysWow64\tm20dec.ax
[2012-04-05 21:38:26 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LMRTREND.dll
[2012-04-05 21:38:25 | 000,217,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\strmdll.dll
[2012-04-05 21:38:25 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unam4ie.exe
[2012-04-05 21:38:23 | 001,088,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\danim.dll
[2012-04-05 21:38:23 | 000,194,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qcut.dll
[2012-04-05 21:38:23 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciqtz.drv
[2012-04-05 21:38:23 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf32.dll
[2012-04-05 21:38:23 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf16.dll
[2012-04-05 21:37:49 | 000,315,904 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2012-04-05 14:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hero Editor
[2012-04-05 14:18:23 | 000,000,000 | ---D | C] -- C:\Users\Kubson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hero Editor
[2012-04-05 14:17:58 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2012-04-05 14:17:54 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2012-04-04 12:26:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012-04-04 12:26:57 | 000,000,000 | ---D | C] -- C:\Users\Kubson\AppData\Local\Conduit
[2012-04-04 12:24:32 | 000,000,000 | ---D | C] -- C:\Users\Kubson\AppData\Roaming\uTorrent
[2012-03-31 12:55:35 | 000,000,000 | ---D | C] -- C:\Users\Kubson\AppData\Roaming\.minecraft
[2012-03-31 01:46:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\2023
[2012-03-28 18:27:16 | 000,000,000 | ---D | C] -- C:\Users\Kubson\AppData\Local\Deployment
[2012-03-28 18:27:16 | 000,000,000 | ---D | C] -- C:\Users\Kubson\AppData\Local\Apps
[2012-03-18 10:30:34 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012-03-18 10:30:34 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012-03-18 10:30:34 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-04-16 12:54:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-04-16 12:54:33 | 3219,513,344 | -HS- | M] () -- C:\hiberfil.sys
[2012-04-15 23:30:11 | 000,002,432 | ---- | M] () -- C:\Users\Kubson\AppData\Local\Temphz3152.html
[2012-04-15 23:30:11 | 000,002,089 | ---- | M] () -- C:\Users\Kubson\AppData\Local\TempDT3152.html
[2012-04-15 22:16:52 | 000,002,432 | ---- | M] () -- C:\Users\Kubson\AppData\Local\TempQb3152.html
[2012-04-15 18:19:12 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2012-04-15 18:02:53 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-04-15 18:02:53 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-04-15 15:55:17 | 000,002,432 | ---- | M] () -- C:\Users\Kubson\AppData\Local\TempdY4680.html
[2012-04-15 15:10:52 | 000,018,761 | ---- | M] () -- C:\Users\Kubson\Documents\majtkimatiza(1).gpx
[2012-04-15 14:56:23 | 000,015,617 | ---- | M] () -- C:\Users\Kubson\Documents\majtkimatiza.gpx
[2012-04-15 00:47:24 | 000,002,432 | ---- | M] () -- C:\Users\Kubson\AppData\Local\TempLs3896.html
[2012-04-15 00:47:24 | 000,002,089 | ---- | M] () -- C:\Users\Kubson\AppData\Local\TempqU3896.html
[2012-04-14 22:04:05 | 000,007,605 | ---- | M] () -- C:\Users\Kubson\AppData\Local\Resmon.ResmonCfg
[2012-04-14 21:58:10 | 000,000,825 | ---- | M] () -- C:\Users\Public\Desktop\Applian FLV Player.lnk
[2012-04-14 21:47:10 | 000,003,344 | ---- | M] () -- C:\bootsqm.dat
[2012-04-14 21:27:18 | 000,001,498 | -H-- | M] () -- C:\Windows\EPMBatch.ept
[2012-04-14 20:15:00 | 000,002,432 | ---- | M] () -- C:\Users\Kubson\AppData\Local\TempTo3628.html
[2012-04-14 11:12:52 | 000,002,432 | ---- | M] () -- C:\Users\Kubson\AppData\Local\TempBJ2360.html
[2012-04-14 10:24:39 | 000,001,482 | ---- | M] () -- C:\Users\Kubson\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012-04-14 08:07:04 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012-04-14 08:07:04 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012-04-14 08:07:04 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012-04-14 08:07:04 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012-04-14 08:07:04 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012-04-14 08:07:04 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012-04-14 08:07:04 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012-04-14 08:07:04 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012-04-14 08:07:04 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012-04-14 08:07:04 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012-04-14 08:07:04 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012-04-14 08:07:04 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012-04-14 08:07:04 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012-04-14 08:07:04 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012-04-14 08:07:04 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012-04-14 08:07:04 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012-04-14 08:07:04 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012-04-14 08:07:04 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012-04-14 08:07:04 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012-04-14 08:07:04 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012-04-14 08:07:04 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012-04-14 08:07:04 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012-04-14 08:07:04 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012-04-14 08:07:04 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012-04-14 08:07:04 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012-04-14 08:07:04 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012-04-14 08:07:04 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012-04-14 08:07:04 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012-04-14 08:07:04 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012-04-14 08:07:04 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012-04-14 08:07:04 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012-04-14 08:07:04 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012-04-14 08:07:04 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012-04-14 08:07:04 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012-04-14 08:07:04 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012-04-14 08:07:04 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012-04-14 08:07:04 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012-04-14 08:07:04 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012-04-14 08:07:04 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012-04-14 08:07:04 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012-04-14 08:07:04 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012-04-14 08:07:04 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012-04-14 08:07:04 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012-04-14 08:07:04 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012-04-14 08:07:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012-04-14 08:07:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012-04-14 08:07:04 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012-04-14 08:07:04 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012-04-14 08:07:04 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012-04-14 08:07:04 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012-04-14 08:07:04 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012-04-14 08:07:04 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012-04-14 08:07:04 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012-04-14 08:07:04 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012-04-14 08:07:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012-04-14 08:07:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012-04-14 08:07:04 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012-04-14 08:07:04 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012-04-14 08:07:04 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012-04-14 08:07:04 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012-04-14 08:07:04 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012-04-14 08:07:04 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012-04-14 08:07:04 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012-04-13 13:24:30 | 003,250,640 | ---- | M] () -- C:\Users\Kubson\ts3_recording_12_04_13_13_24_10.wav
[2012-04-12 22:38:13 | 000,002,432 | ---- | M] () -- C:\Users\Kubson\AppData\Local\Tempdz4860.html
[2012-04-12 22:38:13 | 000,002,089 | ---- | M] () -- C:\Users\Kubson\AppData\Local\TempYX4860.html
[2012-04-12 21:24:27 | 000,002,432 | ---- | M] () -- C:\Users\Kubson\AppData\Local\TempYF5964.html
[2012-04-12 15:39:06 | 000,000,221 | ---- | M] () -- C:\Users\Kubson\Desktop\Global Agenda.url
[2012-04-12 01:05:18 | 000,002,432 | ---- | M] () -- C:\Users\Kubson\AppData\Local\Tempr10156.html
[2012-04-11 22:16:51 | 000,002,432 | ---- | M] () -- C:\Users\Kubson\AppData\Local\TempFz3348.html
[2012-04-11 01:18:50 | 000,002,432 | ---- | M] () -- C:\Users\Kubson\AppData\Local\TempQA3456.html
[2012-04-10 21:21:04 | 000,002,432 | ---- | M] () -- C:\Users\Kubson\AppData\Local\TempNN6240.html
[2012-04-10 14:15:52 | 000,002,432 | ---- | M] () -- C:\Users\Kubson\AppData\Local\TempGv3432.html
[2012-04-10 01:27:28 | 000,002,432 | ---- | M] () -- C:\Users\Kubson\AppData\Local\TempL12920.html
[2012-04-09 13:54:47 | 000,002,432 | ---- | M] () -- C:\Users\Kubson\AppData\Local\TempNr3788.html
[2012-04-09 00:36:46 | 000,002,432 | ---- | M] () -- C:\Users\Kubson\AppData\Local\Tempnj4724.html
[2012-04-06 10:45:51 | 000,000,147 | ---- | M] () -- C:\Windows\wa.INI
[2012-04-05 21:38:22 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf32.dll
[2012-04-05 21:38:22 | 000,002,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf16.dll
[2012-04-05 14:17:58 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2012-04-05 14:17:55 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2012-04-03 20:24:47 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\commuid.dll
[2012-03-30 15:12:38 | 001,535,984 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-03-30 15:12:38 | 000,693,402 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-03-30 15:12:38 | 000,620,036 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-03-30 15:12:38 | 000,132,464 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-03-30 15:12:38 | 000,104,578 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-03-19 15:00:51 | 000,266,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-04-15 23:30:11 | 000,002,432 | ---- | C] () -- C:\Users\Kubson\AppData\Local\Temphz3152.html
[2012-04-15 23:30:11 | 000,002,089 | ---- | C] () -- C:\Users\Kubson\AppData\Local\TempDT3152.html
[2012-04-15 20:41:54 | 000,002,432 | ---- | C] () -- C:\Users\Kubson\AppData\Local\TempQb3152.html
[2012-04-15 15:10:38 | 000,018,761 | ---- | C] () -- C:\Users\Kubson\Documents\majtkimatiza(1).gpx
[2012-04-15 14:56:09 | 000,015,617 | ---- | C] () -- C:\Users\Kubson\Documents\majtkimatiza.gpx
[2012-04-15 14:43:03 | 000,002,432 | ---- | C] () -- C:\Users\Kubson\AppData\Local\TempdY4680.html
[2012-04-15 00:47:24 | 000,002,432 | ---- | C] () -- C:\Users\Kubson\AppData\Local\TempLs3896.html
[2012-04-15 00:47:24 | 000,002,089 | ---- | C] () -- C:\Users\Kubson\AppData\Local\TempqU3896.html
[2012-04-14 22:04:05 | 000,007,605 | ---- | C] () -- C:\Users\Kubson\AppData\Local\Resmon.ResmonCfg
[2012-04-14 21:58:10 | 000,000,825 | ---- | C] () -- C:\Users\Public\Desktop\Applian FLV Player.lnk
[2012-04-14 21:47:10 | 000,003,344 | ---- | C] () -- C:\bootsqm.dat
[2012-04-14 19:42:53 | 000,002,432 | ---- | C] () -- C:\Users\Kubson\AppData\Local\TempTo3628.html
[2012-04-14 10:31:44 | 000,002,432 | ---- | C] () -- C:\Users\Kubson\AppData\Local\TempBJ2360.html
[2012-04-14 08:07:04 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012-04-14 08:07:04 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012-04-13 13:24:13 | 003,250,640 | ---- | C] () -- C:\Users\Kubson\ts3_recording_12_04_13_13_24_10.wav
[2012-04-12 22:38:13 | 000,002,432 | ---- | C] () -- C:\Users\Kubson\AppData\Local\Tempdz4860.html
[2012-04-12 22:38:13 | 000,002,089 | ---- | C] () -- C:\Users\Kubson\AppData\Local\TempYX4860.html
[2012-04-12 19:14:42 | 000,002,432 | ---- | C] () -- C:\Users\Kubson\AppData\Local\TempYF5964.html
[2012-04-12 15:39:06 | 000,000,221 | ---- | C] () -- C:\Users\Kubson\Desktop\Global Agenda.url
[2012-04-12 13:10:56 | 000,001,498 | -H-- | C] () -- C:\Windows\EPMBatch.ept
[2012-04-12 12:59:46 | 003,316,736 | ---- | C] () -- C:\Windows\SysNative\BootMan.exe
[2012-04-12 12:59:46 | 002,469,760 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2012-04-12 12:59:46 | 000,100,232 | ---- | C] () -- C:\Windows\SysNative\setupempdrvx64.exe
[2012-04-12 12:59:46 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2012-04-12 12:59:46 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2012-04-12 12:59:46 | 000,016,776 | ---- | C] () -- C:\Windows\SysNative\epmntdrv.sys
[2012-04-12 12:59:46 | 000,016,256 | ---- | C] () -- C:\Windows\SysNative\EuEpmGdi.dll
[2012-04-12 12:59:46 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2012-04-12 12:59:46 | 000,009,096 | ---- | C] () -- C:\Windows\SysNative\EuGdiDrv.sys
[2012-04-12 12:59:46 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2012-04-11 23:27:39 | 000,002,432 | ---- | C] () -- C:\Users\Kubson\AppData\Local\Tempr10156.html
[2012-04-11 20:22:12 | 000,002,432 | ---- | C] () -- C:\Users\Kubson\AppData\Local\TempFz3348.html
[2012-04-10 22:37:15 | 000,002,432 | ---- | C] () -- C:\Users\Kubson\AppData\Local\TempQA3456.html
[2012-04-10 21:17:38 | 000,002,432 | ---- | C] () -- C:\Users\Kubson\AppData\Local\TempNN6240.html
[2012-04-10 12:02:28 | 000,002,432 | ---- | C] () -- C:\Users\Kubson\AppData\Local\TempGv3432.html
[2012-04-09 23:31:26 | 000,002,432 | ---- | C] () -- C:\Users\Kubson\AppData\Local\TempL12920.html
[2012-04-09 13:03:53 | 000,002,432 | ---- | C] () -- C:\Users\Kubson\AppData\Local\TempNr3788.html
[2012-04-08 23:42:28 | 000,002,432 | ---- | C] () -- C:\Users\Kubson\AppData\Local\Tempnj4724.html
[2012-04-05 21:41:01 | 000,000,147 | ---- | C] () -- C:\Windows\wa.INI
[2012-04-05 21:38:23 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2012-04-05 21:38:23 | 000,005,672 | ---- | C] () -- C:\Windows\SysWow64\quartz.vxd
[2012-04-04 13:42:37 | 000,001,058 | ---- | C] () -- C:\Users\Kubson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk
[2012-04-03 20:24:47 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\commuid.dll
[2012-03-02 18:39:48 | 000,109,400 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011-12-29 08:56:29 | 000,000,418 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011-11-20 16:32:32 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2011-11-18 16:00:51 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011-06-11 02:58:52 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mfc1100kor.dll
[2010-06-16 07:28:54 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012-04-14 14:50:53 | 000,000,000 | ---D | M] -- C:\Users\Kubson\AppData\Roaming\.minecraft
[2012-04-14 23:51:24 | 000,000,000 | ---D | M] -- C:\Users\Kubson\AppData\Roaming\DAEMON Tools Lite
[2012-03-24 15:55:53 | 000,000,000 | ---D | M] -- C:\Users\Kubson\AppData\Roaming\Dropbox
[2012-04-16 12:39:56 | 000,000,000 | ---D | M] -- C:\Users\Kubson\AppData\Roaming\foobar2000
[2012-04-11 20:22:11 | 000,000,000 | ---D | M] -- C:\Users\Kubson\AppData\Roaming\Gadu-Gadu 10
[2011-12-02 18:36:56 | 000,000,000 | ---D | M] -- C:\Users\Kubson\AppData\Roaming\GameRanger
[2011-11-26 13:38:23 | 000,000,000 | ---D | M] -- C:\Users\Kubson\AppData\Roaming\GHISLER
[2011-12-05 00:50:38 | 000,000,000 | ---D | M] -- C:\Users\Kubson\AppData\Roaming\Guitar Pro 6
[2012-04-16 12:30:19 | 000,000,000 | ---D | M] -- C:\Users\Kubson\AppData\Roaming\Hi-Rez Studios
[2011-11-18 16:24:40 | 000,000,000 | ---D | M] -- C:\Users\Kubson\AppData\Roaming\LolClient
[2012-04-15 21:16:59 | 000,000,000 | ---D | M] -- C:\Users\Kubson\AppData\Roaming\Mumble
[2012-04-14 08:04:19 | 000,000,000 | ---D | M] -- C:\Users\Kubson\AppData\Roaming\Notepad++
[2011-12-02 21:57:05 | 000,000,000 | ---D | M] -- C:\Users\Kubson\AppData\Roaming\PandoraRecovery
[2012-04-08 18:37:52 | 000,000,000 | ---D | M] -- C:\Users\Kubson\AppData\Roaming\SplitMediaLabs
[2011-11-26 14:54:33 | 000,000,000 | ---D | M] -- C:\Users\Kubson\AppData\Roaming\Subversion
[2012-02-02 21:33:00 | 000,000,000 | ---D | M] -- C:\Users\Kubson\AppData\Roaming\SystemRequirementsLab
[2012-02-01 23:54:55 | 000,000,000 | ---D | M] -- C:\Users\Kubson\AppData\Roaming\Trine2
[2011-11-21 02:22:36 | 000,000,000 | ---D | M] -- C:\Users\Kubson\AppData\Roaming\Tunngle
[2012-04-14 20:21:37 | 000,000,000 | ---D | M] -- C:\Users\Kubson\AppData\Roaming\uTorrent
[2012-03-10 10:09:19 | 000,032,650 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:63238B95

< End of report >