========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google
riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.131.2_0\McChPlg.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00C2\u2122 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: Magic Actions for YouTube\u2122 = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif\5.8.6_0\
CHR - Extension: James White = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\
CHR - Extension: Adblock Plus = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\
CHR - Extension: SiteAdvisor = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\
CHR - Extension: AdBlock = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0\
CHR - Extension: YouTube Unblocker = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl\0.4.2_0\
CHR - Extension: Click&Clean App = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0\
CHR - Extension: Magic Actions for YouTube\u2122 = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif\5.8.6_0\
CHR - Extension: James White = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\
CHR - Extension: Adblock Plus = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\
CHR - Extension: SiteAdvisor = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\
CHR - Extension: AdBlock = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0\
CHR - Extension: YouTube Unblocker = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl\0.4.2_0\
CHR - Extension: Click&Clean App = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:
64bit: - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\EgisTec BioExcess\x64\EgisPBIE.dll (Egis Technology Inc.)
O2:
64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20130401232745.dll (McAfee, Inc.)
O2:
64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:
64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Programme\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2:
64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\EgisTec BioExcess\EgisPBIE.dll (Egis Technology Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20130401232745.dll (McAfee, Inc.)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Programme\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:
64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:
64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1671761560-3910637431-3504999273-1000\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:
64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:
64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe (Lenovo(beijing) Limited)
O4:
64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo)
O4:
64bit: - HKLM..\Run: [Logitech Download Assistant] C:\windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PLTSR] C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe (Egis Technology Inc. )
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VitaKeyTSR] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe (Egis Technology Inc. )
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1671761560-3910637431-3504999273-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1671761560-3910637431-3504999273-1000..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - HKU\S-1-5-21-1671761560-3910637431-3504999273-1000..\Run: [MicroUpdate] C:\windows\system32\MSDCSC\Be4a9fZ4wZ0J\msdcsc.exe File not found
O4 - HKU\S-1-5-21-1671761560-3910637431-3504999273-1000..\Run: [Windows Update] C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hiurD.exe ()
O4 - HKU\S-1-5-21-1671761560-3910637431-3504999273-1000..\Run: [xCentOS] C:\Users\*****\AppData\Roaming\xCentOS\vxCentOS.exe ()
O4 - HKU\S-1-5-21-1671761560-3910637431-3504999273-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-1671761560-3910637431-3504999273-1001..\Run: [Spotify Web Helper] C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hiurD.exe ()
O4 - Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:
64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:
64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:
64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:
64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0147457-0729-47D8-8F1B-CD8EE0C3E70C}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D2E12210-BED2-419A-B687-EABE57FE23D2}: DhcpNameServer = 192.168.178.1
O18:
64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18:
64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O20:
64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.01.31 23:20:39 | 000,055,616 | R--- | M] (Electronic Arts) - G:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2013.01.31 20:28:14 | 000,000,049 | R--- | M] () - G:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{f3f68623-468e-11e2-a9e7-e4d53de11d81}\Shell - "" = AutoRun
O33 - MountPoints2\{f3f68623-468e-11e2-a9e7-e4d53de11d81}\Shell\AutoRun\command - "" = G:\Autorun.exe -- [2013.01.31 23:20:39 | 000,055,616 | R--- | M] (Electronic Arts)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.05.13 00:28:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe
[2013.05.12 23:16:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.05.11 14:17:30 | 000,488,960 | ---- | C] (IMVUPremiumCreditStatusHack) -- C:\Users\*****\AppData\Roaming\update.exe
[2013.05.09 19:03:19 | 000,000,000 | ---D | C] -- C:\Users\*****\Desktop\Die Sims 3 +++
[2013.05.09 18:52:40 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU
[2013.05.09 18:18:06 | 000,000,000 | ---D | C] -- C:\Download
[2013.05.09 18:17:55 | 000,000,000 | ---D | C] -- C:\Nexon
[2013.05.09 18:17:52 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\windows\NEXON_EU_DownloaderUpdater.exe
[2013.05.09 17:31:41 | 000,115,200 | ---- | C] (Virtual Works Corporation) -- C:\Users\*****\AppData\Roaming\rogg.exe
[2013.05.09 16:11:12 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\xCentOS
[2013.05.09 15:35:32 | 000,010,847 | ---- | C] (Company) -- C:\Users\*****\AppData\Roaming\xCentOS.exe
[2013.05.09 00:06:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013.05.07 11:31:19 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\dclogs
[2013.05.06 17:56:26 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Game Dev Tycoon
[2013.05.06 17:52:10 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\IOS
[2013.05.06 12:01:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.05.03 00:05:52 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2013.05.03 00:05:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2013.05.01 13:38:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default)
[2013.04.30 17:46:29 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Peter L Jones
[2013.04.30 17:45:38 | 000,000,000 | ---D | C] -- C:\Program Files\s3pe
[2013.04.25 17:34:33 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\Electronic Arts
[2013.04.25 17:33:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2013.04.23 23:23:17 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Tropico 4
[2013.04.23 23:23:16 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
[2013.04.23 23:21:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalypso Media
[2013.04.23 20:05:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.04.23 20:05:34 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2013.04.23 20:05:34 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2013.04.23 20:05:34 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.23 15:11:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astroburn Lite
[2013.04.23 15:11:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Astroburn Lite
[2013.04.23 15:02:40 | 000,000,000 | R--D | C] -- C:\Users\*****\Desktop\File upload
[2013.04.17 22:49:03 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
[2013.04.17 08:38:11 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\BitShare.com Downloads
[2013.04.17 08:37:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitShare.com
[2013.04.17 01:48:40 | 000,000,000 | ---D | C] -- C:\Users\*****\Anonymous
[2013.04.17 01:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File-Upload.net
[2013.04.17 00:59:48 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Xenocode
[2013.04.15 22:36:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Astroburn Lite
[2013.04.15 22:21:50 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Nero
[2013.04.15 22:17:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2013.04.15 22:16:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2013.04.15 21:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
========== Files - Modified Within 30 Days ==========
[2013.05.13 00:38:01 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.05.13 00:28:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe
[2013.05.13 00:14:01 | 000,001,124 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.12 20:37:30 | 000,233,857 | ---- | M] () -- C:\windows\SysNative\fastboot.set
[2013.05.12 20:37:17 | 000,001,120 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.12 20:12:43 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.05.12 18:57:58 | 000,000,210 | ---- | M] () -- C:\Users\*****\Desktop\NAVYFIELD2.url
[2013.05.12 18:46:57 | 000,021,072 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.12 18:46:57 | 000,021,072 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.12 18:45:01 | 001,612,544 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.05.12 18:39:29 | 3153,702,912 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.11 16:34:18 | 000,007,641 | ---- | M] () -- C:\Users\*****\AppData\Local\Resmon.ResmonCfg
[2013.05.11 15:45:24 | 000,696,884 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013.05.11 15:45:24 | 000,652,162 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.05.11 15:45:24 | 000,148,148 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013.05.11 15:45:24 | 000,121,094 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.05.11 15:20:14 | 000,010,847 | ---- | M] (Company) -- C:\Users\*****\AppData\Roaming\xCentOS.exe
[2013.05.11 14:19:01 | 000,024,576 | ---- | M] () -- C:\Users\*****\AppData\Roaming\lol.exe
[2013.05.11 14:18:13 | 000,488,960 | ---- | M] (IMVUPremiumCreditStatusHack) -- C:\Users\*****\AppData\Roaming\update.exe
[2013.05.10 13:40:02 | 000,069,632 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Intel_Driver.exe
[2013.05.10 13:40:02 | 000,069,632 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hiurD.exe
[2013.05.09 18:17:54 | 000,000,235 | ---- | M] () -- C:\windows\SysWow64\nxEuUninstall.bat
[2013.05.09 18:17:52 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\windows\NEXON_EU_DownloaderUpdater.exe
[2013.05.09 17:33:03 | 000,115,200 | ---- | M] (Virtual Works Corporation) -- C:\Users\*****\AppData\Roaming\rogg.exe
[2013.05.09 16:34:50 | 000,007,168 | ---- | M] () -- C:\Users\*****\AppData\Roaming\System-Cleaner.exe
[2013.05.09 00:06:26 | 000,002,046 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013.05.01 13:38:52 | 000,000,989 | ---- | M] () -- C:\Users\*****\Desktop\Leviathan Warships.lnk
[2013.04.30 15:05:26 | 000,000,632 | ---- | M] () -- C:\Users\*****\Desktop\Filme - Verknüpfung.lnk
[2013.04.29 16:36:20 | 003,838,422 | ---- | M] () -- C:\Users\*****\Desktop\LadyFrontbum_Skin_Naughty_Default.package
[2013.04.21 22:33:14 | 000,001,341 | ---- | M] () -- C:\Users\*****\Desktop\AoK HD - Verknüpfung.lnk
[2013.04.19 06:50:58 | 000,085,358 | ---- | M] () -- C:\Users\*****\Desktop\NRaas_Decensor.package
[2013.04.17 08:37:42 | 000,003,073 | ---- | M] () -- C:\Users\*****\Desktop\BitShare Manager.lnk
[2013.04.15 22:35:17 | 000,001,505 | ---- | M] () -- C:\Users\*****\Desktop\DTLite - Verknüpfung.lnk
[2013.04.15 21:21:41 | 000,001,122 | ---- | M] () -- C:\Users\*****\Desktop\Cyberlink Power2Go.lnk
[2013.04.13 14:07:21 | 000,020,801 | ---- | M] () -- C:\Users\*****\AppData\Local\recently-used.xbel