Начална страница - Ask.com в гугъл хром

rucho · Юли 18, 2013

Начлната страница при стартиране на браузъра гугъл хром е Ask.com и не мога да я махна или променя. Рових и трих в настройките, но не става. С TUVARO - то се справих преди време, но с това ударих на камък. Търсих в нета и тук във форума, но не открих нищо, което да ми свърши работа. Има ли начин за премахването на тая досада. Ако ще помогне деинсталиране - инсталиране веднага ще го направя, но нещо ме съмнява дали ще се получи. От това, което прочетох в нета разбрах, че тая гадост се набива на много места и трябвало сериозно почистване.

Дано съм уцелил правилния раздел на форума.

Поздрави на всички!

icotonev · Юли 18, 2013

Здравейте...!

http://i47.tinypic.com/2lsf8k9.pngМоля, изтеглете и стартирайте програмата AdwCleaner(by Xplode):

Затворете всички стартирани програми и браузъри
Кликнете два пъти върху adwcleaner.exe за да стартирате инструмента.
Този път маркирайте Delete
Вашият компютър ще се рестартира автоматично. Текстовия файл ще се отвори след рестарта.
Моля, да публикувате съдържанието на този лог в отговора си
Можете да намерите лога,който автоматично се запомня тук C:\AdwCleaner[s1].txt.

http://assiste.free.fr/Assiste/media/images/AdwCleaner_Logo.png

http://imageshack.us/a/img841/7292/thisisujrt.gif Моля, изтеглете Junkware Removal Tool (by Thisisu ) и запазете на вашия десктоп.

Спрете временно работата на защитните програми.
Стартирайте инструмента JRT.exe
Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата.
Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши.
Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt).
Моля копирайте съдържанието на лог файла в следващия си пост.

http://i1.ytimg.com/vi/dvnGAjWNSuk/mqdefault.jpg

rucho · Юли 18, 2013

Eто резултатите:

# AdwCleaner v2.305 - Днвеник създаден на 18/07/2013 в 19:40:49
# Обновен на 11/07/2013 от Xplode
# Операционна Система : Windows 7 Ultimate Service Pack 1 (64 bits)
# Потребител : Admin - ADMIN-PC
# Стартиращ режим : Нормален режим
# Стартиран от : D:\_NEW_\adwcleaner.exe
# Настройка [Изтриване]

***** [Услуги] *****

***** [Файлове / Папки] *****

Изтрити при рестартиране : C:\ProgramData\Browser Manager
Папка Изтрити : C:\Program Files (x86)\DAEMON Tools Toolbar
Папка Изтрити : C:\Program Files (x86)\Music Toolbar
Папка Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bitntslf.default\Conduit
Папка Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bitntslf.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Папка Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bitntslf.default\extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
Папка Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bitntslf.default\extensions\ffxtlbr@incredibar.com
Папка Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bitntslf.default\extensions\toolbar@ask.com
Папка Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ceh8sk3f.default\Conduit
Папка Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ceh8sk3f.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Папка Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ceh8sk3f.default\extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
Папка Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ceh8sk3f.default\extensions\ffxtlbr@incredibar.com
Папка Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ceh8sk3f.default\extensions\toolbar@ask.com
Файл Изтрити : C:\user.js
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bitntslf.default\searchplugins\icqplugin.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bitntslf.default\searchplugins\icqplugin-1.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bitntslf.default\searchplugins\icqplugin-10.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bitntslf.default\searchplugins\icqplugin-2.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bitntslf.default\searchplugins\icqplugin-3.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bitntslf.default\searchplugins\icqplugin-4.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bitntslf.default\searchplugins\icqplugin-5.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bitntslf.default\searchplugins\icqplugin-6.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bitntslf.default\searchplugins\icqplugin-7.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bitntslf.default\searchplugins\icqplugin-8.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bitntslf.default\searchplugins\icqplugin-9.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ceh8sk3f.default\searchplugins\icqplugin.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ceh8sk3f.default\searchplugins\icqplugin-1.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ceh8sk3f.default\searchplugins\icqplugin-10.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ceh8sk3f.default\searchplugins\icqplugin-2.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ceh8sk3f.default\searchplugins\icqplugin-3.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ceh8sk3f.default\searchplugins\icqplugin-4.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ceh8sk3f.default\searchplugins\icqplugin-5.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ceh8sk3f.default\searchplugins\icqplugin-6.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ceh8sk3f.default\searchplugins\icqplugin-7.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ceh8sk3f.default\searchplugins\icqplugin-8.xml
Файл Изтрити : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ceh8sk3f.default\searchplugins\icqplugin-9.xml

***** [Системен регистър] *****

Ключ Изтрити : HKCU\Software\APN DTX
Ключ Изтрити : HKCU\Software\APN PIP
Ключ Изтрити : HKCU\Software\Conduit
Ключ Изтрити : HKCU\Software\Imesh
Ключ Изтрити : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Ключ Изтрити : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Ключ Изтрити : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Ключ Изтрити : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Ключ Изтрити : HKCU\Software\Softonic
Ключ Изтрити : HKLM\Software\DataMngr
Ключ Изтрити : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Ключ Изтрити : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Ключ Изтрити : HKLM\Software\PIP
Ключ Изтрити : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Ключ Изтрити : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Ключ Изтрити : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Ключ Изтрити : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Ключ Изтрити : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Ключ Изтрити : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Ключ Изтрити : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Ключ Изтрити : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Ключ Изтрити : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Ключ Изтрити : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Стойност Изтрити : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Стойност Изтрити : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Интернет браузъри] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Системният регистър е чист.

-\\ Mozilla Firefox v22.0 (bg)

Файл : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ceh8sk3f.default\prefs.js

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ceh8sk3f.default\user.js ... Изтрити !

Изтрити : user_pref("extensions.asktb.cbid", "GU");
Изтрити : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}[...]
Изтрити : user_pref("extensions.asktb.l", "dis");
Изтрити : user_pref("extensions.asktb.last-config-req", "1268322549084");
Изтрити : user_pref("extensions.asktb.locale", "en_US");
Изтрити : user_pref("extensions.asktb.o", "14590");
Изтрити : user_pref("extensions.asktb.qsrc", "2871");
Изтрити : user_pref("extensions.incredibar.actvtyRptTime", "1364899158052");
Изтрити : user_pref("extensions.incredibar.admin", false);
Изтрити : user_pref("extensions.incredibar.aflt", "orgnl");
Изтрити : user_pref("extensions.incredibar.afterInstallRpt", "sent");
Изтрити : user_pref("extensions.incredibar.cntry", "BG");
Изтрити : user_pref("extensions.incredibar.dfltLng", "EN");
Изтрити : user_pref("extensions.incredibar.dfltSrch", false);
Изтрити : user_pref("extensions.incredibar.dfltlng", "EN");
Изтрити : user_pref("extensions.incredibar.dfltsrch", "false");
Изтрити : user_pref("extensions.incredibar.did", "10589");
Изтрити : user_pref("extensions.incredibar.envrmnt", "production");
Изтрити : user_pref("extensions.incredibar.excTlbr", false);
Изтрити : user_pref("extensions.incredibar.hdrMd5", "6716ABCD95C791D99868BCB41DEE35E2");
Изтрити : user_pref("extensions.incredibar.hmpg", false);
Изтрити : user_pref("extensions.incredibar.hrdid", "0a8369c9000000000000001fc6a3eac3");
Изтрити : user_pref("extensions.incredibar.id", "0a8369c9000000000000001fc6a3eac3");
Изтрити : user_pref("extensions.incredibar.installerproductid", "26");
Изтрити : user_pref("extensions.incredibar.instlDay", "15428");
Изтрити : user_pref("extensions.incredibar.instlRef", "");
Изтрити : user_pref("extensions.incredibar.instlday", "15428");
Изтрити : user_pref("extensions.incredibar.instlref", "");
Изтрити : user_pref("extensions.incredibar.isDcmntCmplt", false);
Изтрити : user_pref("extensions.incredibar.isdcmntcmplt", true);
Изтрити : user_pref("extensions.incredibar.keywordurl", "");
Изтрити : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1411:56:03");
Изтрити : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Изтрити : user_pref("extensions.incredibar.newTab", false);
Изтрити : user_pref("extensions.incredibar.newtab", "false");
Изтрити : user_pref("extensions.incredibar.newtaburl", "");
Изтрити : user_pref("extensions.incredibar.noFFXTlbr", false);
Изтрити : user_pref("extensions.incredibar.ppd", "");
Изтрити : user_pref("extensions.incredibar.prdct", "incredibar");
Изтрити : user_pref("extensions.incredibar.productid", "26");
Изтрити : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Изтрити : user_pref("extensions.incredibar.prtnrid", "Incredibar");
Изтрити : user_pref("extensions.incredibar.sg", "none");
Изтрити : user_pref("extensions.incredibar.smplGrp", "none");
Изтрити : user_pref("extensions.incredibar.smplgrp", "none");
Изтрити : user_pref("extensions.incredibar.srch", "");
Изтрити : user_pref("extensions.incredibar.srchprvdr", "");
Изтрити : user_pref("extensions.incredibar.tlbrId", "base");
Изтрити : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8ohibOjY&loc=IB_T[...]
Изтрити : user_pref("extensions.incredibar.tlbrid", "base");
Изтрити : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6R8ohibOjY&loc=IB_T[...]
Изтрити : user_pref("extensions.incredibar.upn2", "6R8ohibOjY");
Изтрити : user_pref("extensions.incredibar.upn2n", "92824096839131718");
Изтрити : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Изтрити : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1411:56:03");
Изтрити : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Изтрити : user_pref("extensions.incredibar.vrsnts", "1.5.11.1411:56:03");
Изтрити : user_pref("extensions.incredibar_i.aflt", "orgnl");
Изтрити : user_pref("extensions.incredibar_i.dfltLng", "");
Изтрити : user_pref("extensions.incredibar_i.did", "10589");
Изтрити : user_pref("extensions.incredibar_i.excTlbr", false);
Изтрити : user_pref("extensions.incredibar_i.id", "0a8369c9000000000000001fc6a3eac3");
Изтрити : user_pref("extensions.incredibar_i.installerproductid", "26");
Изтрити : user_pref("extensions.incredibar_i.instlDay", "15428");
Изтрити : user_pref("extensions.incredibar_i.instlRef", "");
Изтрити : user_pref("extensions.incredibar_i.ms_url_id", "");
Изтрити : user_pref("extensions.incredibar_i.newTab", false);
Изтрити : user_pref("extensions.incredibar_i.ppd", "");
Изтрити : user_pref("extensions.incredibar_i.prdct", "incredibar");
Изтрити : user_pref("extensions.incredibar_i.productid", "26");
Изтрити : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Изтрити : user_pref("extensions.incredibar_i.smplGrp", "none");
Изтрити : user_pref("extensions.incredibar_i.tlbrId", "base");
Изтрити : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8ohibOjY&loc=IB[...]
Изтрити : user_pref("extensions.incredibar_i.upn2", "6R8ohibOjY");
Изтрити : user_pref("extensions.incredibar_i.upn2n", "92824096839131718");
Изтрити : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Изтрити : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1411:56:03");
Изтрити : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Изтрити : user_pref("icqtoolbar.allowSendURL", false);
Изтрити : user_pref("icqtoolbar.engineVerified", true);
Изтрити : user_pref("icqtoolbar.geolastmodified", 1373837037);
Изтрити : user_pref("icqtoolbar.hiddenElements", "itb_options");
Изтрити : user_pref("icqtoolbar.history", "masturbate%20together||Bailey%20Rose||porntube||bula%20day||girls%2[...]
Изтрити : user_pref("icqtoolbar.icqgeo", 359);
Изтрити : user_pref("icqtoolbar.installTime", "1336402036");
Изтрити : user_pref("icqtoolbar.installsource", "1");
Изтрити : user_pref("icqtoolbar.newtab_state", "0");
Изтрити : user_pref("icqtoolbar.numberOfSearches", 0);
Изтрити : user_pref("icqtoolbar.previousFFVersion", "22.0");
Изтрити : user_pref("icqtoolbar.skip_default_search", "no");
Изтрити : user_pref("icqtoolbar.suggestions", false);
Изтрити : user_pref("icqtoolbar.uniqueID", "124478601412447860141258989842661");
Изтрити : user_pref("icqtoolbar.usageStatstTimestamp", 1373837040);
Изтрити : user_pref("icqtoolbar.version", "2.0.1.6");
Изтрити : user_pref("icqtoolbar.voucherHideClicks", 0);
Изтрити : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Изтрити : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Изтрити : user_pref("icqtoolbar.voucherWasShown", 0);
Изтрити : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Изтрити : user_pref("icqtoolbar.xmlLanguage", "bg");

-\\ Google Chrome v28.0.1500.72

Файл : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Изтрити [l.2176] : homepage = "hxxp://www.search.ask.com/?o=APN10653A&gct=hp&d=1-1012&t=4",
Изтрити [l.2490] : urls_to_restore_on_startup = [ "hxxp://www.search.ask.com/?o=APN10653A&gct=hp&d=1-1012&t=4" ]

*************************

AdwCleaner[s1].txt - [14096 octets] - [18/07/2013 19:40:49]

########## EOF - C:\AdwCleaner[s1].txt - [14157 octets] ##########

И ОТ ВТОРОТО:

Junkware Removal Tool (JRT) by Thisisu
Version: 5.1.6 (07.17.2013:4)
OS: Windows 7 Ultimate x64
Ran by Admin on зҐвў 18.07.2013 Ј. at 19:49:27,46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\torch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\torch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\Admin\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Program Files (x86)\driver-soft"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on зҐвў 18.07.2013 Ј. at 19:54:58,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rucho · Юли 19, 2013

Благодарности на icotonev!!! Проблема е решен.

Предполагам, че след като нямаше допълнителни инструкции - всичко е наред.

Виждам от логовете и на двете програми (ако буквално се чете), че са изтрити още доста нещица, на които можеби не им е било там мястото .

Изтриха и Driver Genius Professional, но не е болка за умирачка.

Още веднъж благодарности и респект!

icotonev · Юли 20, 2013

Благодаря..Нека проверим за остатъци и приключваме...!

Изтеглете OTL.exe и го запазете на десктопа.

Стартирайте OTL.exe.
Направете следните настройки:
Сложете отметка пред Scan All Users
Под менюто File Age изберете 90 days
Под менюто Standard Registry променете на ALL
Сложете отметки пред LOP и Purity Check

Под http://store.picbg.net/pubpic/0A/C1/c814d031472c0ac1.png с Copy/ Paste въведете изцяло следната текстова информация (само това, което е поставено в карето):

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
services.exe
/md5stop
%systemroot%\*. /rp /s
%systemdrive%\$Recycle.Bin|@;true;true;true /fp
DRIVES
CREATERESTOREPOINT

Натиснете маркираният в синьо бутон: Run Scan.
Като приключи проверката, ще се създадат два файла - OTL.Txt и Extras.Txt. Файлът OTL.Txt копирайте в следващия си пост. Extras.Txt прикачете в следващия си коментар (погледнете опцията Прикачени файлове, когато публикувате мнение).

Изтеглете Malwarebytes' Anti-Malware или от тук (не забравяйте да обновите програмата с нови дефиниции)
* Кликнете два пъти върху mbam-setup.exe, за да инсталирате програмата.
* Уверете се, че са поставени отметки на Update Malwarebytes' Anti-Malware и Launch Malwarebytes' Anti-Malware. След това кликнете на Finish.
* Ако има намерени обновявания, тя ще ги изтегли и инсталира.
* Стартирайте програмата и изберете "Perform Full Scan", след това кликнете на Scan.
* Сканирането ще отнеме малко време, затова моля да бъдете търпеливи.
* Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата
* Уверете се, че на всички редове има отметки, и кликнете на Remove Selected.
* Когато всичко бъде премахнато, в Notepad ще бъде отворен лог.
Копирайте този лог и го публикувайте в следващия си коментар по темата.

Забележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

http://www.techsupportforum.com/images/smilies/i_arrow-r.gif Изтеглете програмата: ESET Online Scanner

Стартирайте esetsmartinstaller_enu.exe http://store.picbg.net/pubpic/EF/3D/7c9e83b53227ef3d.jpg
Сложете отметка на YES, I accept the Terms of Use и изберете Start:

http://store.picbg.net/pubpic/E8/43/04ed1c15c0abe843.jpg

Скенерът ще започне да изтегля компонентите, които са му необходими:

http://store.picbg.net/pubpic/D7/13/3b734079c5ccd713.jpg

Уверете се, че е премахната отметката от:

Remove found threats

Уверете се че са маркирани следните позиции:

Scan Archives

Кликнете върху Advanced Settings и маркирайте следните опции:

Scan for potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

Накрая изберете Start
Скенерът ще започне да изтегля последните дефиниции.

След, като сканирането завърши изберете Finish.
Отидете в: C:\Program Files\ESET\ESET Online Scanner
Отворете файла log.txt , копирайте съдържанието му и го поставете в следващия си коментар.

rucho · Юли 22, 2013

Eто резултатите след OTL.exe

OTL. txt:

OTL logfile created on: 22.7.2013 г. 18:31:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Admin\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000402 | Country: България | Language: BGR | Date Format: d.M.yyyy 'г.'

7,84 Gb Total Physical Memory | 5,85 Gb Available Physical Memory | 74,55% Memory free
15,68 Gb Paging File | 13,62 Gb Available in Paging File | 86,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,39 Gb Total Space | 21,08 Gb Free Space | 14,40% Space Free | Partition Type: NTFS
Drive D: | 552,15 Gb Total Space | 354,72 Gb Free Space | 64,24% Space Free | Partition Type: NTFS

Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2013.07.22 18:24:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
PRC - [2013.06.18 21:07:42 | 000,308,816 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2013.05.31 13:30:40 | 000,368,600 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013.05.31 13:30:06 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2013.05.16 17:44:05 | 001,012,000 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013.05.16 17:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.05.14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.03.22 08:38:32 | 000,286,704 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2013.03.22 08:38:32 | 000,015,344 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013.03.04 22:01:42 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.12.30 19:42:54 | 002,326,920 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2012.04.27 09:18:13 | 003,522,048 | ---- | M] () -- C:\Program Files (x86)\G9G11_ScreenCapture\ScreenCapture.exe
PRC - [2012.04.24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
PRC - [2012.03.02 10:59:26 | 000,419,408 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2012.03.02 10:59:24 | 001,106,512 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2012.03.02 10:59:24 | 000,355,920 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2012.03.02 10:59:24 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2012.02.26 22:01:56 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2009.11.17 11:44:54 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Common Files\DeviceHelper\DeviceManager.exe
PRC - [2009.09.12 17:31:36 | 000,357,384 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2009.09.12 17:30:48 | 005,048,488 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2006.09.07 20:19:27 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe

========== Modules (No Company Name) ==========

MOD - [2013.07.16 11:23:30 | 001,226,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\f6b08bb40554ce6a3401f568e4844ed9\System.WorkflowServices.ni.dll
MOD - [2013.07.16 11:23:06 | 001,086,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\a7c3002ed579d2a3c22765e9ba244035\System.ServiceModel.Web.ni.dll
MOD - [2013.07.10 22:33:50 | 001,141,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\72ea94bbaebab31e6fa0f94a10ccaf19\System.ServiceModel.Discovery.ni.dll
MOD - [2013.07.10 22:33:50 | 000,369,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\8cefd8b0cf714c2bd812135a056a10eb\System.ServiceModel.Routing.ni.dll
MOD - [2013.07.10 22:33:49 | 000,082,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\7282024ea57caae3aab93a60c65f2474\System.ServiceModel.Channels.ni.dll
MOD - [2013.07.10 22:32:16 | 001,394,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\82076ae25adff772cb92bc387c3fc675\System.ServiceModel.Activities.ni.dll
MOD - [2013.07.10 22:32:13 | 001,079,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\dfd4cf222f7a17734a1e457397045f99\System.IdentityModel.ni.dll
MOD - [2013.07.10 22:32:11 | 018,147,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\4bd5b0daee5c6e7b107aee31bb27eb21\System.ServiceModel.ni.dll
MOD - [2013.07.10 22:31:35 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\3bae592f601b8a76f73a281244281e5f\System.Runtime.DurableInstancing.ni.dll
MOD - [2013.07.10 22:31:34 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\581738ee2908eb821c44dac62e43d104\System.Runtime.Serialization.ni.dll
MOD - [2013.07.10 22:31:34 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\490e43bf2bd26b9bd23cab6d6b1b3aef\SMDiagnostics.ni.dll
MOD - [2013.07.10 22:31:32 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\6da2afd0e57708d41892d9d3e32ba5a3\System.Xaml.ni.dll
MOD - [2013.07.10 21:29:49 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\b756ddf227abba4dd83b3210c01093bd\System.Windows.Forms.ni.dll
MOD - [2013.07.10 21:29:46 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\64b92e2a22bb8c1e86486bd22828acc5\System.Core.ni.dll
MOD - [2013.07.10 21:29:46 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7546a01feb9d477570b883eec56cc673\System.Configuration.ni.dll
MOD - [2013.07.10 21:29:45 | 005,628,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\c1c41a9e1a25999e74defafecb2aa0bc\System.Xml.ni.dll
MOD - [2013.07.10 21:29:39 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\da851a56e2eb6cc239c4f018a57eb147\System.Drawing.ni.dll
MOD - [2013.07.10 21:29:37 | 009,100,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\89445d5b924ad94744d00f1b6cd2285d\System.ni.dll
MOD - [2013.07.10 21:17:29 | 014,418,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a01e07e47ecdd94ae099e8c4bf650516\mscorlib.ni.dll
MOD - [2013.06.21 15:06:36 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2012.04.27 11:44:40 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\G9G11_ScreenCapture\DLL\DLL_Wheel4D.dll
MOD - [2012.04.27 09:18:13 | 003,522,048 | ---- | M] () -- C:\Program Files (x86)\G9G11_ScreenCapture\ScreenCapture.exe
MOD - [2012.02.07 06:20:13 | 002,413,568 | ---- | M] () -- C:\Program Files (x86)\G9G11_ScreenCapture\Data\G11_ScreenCapture\Forms\ScreenCapture\ScreenCapture.dll
MOD - [2011.06.24 12:31:26 | 000,891,392 | ---- | M] () -- C:\Program Files (x86)\G9G11_ScreenCapture\Data\G11_ScreenCapture\Forms\KeyboardLEDForm\KeyboardLEDForm.dll
MOD - [2011.05.20 11:52:09 | 000,901,632 | ---- | M] () -- C:\Program Files (x86)\G9G11_ScreenCapture\Data\G11_ScreenCapture\Forms\ProfileHint\ProfileHint.dll
MOD - [2011.04.12 10:14:04 | 000,063,488 | ---- | M] () -- C:\Program Files (x86)\G9G11_ScreenCapture\DLL\DLL_AnalyzeGesturesInRight.dll
MOD - [2011.04.06 11:06:05 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\G9G11_ScreenCapture\DLL\DLL_PenSuit.dll
MOD - [2011.03.21 14:33:17 | 000,999,424 | ---- | M] () -- C:\Program Files (x86)\G9G11_ScreenCapture\Data\G11_ScreenCapture\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
MOD - [2011.01.09 15:45:55 | 000,088,064 | ---- | M] () -- C:\Program Files (x86)\G9G11_ScreenCapture\DLL\DLL_MouseDeviceManager.dll
MOD - [2010.12.02 12:56:52 | 000,815,104 | ---- | M] () -- C:\Program Files (x86)\G9G11_ScreenCapture\Data\G11_ScreenCapture\Forms\OSD_Text\OSD_Text.dll
MOD - [2010.11.01 15:16:00 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\G9G11_ScreenCapture\DLL\DLL_AnalyzeGesturesInOne.dll
MOD - [2010.09.20 09:18:57 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\G9G11_ScreenCapture\DLL\DLL_ZoomControl.dll
MOD - [2010.09.20 09:18:54 | 000,054,272 | ---- | M] () -- C:\Program Files (x86)\G9G11_ScreenCapture\DLL\DLL_ScrollbarControl.dll
MOD - [2006.09.07 20:19:27 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
MOD - [2006.09.07 20:18:56 | 000,004,608 | ---- | M] () -- C:\Program Files (x86)\Unlocker\UnlockerHook.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013.06.20 20:33:08 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013.06.20 20:33:08 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013.05.27 08:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2013.05.11 17:45:54 | 000,822,232 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013.05.11 17:45:38 | 000,733,696 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2013.03.22 08:38:32 | 000,015,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2012.01.20 17:15:14 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009.07.14 04:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.07.10 04:56:22 | 000,559,016 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.07.03 01:08:46 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.06.28 14:02:04 | 002,470,736 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013.06.21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.06.11 22:44:04 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.06.05 17:47:52 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013.05.31 13:30:40 | 000,368,600 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013.05.31 13:30:06 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013.05.16 17:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.05.14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.04 22:01:42 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.12.30 19:42:54 | 002,326,920 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2012.04.24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2012.03.02 10:59:24 | 000,355,920 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2012.02.28 19:56:14 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.11.17 11:44:54 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\DeviceHelper\DeviceManager.exe -- (DeviceManager)
SRV - [2009.09.12 17:32:46 | 000,891,432 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009.06.11 00:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.06.21 15:06:36 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013.06.18 21:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013.06.04 09:15:02 | 000,103,448 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.06.04 09:15:00 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013.05.31 13:30:06 | 000,099,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2013.05.24 10:59:38 | 003,948,544 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2013.05.16 11:34:46 | 000,354,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2013.05.07 17:25:24 | 000,442,368 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013.05.07 17:22:42 | 004,431,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013.04.26 16:45:22 | 000,128,200 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.03.22 08:38:18 | 000,678,384 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013.03.22 08:38:18 | 000,028,656 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2013.02.12 07:12:05 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb80236.sys -- (usbrndis6)
DRV:64bit: - [2012.12.30 19:42:56 | 000,250,400 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2012.12.30 19:42:50 | 001,455,648 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm251.sys -- (tdrpman251)
DRV:64bit: - [2012.12.30 19:42:47 | 000,929,312 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2012.12.30 19:42:27 | 000,254,496 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2012.12.30 01:08:07 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.12.29 20:58:12 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.12.04 05:21:12 | 000,791,608 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.12.04 05:21:10 | 000,358,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.11.13 19:24:52 | 000,452,472 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2012.08.23 17:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.08.23 17:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 17:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 17:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 09:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.28 20:05:44 | 000,550,560 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012.02.28 20:04:56 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012.02.28 20:04:44 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012.02.28 20:04:08 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012.02.28 20:03:56 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012.02.28 20:03:38 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012.02.28 20:03:26 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012.02.28 20:03:08 | 000,339,616 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012.02.26 22:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.01.20 17:14:34 | 000,016,128 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2011.11.29 20:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.03.11 09:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 09:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 06:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 06:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 06:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 06:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.11.17 11:44:54 | 000,119,680 | ---- | M] (TCT International Mobile Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jrdusbser.sys -- (jrdusbser)
DRV:64bit: - [2009.07.14 04:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 04:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 04:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 23:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 23:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 23:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 23:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009.07.14 04:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006.09.07 20:19:22 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}: "URL" = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1012&systemid=1&apn_uid=2049290438124833&apn_dtid=IME001&o=APN10653&apn_ptnrs=AGE&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.bg/
IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bg-BG
IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B7 C0 80 3C EB E5 CD 01 [binary data]
IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFD_bgBG516
IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000\..\SearchScopes\666F2D5AB96F4CA396435C33D8CACE5E: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFD_bgBG516
IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.bg/
IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bg-BG
IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B7 C0 80 3C EB E5 CD 01 [binary data]
IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFD_bgBG516
IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}: "URL" = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1012&systemid=1&apn_uid=2049290438124833&apn_dtid=IME001&o=APN10653&apn_ptnrs=AGE&q={searchTerms}
IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004\..\SearchScopes\666F2D5AB96F4CA396435C33D8CACE5E: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFD_bgBG516
IE - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing "
FF - prefs.js..browser.search.order.2: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "Bing "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=071613"
FF - prefs.js..extensions.enabledAddons: bg-BG%40dictionaries.addons.mozilla.org:4.3
FF - prefs.js..extensions.enabledAddons: %7B46868735-c3fa-47ce-8ce7-cce51a66aceb%7D:1.2
FF - prefs.js..extensions.enabledAddons: %7B800b5000-a755-47e1-992b-48a1c1357f07%7D:2.0.1.6
FF - prefs.js..extensions.enabledAddons: %7BD4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389%7D:0.9.10
FF - prefs.js..extensions.enabledAddons: TFToolbarX%40torrent-finder:1.3.1
FF - prefs.js..extensions.enabledAddons: anttoolbar%40ant.com:2.4.7.8
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.5
FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.10
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: anttoolbar@ant.com:2.3.0
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.3.3.123
FF - prefs.js..extensions.enabledItems: bg-BG@dictionaries.addons.mozilla.org:4.3
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.8
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {991A772A-BA13-4c1d-A9EF-F897F31DEC7D}:3.1
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: {46868735-c3fa-47ce-8ce7-cce51a66aceb}:1.2
FF - prefs.js..extensions.enabledItems: {9815d32d-08c2-42ca-a8c6-43e501a4512f}:0.3.3
FF - prefs.js..extensions.enabledItems: TFToolbarX@torrent-finder:1.2.6
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.3.5.20110120033202
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.23
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20101113Wb1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=071613&q="
FF - prefs.js..network.proxy.ftp: "192.168.0.90"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.gopher: "192.168.0.90"
FF - prefs.js..network.proxy.gopher_port: 3128
FF - prefs.js..network.proxy.http: "192.168.0.90"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: "*.svishtov.bg,localhost,127.0.0.1,data.bg"
FF - prefs.js..network.proxy.socks: "192.168.0.90"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "192.168.0.90"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..browser.search.order.3: "Bing "
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

[2013.02.02 15:21:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2013.07.18 19:41:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\bitntslf.default\extensions
[2013.02.02 22:41:40 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\bitntslf.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2013.02.02 22:41:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\bitntslf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013.02.02 22:41:40 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\bitntslf.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2013.02.02 22:41:40 | 000,000,000 | ---D | M] (oldbar) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\bitntslf.default\extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb}
[2013.02.02 22:41:39 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\bitntslf.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013.02.02 22:41:36 | 000,000,000 | ---D | M] (Tor-Proxy.NET Toolbar) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\bitntslf.default\extensions\{9815d32d-08c2-42ca-a8c6-43e501a4512f}
[2013.02.02 22:41:36 | 000,000,000 | ---D | M] ("Megaupload Toolbar") -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\bitntslf.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
[2013.02.02 22:41:36 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\bitntslf.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2013.02.02 22:41:36 | 000,000,000 | ---D | M] ("Fasterfox") -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\bitntslf.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66}
[2013.02.02 22:41:36 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\bitntslf.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2013.02.02 22:41:41 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\bitntslf.default\extensions\anttoolbar@ant.com
[2013.02.02 15:22:07 | 000,000,000 | ---D | M] (Bulgarian Dictionary) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\bitntslf.default\extensions\bg-BG@dictionaries.addons.mozilla.org
[2013.02.02 15:22:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\bitntslf.default\extensions\temp
[2013.07.18 19:41:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\ceh8sk3f.default\extensions
[2013.06.18 23:55:45 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\ceh8sk3f.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2013.02.03 02:48:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\ceh8sk3f.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013.02.03 02:48:33 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\ceh8sk3f.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2013.02.03 02:48:33 | 000,000,000 | ---D | M] (oldbar) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\ceh8sk3f.default\extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb}
[2013.04.29 18:30:36 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\ceh8sk3f.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013.02.03 02:48:35 | 000,000,000 | ---D | M] (Tor-Proxy.NET Toolbar) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\ceh8sk3f.default\extensions\{9815d32d-08c2-42ca-a8c6-43e501a4512f}
[2013.02.03 02:48:36 | 000,000,000 | ---D | M] ("Megaupload Toolbar") -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\ceh8sk3f.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
[2013.02.03 02:48:36 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\ceh8sk3f.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2013.02.03 02:48:36 | 000,000,000 | ---D | M] ("Fasterfox") -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\ceh8sk3f.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66}
[2013.02.03 02:48:37 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\ceh8sk3f.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2013.05.07 01:03:45 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\ceh8sk3f.default\extensions\anttoolbar@ant.com
[2013.02.03 02:48:22 | 000,000,000 | ---D | M] (Bulgarian Dictionary) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\ceh8sk3f.default\extensions\bg-BG@dictionaries.addons.mozilla.org
[2013.02.03 02:48:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\ceh8sk3f.default\extensions\temp
[2012.03.14 17:38:10 | 000,120,275 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\bitntslf.default\extensions\TFToolbarX@torrent-finder.xpi
[2012.11.27 19:18:52 | 000,530,519 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\bitntslf.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012.11.13 13:53:06 | 000,065,589 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\bitntslf.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2012.11.27 19:18:52 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\bitntslf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011.12.23 13:08:08 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\bitntslf.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2013.02.09 15:05:42 | 000,119,925 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\extensions\TFToolbarX@torrent-finder.xpi
[2013.07.08 01:13:29 | 000,534,371 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.06.06 02:30:51 | 000,117,280 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013.05.18 00:39:03 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011.12.23 13:08:08 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2013.07.16 08:28:27 | 000,002,402 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\bingp.xml
[2010.01.06 18:30:52 | 000,000,962 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-11.xml
[2007.11.08 16:44:28 | 000,000,951 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-12.xml
[2007.11.27 13:42:30 | 000,000,951 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-13.xml
[2007.12.04 11:33:48 | 000,000,951 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-14.xml
[2008.01.31 12:58:38 | 000,000,951 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-15.xml
[2008.01.31 13:40:20 | 000,000,951 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-16.xml
[2008.03.27 09:24:24 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-17.xml
[2008.03.28 09:51:08 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-18.xml
[2008.03.31 13:19:36 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-19.xml
[2008.05.22 13:23:48 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-20.xml
[2008.05.22 17:25:26 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-21.xml
[2008.05.23 08:51:08 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-22.xml
[2008.05.23 13:22:40 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-23.xml
[2008.05.26 09:11:46 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-24.xml
[2008.05.27 08:50:24 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-25.xml
[2008.05.28 08:50:12 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-26.xml
[2008.07.03 12:53:24 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-27.xml
[2008.07.04 09:37:42 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-28.xml
[2008.07.15 15:39:08 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-29.xml
[2008.09.24 14:45:20 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-30.xml
[2008.09.24 14:46:36 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-31.xml
[2008.09.24 14:47:14 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-32.xml
[2008.09.24 14:50:10 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-33.xml
[2008.09.24 14:57:52 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-34.xml
[2008.09.24 14:59:08 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-35.xml
[2008.09.24 15:06:58 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-36.xml
[2008.11.07 14:15:16 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-37.xml
[2008.11.13 14:37:38 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-38.xml
[2008.12.18 15:03:02 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-39.xml
[2008.12.18 15:35:36 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-40.xml
[2010.01.22 18:21:18 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-41.xml
[2010.03.08 18:11:48 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-42.xml
[2010.03.24 09:53:04 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-43.xml
[2010.06.28 17:25:44 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-44.xml
[2010.07.22 17:39:44 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-45.xml
[2010.08.02 17:11:18 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-46.xml
[2010.09.28 17:34:28 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-47.xml
[2010.10.21 17:20:52 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-48.xml
[2010.11.08 18:27:32 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-49.xml
[2010.12.21 18:53:48 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-50.xml
[2010.12.21 18:56:30 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-51.xml
[2011.05.02 17:23:58 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-52.xml
[2011.05.02 17:30:18 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-53.xml
[2011.12.23 13:08:26 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-54.xml
[2012.02.16 18:15:18 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-55.xml
[2012.03.14 17:43:30 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-56.xml
[2012.05.07 17:26:50 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-57.xml
[2012.08.21 17:20:20 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-58.xml
[2012.08.27 23:21:24 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-59.xml
[2012.08.27 23:35:30 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-60.xml
[2012.11.12 10:57:28 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-61.xml
[2013.02.03 02:52:14 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-62.xml
[2013.03.06 01:00:43 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-63.xml
[2013.05.17 23:34:57 | 000,000,950 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin-64.xml
[2012.03.27 10:46:22 | 000,000,168 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin.gif
[2012.03.27 10:46:22 | 000,000,618 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\icqplugin.src
[2008.05.29 11:01:20 | 000,001,944 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\live-search.xml
[2013.05.13 09:02:53 | 000,001,407 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\tuvaro.xml
[2009.05.21 09:20:06 | 000,001,980 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\ceh8sk3f.default\searchplugins\wolframalpha.xml
[2013.07.03 01:08:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.07.17 14:02:56 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.07.03 01:08:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.07.03 01:08:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.07.17 14:02:55 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.07.03 01:08:48 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CEH8SK3F.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}

========== Chrome ==========

CHR - default_search_provider: Yahoo! (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Skype Click to Call = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\

O1 HOSTS File: ([2009.06.11 00:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {45177936-603b-4261-8d42-df6f7091d5d0} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {45177936-603b-4261-8d42-df6f7091d5d0} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [unlockerAssistant] C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [uSB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000..\Run: [OscarEditor] C:\Program Files (x86)\G9G11_ScreenCapture\ScreenCapture.exe ()
O4 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000..\Run: [PlayNC Launcher] File not found
O4 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000..\Run: [skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004..\Run: [iMesh] "C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe" --lightmode File not found
O4 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004..\Run: [OscarEditor] C:\Program Files (x86)\G9G11_ScreenCapture\ScreenCapture.exe ()
O4 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004..\Run: [PlayNC Launcher] File not found
O4 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004..\Run: [skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004..\Run: [steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\utorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.5.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Google Search
O7 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://www.google.com/search?q=%w
O7 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Google Search
O7 - HKU\S-1-5-21-2427084684-1420507568-2139055845-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://www.google.com/search?q=%w
O8:64bit: - Extra context menu item: &Експортиране към Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &Експортиране към Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra Button: Изпрати към OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Изпрати към OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.217.192.1 85.217.192.60 85.217.192.61
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A41FAE5C-D645-479C-972E-19C875E95B4E}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1C39847-F8D2-460C-9EDD-2B29DC9445EE}: DhcpNameServer = 85.217.192.1 85.217.192.60 85.217.192.61
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.05.16 20:57:19 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2bda8de4-51da-11e2-a5af-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ea94aec9-51d6-11e2-badb-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2013.07.22 18:24:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2013.07.18 20:14:15 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader
[2013.07.18 19:49:24 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.07.17 20:59:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013.07.17 20:59:25 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013.07.17 20:58:46 | 002,103,040 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2013.07.17 20:58:43 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013.07.17 20:58:43 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013.07.17 20:58:42 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013.07.17 20:58:42 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013.07.17 20:58:36 | 000,947,760 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2013.07.17 20:58:36 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2013.07.17 20:58:35 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2013.07.17 20:58:35 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2013.07.17 20:58:35 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2013.07.17 20:58:34 | 002,795,224 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2013.07.17 20:58:34 | 001,662,024 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2013.07.17 20:58:32 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2013.07.17 20:58:28 | 000,378,000 | ---- | C] (Realtek Semiconductor) -- C:\Windows\SysNative\RtkGuiCompLib.dll
[2013.07.17 20:58:27 | 003,760,856 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2013.07.17 20:58:27 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2013.07.17 20:58:27 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2013.07.17 20:58:26 | 001,004,248 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2013.07.17 20:58:26 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2013.07.17 20:58:26 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2013.07.17 20:58:25 | 000,613,448 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll
[2013.07.17 20:58:25 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2013.07.17 20:58:25 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2013.07.17 20:58:23 | 001,284,680 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2013.07.17 20:58:23 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013.07.17 20:58:22 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013.07.17 20:58:16 | 028,280,832 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2013.07.17 20:58:16 | 000,147,160 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2013.07.17 20:58:13 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2013.07.17 20:58:11 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2013.07.17 20:58:11 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2013.07.17 20:58:11 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2013.07.17 20:58:10 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2013.07.17 20:58:07 | 000,394,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2013.07.17 20:57:59 | 014,035,712 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2013.07.17 20:57:53 | 001,903,872 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2013.07.17 20:57:50 | 002,032,896 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2013.07.17 20:57:47 | 000,920,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2013.07.17 20:57:44 | 000,395,208 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2013.07.17 20:57:43 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013.07.17 20:57:09 | 002,736,160 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013.07.17 20:57:06 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2013.07.17 20:57:00 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2013.07.17 20:57:00 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2013.07.17 20:56:58 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2013.07.17 20:56:56 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2013.07.17 20:56:55 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2013.07.17 20:56:54 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2013.07.17 20:56:54 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2013.07.17 20:56:53 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2013.07.17 20:56:52 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2013.07.17 20:56:51 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2013.07.17 20:56:49 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2013.07.17 20:56:41 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2013.07.17 20:56:29 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2013.07.17 20:56:27 | 000,208,072 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2013.07.16 13:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2013.07.16 10:20:21 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\MusicNet
[2013.07.16 10:19:36 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\My Received Files
[2013.07.15 00:03:11 | 000,099,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys
[2013.07.14 23:57:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013.07.11 10:20:10 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Rogue Legacy
[2013.07.11 10:19:37 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\SavedGames
[2013.07.11 10:18:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2013.07.11 10:18:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLC Quest
[2013.07.11 10:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default)
[2013.07.11 10:16:40 | 000,000,000 | ---D | C] -- C:\Rogue Legacy
[2013.07.10 21:22:22 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.07.10 21:22:21 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.07.10 21:22:20 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.07.10 21:22:20 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.07.10 21:22:20 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.07.10 21:22:20 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.07.10 21:22:20 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.07.10 21:22:20 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.07.10 21:22:20 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.07.10 21:22:20 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.07.10 21:22:20 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.07.10 21:22:18 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.07.10 21:22:18 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.07.10 21:22:18 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.07.10 21:22:17 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.07.10 09:11:19 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013.07.10 09:11:19 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013.07.10 09:11:18 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013.07.10 09:11:15 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013.07.10 09:10:51 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.07.10 08:28:10 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\NVIDIA
[2013.07.08 00:46:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV
[2013.07.08 00:46:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV
[2013.07.08 00:43:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.07.08 00:42:55 | 006,496,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013.07.08 00:42:55 | 003,514,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013.07.08 00:42:55 | 002,555,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013.07.08 00:42:55 | 001,025,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2013.07.08 00:42:55 | 000,237,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013.07.08 00:42:55 | 000,067,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2013.07.08 00:42:55 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013.07.08 00:37:27 | 027,781,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.07.08 00:37:27 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.07.08 00:37:27 | 021,102,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.07.08 00:37:27 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.07.08 00:37:27 | 015,920,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.07.08 00:37:27 | 015,144,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.07.08 00:37:27 | 013,411,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.07.08 00:37:27 | 012,427,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.07.08 00:37:27 | 009,239,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.07.08 00:37:27 | 007,687,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.07.08 00:37:27 | 007,641,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.07.08 00:37:27 | 006,324,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.07.08 00:37:27 | 002,953,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.07.08 00:37:27 | 002,936,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013.07.08 00:37:27 | 002,777,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.07.08 00:37:27 | 002,597,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.07.08 00:37:27 | 002,363,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.07.08 00:37:27 | 002,002,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.07.08 00:37:27 | 001,832,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6432049.dll
[2013.07.08 00:37:27 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6432049.dll
[2013.07.08 00:37:27 | 001,059,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2013.07.08 00:37:27 | 000,925,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.07.08 00:37:27 | 000,572,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2013.07.08 00:37:27 | 000,570,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2013.07.08 00:37:27 | 000,467,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2013.07.08 00:37:27 | 000,465,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2013.07.08 00:37:27 | 000,266,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.07.08 00:37:27 | 000,218,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2013.07.08 00:37:27 | 000,214,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013.07.08 00:37:27 | 000,181,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2013.07.08 00:37:27 | 000,030,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys
[2013.07.08 00:33:52 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda
[2013.07.08 00:33:17 | 009,889,352 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RtsPStorIcon.dll
[2013.07.08 00:33:17 | 000,354,376 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsPStor.sys
[2013.07.08 00:16:43 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\NVIDIA
[2013.07.08 00:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013.07.08 00:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013.07.07 13:39:45 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Acronis
[2013.07.03 01:08:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.07.02 22:21:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.07.02 21:51:10 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\SelfMV
[2013.07.02 21:35:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MarkAny
[2013.07.02 21:33:40 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2013.07.02 21:33:35 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Samsung
[2013.07.02 21:33:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Samsung
[2013.07.02 21:33:31 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\samsung
[2013.07.02 21:26:34 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2013.07.02 21:20:18 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.07.02 21:16:27 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Downloaded Installations
[2013.07.02 19:40:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013.07.02 19:40:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2013.06.27 19:49:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Black Ops 2
[2013.06.26 23:48:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
[2013.06.26 22:17:27 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
[2013.06.26 21:54:40 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\wargaming.net
[2013.06.26 19:50:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warplanes
[2013.06.26 19:50:12 | 000,000,000 | ---D | C] -- C:\Games
[2013.06.24 19:59:44 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\GTA San Andreas User Files
[2013.06.23 23:37:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.06.23 23:37:24 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.06.23 22:56:15 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.06.23 22:28:12 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.06.23 22:28:10 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.06.23 22:28:10 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.06.23 22:28:10 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.06.21 08:58:37 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\My Games
[2013.06.20 22:57:39 | 000,000,000 | ---D | C] -- C:\Program Files\SAMSUNG
[2013.06.20 22:57:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2013.06.20 22:49:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius
[2013.06.20 20:53:11 | 000,000,000 | ---D | C] -- C:\ProgramData\OviInstallerCache
[2013.06.20 20:53:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2013.06.19 15:39:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2013.06.19 15:39:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2013.06.19 15:25:59 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\FLT
[2013.06.19 15:25:58 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Klei
[2013.06.19 14:58:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Don't Starve
[2013.06.19 14:55:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Don't Starve
[2013.06.18 04:57:26 | 000,128,200 | ---- | C] (Qualcomm Atheros Co., Ltd.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2013.06.16 17:47:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.3
[2013.06.16 17:45:50 | 000,000,000 | ---D | C] -- C:\ProgramData\MTA San Andreas All
[2013.06.16 17:45:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MTA San Andreas 1.3
[2013.06.13 12:45:56 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.06.13 12:45:56 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.06.13 12:45:37 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013.06.13 12:45:37 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013.06.13 12:45:27 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.06.13 12:45:21 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013.06.13 12:45:21 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013.06.13 12:45:20 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.06.13 12:45:19 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.06.13 12:45:18 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013.06.13 12:45:18 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013.06.13 12:42:15 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.06.13 12:42:15 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.06.13 12:32:30 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2013.06.09 16:56:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GreenTree Applications
[2013.06.07 14:03:01 | 003,948,544 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2013.06.05 17:47:52 | 000,279,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe
[2013.06.05 17:47:50 | 000,529,904 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2013.06.05 17:47:50 | 000,444,400 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2013.06.05 17:47:50 | 000,251,888 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2013.06.05 17:47:50 | 000,165,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2013.06.05 17:47:48 | 007,569,392 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUIEx.exe
[2013.06.05 17:47:48 | 000,752,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUIHotKeyMenu.exe
[2013.06.05 17:47:48 | 000,534,000 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\DPTopologyApp.exe
[2013.06.05 17:47:48 | 000,407,536 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2013.06.05 17:47:46 | 000,397,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\CustomModeApp.exe
[2013.06.05 17:47:46 | 000,153,072 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe
[2013.06.04 09:15:04 | 000,708,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinUSBCoInstaller.dll
[2013.06.04 09:15:02 | 000,103,448 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2013.06.04 09:15:00 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01007.dll
[2013.06.04 09:15:00 | 000,203,672 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2013.05.24 15:27:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.05.22 17:54:01 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\BANDISOFT
[2013.05.22 17:53:55 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Bandicam
[2013.05.22 17:52:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
[2013.05.22 17:52:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bandicam
[2013.05.22 17:52:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BandiMPEG1
[2013.05.22 13:55:02 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2013.05.16 22:36:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013.05.16 22:36:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013.05.16 22:36:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2013.05.16 21:30:16 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.05.16 21:30:16 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.05.16 21:30:16 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.05.16 21:30:15 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.05.16 21:30:15 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.05.16 21:30:15 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.05.16 21:30:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.05.16 21:30:15 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.05.16 21:30:15 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.05.16 21:30:15 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.05.16 21:30:15 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.05.16 21:30:15 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.05.16 21:30:15 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.05.16 21:30:15 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.05.16 21:30:15 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.05.16 21:30:15 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.05.16 21:30:15 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.05.16 21:30:15 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.05.16 21:30:15 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.05.16 21:30:15 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.05.16 21:30:14 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.05.16 21:30:14 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.05.16 21:30:14 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.05.16 21:30:14 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.05.16 21:30:14 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.05.16 21:30:14 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.05.16 21:30:14 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.05.16 21:30:14 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.05.16 21:30:14 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.05.16 21:30:14 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.05.16 21:30:14 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.05.16 21:30:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.05.16 21:30:14 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.05.16 21:30:14 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.05.16 21:30:14 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.05.16 21:30:13 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.05.16 21:30:13 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.05.16 21:30:13 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.05.16 21:30:13 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.05.16 21:30:13 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.05.16 21:30:13 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.05.16 21:30:13 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.05.16 21:30:13 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.05.16 21:30:13 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.05.16 21:30:13 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.05.16 21:30:13 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.05.16 21:30:13 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.05.16 21:30:13 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.05.16 21:30:13 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.05.16 21:30:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.05.16 21:30:13 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.05.16 21:30:13 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.05.16 21:30:13 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.05.16 21:28:15 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.05.16 21:28:15 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.05.16 21:28:15 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.05.16 21:28:15 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.05.16 21:28:15 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.05.16 21:28:15 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.05.16 21:28:15 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.05.16 21:28:15 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.05.16 21:28:15 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.05.16 21:28:15 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.05.16 21:28:15 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.05.16 21:28:15 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.05.16 21:28:15 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.05.16 21:28:15 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.05.16 21:28:15 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.05.16 21:28:15 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.05.16 21:28:15 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.05.16 21:28:15 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.05.16 21:28:15 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.05.16 21:28:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.05.16 21:28:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.05.16 21:28:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.05.16 21:28:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.05.16 21:28:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.05.16 21:28:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.05.16 21:28:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.05.16 21:28:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.05.16 21:28:15 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.05.16 21:28:15 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.05.16 21:28:14 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.05.16 21:28:14 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.05.16 21:28:14 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.05.16 21:28:14 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.05.16 21:28:14 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.05.16 21:28:14 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.05.16 21:28:14 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.05.16 21:28:14 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.05.16 20:56:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013.05.16 19:56:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013.05.16 19:52:20 | 001,795,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01011.dll
[2013.05.15 14:23:09 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.05.15 14:23:09 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013.05.15 14:22:54 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.05.15 14:22:54 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.05.15 14:22:53 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.05.15 14:22:53 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013.05.15 14:22:47 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013.05.13 08:42:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.05.07 17:25:24 | 000,442,368 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2013.05.07 17:25:22 | 000,089,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v3165.dll
[2013.05.07 17:22:48 | 007,021,568 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig7icd64.dll
[2013.05.07 17:22:42 | 004,431,840 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2013.05.07 17:22:18 | 001,690,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdrcl64.dll
[2013.05.07 17:22:06 | 000,322,560 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdbcl64.dll
[2013.05.07 17:22:00 | 000,258,560 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\IntelOpenCL64.dll
[2013.05.07 17:21:44 | 001,564,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdrcl32.dll
[2013.05.07 17:21:30 | 000,279,040 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdbcl32.dll
[2013.05.07 17:21:26 | 000,203,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelOpenCL32.dll
[2013.05.07 17:20:34 | 005,452,288 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig7icd32.dll
[2013.05.07 17:20:28 | 007,836,160 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumdim32.dll
[2013.05.07 17:20:26 | 009,517,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10iumd32.dll
[2013.05.07 17:17:44 | 000,353,792 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2013.05.07 17:17:42 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2013.05.07 17:17:16 | 008,900,096 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2013.05.07 17:17:16 | 004,058,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\MetroIntelGenericUIFramework.dll
[2013.05.07 17:17:16 | 000,444,416 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2013.05.07 17:17:16 | 000,444,416 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2013.05.07 17:17:16 | 000,443,904 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2013.05.07 17:17:16 | 000,443,904 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2013.05.07 17:17:16 | 000,443,904 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2013.05.07 17:17:16 | 000,443,392 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2013.05.07 17:17:16 | 000,443,392 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2013.05.07 17:17:16 | 000,443,392 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2013.05.07 17:17:16 | 000,442,880 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2013.05.07 17:17:16 | 000,442,880 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc
[2013.05.07 17:17:16 | 000,442,880 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2013.05.07 17:17:16 | 000,442,880 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc
[2013.05.07 17:17:16 | 000,442,880 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2013.05.07 17:17:16 | 000,442,368 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2013.05.07 17:17:16 | 000,442,368 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2013.05.07 17:17:16 | 000,442,368 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2013.05.07 17:17:16 | 000,441,856 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2013.05.07 17:17:16 | 000,441,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2013.05.07 17:17:16 | 000,441,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2013.05.07 17:17:16 | 000,441,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2013.05.07 17:17:16 | 000,440,832 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2013.05.07 17:17:16 | 000,440,832 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2013.05.07 17:17:16 | 000,440,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2013.05.07 17:17:16 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2013.05.07 17:17:16 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2013.05.07 17:17:16 | 000,434,688 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2013.05.07 17:17:16 | 000,433,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2013.05.07 17:17:16 | 000,431,104 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2013.05.07 17:17:16 | 000,430,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2013.05.07 17:17:16 | 000,357,888 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2013.05.07 17:17:16 | 000,345,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2013.05.07 17:17:16 | 000,288,768 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2013.05.07 17:17:16 | 000,190,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2013.05.07 17:17:16 | 000,140,288 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2013.05.07 17:17:16 | 000,124,928 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2013.05.07 17:12:30 | 003,411,456 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdusc32.dll
[2013.04.30 10:43:42 | 002,064,896 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll
[2013.04.30 10:43:42 | 001,814,016 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll
[2013.04.30 10:43:42 | 000,145,920 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2013.04.30 10:43:42 | 000,138,240 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfx11cmrt64.dll
[2013.04.30 10:43:42 | 000,124,416 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2013.04.30 10:43:42 | 000,118,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfx11cmrt32.dll
[2013.04.28 20:49:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirRivals
[2013.04.28 20:44:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gameforge4D
[2013.04.27 15:16:13 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\WTF
[2013.04.27 00:27:49 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2013.07.22 18:24:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2013.07.22 18:20:47 | 000,026,544 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.22 18:20:47 | 000,026,544 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.22 18:13:02 | 000,000,992 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.22 18:12:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.22 18:12:39 | 2020,360,191 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.22 14:43:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.22 14:09:04 | 000,000,996 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.21 13:25:48 | 000,781,122 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.21 13:25:48 | 000,653,414 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.21 13:25:48 | 000,121,844 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.18 19:41:30 | 000,000,098 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.07.17 00:01:05 | 000,001,304 | ---- | M] () -- C:\Users\Admin\Desktop\Notepad.lnk
[2013.07.16 23:34:56 | 000,374,955 | ---- | M] () -- C:\Users\Admin\Desktop\OptiFine_1.6.2_HD_U_B2.zip
[2013.07.15 00:01:56 | 000,002,155 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.07.14 23:56:50 | 000,767,034 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.07.14 23:41:39 | 000,007,617 | ---- | M] () -- C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
[2013.07.10 22:40:51 | 000,413,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.08 00:44:21 | 000,001,351 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013.07.08 00:31:19 | 000,015,838 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2013.07.04 17:32:28 | 001,756,264 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2013.07.04 17:32:28 | 000,947,760 | ---- | M] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2013.07.04 17:32:28 | 000,615,249 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2013.07.04 17:32:28 | 000,394,616 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2013.07.04 17:32:28 | 000,375,128 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2013.07.04 17:32:28 | 000,318,808 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013.07.04 17:32:28 | 000,211,184 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013.07.04 17:32:28 | 000,204,120 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2013.07.04 17:32:28 | 000,110,592 | ---- | M] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2013.07.04 17:32:28 | 000,108,640 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2013.07.04 17:32:28 | 000,081,248 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2013.07.04 17:32:28 | 000,014,952 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2013.07.04 17:32:26 | 003,760,856 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2013.07.04 17:32:26 | 002,103,040 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2013.07.04 17:32:26 | 000,432,744 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2013.07.04 17:32:26 | 000,208,072 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2013.07.04 17:32:26 | 000,101,208 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2013.07.04 17:32:24 | 001,486,952 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2013.07.04 17:32:22 | 014,035,712 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2013.07.04 17:32:22 | 001,004,248 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2013.07.04 17:32:22 | 000,920,320 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2013.07.04 17:32:22 | 000,712,296 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2013.07.04 17:32:22 | 000,141,584 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2013.07.04 17:32:20 | 028,280,832 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2013.07.04 17:32:20 | 001,568,360 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2013.07.04 17:32:20 | 001,284,680 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2013.07.04 17:32:20 | 000,395,208 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2013.07.04 17:32:20 | 000,078,680 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2013.07.04 17:32:18 | 002,736,160 | ---- | M] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013.07.04 17:32:18 | 001,903,872 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2013.07.04 17:32:18 | 000,693,352 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2013.07.04 17:32:18 | 000,518,896 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013.07.04 17:32:18 | 000,428,648 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2013.07.04 17:32:18 | 000,310,104 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013.07.04 17:32:18 | 000,310,104 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013.07.04 17:32:18 | 000,242,792 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2013.07.04 17:32:18 | 000,221,024 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2013.07.04 17:32:18 | 000,078,688 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2013.07.04 17:32:16 | 002,032,896 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2013.07.04 17:32:16 | 001,662,024 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2013.07.04 17:32:16 | 000,331,880 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2013.07.04 17:32:16 | 000,124,176 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2013.07.04 17:32:14 | 000,728,680 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2013.07.04 17:32:14 | 000,613,448 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll
[2013.07.04 17:32:14 | 000,242,792 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2013.07.04 17:32:14 | 000,241,768 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2013.07.04 17:32:12 | 007,164,176 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2013.07.04 17:32:12 | 000,434,960 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2013.07.04 17:32:12 | 000,378,000 | ---- | M] (Realtek Semiconductor) -- C:\Windows\SysNative\RtkGuiCompLib.dll
[2013.07.04 17:32:12 | 000,149,608 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2013.07.04 17:32:12 | 000,147,160 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2013.07.04 17:32:12 | 000,075,024 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2013.07.04 17:32:12 | 000,074,064 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2013.07.04 17:32:10 | 002,795,224 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2013.07.04 17:32:10 | 000,198,896 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013.07.04 17:32:10 | 000,155,888 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013.07.04 17:32:08 | 000,491,112 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2013.07.03 19:31:58 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2013.07.02 19:40:45 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2013.06.27 19:49:25 | 000,000,702 | ---- | M] () -- C:\Users\Admin\Desktop\Call of Duty Black Ops 2.lnk
[2013.06.23 22:28:07 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.06.23 22:28:04 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.06.23 22:28:04 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.06.23 22:28:04 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.06.23 22:28:03 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.06.23 22:28:03 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.06.21 15:06:36 | 027,781,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.06.21 15:06:36 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.06.21 15:06:36 | 021,102,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.06.21 15:06:36 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.06.21 15:06:36 | 015,920,536 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.06.21 15:06:36 | 015,144,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.06.21 15:06:36 | 013,411,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.06.21 15:06:36 | 012,427,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.06.21 15:06:36 | 009,239,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.06.21 15:06:36 | 007,687,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.06.21 15:06:36 | 007,641,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.06.21 15:06:36 | 006,324,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.06.21 15:06:36 | 002,953,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.06.21 15:06:36 | 002,936,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013.06.21 15:06:36 | 002,777,888 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.06.21 15:06:36 | 002,597,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.06.21 15:06:36 | 002,363,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.06.21 15:06:36 | 002,002,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.06.21 15:06:36 | 001,832,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6432049.dll
[2013.06.21 15:06:36 | 001,511,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6432049.dll
[2013.06.21 15:06:36 | 001,059,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2013.06.21 15:06:36 | 000,925,648 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.06.21 15:06:36 | 000,572,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2013.06.21 15:06:36 | 000,570,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2013.06.21 15:06:36 | 000,467,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2013.06.21 15:06:36 | 000,465,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2013.06.21 15:06:36 | 000,266,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.06.21 15:06:36 | 000,218,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2013.06.21 15:06:36 | 000,214,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013.06.21 15:06:36 | 000,181,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2013.06.21 15:06:36 | 000,030,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys
[2013.06.21 15:06:36 | 000,021,578 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2013.06.21 13:23:16 | 006,496,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013.06.21 13:23:16 | 003,514,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013.06.21 13:23:10 | 002,555,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013.06.21 13:23:10 | 001,025,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2013.06.21 13:23:10 | 000,237,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013.06.21 13:23:10 | 000,067,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2013.06.21 13:23:10 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013.06.20 07:17:49 | 003,253,909 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.06.18 21:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys
[2013.06.12 02:43:00 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.06.12 02:42:58 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.06.12 02:42:58 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.06.12 02:42:58 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.06.12 02:42:58 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.06.12 02:26:36 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.06.12 02:25:29 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.06.12 02:25:16 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.06.12 02:25:16 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.06.12 02:25:13 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.06.12 02:25:13 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.06.12 02:25:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.06.12 02:25:13 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.06.12 01:51:45 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.06.12 01:50:58 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.06.11 22:44:04 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.06.11 22:44:04 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.10 15:44:08 | 002,080,472 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2013.06.09 18:27:46 | 000,001,293 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2013.06.05 17:47:52 | 000,279,024 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe
[2013.06.05 17:47:50 | 000,529,904 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2013.06.05 17:47:50 | 000,444,400 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2013.06.05 17:47:50 | 000,251,888 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2013.06.05 17:47:50 | 000,165,872 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2013.06.05 17:47:48 | 007,569,392 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\GfxUIEx.exe
[2013.06.05 17:47:48 | 000,752,624 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\GfxUIHotKeyMenu.exe
[2013.06.05 17:47:48 | 000,534,000 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\DPTopologyApp.exe
[2013.06.05 17:47:48 | 000,407,536 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2013.06.05 17:47:46 | 000,397,296 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\CustomModeApp.exe
[2013.06.05 17:47:46 | 000,153,072 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe
[2013.06.04 09:15:04 | 000,708,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinUSBCoInstaller.dll
[2013.06.04 09:15:02 | 000,103,448 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2013.06.04 09:15:00 | 001,490,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01007.dll
[2013.06.04 09:15:00 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2013.06.04 09:00:13 | 000,624,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013.06.04 07:53:07 | 000,509,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013.05.31 13:30:06 | 000,099,800 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys
[2013.05.31 13:30:06 | 000,016,344 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2013.05.24 10:59:38 | 003,948,544 | ---- | M] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2013.05.22 17:52:50 | 000,000,992 | ---- | M] () -- C:\Users\Admin\Desktop\Bandicam.lnk
[2013.05.16 22:36:21 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2013.05.16 21:42:48 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.05.16 21:30:16 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.05.16 21:30:16 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.05.16 21:30:16 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.05.16 21:30:15 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.05.16 21:30:15 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.05.16 21:30:15 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.05.16 21:30:15 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.05.16 21:30:15 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.05.16 21:30:15 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.05.16 21:30:15 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.05.16 21:30:15 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.05.16 21:30:15 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.05.16 21:30:15 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.05.16 21:30:15 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.05.16 21:30:15 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.05.16 21:30:15 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.05.16 21:30:15 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.05.16 21:30:15 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.05.16 21:30:15 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.05.16 21:30:15 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.05.16 21:30:15 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.05.16 21:30:14 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.05.16 21:30:14 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.05.16 21:30:14 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.05.16 21:30:14 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.05.16 21:30:14 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.05.16 21:30:14 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.05.16 21:30:14 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.05.16 21:30:14 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.05.16 21:30:14 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.05.16 21:30:14 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.05.16 21:30:14 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.05.16 21:30:14 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.05.16 21:30:14 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.05.16 21:30:14 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.05.16 21:30:14 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.05.16 21:30:14 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.05.16 21:30:13 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.05.16 21:30:13 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.05.16 21:30:13 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.05.16 21:30:13 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.05.16 21:30:13 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.05.16 21:30:13 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.05.16 21:30:13 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.05.16 21:30:13 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.05.16 21:30:13 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.05.16 21:30:13 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.05.16 21:30:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.05.16 21:30:13 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.05.16 21:30:13 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.05.16 21:30:13 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.05.16 21:30:13 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.05.16 21:30:13 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.05.16 21:30:13 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.05.16 21:30:13 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.05.16 21:28:15 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.05.16 21:28:15 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.05.16 21:28:15 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.05.16 21:28:15 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.05.16 21:28:15 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.05.16 21:28:15 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.05.16 21:28:15 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.05.16 21:28:15 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.05.16 21:28:15 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.05.16 21:28:15 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.05.16 21:28:15 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.05.16 21:28:15 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.05.16 21:28:15 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.05.16 21:28:15 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.05.16 21:28:15 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.05.16 21:28:15 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.05.16 21:28:15 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.05.16 21:28:15 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.05.16 21:28:15 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.05.16 21:28:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.05.16 21:28:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.05.16 21:28:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.05.16 21:28:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.05.16 21:28:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.05.16 21:28:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.05.16 21:28:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.05.16 21:28:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.05.16 21:28:15 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.05.16 21:28:15 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.05.16 21:28:14 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.05.16 21:28:14 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.05.16 21:28:14 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.05.16 21:28:14 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.05.16 21:28:14 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.05.16 21:28:14 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.05.16 21:28:14 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.05.16 21:28:14 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.05.16 20:57:19 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013.05.16 19:52:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
[2013.05.16 11:34:46 | 000,354,376 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsPStor.sys
[2013.05.13 08:51:00 | 001,464,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.05.13 08:51:00 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.05.13 08:50:40 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013.05.13 06:43:55 | 001,192,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013.05.13 06:08:10 | 000,903,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013.05.13 06:08:06 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013.05.10 08:49:27 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013.05.10 06:20:54 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013.05.09 22:41:21 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.05.07 17:25:24 | 000,442,368 | ---- | M] (Intel® Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2013.05.07 17:25:22 | 000,089,600 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v3165.dll
[2013.05.07 17:24:00 | 000,017,610 | ---- | M] () -- C:\Windows\SysNative\iglhxs64.vp
[2013.05.07 17:22:48 | 007,021,568 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\ig7icd64.dll
[2013.05.07 17:22:46 | 008,632,320 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdumdim64.dll
[2013.05.07 17:22:42 | 009,967,616 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igd10iumd64.dll
[2013.05.07 17:22:42 | 004,431,840 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2013.05.07 17:22:42 | 000,286,720 | ---- | M] () -- C:\Windows\SysNative\igdde64.dll
[2013.05.07 17:22:40 | 000,117,760 | ---- | M] () -- C:\Windows\SysNative\igdail64.dll
[2013.05.07 17:22:18 | 001,690,112 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdrcl64.dll
[2013.05.07 17:22:06 | 000,322,560 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdbcl64.dll
[2013.05.07 17:22:00 | 000,258,560 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\IntelOpenCL64.dll
[2013.05.07 17:21:44 | 001,564,672 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdrcl32.dll
[2013.05.07 17:21:30 | 000,279,040 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdbcl32.dll
[2013.05.07 17:21:26 | 000,203,264 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\IntelOpenCL32.dll
[2013.05.07 17:21:06 | 024,283,136 | ---- | M] () -- C:\Windows\SysNative\igdfcl64.dll
[2013.05.07 17:20:34 | 005,452,288 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\ig7icd32.dll
[2013.05.07 17:20:28 | 007,836,160 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdumdim32.dll
[2013.05.07 17:20:26 | 009,517,056 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igd10iumd32.dll
[2013.05.07 17:20:26 | 000,240,640 | ---- | M] () -- C:\Windows\SysWow64\igdde32.dll
[2013.05.07 17:20:24 | 000,103,936 | ---- | M] () -- C:\Windows\SysWow64\igdail32.dll
[2013.05.07 17:17:44 | 000,353,792 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2013.05.07 17:17:42 | 000,025,088 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2013.05.07 17:17:16 | 008,900,096 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2013.05.07 17:17:16 | 004,058,624 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\MetroIntelGenericUIFramework.dll
[2013.05.07 17:17:16 | 000,444,416 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2013.05.07 17:17:16 | 000,444,416 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2013.05.07 17:17:16 | 000,443,904 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2013.05.07 17:17:16 | 000,443,904 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2013.05.07 17:17:16 | 000,443,904 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2013.05.07 17:17:16 | 000,443,392 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2013.05.07 17:17:16 | 000,443,392 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2013.05.07 17:17:16 | 000,443,392 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2013.05.07 17:17:16 | 000,442,880 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2013.05.07 17:17:16 | 000,442,880 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc
[2013.05.07 17:17:16 | 000,442,880 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2013.05.07 17:17:16 | 000,442,880 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc
[2013.05.07 17:17:16 | 000,442,880 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2013.05.07 17:17:16 | 000,442,368 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2013.05.07 17:17:16 | 000,442,368 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2013.05.07 17:17:16 | 000,442,368 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2013.05.07 17:17:16 | 000,441,856 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2013.05.07 17:17:16 | 000,441,344 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2013.05.07 17:17:16 | 000,441,344 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2013.05.07 17:17:16 | 000,441,344 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2013.05.07 17:17:16 | 000,440,832 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2013.05.07 17:17:16 | 000,440,832 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2013.05.07 17:17:16 | 000,440,320 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2013.05.07 17:17:16 | 000,439,296 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2013.05.07 17:17:16 | 000,438,784 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2013.05.07 17:17:16 | 000,434,688 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2013.05.07 17:17:16 | 000,433,152 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2013.05.07 17:17:16 | 000,431,104 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2013.05.07 17:17:16 | 000,430,592 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2013.05.07 17:17:16 | 000,357,888 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2013.05.07 17:17:16 | 000,345,600 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2013.05.07 17:17:16 | 000,288,768 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2013.05.07 17:17:16 | 000,257,719 | ---- | M] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2013.05.07 17:17:16 | 000,190,976 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2013.05.07 17:17:16 | 000,169,117 | ---- | M] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2013.05.07 17:17:16 | 000,166,495 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2013.05.07 17:17:16 | 000,166,190 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2013.05.07 17:17:16 | 000,161,423 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2013.05.07 17:17:16 | 000,148,451 | ---- | M] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2013.05.07 17:17:16 | 000,146,731 | ---- | M] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2013.05.07 17:17:16 | 000,140,288 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2013.05.07 17:17:16 | 000,124,928 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2013.05.07 17:17:16 | 000,108,032 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2013.05.07 17:17:16 | 000,066,048 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2013.05.07 17:17:16 | 000,012,288 | ---- | M] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2013.05.07 17:17:14 | 002,384,896 | ---- | M] () -- C:\Windows\SysNative\GfxRes.dll
[2013.05.07 17:17:14 | 000,243,838 | ---- | M] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2013.05.07 17:17:14 | 000,226,564 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2013.05.07 17:17:14 | 000,193,244 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2013.05.07 17:17:14 | 000,190,556 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2013.05.07 17:17:14 | 000,185,171 | ---- | M] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2013.05.07 17:17:14 | 000,173,987 | ---- | M] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2013.05.07 17:17:14 | 000,173,676 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2013.05.07 17:17:14 | 000,171,646 | ---- | M] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2013.05.07 17:17:14 | 000,171,296 | ---- | M] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2013.05.07 17:17:14 | 000,171,245 | ---- | M] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2013.05.07 17:17:14 | 000,169,771 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2013.05.07 17:17:14 | 000,168,931 | ---- | M] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2013.05.07 17:17:14 | 000,168,556 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2013.05.07 17:17:14 | 000,168,182 | ---- | M] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2013.05.07 17:17:14 | 000,167,577 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2013.05.07 17:17:14 | 000,166,682 | ---- | M] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2013.05.07 17:17:14 | 000,166,200 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2013.05.07 17:17:14 | 000,165,749 | ---- | M] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2013.05.07 17:17:14 | 000,164,782 | ---- | M] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2013.05.07 17:17:14 | 000,160,394 | ---- | M] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2013.05.07 17:17:14 | 000,159,763 | ---- | M] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2013.05.07 17:17:14 | 000,155,178 | ---- | M] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2013.05.07 17:17:14 | 000,029,184 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2013.05.07 17:16:22 | 019,587,072 | ---- | M] () -- C:\Windows\SysWow64\igdfcl32.dll
[2013.05.07 17:12:30 | 003,411,456 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdusc32.dll
[2013.05.07 17:12:18 | 004,369,920 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdusc64.dll
[2013.05.06 09:03:49 | 001,887,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013.05.06 07:56:35 | 001,620,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013.04.30 10:43:42 | 002,064,896 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll
[2013.04.30 10:43:42 | 001,814,016 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll
[2013.04.30 10:43:42 | 000,145,920 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2013.04.30 10:43:42 | 000,138,240 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfx11cmrt64.dll
[2013.04.30 10:43:42 | 000,124,416 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2013.04.30 10:43:42 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfx11cmrt32.dll
[2013.04.26 16:45:22 | 000,128,200 | ---- | M] (Qualcomm Atheros Co., Ltd.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2013.04.26 08:51:36 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.04.26 07:55:21 | 000,492,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.04.26 02:30:32 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.04.25 18:12:12 | 009,889,352 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RtsPStorIcon.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.07.18 19:41:08 | 000,000,098 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013.07.17 20:58:23 | 000,615,249 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2013.07.17 00:01:05 | 000,001,304 | ---- | C] () -- C:\Users\Admin\Desktop\Notepad.lnk
[2013.07.16 23:34:26 | 000,374,955 | ---- | C] () -- C:\Users\Admin\Desktop\OptiFine_1.6.2_HD_U_B2.zip
[2013.07.08 00:42:55 | 003,253,909 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.07.08 00:37:27 | 000,021,578 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2013.07.08 00:09:36 | 000,001,351 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013.07.03 19:31:58 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2013.07.02 19:40:45 | 000,000,926 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2013.06.27 19:49:25 | 000,000,702 | ---- | C] () -- C:\Users\Admin\Desktop\Call of Duty Black Ops 2.lnk
[2013.06.09 16:56:44 | 000,001,293 | ---- | C] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2013.05.22 17:52:50 | 000,000,992 | ---- | C] () -- C:\Users\Admin\Desktop\Bandicam.lnk
[2013.05.16 22:36:20 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2013.05.16 21:30:14 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.05.16 21:30:14 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.05.16 20:57:19 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013.05.16 19:52:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
[2013.05.07 17:24:00 | 000,017,610 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2013.05.07 17:22:42 | 000,286,720 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2013.05.07 17:22:40 | 000,117,760 | ---- | C] () -- C:\Windows\SysNative\igdail64.dll
[2013.05.07 17:21:06 | 024,283,136 | ---- | C] () -- C:\Windows\SysNative\igdfcl64.dll
[2013.05.07 17:20:26 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013.05.07 17:20:24 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2013.05.07 17:17:16 | 000,257,719 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2013.05.07 17:17:16 | 000,169,117 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2013.05.07 17:17:16 | 000,166,495 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2013.05.07 17:17:16 | 000,166,190 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2013.05.07 17:17:16 | 000,161,423 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2013.05.07 17:17:16 | 000,148,451 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2013.05.07 17:17:16 | 000,146,731 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2013.05.07 17:17:16 | 000,012,288 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2013.05.07 17:17:14 | 002,384,896 | ---- | C] () -- C:\Windows\SysNative\GfxRes.dll
[2013.05.07 17:17:14 | 000,243,838 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2013.05.07 17:17:14 | 000,226,564 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2013.05.07 17:17:14 | 000,193,244 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2013.05.07 17:17:14 | 000,190,556 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2013.05.07 17:17:14 | 000,185,171 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2013.05.07 17:17:14 | 000,173,987 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2013.05.07 17:17:14 | 000,173,676 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2013.05.07 17:17:14 | 000,171,646 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2013.05.07 17:17:14 | 000,171,296 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2013.05.07 17:17:14 | 000,171,245 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2013.05.07 17:17:14 | 000,169,771 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2013.05.07 17:17:14 | 000,168,931 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2013.05.07 17:17:14 | 000,168,556 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2013.05.07 17:17:14 | 000,168,182 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2013.05.07 17:17:14 | 000,167,577 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2013.05.07 17:17:14 | 000,166,682 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2013.05.07 17:17:14 | 000,166,200 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2013.05.07 17:17:14 | 000,165,749 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2013.05.07 17:17:14 | 000,164,782 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2013.05.07 17:17:14 | 000,160,394 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2013.05.07 17:17:14 | 000,159,763 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2013.05.07 17:17:14 | 000,155,178 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2013.05.07 17:16:22 | 019,587,072 | ---- | C] () -- C:\Windows\SysWow64\igdfcl32.dll
[2013.04.18 19:06:46 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2013.04.18 19:06:46 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2013.04.18 19:06:46 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2013.04.18 19:06:46 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2013.04.10 19:43:14 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\SecuredImage32.dll
[2013.03.13 21:09:55 | 000,007,617 | ---- | C] () -- C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
[2013.03.04 22:01:45 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.03.04 22:01:41 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.12.31 03:27:35 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.12.31 03:27:35 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.12.31 03:27:35 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2012.12.31 03:27:30 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.12.31 01:47:35 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.12.30 17:52:57 | 000,767,034 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.12.30 17:06:36 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012.12.29 21:00:47 | 000,000,155 | ---- | C] () -- C:\Windows\winamp.ini
[2012.12.29 20:12:48 | 000,735,796 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012.12.29 20:12:48 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012.12.14 03:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.12.14 03:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012.11.21 01:32:40 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.11.19 10:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2012.11.19 10:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011.12.08 17:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009.07.14 07:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 08:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 07:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 04:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 06:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 04:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.07.20 22:47:32 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\.minecraft
[2013.07.07 13:39:56 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Acronis
[2013.07.08 00:58:19 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\AIMP3
[2012.12.29 21:02:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ashampoo
[2013.05.22 17:54:01 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BANDISOFT
[2013.06.13 14:02:47 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BSplayer PRO
[2013.07.15 00:21:31 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2012.12.31 18:20:17 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LolClient
[2013.07.16 10:20:21 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\MusicNet
[2013.07.11 10:20:10 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Rogue Legacy
[2013.07.02 23:05:28 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Samsung
[2013.07.22 18:21:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\uTorrent
[2013.06.27 09:41:25 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\wargaming.net

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 09:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 09:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 09:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 06:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 08:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 08:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 06:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SERVICES.EXE >
[2009.07.14 04:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 04:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 04:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 04:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 04:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 04:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010.11.21 06:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 06:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 06:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 06:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 06:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 06:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< %systemroot%\*. /rp /s >

< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ATA TOSHIBA MQ01ABD0 SCSI Disk Device
Partitions: 3
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100,00MB
Starting Offset: 1048576
Hidden sectors: 0

DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 146,00GB
Starting Offset: 105906176
Hidden sectors: 0

DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 552,00GB
Starting Offset: 157287448576
Hidden sectors: 0

< End of report >

Extras.Txt

icotonev · Юли 23, 2013

http://www.techsupportforum.com/images/smilies/i_arrow-r.gif Стартирайте отново OTL, копирайте (Copy) и поставете (Paste) скриптовия текст от текстовото поле по-долу под колонката Custom Scans/Fixes, като не забравяте да копирате скрипта 1 към 1, както и двете точки преди първия ред на скрипта.

:OTL
O2 - BHO: (no name) - {45177936-603b-4261-8d42-df6f7091d5d0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {45177936-603b-4261-8d42-df6f7091d5d0} - No CLSID value found.
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.3.3.123
O33 - MountPoints2\{2bda8de4-51da-11e2-a5af-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ea94aec9-51d6-11e2-badb-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell - "" = AutoRun[
 
autorun.inf /alldrives
recycler /alldrives
ipconfig /flushdns /c

:Commands
[purity]
[emptytemp]
[clearallrestorepoints]
[Reboot]

http://www.techsupportforum.com/images/smilies/i_exclaim.gif След като въведете скрипта от цитата по-горе натиснете бутона, маркиран в червено: Run Fix
Windows ще се рестартира и ще се създаде лог файл. Публикувайте съдържанието му с Copy/Paste в следващия си коментар.
По време на фикса с инструмента, не използвайте компютъра си!

rucho · Юли 26, 2013

от OTL:

All processes killed

========== OTL ==========

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45177936-603b-4261-8d42-df6f7091d5d0}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45177936-603b-4261-8d42-df6f7091d5d0}\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{45177936-603b-4261-8d42-df6f7091d5d0} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45177936-603b-4261-8d42-df6f7091d5d0}\ not found.

Prefs.js: toolbar@ask.com:3.3.3.123 removed from extensions.enabledItems

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2bda8de4-51da-11e2-a5af-806e6f6e6963}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2bda8de4-51da-11e2-a5af-806e6f6e6963}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea94aec9-51d6-11e2-badb-806e6f6e6963}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ea94aec9-51d6-11e2-badb-806e6f6e6963}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ deleted successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: Admin

->Temp folder emptied: 2787315 bytes

->Temporary Internet Files folder emptied: 587908166 bytes

->Java cache emptied: 7963334 bytes

->FireFox cache emptied: 468446535 bytes

->Google Chrome cache emptied: 23015918 bytes

->Flash cache emptied: 12084 bytes

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 1715757 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 13062787 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42303167 bytes

RecycleBin emptied: 5445653796 bytes

Total Files Cleaned = 6 287,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 07252013_212231

Files\Folders moved on Reboot...

C:\Users\Admin\AppData\Local\Temp\Low\JavaDeployReg.log moved successfully.

C:\Users\Admin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

C:\Users\Admin\AppData\Local\Temp\MMDUtl.log moved successfully.

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0FL3B3T\fastbutton[2].htm moved successfully.

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0FL3B3T\gplus_notifications_gadget[1].htm moved successfully.

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X0FL3B3T\plusone_gadget[1].htm moved successfully.

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QH1N6H1T\like[1].htm moved successfully.

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCR4J8CL\16811-начална-страница-askcom-в-гугъл-хром[1].htm moved successfully.

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCR4J8CL\fastbutton[3].htm moved successfully.

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCR4J8CL\fastbutton[5].htm moved successfully.

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LN60QHXD\xd_arbiter[1].htm moved successfully.

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8TS9MR1D\fastbutton[3].htm moved successfully.

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7L3BNQ96\fastbutton[5].htm moved successfully.

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1XKZ3OXC\fastbutton[3].htm moved successfully.

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1XKZ3OXC\frame[1].htm moved successfully.

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1XKZ3OXC\xd_arbiter[1].htm moved successfully.

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\7A7E08C8-3FF5-45F2-873D-A84D669DC82F.dat moved successfully.

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.

File move failed. C:\Windows\temp\LMutilps32.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

ето лога от ESET:

ESETSmartInstaller@High as downloader log:

all ok

esets_scanner_update returned -1 esets_gle=12

ESETSmartInstaller@High as downloader log:

all ok

esets_scanner_update returned -1 esets_gle=12

esets_scanner_update returned -1 esets_gle=41217

esets_scanner_update returned -1 esets_gle=12

ESETSmartInstaller@High as downloader log:

all ok

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=6c58add8a603a04cafbe2ffb0cd288fc

# engine=14530

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2013-07-26 07:57:02

# local_time=2013-07-26 10:57:02 )

# country="Bulgaria"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=5893 16776574 100 94 1340275 126455272 0 0

# scanned=192381

# found=12

# cleaned=0

# scan_time=48056

sh=5284172296C668B6F0CA367D0DF3DF7F27C7671D ft=1 fh=658ce25f9a83cc62 vn="a variant of Win32/HackTool.Patcher.U application" ac=I fn="C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\YTD Video Downloader Pro V4.0_Patch.exe"

sh=B30559AA97AE446F2BDD6EBFF7A92FF1907A76ED ft=1 fh=3f7f9ad8b6153593 vn="a variant of Win32/Packed.VMProtect.AAD trojan" ac=I fn="C:\Program Files (x86)\Ubisoft\Assassin's Creed III\ubiorbitapi_r2_loader.dll"

sh=E6051FAC291DD49FF4D1E89440CA68EB41971880 ft=1 fh=b46d2697b7f4f08e vn="Win32/AdInstaller application" ac=I fn="C:\Users\Admin\AppData\Roaming\.minecraft\texturepacks\VideoDownloadConvert.exe"

sh=628661FEA5EDC2E0959D581BF02C867ABFFF0CCE ft=1 fh=5ab1961b84798ced vn="a variant of Win32/SoftonicDownloader.E application" ac=I fn="D:\Ivelin\GAMES\SoftonicDownloader_for_fantasy-kingdom-defense.exe"

sh=FA6135074EC0662B8A9D616B3A91DFC85DF28780 ft=1 fh=8448a62bdab78d9f vn="a variant of Win32/Bundled.Toolbar.Ask.D application" ac=I fn="D:\Software\YTDSetup.exe"

sh=CABED8D4C564AB4BD6B609764D5A5C348415BC89 ft=1 fh=161c19dc18290465 vn="a variant of Win32/Keygen.AC application" ac=I fn="D:\Software\BS.Player Pro v2.62 Build 1068 Final + Portable Ml_Rus\BS.Player Pro v2.62 Build 1068 Portable.exe"

sh=F7D1505557EA13416E9FBF941A8C15D0AA178FA5 ft=1 fh=df314c37cc852e13 vn="a variant of Win32/Keygen.AI application" ac=I fn="D:\Software\WinRar.5.0.b5\KEYGEN-FFF.exe"

sh=5284172296C668B6F0CA367D0DF3DF7F27C7671D ft=1 fh=658ce25f9a83cc62 vn="a variant of Win32/HackTool.Patcher.U application" ac=I fn="D:\Software\YOUTUBE i dr. video\YTD Video Downloader Pro V4.0 Cracked by iraq_att\YTD Video Downloader Pro V4.0_Patch.exe"

sh=1C9240B924C9E0BC8F9AA36B8660FC1D0B9A5DEE ft=1 fh=dc406a0bd47ea305 vn="a variant of Win32/Bundled.Toolbar.Ask.D application" ac=I fn="D:\Software\YOUTUBE i dr. video\YTD Video Downloader Pro V4.0 Cracked by iraq_att\YTDSetup.exe"

sh=22B409EF1283A0C1CB2F585DA21259127AE7278D ft=0 fh=0000000000000000 vn="a variant of Win32/Keygen.AC application" ac=I fn="D:\Torrents\BS.Player.Pro.2.52.1030-CORE.rar"

sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAD trojan" ac=I fn="D:\Torrents\Assassins.Creed.III.Proper-RELOADED\rld-aiii.iso"

sh=62A36507D093807BF561CF2BC7F62D6B49DD0BDF ft=0 fh=0000000000000000 vn="a variant of Win32/Keygen.AC application" ac=I fn="D:\Torrents\BSPlayer Pro 2.56 Build 1043\keygen.rar"

Лога от Malwarebytes Anti-Malware някак се затри и не можах да го намеря. Съдържаше само няколко крака и пача, които са в папката на изтеглените торенти.

Могат ли тези пачове след като си седят в папката с торентите и не се ползват да правят беля (ако съдържат вируси и др. подобни).

Благодаря ви за вниманието и търпението!

Поздрави!

icotonev · Юли 28, 2013

Здравейте отново..!След процедурите до тук наблюдавате ли първоначалните проблеми..? Има ли нещо което е "проблемно" по системата ви..?

Влез

Начална страница - Ask.com в гугъл хром

Препоръчан пост

rucho

Link to comment

Сподели другаде

icotonev

Link to comment

Сподели другаде

rucho

Link to comment

Сподели другаде

rucho

Link to comment

Сподели другаде

icotonev

Link to comment

Сподели другаде

rucho

Link to comment

Сподели другаде

icotonev

Link to comment

Сподели другаде

rucho

Link to comment

Сподели другаде

icotonev

Link to comment

Сподели другаде

Join the conversation

Разгледай

Какво ново?