Advertisement
Guest User

Untitled

a guest
Oct 20th, 2014
521
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 72.40 KB | None | 0 0
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-10-2014
  2. Ran by mateo (administrator) on MATEO-PC on 20-10-2014 13:11:36
  3. Running from C:\Users\mateo\Downloads
  4. Loaded Profile: mateo (Available profiles: mateo)
  5. Platform: Microsoft Windows 7 Ultimate (X86) OS Language: English (United States)
  6. Internet Explorer Version 8
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
  15. (BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
  16. (BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
  17. (Infowatch) C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
  18. (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
  19. (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
  20. (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
  21. (Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
  22. (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
  23. (Intel Corporation) C:\Windows\System32\igfxtray.exe
  24. (Intel Corporation) C:\Windows\System32\hkcmd.exe
  25. (Intel Corporation) C:\Windows\System32\igfxpers.exe
  26. (BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
  27. (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
  28. (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
  29. (Microsoft Corporation) C:\Windows\System32\mstsc.exe
  30. (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
  31. (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
  32. (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
  33. (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
  34. (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
  35. (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
  36.  
  37.  
  38. ==================== Registry (Whitelisted) ==================
  39.  
  40. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  41.  
  42. HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
  43. HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
  44. HKLM\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
  45. HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [843480 2014-10-07] (BlueStack Systems, Inc.)
  46. HKLM\...\Run: [AVP] => C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
  47. ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll (Kaspersky Lab ZAO)
  48. BootExecute: autocheck autochk *
  49. GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
  50. CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  51.  
  52. ==================== Internet (Whitelisted) ====================
  53.  
  54. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  55.  
  56. HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
  57. HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2605729B41E9CF01
  58. HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
  59. BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
  60. BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
  61. BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
  62. BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
  63. BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
  64. BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
  65. Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
  66. Tcpip\..\Interfaces\{866DDE8F-E090-44BB-9737-F296FDC674A1}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
  67.  
  68. FireFox:
  69. ========
  70. FF ProfilePath: C:\Users\mateo\AppData\Roaming\Mozilla\Firefox\Profiles\xuy9cj91.default
  71. FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
  72. FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
  73. FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  74. FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
  75. FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
  76. FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
  77. FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
  78. FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
  79. FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eudict.xml
  80. FF Extension: 360网页保护 - C:\Users\mateo\AppData\Roaming\Mozilla\Firefox\Profiles\xuy9cj91.default\Extensions\webshield@360safe.com [2014-10-17]
  81. FF Extension: Widevine Media Optimizer - C:\Users\mateo\AppData\Roaming\Mozilla\Firefox\Profiles\xuy9cj91.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2014-10-18]
  82. FF Extension: Adblock Plus - C:\Users\mateo\AppData\Roaming\Mozilla\Firefox\Profiles\xuy9cj91.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-18]
  83. FF Extension: GOSaevee - C:\Program Files\Mozilla Firefox\browser\extensions\4@o9.org [2014-10-16]
  84. FF Extension: YouTUUbaeAAddBlocke - C:\Program Files\Mozilla Firefox\browser\extensions\EYJ@fPFqO.org [2014-10-16]
  85. FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
  86. FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2014-10-20]
  87. FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
  88. FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2014-10-20]
  89. FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
  90. FF Extension: Gevaarlijke websiteblokkering - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2014-10-20]
  91. FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
  92. FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2014-10-20]
  93. FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
  94. FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2014-10-20]
  95.  
  96. Chrome:
  97. =======
  98. CHR dev: Chrome dev build detected! <======= ATTENTION
  99. CHR Profile: C:\Users\mateo\AppData\Local\Google\Chrome\User Data\Default
  100. CHR Extension: (Enhance Browser) - C:\Users\mateo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgcophbdfpadgldcknohpaebpalmelep [2014-10-16]
  101. CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2013-11-11]
  102. CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx [2013-11-11]
  103. CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx [2013-11-11]
  104. CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx [2013-11-11]
  105. CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2013-11-11]
  106.  
  107. ========================== Services (Whitelisted) =================
  108.  
  109. (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
  110.  
  111. R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
  112. S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [409304 2014-10-07] (BlueStack Systems, Inc.)
  113. R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-07] (BlueStack Systems, Inc.)
  114. R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [782040 2014-10-07] (BlueStack Systems, Inc.)
  115. S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279024 2014-01-29] (Intel Corporation)
  116. R2 CSObjectsSrv; C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [818888 2013-09-25] (Infowatch)
  117. S2 FSORSPClient; C:\Program Files\F-Secure\apps\CCF_Reputation\fsorsp.exe [60456 2014-06-24] (F-Secure Corporation)
  118. R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
  119. R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
  120.  
  121. ==================== Drivers (Whitelisted) ====================
  122.  
  123. (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
  124.  
  125. R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [112344 2014-10-07] (BlueStack Systems)
  126. R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [88632 2011-06-02] (Infowatch)
  127. R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [39736 2011-06-02] (Infowatch)
  128. R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-04-26] (Intel Corporation)
  129. R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [361968 2013-04-26] (Intel Corporation)
  130. R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [793072 2013-04-26] (Intel Corporation)
  131. R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2014-10-20] (Kaspersky Lab ZAO)
  132. R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [597568 2014-10-20] (Kaspersky Lab ZAO)
  133. R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2014-10-20] (Kaspersky Lab ZAO)
  134. R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2013-11-11] (Kaspersky Lab ZAO)
  135. R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-11-11] (Kaspersky Lab ZAO)
  136. R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [44000 2013-11-11] (Kaspersky Lab ZAO)
  137. R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145040 2013-11-11] (Kaspersky Lab ZAO)
  138. R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-10-01] (Malwarebytes Corporation)
  139. R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-10-20] (Malwarebytes Corporation)
  140. R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-10-01] (Malwarebytes Corporation)
  141. R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [33056 2011-06-15] (Realtek )
  142. S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [49808 2012-07-03] (Realtek Corporation)
  143. S3 RTVLANPT; C:\Windows\System32\DRIVERS\RtVlan620.sys [27792 2012-09-01] (Realtek Corporation)
  144. S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
  145. S3 hitmanpro37; \??\C:\Windows\system32\drivers\hitmanpro37.sys [X]
  146. U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74848 2014-10-20] (Kaspersky Lab ZAO)
  147. S1 MpKslc6c4b780; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{22350FE3-4552-4BF5-BE14-345457B9E2EF}\MpKslc6c4b780.sys [X]
  148.  
  149. ========================== Drivers MD5 =======================
  150.  
  151. C:\Windows\system32\DRIVERS\1394ohci.sys 6D2ACA41739BFE8CB86EE8E85F29697D
  152. C:\Windows\System32\DRIVERS\ACPI.sys ==> MD5 is legit
  153. C:\Windows\system32\DRIVERS\acpipmi.sys ==> MD5 is legit
  154. C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
  155. C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
  156. C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
  157. C:\Windows\system32\drivers\afd.sys DDC040FDB01EF1712A6B13E52AFB104C
  158. C:\Windows\system32\DRIVERS\agp440.sys ==> MD5 is legit
  159. C:\Windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit
  160. C:\Windows\system32\DRIVERS\aliide.sys ==> MD5 is legit
  161. C:\Windows\system32\DRIVERS\amdagp.sys ==> MD5 is legit
  162. C:\Windows\system32\DRIVERS\amdide.sys ==> MD5 is legit
  163. C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
  164. C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
  165. C:\Windows\system32\DRIVERS\amdsata.sys 2101A86C25C154F8314B24EF49D7FBC2
  166. C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
  167. C:\Windows\System32\DRIVERS\amdxata.sys B81C2B5616F6420A9941EA093A92B150
  168. C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
  169. C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
  170. C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
  171. C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
  172. C:\Windows\System32\DRIVERS\atapi.sys ==> MD5 is legit
  173. C:\Windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit
  174. C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
  175. C:\Windows\system32\Drivers\Beep.sys ==> MD5 is legit
  176. C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
  177. C:\Windows\System32\DRIVERS\bowser.sys FCAFAEF6798D7B51FF029F99A9898961
  178. C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
  179. C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
  180. C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
  181. C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
  182. C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
  183. C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
  184. C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys B34032D5C6C90A8EF8A8B43D1AD2C785
  185. C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
  186. C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
  187. C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
  188. C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
  189. C:\Windows\System32\CLFS.sys ==> MD5 is legit
  190. C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
  191. C:\Windows\system32\DRIVERS\cmdide.sys ==> MD5 is legit
  192. C:\Windows\System32\Drivers\cng.sys ==> MD5 is legit
  193. C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
  194. C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
  195. C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
  196. C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
  197. C:\Windows\System32\DRIVERS\CSCrySec.sys 64D579F38C5FADFB05182B34808469E1
  198. C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys 4CEDBC3811E655567D99D3123804647B
  199. C:\Windows\System32\Drivers\dfsc.sys 8E09E52EE2E3CEB199EF3DD99CF9E3FB
  200. C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
  201. C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
  202. C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
  203. C:\Windows\System32\drivers\dxgkrnl.sys 39806CFEDDCC55E686A49BCCD2972F23
  204. C:\Windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit
  205. C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
  206. C:\Windows\system32\DRIVERS\errdev.sys ==> MD5 is legit
  207. C:\Windows\system32\Drivers\exfat.sys ==> MD5 is legit
  208. C:\Windows\system32\Drivers\fastfat.sys ==> MD5 is legit
  209. C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
  210. C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
  211. C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
  212. C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legitB
  213. C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
  214. C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
  215. C:\Windows\system32\Drivers\Fs_Rec.sys ==> MD5 is legit
  216. C:\Windows\System32\DRIVERS\fvevol.sys 5592F5DBA26282D24D2B080EB438A4D7
  217. C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
  218. C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
  219. C:\Windows\System32\drivers\HdAudio.sys ==> MD5 is legit
  220. C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
  221. C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
  222. C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
  223. C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
  224. C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
  225. C:\Windows\system32\DRIVERS\HpSAMD.sys ==> MD5 is legit
  226. C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
  227. C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
  228. C:\Windows\system32\DRIVERS\i8042prt.sys ==> MD5 is legit
  229. C:\Windows\system32\DRIVERS\iaStorV.sys 934AF4D7C5F457B9F0743F4299B77B67
  230. C:\Windows\System32\DRIVERS\igdkmd32.sys 2D181F82AB145A4E91329F702736D749
  231. C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
  232. C:\Windows\system32\DRIVERS\intelide.sys ==> MD5 is legit
  233. C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
  234. C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
  235. C:\Windows\system32\DRIVERS\IPMIDrv.sys ==> MD5 is legit
  236. C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
  237. C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
  238. C:\Windows\system32\DRIVERS\isapnp.sys ==> MD5 is legit
  239. C:\Windows\system32\DRIVERS\msiscsi.sys ==> MD5 is legit
  240. C:\Windows\System32\DRIVERS\iusb3hcs.sys 4232E075A2E1C2E01B83666B0885C35F
  241. C:\Windows\System32\DRIVERS\iusb3hub.sys 90DCED9D906CFC405D09A21B16EAD0D7
  242. C:\Windows\System32\DRIVERS\iusb3xhc.sys 92A7944E8379F910BEF44858D43FF7C1
  243. C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
  244. C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
  245. C:\Windows\System32\DRIVERS\kl1.sys 871C226234A48C24DFE7478F36C0050C
  246. C:\Windows\System32\DRIVERS\klif.sys 858D72CEE50BBAB81A965AC3001CDAF8
  247. C:\Windows\System32\DRIVERS\klim6.sys 039FB019C92A16A54FE527D93B0CFB96
  248. C:\Windows\System32\DRIVERS\klkbdflt.sys 249A266AF74ADE44AE8424E78D145E09
  249. C:\Windows\System32\DRIVERS\klmouflt.sys 035724BA6D5676B76FD3AFB66AB4F1E3
  250. C:\Windows\System32\DRIVERS\kltdi.sys 8FD802F86D4AB3FB329B8E51517BFF2A
  251. C:\Windows\System32\DRIVERS\kneps.sys 8F932DF10408BCABA2FCF6163C843F8E
  252. C:\Windows\System32\Drivers\ksecdd.sys ==> MD5 is legit
  253. C:\Windows\System32\Drivers\ksecpkg.sys ==> MD5 is legit
  254. C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
  255. C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
  256. C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
  257. C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
  258. C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
  259. C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
  260. C:\Windows\system32\drivers\mbam.sys D2DED3C333A5D9CB3F4C244B0F0DD877
  261. C:\Windows\system32\drivers\MBAMSwissArmy.sys 8E2E9CCD873ABF180F48BCAEEEBE347D
  262. C:\Windows\system32\drivers\mwac.sys 7A6526C8BD114DB7CA8930AB22D52A0B
  263. C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
  264. C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
  265. C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
  266. C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
  267. C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
  268. C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
  269. C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
  270. C:\Windows\system32\DRIVERS\mpio.sys ==> MD5 is legit
  271. C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
  272. C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
  273. C:\Windows\System32\DRIVERS\mrxsmb.sys F4A054BE78AF7F410129C4B64B07DC9B
  274. C:\Windows\System32\DRIVERS\mrxsmb10.sys DEFFA295BD1895C6ED8E3078412AC60B
  275. C:\Windows\System32\DRIVERS\mrxsmb20.sys 24D76ABE5DCAD22F19D105F76FDF0CE1
  276. C:\Windows\system32\DRIVERS\msahci.sys ==> MD5 is legit
  277. C:\Windows\system32\DRIVERS\msdsm.sys ==> MD5 is legit
  278. C:\Windows\system32\Drivers\Msfs.sys ==> MD5 is legit
  279. C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
  280. C:\Windows\System32\DRIVERS\msisadrv.sys ==> MD5 is legit
  281. C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
  282. C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
  283. C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
  284. C:\Windows\system32\Drivers\MsRPC.sys ==> MD5 is legit
  285. C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
  286. C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
  287. C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
  288. C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
  289. C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
  290. C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
  291. C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
  292. C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
  293. C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
  294. C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
  295. C:\Windows\system32\Drivers\NDProxy.sys ==> MD5 is legit
  296. C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
  297. C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
  298. C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
  299. C:\Windows\system32\Drivers\Npfs.sys ==> MD5 is legit
  300. C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
  301. C:\Windows\system32\Drivers\Ntfs.sys 3795DCD21F740EE799FB7223234215AF
  302. C:\Windows\system32\Drivers\Null.sys ==> MD5 is legit
  303. C:\Windows\system32\DRIVERS\nvraid.sys 3F3D04B1D08D43C16EA7963954EC768D
  304. C:\Windows\system32\DRIVERS\nvstor.sys C99F251A5DE63C6F129CF71933ACED0F
  305. C:\Windows\system32\DRIVERS\nv_agp.sys ==> MD5 is legit
  306. C:\Windows\system32\DRIVERS\ohci1394.sys ==> MD5 is legit
  307. C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
  308. C:\Windows\System32\drivers\partmgr.sys ==> MD5 is legit
  309. C:\Windows\system32\DRIVERS\parvdm.sys ==> MD5 is legit
  310. C:\Windows\System32\DRIVERS\pci.sys C858CB77C577780ECC456A892E7E7D0F
  311. C:\Windows\System32\DRIVERS\pciide.sys ==> MD5 is legit
  312. C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
  313. C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
  314. C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
  315. C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
  316. C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
  317. C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
  318. C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
  319. C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
  320. C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
  321. C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
  322. C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
  323. C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
  324. C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
  325. C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
  326. C:\Windows\System32\DRIVERS\rdbss.sys 835D7E81BF517A3B72384BDCC85E1CE6
  327. C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
  328. C:\Windows\System32\DRIVERS\RDPCDD.sys 1E016846895B15A99F9A176A05029075
  329. C:\Windows\System32\drivers\rdpdr.sys C5FF95883FFEF704D50C40D21CFB3AB5
  330. C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
  331. C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
  332. C:\Windows\system32\Drivers\RDPWD.sys 801371BA9782282892D00AADB08EE367
  333. C:\Windows\System32\drivers\rdyboost.sys 4EA225BF1CF05E158853F30A99CA29A7
  334. C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
  335. C:\Windows\System32\DRIVERS\Rt86win7.sys 282C64DEE8300FA717844ECC9BA5B27A
  336. C:\Windows\System32\DRIVERS\RtNdPt60.sys 32A7DBFAC034DFEDBB031E67BB886BF7
  337. C:\Windows\System32\DRIVERS\RtTeam620.sys 731DDC0D6822500B5ABCF61F1B92B5E5
  338. C:\Windows\System32\DRIVERS\RtVlan620.sys C916306B9C2E2CF245751F9874D8CE47
  339. C:\Windows\system32\DRIVERS\vms3cap.sys 5423D8437051E89DD34749F242C98648
  340. C:\Windows\system32\DRIVERS\sbp2port.sys 34EE0C44B724E3E4CE2EFF29126DE5B5
  341. C:\Windows\System32\DRIVERS\scfilter.sys A95C54B2AC3CC9C73FCDF9E51A1D6B51
  342. C:\Windows\system32\Drivers\secdrv.sys ==> MD5 is legit
  343. C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
  344. C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
  345. C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
  346. C:\Windows\system32\DRIVERS\sffdisk.sys ==> MD5 is legit
  347. C:\Windows\system32\DRIVERS\sffp_mmc.sys ==> MD5 is legit
  348. C:\Windows\system32\DRIVERS\sffp_sd.sys 4F1E5B0FE7C8050668DBFADE8999AEFB
  349. C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
  350. C:\Windows\system32\DRIVERS\sisagp.sys ==> MD5 is legit
  351. C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
  352. C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
  353. C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
  354. C:\Windows\system32\Drivers\spldr.sys ==> MD5 is legit
  355. C:\Windows\System32\DRIVERS\srv.sys 2BA4EBC7DFBA845A1EDBE1F75913BE33
  356. C:\Windows\System32\DRIVERS\srv2.sys DCE7E10FEAABD4CAE95948B3DE5340BB
  357. C:\Windows\System32\DRIVERS\srvnet.sys B5665BAA2120B8A54E22E9CD07C05106
  358. C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
  359. C:\Windows\System32\DRIVERS\vmstorfl.sys 957E346CA948668F2496A6CCF6FF82CC
  360. C:\Windows\system32\DRIVERS\storvsc.sys D5751969DC3E4B88BF482AC8EC9FE019
  361. C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
  362. C:\Windows\System32\drivers\tcpip.sys 63170B9EE1D0EF0032F0408605671D1A
  363. C:\Windows\System32\DRIVERS\tcpip.sys 63170B9EE1D0EF0032F0408605671D1A
  364. C:\Windows\System32\drivers\tcpipreg.sys E64444523ADD154F86567C469BC0B17F
  365. C:\Windows\System32\drivers\tdpipe.sys 1875C1490D99E70E449E3AFAE9FCBADF
  366. C:\Windows\System32\drivers\tdtcp.sys 7551E91EA999EE9A8E9C331D5A9C31F3
  367. C:\Windows\System32\DRIVERS\tdx.sys CB39E896A2A83702D1737BFD402B3542
  368. C:\Windows\System32\DRIVERS\termdd.sys C36F41EE20E6999DBF4B0425963268A5
  369. C:\Windows\System32\DRIVERS\tssecsrv.sys 98AE6FA07D12CB4EC5CF4A9BFA5F4242
  370. C:\Windows\System32\DRIVERS\tunnel.sys 3E461D890A97F9D4C168F5FDA36E1D00
  371. C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
  372. C:\Windows\System32\DRIVERS\udfs.sys 09CC3E16F8E5EE7168E01CF8FCBE061A
  373. C:\Windows\system32\DRIVERS\uliagpkx.sys ==> MD5 is legit
  374. C:\Windows\System32\DRIVERS\umbus.sys 049B3A50B3D646BAEEEE9EEC9B0668DC
  375. C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
  376. C:\Windows\System32\DRIVERS\usbccgp.sys 8455C4ED038EFD09E99327F9D2D48FFA
  377. C:\Windows\system32\DRIVERS\usbcir.sys ==> MD5 is legit
  378. C:\Windows\System32\DRIVERS\usbehci.sys 1C333BFD60F2FED2C7AD5DAF533CB742
  379. C:\Windows\System32\DRIVERS\usbhub.sys EE6EF93CCFA94FAE8C6AB298273D8AE2
  380. C:\Windows\system32\DRIVERS\usbohci.sys ==> MD5 is legit
  381. C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
  382. C:\Windows\system32\DRIVERS\USBSTOR.SYS D8889D56E0D27E57ED4591837FE71D27
  383. C:\Windows\system32\DRIVERS\usbuhci.sys ==> MD5 is legit
  384. C:\Windows\System32\DRIVERS\vdrvroot.sys ==> MD5 is legit
  385. C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
  386. C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
  387. C:\Windows\system32\DRIVERS\vhdmp.sys 3BE6E1F3A4F1AFEC8CEE0D7883F93583
  388. C:\Windows\system32\DRIVERS\viaagp.sys ==> MD5 is legit
  389. C:\Windows\system32\DRIVERS\viac7.sys ==> MD5 is legit
  390. C:\Windows\system32\DRIVERS\viaide.sys ==> MD5 is legit
  391. C:\Windows\system32\DRIVERS\vmbus.sys 379B349F65F453D2A6E75EA6B7448E49
  392. C:\Windows\system32\DRIVERS\VMBusHID.sys EC2BBAB4B84D0738C6C83D2234DC36FE
  393. C:\Windows\System32\DRIVERS\volmgr.sys 384E5A2AA49934295171E499F86BA6F3
  394. C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
  395. C:\Windows\System32\DRIVERS\volsnap.sys 58DF9D2481A56EDDE167E51B334D44FD
  396. C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
  397. C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
  398. C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
  399. C:\Windows\System32\DRIVERS\wanarp.sys 692A712062146E96D28BA0B7D75DE31B
  400. C:\Windows\System32\DRIVERS\wanarp.sys 692A712062146E96D28BA0B7D75DE31B
  401. C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
  402. C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
  403. C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
  404. C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
  405. C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
  406. C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
  407. C:\Windows\System32\drivers\WudfPf.sys 6F9B6C0C93232CFF47D0F72D6DB1D21E
  408.  
  409. ==================== NetSvcs (Whitelisted) ===================
  410.  
  411.  
  412. (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
  413.  
  414.  
  415. ==================== One Month Created Files and Folders ========
  416.  
  417. (If an entry is included in the fixlist, the file\folder will be moved.)
  418.  
  419. 2014-10-20 13:11 - 2014-10-20 13:11 - 00029583 _____ () C:\Users\mateo\Downloads\FRST.txt
  420. 2014-10-20 13:10 - 2014-10-20 13:11 - 00000000 ____D () C:\FRST
  421. 2014-10-20 13:09 - 2014-10-20 13:10 - 01102848 _____ (Farbar) C:\Users\mateo\Downloads\FRST.exe
  422. 2014-10-20 11:46 - 2014-10-20 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 3.0
  423. 2014-10-20 11:45 - 2014-10-20 11:45 - 00000000 ____D () C:\Windows\ELAMBKUP
  424. 2014-10-20 11:45 - 2014-10-20 11:45 - 00000000 ____D () C:\Program Files\Kaspersky Lab
  425. 2014-10-20 11:45 - 2014-10-20 11:45 - 00000000 ____D () C:\Program Files\Common Files\InfoWatch
  426. 2014-10-20 11:45 - 2011-06-02 14:39 - 00088632 _____ (Infowatch) C:\Windows\system32\Drivers\CSCrySec.sys
  427. 2014-10-20 11:45 - 2011-06-02 14:39 - 00039736 _____ (Infowatch) C:\Windows\system32\Drivers\CSVirtualDiskDrv.sys
  428. 2014-10-20 11:44 - 2014-10-20 12:07 - 00597568 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
  429. 2014-10-20 11:44 - 2014-10-20 12:07 - 00074848 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
  430. 2014-10-20 10:28 - 2014-10-20 11:19 - 193797352 _____ (Kaspersky Lab ZAO) C:\Users\mateo\Downloads\pure13.0.2.558en_5455_trial.exe
  431. 2014-10-20 10:25 - 2014-10-20 10:47 - 161470852 _____ () C:\Users\mateo\Downloads\drweb-livedisk-900-cd.iso.part
  432. 2014-10-20 10:24 - 2014-10-20 10:30 - 53039104 _____ () C:\Users\mateo\Downloads\comodo_rescue_disk_2.0.261647.1.iso
  433. 2014-10-20 10:22 - 2014-10-20 11:32 - 638582784 _____ () C:\Users\mateo\Downloads\bitdefender-rescue-cd.iso
  434. 2014-10-20 10:21 - 2014-10-20 11:42 - 642752512 _____ () C:\Users\mateo\Downloads\rescue-system.iso
  435. 2014-10-19 23:06 - 2014-10-19 23:06 - 00001483 _____ () C:\Users\mateo\Desktop\desktop - Prečica.lnk
  436. 2014-10-19 22:54 - 2014-10-19 22:54 - 00000000 ____D () C:\Users\mateo\Desktop\cce_2.5.242177.201_x32
  437. 2014-10-19 22:49 - 2014-10-19 22:50 - 23732069 _____ () C:\Users\mateo\Downloads\cce_2.5.242177.201_x32.zip
  438. 2014-10-19 22:47 - 2014-10-19 22:54 - 140570624 _____ () C:\Users\mateo\Downloads\avg_arl_cdi_all_120_140716a7851.iso
  439. 2014-10-19 22:38 - 2014-10-19 22:50 - 306685952 _____ () C:\Users\mateo\Downloads\kav_rescue_10(2).iso
  440. 2014-10-19 21:25 - 2014-10-19 21:54 - 316505486 _____ () C:\Users\mateo\Downloads\B-7013SPSGE.rar
  441. 2014-10-19 21:23 - 2014-10-19 21:28 - 81017864 _____ () C:\Users\mateo\Downloads\SpyHunter-4.16.5.4290-Portable(1).zip
  442. 2014-10-19 21:18 - 2014-10-19 21:18 - 00000000 ____D () C:\Program Files\Common Files\Windows Live
  443. 2014-10-19 21:17 - 2014-10-19 21:17 - 01242824 _____ (Microsoft Corporation) C:\Users\mateo\Downloads\wlsetup-web.exe
  444. 2014-10-19 20:51 - 2014-10-19 20:54 - 00000000 ____D () C:\Windows\system32\MRT
  445. 2014-10-19 20:51 - 2014-10-03 10:03 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
  446. 2014-10-19 20:50 - 2014-10-19 20:50 - 00014644 _____ () C:\Users\mateo\Documents\14d19c27b28cc3990260d7191f6e0ff6c7483623.txt
  447. 2014-10-19 20:30 - 2014-10-19 20:30 - 00000000 ____D () C:\Users\mateo\Downloads\NeroPortable
  448. 2014-10-19 20:23 - 2014-10-20 12:54 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
  449. 2014-10-19 20:21 - 2014-10-19 20:21 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
  450. 2014-10-19 20:21 - 2014-10-19 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
  451. 2014-10-19 20:20 - 2014-10-19 20:21 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
  452. 2014-10-19 20:20 - 2014-10-19 20:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
  453. 2014-10-19 20:20 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
  454. 2014-10-19 20:20 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
  455. 2014-10-19 20:20 - 2014-10-01 11:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
  456. 2014-10-19 15:05 - 2011-04-09 08:13 - 03957632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
  457. 2014-10-19 15:05 - 2011-04-09 08:13 - 03901824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
  458. 2014-10-19 15:05 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
  459. 2014-10-19 10:33 - 2014-10-19 10:37 - 36911701 ____R (PerkedleApps) C:\Users\mateo\Downloads\Nero_Portable_15.0.25001_Multilingual.paf.exe
  460. 2014-10-19 10:30 - 2014-10-19 10:40 - 00000000 ____D () C:\Users\mateo\Downloads\AVG.PC.TuneUp.2015.v15.0.1001.105-TE
  461. 2014-10-19 10:30 - 2014-10-19 10:37 - 00000000 ____D () C:\Users\mateo\Downloads\Xilisoft.Video.Converter.7.Ultimate.v7.8.4.20140925.Multilingual.Incl.Keygen-BRD
  462. 2014-10-19 10:30 - 2014-10-19 10:30 - 00000000 ____D () C:\Users\mateo\Downloads\IOBit Driver Booster 2 v2.0.2.220 FiNAL
  463. 2014-10-19 10:26 - 2014-10-19 20:38 - 00000000 ____D () C:\Users\mateo\Downloads\Malwarebytes.Anti-Malware.v2.0.3.1025.Incl.Keygen.by.FFF
  464. 2014-10-19 10:24 - 2014-10-19 21:17 - 00000000 ____D () C:\Users\mateo\AppData\Roaming\uTorrent
  465. 2014-10-19 10:24 - 2014-10-19 10:24 - 00000000 ____D () C:\ProgramData\APN
  466. 2014-10-19 10:23 - 2014-10-19 10:23 - 01689680 _____ (BitTorrent Inc.) C:\Users\mateo\Downloads\uTorrent.exe
  467. 2014-10-18 16:58 - 2014-10-18 16:58 - 00001897 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
  468. 2014-10-18 16:58 - 2014-10-18 16:58 - 00001845 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
  469. 2014-10-18 16:58 - 2014-10-18 16:58 - 00000000 ____D () C:\Program Files\CDBurnerXP
  470. 2014-10-18 16:55 - 2014-10-18 16:55 - 00000000 ____D () C:\Program Files\Alex Feinman
  471. 2014-10-18 16:54 - 2014-10-18 16:54 - 00789504 _____ () C:\Users\mateo\Downloads\ISORecorder31x86.msi
  472. 2014-10-18 16:53 - 2014-10-18 16:53 - 00000000 ____D () C:\Users\mateo\Desktop\kav_rescue_10(1)
  473. 2014-10-18 16:39 - 2014-10-18 16:50 - 306671616 _____ () C:\Users\mateo\Downloads\kav_rescue_10(1).iso
  474. 2014-10-18 16:37 - 2014-10-18 16:37 - 00705024 _____ () C:\Users\mateo\Downloads\FreeISOBurner.exe
  475. 2014-10-18 14:39 - 2014-10-18 14:39 - 00000000 ____D () C:\Users\mateo\AppData\Roaming\Canneverbe Limited
  476. 2014-10-18 14:39 - 2014-10-18 14:39 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
  477. 2014-10-18 13:41 - 2014-10-18 13:52 - 05401624 _____ (Canneverbe Limited ) C:\Users\mateo\Downloads\cdbxp_setup_4.5.4.5118.exe
  478. 2014-10-18 12:38 - 2014-10-18 12:38 - 00000000 ____D () C:\Users\mateo\Desktop\kav_rescue_10
  479. 2014-10-18 09:11 - 2014-10-18 09:21 - 306671616 _____ () C:\Users\mateo\Downloads\kav_rescue_10.iso
  480. 2014-10-18 02:49 - 2014-10-18 02:51 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\mateo\Downloads\spybot-2.4.exe
  481. 2014-10-18 01:51 - 2014-10-18 01:52 - 00000000 ____D () C:\AdwCleaner
  482. 2014-10-18 01:51 - 2014-10-18 01:51 - 01976320 _____ () C:\Users\mateo\Downloads\adwcleaner_4.000.exe
  483. 2014-10-18 01:49 - 2014-10-18 01:49 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\mateo\Downloads\SpyHunter-installer(1).exe
  484. 2014-10-18 01:44 - 2014-10-18 15:33 - 00000000 ____D () C:\Users\mateo\AppData\Roaming\GlarySoft
  485. 2014-10-18 01:44 - 2014-10-18 01:44 - 00000000 ____D () C:\Users\mateo\AppData\Roaming\DiskDefrag
  486. 2014-10-18 01:39 - 2014-10-18 01:39 - 14521760 _____ () C:\Users\mateo\Downloads\gup5setup.exe
  487. 2014-10-18 00:11 - 2014-10-18 15:32 - 00000000 ____D () C:\Program Files\F-Secure
  488. 2014-10-18 00:09 - 2014-10-18 15:33 - 00000000 ____D () C:\ProgramData\F-Secure
  489. 2014-10-18 00:09 - 2014-10-18 00:28 - 00000000 ____D () C:\Users\mateo\AppData\Local\F-Secure
  490. 2014-10-18 00:09 - 2014-10-18 00:09 - 00816680 _____ (F-Secure Corporation) C:\Users\mateo\Downloads\F-Secure-Safe-Network-Installer_C-ZQMUK-349WX-GJTKA-FAZPJ_.exe
  491. 2014-10-17 23:54 - 2014-10-17 23:54 - 00938299 _____ () C:\spyhunter.fix
  492. 2014-10-17 23:54 - 2013-12-18 23:28 - 00285747 _____ () C:\shldr
  493. 2014-10-17 23:54 - 2013-12-18 23:28 - 00008192 _____ () C:\shldr.mbr
  494. 2014-10-17 22:44 - 2014-10-17 22:44 - 00000000 ____D () C:\Users\mateo\Desktop\SpyHunter-4.16.5.4290-Portable
  495. 2014-10-17 22:38 - 2014-10-17 22:38 - 00000000 ____D () C:\Windows\system32\appmgmt
  496. 2014-10-17 22:33 - 2014-10-17 22:37 - 81017864 _____ () C:\Users\mateo\Downloads\SpyHunter-4.16.5.4290-Portable.zip
  497. 2014-10-17 07:47 - 2010-02-11 09:10 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
  498. 2014-10-17 07:26 - 2014-10-17 07:26 - 00001765 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
  499. 2014-10-17 07:25 - 2014-10-17 07:25 - 00001768 _____ () C:\Users\Public\Desktop\Apps.lnk
  500. 2014-10-17 07:24 - 2014-10-17 07:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
  501. 2014-10-17 07:24 - 2014-10-17 07:25 - 00000000 ____D () C:\ProgramData\BlueStacks
  502. 2014-10-17 07:24 - 2014-10-17 07:25 - 00000000 ____D () C:\Program Files\BlueStacks
  503. 2014-10-17 07:19 - 2014-10-17 07:20 - 13444288 _____ (BlueStack Systems Inc.) C:\Users\mateo\Downloads\BlueStacks-SplitInstaller_native_b(1).exe
  504. 2014-10-17 07:17 - 2014-10-17 07:17 - 00015368 _____ () C:\Windows\system32\results.xml
  505. 2014-10-17 07:16 - 2014-10-17 07:16 - 00000890 _____ () C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
  506. 2014-10-17 07:16 - 2014-01-22 08:35 - 00060416 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
  507. 2014-10-17 07:15 - 2014-10-17 07:15 - 00000000 ____D () C:\Program Files\Common Files\Intel
  508. 2014-10-17 07:15 - 2014-01-29 13:00 - 00755184 _____ (Intel Corporation) C:\Windows\system32\GfxUIHotKeyMenu.exe
  509. 2014-10-17 07:15 - 2014-01-29 13:00 - 00529904 _____ () C:\Windows\system32\DPTopologyApp.exe
  510. 2014-10-17 07:15 - 2014-01-29 13:00 - 00397296 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe
  511. 2014-10-17 07:15 - 2014-01-29 13:00 - 00394224 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
  512. 2014-10-17 07:15 - 2014-01-29 13:00 - 00319472 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
  513. 2014-10-17 07:15 - 2014-01-29 13:00 - 00315888 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
  514. 2014-10-17 07:15 - 2014-01-29 13:00 - 00308720 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
  515. 2014-10-17 07:15 - 2014-01-29 13:00 - 00279024 _____ (Intel Corporation) C:\Windows\system32\IntelCpHeciSvc.exe
  516. 2014-10-17 07:15 - 2014-01-22 08:48 - 20433408 _____ (Intel Corporation) C:\Windows\system32\igd10iumd32.dll
  517. 2014-10-17 07:15 - 2014-01-22 08:48 - 18629632 _____ (Intel Corporation) C:\Windows\system32\igdumdim32.dll
  518. 2014-10-17 07:15 - 2014-01-22 08:48 - 02585088 _____ () C:\Windows\system32\GfxRes.dll
  519. 2014-10-17 07:15 - 2014-01-22 08:48 - 00733184 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
  520. 2014-10-17 07:15 - 2014-01-22 08:48 - 00502784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
  521. 2014-10-17 07:15 - 2014-01-22 08:48 - 00502272 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
  522. 2014-10-17 07:15 - 2014-01-22 08:48 - 00501760 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
  523. 2014-10-17 07:15 - 2014-01-22 08:48 - 00501248 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
  524. 2014-10-17 07:15 - 2014-01-22 08:48 - 00501248 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
  525. 2014-10-17 07:15 - 2014-01-22 08:48 - 00501248 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
  526. 2014-10-17 07:15 - 2014-01-22 08:48 - 00501248 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
  527. 2014-10-17 07:15 - 2014-01-22 08:48 - 00501248 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
  528. 2014-10-17 07:15 - 2014-01-22 08:48 - 00500736 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
  529. 2014-10-17 07:15 - 2014-01-22 08:48 - 00500736 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
  530. 2014-10-17 07:15 - 2014-01-22 08:48 - 00500224 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
  531. 2014-10-17 07:15 - 2014-01-22 08:48 - 00500224 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
  532. 2014-10-17 07:15 - 2014-01-22 08:48 - 00499712 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
  533. 2014-10-17 07:15 - 2014-01-22 08:48 - 00493056 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
  534. 2014-10-17 07:15 - 2014-01-22 08:48 - 00491520 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
  535. 2014-10-17 07:15 - 2014-01-22 08:48 - 00346624 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
  536. 2014-10-17 07:15 - 2014-01-22 08:48 - 00299520 _____ () C:\Windows\system32\igdmd32.dll
  537. 2014-10-17 07:15 - 2014-01-22 08:48 - 00205312 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
  538. 2014-10-17 07:15 - 2014-01-22 08:48 - 00182272 _____ () C:\Windows\system32\igdde32.dll
  539. 2014-10-17 07:15 - 2014-01-22 08:48 - 00062464 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
  540. 2014-10-17 07:15 - 2014-01-22 08:48 - 00025600 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
  541. 2014-10-17 07:15 - 2014-01-22 08:48 - 00012288 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
  542. 2014-10-17 07:15 - 2014-01-22 08:48 - 00001806 _____ () C:\Windows\system32\GfxUIEx.exe.config
  543. 2014-10-17 07:15 - 2014-01-22 08:48 - 00000935 _____ () C:\Windows\system32\DPTopologyApp.exe.config
  544. 2014-10-17 07:15 - 2014-01-22 08:48 - 00000935 _____ () C:\Windows\system32\CustomModeApp.exe.config
  545. 2014-10-17 07:15 - 2014-01-22 08:35 - 01815040 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit32.dll
  546. 2014-10-17 07:15 - 2014-01-22 08:35 - 00137728 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt32.dll
  547. 2014-10-17 07:15 - 2014-01-22 08:35 - 00133120 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt32.dll
  548. 2014-10-17 07:15 - 2014-01-22 08:35 - 00094208 _____ () C:\Windows\system32\IccLibDll.dll
  549. 2014-10-17 07:15 - 2014-01-22 08:35 - 00044053 _____ () C:\Windows\system32\iglhxo32_dev.vp
  550. 2014-10-17 07:15 - 2014-01-22 08:35 - 00043760 _____ () C:\Windows\system32\iglhxg32_dev.vp
  551. 2014-10-17 07:15 - 2014-01-22 08:35 - 00043270 _____ () C:\Windows\system32\iglhxc32.vp
  552. 2014-10-17 07:15 - 2014-01-22 08:35 - 00042654 _____ () C:\Windows\system32\iglhxc32_dev.vp
  553. 2014-10-17 07:15 - 2014-01-22 08:35 - 00001125 _____ () C:\Windows\system32\iglhxa32.vp
  554. 2014-10-17 07:14 - 2014-01-29 13:00 - 07597040 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
  555. 2014-10-17 07:14 - 2014-01-29 13:00 - 00877552 _____ (Intel Corporation) C:\Windows\system32\igfxstarter.exe
  556. 2014-10-17 07:14 - 2014-01-29 13:00 - 00316400 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
  557. 2014-10-17 07:14 - 2014-01-22 08:57 - 00153600 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3412.dll
  558. 2014-10-17 07:14 - 2014-01-22 08:54 - 00062684 _____ () C:\Windows\system32\iglhxs32.vp
  559. 2014-10-17 07:14 - 2014-01-22 08:48 - 09074176 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
  560. 2014-10-17 07:14 - 2014-01-22 08:48 - 06289408 _____ (Intel Corporation) C:\Windows\system32\ig75icd32.dll
  561. 2014-10-17 07:14 - 2014-01-22 08:48 - 03379712 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys
  562. 2014-10-17 07:14 - 2014-01-22 08:48 - 00503296 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
  563. 2014-10-17 07:14 - 2014-01-22 08:48 - 00502784 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
  564. 2014-10-17 07:14 - 2014-01-22 08:48 - 00502784 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
  565. 2014-10-17 07:14 - 2014-01-22 08:48 - 00502272 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
  566. 2014-10-17 07:14 - 2014-01-22 08:48 - 00501760 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
  567. 2014-10-17 07:14 - 2014-01-22 08:48 - 00501760 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
  568. 2014-10-17 07:14 - 2014-01-22 08:48 - 00500736 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
  569. 2014-10-17 07:14 - 2014-01-22 08:48 - 00499712 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
  570. 2014-10-17 07:14 - 2014-01-22 08:48 - 00499200 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
  571. 2014-10-17 07:14 - 2014-01-22 08:48 - 00497664 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
  572. 2014-10-17 07:14 - 2014-01-22 08:48 - 00497152 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
  573. 2014-10-17 07:14 - 2014-01-22 08:48 - 00493056 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
  574. 2014-10-17 07:14 - 2014-01-22 08:48 - 00489472 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
  575. 2014-10-17 07:14 - 2014-01-22 08:48 - 00488960 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
  576. 2014-10-17 07:14 - 2014-01-22 08:48 - 00451584 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
  577. 2014-10-17 07:14 - 2014-01-22 08:48 - 00280064 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
  578. 2014-10-17 07:14 - 2014-01-22 08:48 - 00267407 _____ () C:\Windows\system32\Gfxres.th-TH.resources
  579. 2014-10-17 07:14 - 2014-01-22 08:48 - 00253466 _____ () C:\Windows\system32\Gfxres.el-GR.resources
  580. 2014-10-17 07:14 - 2014-01-22 08:48 - 00235401 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
  581. 2014-10-17 07:14 - 2014-01-22 08:48 - 00230912 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
  582. 2014-10-17 07:14 - 2014-01-22 08:48 - 00201128 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
  583. 2014-10-17 07:14 - 2014-01-22 08:48 - 00198725 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
  584. 2014-10-17 07:14 - 2014-01-22 08:48 - 00195072 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
  585. 2014-10-17 07:14 - 2014-01-22 08:48 - 00192758 _____ () C:\Windows\system32\Gfxres.he-IL.resources
  586. 2014-10-17 07:14 - 2014-01-22 08:48 - 00185344 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
  587. 2014-10-17 07:14 - 2014-01-22 08:48 - 00180936 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
  588. 2014-10-17 07:14 - 2014-01-22 08:48 - 00180850 _____ () C:\Windows\system32\Gfxres.it-IT.resources
  589. 2014-10-17 07:14 - 2014-01-22 08:48 - 00178473 _____ () C:\Windows\system32\Gfxres.es-ES.resources
  590. 2014-10-17 07:14 - 2014-01-22 08:48 - 00178290 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
  591. 2014-10-17 07:14 - 2014-01-22 08:48 - 00178123 _____ () C:\Windows\system32\Gfxres.de-DE.resources
  592. 2014-10-17 07:14 - 2014-01-22 08:48 - 00176838 _____ () C:\Windows\system32\Gfxres.ro-RO.resources
  593. 2014-10-17 07:14 - 2014-01-22 08:48 - 00175862 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
  594. 2014-10-17 07:14 - 2014-01-22 08:48 - 00175571 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
  595. 2014-10-17 07:14 - 2014-01-22 08:48 - 00175067 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
  596. 2014-10-17 07:14 - 2014-01-22 08:48 - 00174802 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
  597. 2014-10-17 07:14 - 2014-01-22 08:48 - 00174269 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
  598. 2014-10-17 07:14 - 2014-01-22 08:48 - 00173792 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
  599. 2014-10-17 07:14 - 2014-01-22 08:48 - 00173276 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
  600. 2014-10-17 07:14 - 2014-01-22 08:48 - 00173059 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
  601. 2014-10-17 07:14 - 2014-01-22 08:48 - 00172833 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
  602. 2014-10-17 07:14 - 2014-01-22 08:48 - 00172554 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
  603. 2014-10-17 07:14 - 2014-01-22 08:48 - 00171691 _____ () C:\Windows\system32\Gfxres.hr-HR.resources
  604. 2014-10-17 07:14 - 2014-01-22 08:48 - 00168215 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
  605. 2014-10-17 07:14 - 2014-01-22 08:48 - 00166833 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
  606. 2014-10-17 07:14 - 2014-01-22 08:48 - 00166220 _____ () C:\Windows\system32\Gfxres.da-DK.resources
  607. 2014-10-17 07:14 - 2014-01-22 08:48 - 00161534 _____ () C:\Windows\system32\Gfxres.en-US.resources
  608. 2014-10-17 07:14 - 2014-01-22 08:48 - 00154805 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
  609. 2014-10-17 07:14 - 2014-01-22 08:48 - 00152993 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
  610. 2014-10-17 07:14 - 2014-01-22 08:48 - 00142848 _____ () C:\Windows\system32\igdail32.dll
  611. 2014-10-17 07:14 - 2014-01-22 08:48 - 00000264 _____ () C:\Windows\system32\GfxUIHotKeyMenu.exe.config
  612. 2014-10-17 07:14 - 2014-01-22 08:44 - 20954112 _____ (Intel Corporation) C:\Windows\system32\igdfcl32.dll
  613. 2014-10-17 07:14 - 2014-01-22 08:44 - 02896384 _____ (Intel Corporation) C:\Windows\system32\igdrcl32.dll
  614. 2014-10-17 07:14 - 2014-01-22 08:44 - 00290816 _____ (Intel Corporation) C:\Windows\system32\igdbcl32.dll
  615. 2014-10-17 07:14 - 2014-01-22 08:44 - 00265216 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL32.dll
  616. 2014-10-17 07:14 - 2014-01-22 08:35 - 02108679 _____ () C:\Windows\system32\iglhxa32.cpa
  617. 2014-10-17 07:14 - 2014-01-22 08:35 - 01123328 _____ (Intel Corporation) C:\Windows\system32\iglhsip32.dll
  618. 2014-10-17 07:14 - 2014-01-22 08:35 - 00179712 _____ (Intel Corporation) C:\Windows\system32\iglhcp32.dll
  619. 2014-10-17 07:14 - 2014-01-22 08:35 - 00060416 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD32.dll
  620. 2014-10-17 07:14 - 2014-01-22 08:35 - 00044235 _____ () C:\Windows\system32\iglhxo32.vp
  621. 2014-10-17 07:14 - 2014-01-22 08:34 - 03558912 _____ (Intel Corporation) C:\Windows\system32\igdusc32.dll
  622. 2014-10-17 07:10 - 2014-10-17 07:10 - 00000000 ____D () C:\Users\mateo\AppData\Local\Bluestacks
  623. 2014-10-17 07:08 - 2014-10-17 07:09 - 13444288 _____ (BlueStack Systems Inc.) C:\Users\mateo\Downloads\BlueStacks-SplitInstaller_native_b.exe
  624. 2014-10-17 06:37 - 2014-10-17 06:37 - 00000000 ____D () C:\ProgramData\Readon
  625. 2014-10-17 06:32 - 2014-10-17 06:38 - 00000000 ____D () C:\Users\mateo\Documents\Readon Player
  626. 2014-10-17 06:32 - 2014-10-17 06:32 - 00003105 _____ () C:\Users\mateo\Desktop\Readon TV Movie Radio Player.lnk
  627. 2014-10-17 06:32 - 2014-10-17 06:32 - 00003065 _____ () C:\Users\mateo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Readon TV Movie Radio Player.lnk
  628. 2014-10-17 06:32 - 2014-10-17 06:32 - 00000000 ____D () C:\Users\mateo\Desktop\setupTV
  629. 2014-10-17 06:32 - 2014-10-17 06:32 - 00000000 ____D () C:\Users\mateo\AppData\Local\Readon_Technology
  630. 2014-10-17 06:32 - 2014-10-17 06:32 - 00000000 ____D () C:\Program Files\Readon Technology
  631. 2014-10-17 06:31 - 2014-10-17 06:31 - 07807898 _____ () C:\Users\mateo\Downloads\setupTV.zip
  632. 2014-10-17 06:21 - 2014-10-19 11:09 - 00000000 ____D () C:\Users\mateo\AppData\Roaming\vlc
  633. 2014-10-17 06:21 - 2014-10-17 06:21 - 00001024 _____ () C:\Users\Public\Desktop\VLC media player.lnk
  634. 2014-10-17 06:21 - 2014-10-17 06:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
  635. 2014-10-17 06:21 - 2014-10-17 06:21 - 00000000 ____D () C:\Program Files\VideoLAN
  636. 2014-10-17 06:19 - 2014-10-17 06:20 - 24743106 _____ () C:\Users\mateo\Downloads\vlc-2.1.5-win32.exe
  637. 2014-10-17 03:04 - 2010-12-18 07:29 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
  638. 2014-10-17 00:48 - 2014-10-16 14:52 - 00000000 ____D () C:\Windows\Panther
  639. 2014-10-17 00:13 - 2014-10-17 00:14 - 31451128 _____ (Qihu 360 Software Co., Ltd.) C:\Users\mateo\Desktop\360is_softonic_4.9.0.4900.exe
  640. 2014-10-16 23:59 - 2014-10-16 23:59 - 03608144 _____ (http://yourfile-downloader.com) C:\Users\mateo\Downloads\Spyhunter_4_Email_And_Password_downloader.exe
  641. 2014-10-16 23:57 - 2014-10-17 05:26 - 00000000 ____D () C:\Users\mateo\AppData\Local\21034
  642. 2014-10-16 23:57 - 2014-10-16 23:57 - 00001686 _____ () C:\Windows\Tasks\XHDYOVCG.job
  643. 2014-10-16 23:57 - 2014-10-16 23:57 - 00001340 _____ () C:\Windows\Tasks\JVHNTWG.job
  644. 2014-10-16 23:51 - 2014-10-16 23:51 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
  645. 2014-10-16 23:51 - 2014-10-16 23:51 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
  646. 2014-10-16 23:49 - 2014-10-16 23:50 - 00001313 _____ () C:\Windows\TSSysprep.log
  647. 2014-10-16 23:47 - 2014-10-16 23:48 - 00000000 ____D () C:\ProgramData\5293301f775bd89a
  648. 2014-10-16 23:47 - 2014-10-16 23:47 - 00000394 __RSH () C:\ProgramData\ntuser.pol
  649. 2014-10-16 23:47 - 2014-10-16 23:47 - 00000000 ____D () C:\Users\mateo\AppData\Local\Google
  650. 2014-10-16 23:47 - 2014-10-16 23:47 - 00000000 ____D () C:\Users\mateo\AppData\Local\Comodo
  651. 2014-10-16 23:47 - 2014-10-16 23:47 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
  652. 2014-10-16 23:47 - 2014-10-16 23:47 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
  653. 2014-10-16 23:47 - 2014-10-16 23:47 - 00000000 ____D () C:\Users\Guest
  654. 2014-10-16 23:47 - 2014-10-16 23:47 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
  655. 2014-10-16 23:47 - 2014-10-16 23:47 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
  656. 2014-10-16 23:47 - 2014-10-16 23:47 - 00000000 ____D () C:\Users\Administrator
  657. 2014-10-16 23:44 - 2014-10-17 05:34 - 00000446 _____ () C:\Windows\system32\.crusader
  658. 2014-10-16 23:41 - 2014-10-16 23:41 - 00066164 _____ () C:\Users\mateo\Downloads\OTL.Txt
  659. 2014-10-16 23:38 - 2014-10-16 23:38 - 00602112 _____ (OldTimer Tools) C:\Users\mateo\Downloads\OTL.scr
  660. 2014-10-16 23:37 - 2014-10-16 23:37 - 00602112 _____ (OldTimer Tools) C:\Users\mateo\Downloads\OTL.com
  661. 2014-10-16 23:35 - 2014-10-17 05:35 - 00000000 ____D () C:\ProgramData\HitmanPro
  662. 2014-10-16 23:34 - 2014-10-16 23:34 - 10280824 _____ (SurfRight B.V.) C:\Users\mateo\Downloads\HitmanPro.exe
  663. 2014-10-16 23:31 - 2014-10-16 23:32 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\mateo\Downloads\rkill.exe
  664. 2014-10-16 23:27 - 2014-10-17 22:38 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
  665. 2014-10-16 23:27 - 2014-10-16 23:27 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
  666. 2014-10-16 23:25 - 2014-10-16 23:25 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\mateo\Downloads\SpyHunter-Installer.exe
  667. 2014-10-16 23:13 - 2014-10-16 23:13 - 00000000 ____D () C:\Windows\system32\bs-Latn-BA
  668. 2014-10-16 23:13 - 2014-10-16 23:13 - 00000000 ____D () C:\Windows\bs-Latn-BA
  669. 2014-10-16 23:11 - 2014-10-16 23:11 - 02795605 _____ () C:\Users\mateo\Downloads\LIP_bs-Latn-BA-32bit.mlc
  670. 2014-10-16 23:10 - 2014-10-16 23:10 - 06958304 _____ (Microsoft Corporation) C:\Users\mateo\Downloads\Silverlight.exe
  671. 2014-10-16 23:10 - 2014-10-16 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
  672. 2014-10-16 23:10 - 2014-10-16 23:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
  673. 2014-10-16 22:36 - 2012-06-03 00:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
  674. 2014-10-16 22:36 - 2012-06-03 00:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
  675. 2014-10-16 22:36 - 2012-06-03 00:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
  676. 2014-10-16 22:36 - 2012-06-03 00:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
  677. 2014-10-16 22:36 - 2012-06-03 00:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
  678. 2014-10-16 22:36 - 2012-06-03 00:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
  679. 2014-10-16 22:36 - 2012-06-03 00:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
  680. 2014-10-16 22:36 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
  681. 2014-10-16 22:36 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
  682. 2014-10-16 22:29 - 2014-10-20 13:00 - 00001984 ____H () C:\Users\mateo\Documents\Default.rdp
  683. 2014-10-16 22:27 - 2014-10-18 00:17 - 00001945 _____ () C:\Windows\epplauncher.mif
  684. 2014-10-16 22:25 - 2010-04-09 09:24 - 01285000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
  685. 2014-10-16 22:25 - 2010-04-09 09:24 - 00240008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
  686. 2014-10-16 22:24 - 2014-10-16 22:24 - 00016661 _____ () C:\Users\mateo\Downloads\Windows-Loader-v2.2.zip
  687. 2014-10-16 22:19 - 2014-10-16 22:20 - 11474752 _____ (Microsoft Corporation) C:\Users\mateo\Downloads\mseinstall.exe
  688. 2014-10-16 21:41 - 2014-10-20 13:00 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
  689. 2014-10-16 21:40 - 2014-10-16 21:40 - 00000000 ____D () C:\Program Files\Microsoft.NET
  690. 2014-10-16 21:40 - 2009-11-25 12:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
  691. 2014-10-16 21:40 - 2009-11-25 12:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
  692. 2014-10-16 21:40 - 2009-11-25 12:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
  693. 2014-10-16 21:40 - 2009-11-25 12:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
  694. 2014-10-16 21:40 - 2009-11-25 12:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
  695. 2014-10-16 21:36 - 2014-10-20 11:44 - 00020102 _____ () C:\Windows\PFRO.log
  696. 2014-10-16 21:33 - 2014-10-18 15:34 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
  697. 2014-10-16 21:31 - 2014-10-16 21:32 - 03454606 _____ () C:\Users\mateo\Downloads\Anti-Exploit.Premium.1.04.1.1012.rar
  698. 2014-10-16 21:17 - 2014-10-16 21:18 - 15578360 _____ (Elex do Brasil Participações Ltda) C:\Users\mateo\Downloads\yet_another_cleaner_sk_2548141.exe
  699. 2014-10-16 21:10 - 2014-10-16 21:15 - 63946752 _____ () C:\Users\mateo\Downloads\eav_nt32_ENU.msi
  700. 2014-10-16 21:08 - 2014-10-16 21:14 - 64151552 _____ () C:\Users\mateo\Downloads\eav_nt32_hrv.msi
  701. 2014-10-16 21:07 - 2014-10-16 21:26 - 202843456 _____ (Kaspersky Lab) C:\Users\mateo\Downloads\kis15.0.1.415en_6835.exe
  702. 2014-10-16 21:07 - 2014-10-16 21:23 - 201529664 _____ (Kaspersky Lab) C:\Users\mateo\Downloads\kav15.0.1.415en_6833.exe
  703. 2014-10-16 21:04 - 2014-10-17 05:26 - 00000000 ____D () C:\Users\mateo\Desktop\kbox6480
  704. 2014-10-16 21:04 - 2014-10-16 21:04 - 01745624 _____ () C:\Users\mateo\Downloads\wrar511.exe
  705. 2014-10-16 21:04 - 2014-10-16 21:04 - 00000000 ____D () C:\Users\mateo\AppData\Roaming\WinRAR
  706. 2014-10-16 21:04 - 2014-10-16 21:04 - 00000000 ____D () C:\Users\mateo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
  707. 2014-10-16 21:04 - 2014-10-16 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
  708. 2014-10-16 21:04 - 2014-10-16 21:04 - 00000000 ____D () C:\Program Files\WinRAR
  709. 2014-10-16 21:03 - 2014-10-16 21:03 - 00053795 _____ () C:\Users\mateo\Downloads\kbox6480.rar
  710. 2014-10-16 21:02 - 2014-10-16 21:02 - 00619208 _____ (Kaspersky Lab ZAO) C:\Users\mateo\Downloads\xoristdecryptor.exe
  711. 2014-10-16 15:26 - 2014-09-22 08:41 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
  712. 2014-10-16 15:13 - 2014-10-16 15:13 - 00000000 ____D () C:\Windows\system32\Adobe
  713. 2014-10-16 15:12 - 2014-10-16 15:12 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
  714. 2014-10-16 15:12 - 2014-10-16 15:12 - 00000000 ____D () C:\ProgramData\Sun
  715. 2014-10-16 15:12 - 2014-10-16 15:12 - 00000000 ____D () C:\ProgramData\Oracle
  716. 2014-10-16 15:12 - 2014-10-16 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
  717. 2014-10-16 15:12 - 2014-10-16 15:12 - 00000000 ____D () C:\Program Files\Java
  718. 2014-10-16 15:12 - 2014-10-16 15:12 - 00000000 ____D () C:\Program Files\Common Files\Java
  719. 2014-10-16 15:11 - 2014-10-16 15:12 - 04991400 _____ (Adobe Systems Inc.) C:\Users\mateo\Downloads\Shockwave_Installer_Slim.exe
  720. 2014-10-16 15:11 - 2014-10-16 15:11 - 00000000 ____D () C:\Users\mateo\AppData\Roaming\Macromedia
  721. 2014-10-16 15:11 - 2014-10-16 15:11 - 00000000 ____D () C:\Users\mateo\AppData\Roaming\Adobe
  722. 2014-10-16 15:11 - 2014-10-16 15:11 - 00000000 ____D () C:\Users\mateo\AppData\Local\Macromedia
  723. 2014-10-16 15:10 - 2014-10-16 15:10 - 00638888 _____ (Oracle Corporation) C:\Users\mateo\Downloads\jxpiinstall.exe
  724. 2014-10-16 15:09 - 2014-10-20 11:33 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
  725. 2014-10-16 15:09 - 2014-10-17 06:35 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
  726. 2014-10-16 15:09 - 2014-10-17 06:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
  727. 2014-10-16 15:09 - 2014-10-17 06:35 - 00000000 ____D () C:\Users\mateo\AppData\Local\Adobe
  728. 2014-10-16 15:09 - 2014-10-16 15:09 - 00000000 ____D () C:\Windows\system32\Macromed
  729. 2014-10-16 15:09 - 2014-10-16 15:09 - 00000000 ____D () C:\ProgramData\McAfee
  730. 2014-10-16 15:07 - 2014-10-16 15:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
  731. 2014-10-16 15:07 - 2013-04-26 04:24 - 01461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
  732. 2014-10-16 15:07 - 2013-04-26 04:24 - 00016880 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
  733. 2014-10-16 15:06 - 2014-10-16 15:06 - 00000000 ____D () C:\Users\mateo\AppData\Roaming\Mozilla
  734. 2014-10-16 15:06 - 2014-10-16 15:06 - 00000000 ____D () C:\Users\mateo\AppData\Local\Mozilla
  735. 2014-10-16 15:06 - 2013-04-26 04:24 - 00793072 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
  736. 2014-10-16 15:06 - 2013-04-26 04:24 - 00361968 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
  737. 2014-10-16 15:05 - 2014-10-16 15:05 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
  738. 2014-10-16 15:05 - 2014-10-16 15:05 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
  739. 2014-10-16 15:05 - 2014-10-16 15:05 - 00000000 ____D () C:\ProgramData\Mozilla
  740. 2014-10-16 15:05 - 2014-10-16 15:05 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
  741. 2014-10-16 15:05 - 2014-10-16 15:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox
  742. 2014-10-16 15:04 - 2014-10-16 15:04 - 00244312 _____ () C:\Users\mateo\Downloads\Firefox Setup Stub 33.0.exe
  743. 2014-10-16 15:02 - 2013-08-27 08:08 - 00679128 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
  744. 2014-10-16 15:02 - 2013-08-27 08:08 - 00102104 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
  745. 2014-10-16 15:02 - 2013-08-27 08:08 - 00077528 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
  746. 2014-10-16 15:00 - 2014-10-16 15:00 - 00057560 _____ () C:\Users\mateo\AppData\Local\GDIPFONTCACHEV1.DAT
  747. 2014-10-16 15:00 - 2014-10-16 15:00 - 00000000 ____D () C:\Users\mateo\AppData\Local\Microsoft Games
  748. 2014-10-16 14:58 - 2014-10-17 07:16 - 00000000 ____D () C:\Program Files\Intel
  749. 2014-10-16 14:58 - 2014-10-17 07:13 - 00000000 ____D () C:\Intel
  750. 2014-10-16 14:57 - 2014-10-17 22:46 - 00742884 _____ () C:\Windows\system32\PerfStringBackup.INI
  751. 2014-10-16 14:57 - 2014-10-16 15:06 - 00000000 ____D () C:\Program Files\Realtek
  752. 2014-10-16 14:57 - 2014-10-16 15:02 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
  753. 2014-10-16 14:57 - 2014-10-16 14:57 - 00001769 _____ () C:\Windows\Language_trs.ini
  754. 2014-10-16 14:57 - 2014-10-16 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
  755. 2014-10-16 14:57 - 2012-09-01 01:00 - 00027792 ____R (Realtek Corporation) C:\Windows\system32\Drivers\RtVlan620.sys
  756. 2014-10-16 14:57 - 2012-07-03 14:32 - 00049808 ____R (Realtek Corporation) C:\Windows\system32\Drivers\RtTeam620.sys
  757. 2014-10-16 14:57 - 2011-06-15 15:11 - 00033056 ____R (Realtek ) C:\Windows\system32\Drivers\RtNdPt60.sys
  758. 2014-10-16 14:56 - 2014-10-17 07:12 - 00039758 _____ () C:\Windows\Ascd_tmp.ini
  759. 2014-10-16 14:56 - 2014-10-17 07:12 - 00000288 _____ () C:\Windows\As_Utilities.log
  760. 2014-10-16 14:54 - 2014-10-20 12:56 - 01603691 _____ () C:\Windows\WindowsUpdate.log
  761. 2014-10-16 14:53 - 2014-10-17 05:35 - 00000000 ____D () C:\Users\mateo
  762. 2014-10-16 14:53 - 2014-10-16 14:53 - 00001413 _____ () C:\Users\mateo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
  763. 2014-10-16 14:53 - 2014-10-16 14:53 - 00000020 ___SH () C:\Users\mateo\ntuser.ini
  764. 2014-10-16 14:53 - 2014-10-16 14:53 - 00000000 ____D () C:\Users\mateo\AppData\Local\VirtualStore
  765. 2014-10-16 14:53 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\mateo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
  766. 2014-10-16 14:53 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\mateo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
  767. 2014-10-16 14:52 - 2014-10-16 14:52 - 00000000 __SHD () C:\Recovery
  768.  
  769. ==================== One Month Modified Files and Folders =======
  770.  
  771. (If an entry is included in the fixlist, the file\folder will be moved.)
  772.  
  773. 2014-10-20 12:53 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
  774. 2014-10-20 12:53 - 2009-07-14 06:39 - 00018101 _____ () C:\Windows\setupact.log
  775. 2014-10-20 12:07 - 2013-11-11 19:25 - 00135776 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
  776. 2014-10-20 12:07 - 2012-08-02 15:09 - 00025696 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
  777. 2014-10-20 11:46 - 2009-07-14 06:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  778. 2014-10-20 11:46 - 2009-07-14 06:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  779. 2014-10-19 21:11 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Globalization
  780. 2014-10-19 11:07 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Public\Libraries
  781. 2014-10-18 18:10 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
  782. 2014-10-18 10:38 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
  783. 2014-10-18 00:54 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
  784. 2014-10-17 22:46 - 2009-07-14 09:48 - 00000000 ___RD () C:\Users\Public\Recorded TV
  785. 2014-10-17 01:14 - 2009-07-14 04:04 - 00000505 _____ () C:\Windows\win.ini
  786. 2014-10-17 00:47 - 2009-07-14 06:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
  787. 2014-10-17 00:47 - 2009-07-14 06:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
  788. 2014-10-17 00:12 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
  789. 2014-10-16 23:57 - 2009-07-14 06:53 - 00010476 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
  790. 2014-10-16 23:52 - 2009-07-14 06:33 - 00266808 _____ () C:\Windows\system32\FNTCACHE.DAT
  791. 2014-10-16 23:51 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
  792. 2014-10-16 23:51 - 2009-07-14 04:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
  793. 2014-10-16 23:49 - 2009-07-14 09:49 - 00000000 ____D () C:\Windows\CSC
  794. 2014-10-16 23:49 - 2009-07-14 06:34 - 00001774 _____ () C:\Windows\DtcInstall.log
  795. 2014-10-16 23:47 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
  796. 2014-10-16 23:13 - 2009-07-14 06:56 - 00000000 ____D () C:\Windows\system32\WCN
  797. 2014-10-16 23:13 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Sidebar
  798. 2014-10-16 23:13 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
  799. 2014-10-16 23:13 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Defender
  800. 2014-10-16 23:13 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\System
  801. 2014-10-16 14:57 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\restore
  802.  
  803. Some content of TEMP:
  804. ====================
  805. C:\Users\mateo\AppData\Local\Temp\HitmanPro.exe
  806. C:\Users\mateo\AppData\Local\Temp\InstHelper.exe
  807. C:\Users\mateo\AppData\Local\Temp\Quarantine.exe
  808. C:\Users\mateo\AppData\Local\Temp\SHSetup.exe
  809. C:\Users\mateo\AppData\Local\Temp\SimBundD.exe
  810. C:\Users\mateo\AppData\Local\Temp\sqlite3.dll
  811. C:\Users\mateo\AppData\Local\Temp\utt2B30.tmp.exe
  812.  
  813.  
  814. ==================== Bamital & volsnap Check =================
  815.  
  816. (There is no automatic fix for files that do not pass verification.)
  817.  
  818. C:\Windows\explorer.exe => File is digitally signed
  819. C:\Windows\system32\winlogon.exe => File is digitally signed
  820. C:\Windows\system32\wininit.exe => File is digitally signed
  821. C:\Windows\system32\svchost.exe => File is digitally signed
  822. C:\Windows\system32\services.exe => File is digitally signed
  823. C:\Windows\system32\User32.dll => File is digitally signed
  824. C:\Windows\system32\userinit.exe => File is digitally signed
  825. C:\Windows\system32\rpcss.dll => File is digitally signed
  826. C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
  827.  
  828. ==================== BCD ================================
  829.  
  830. Windows Boot Manager
  831. --------------------
  832. identifier {bootmgr}
  833. device partition=\Device\HarddiskVolume1
  834. description Windows Boot Manager
  835. locale bs-LATN-BA
  836. inherit {globalsettings}
  837. default {current}
  838. resumeobject {790be266-5586-11e4-aee0-ef7c9efe283c}
  839. displayorder {current}
  840. toolsdisplayorder {memdiag}
  841. timeout 30
  842.  
  843. Windows Boot Loader
  844. -------------------
  845. identifier {current}
  846. device partition=C:
  847. path \Windows\system32\winload.exe
  848. description Windows 7
  849. locale bs-LATN-BA
  850. inherit {bootloadersettings}
  851. recoverysequence {790be268-5586-11e4-aee0-ef7c9efe283c}
  852. recoveryenabled Yes
  853. osdevice partition=C:
  854. systemroot \Windows
  855. resumeobject {790be266-5586-11e4-aee0-ef7c9efe283c}
  856. nx OptIn
  857.  
  858. Windows Boot Loader
  859. -------------------
  860. identifier {790be268-5586-11e4-aee0-ef7c9efe283c}
  861. device ramdisk=[C:]\Recovery\790be268-5586-11e4-aee0-ef7c9efe283c\Winre.wim,{790be269-5586-11e4-aee0-ef7c9efe283c}
  862. path \windows\system32\winload.exe
  863. description Windows Recovery Environment
  864. inherit {bootloadersettings}
  865. osdevice ramdisk=[C:]\Recovery\790be268-5586-11e4-aee0-ef7c9efe283c\Winre.wim,{790be269-5586-11e4-aee0-ef7c9efe283c}
  866. systemroot \windows
  867. nx OptIn
  868. winpe Yes
  869.  
  870. Resume from Hibernate
  871. ---------------------
  872. identifier {790be266-5586-11e4-aee0-ef7c9efe283c}
  873. device partition=C:
  874. path \Windows\system32\winresume.exe
  875. description Windows Resume Application
  876. locale bs-LATN-BA
  877. inherit {resumeloadersettings}
  878. filedevice partition=C:
  879. filepath \hiberfil.sys
  880. pae Yes
  881. debugoptionenabled No
  882.  
  883. Windows Memory Tester
  884. ---------------------
  885. identifier {memdiag}
  886. device partition=\Device\HarddiskVolume1
  887. path \boot\memtest.exe
  888. description Windows Memory Diagnostic
  889. locale bs-LATN-BA
  890. inherit {globalsettings}
  891. badmemoryaccess Yes
  892.  
  893. Real-mode Boot Sector
  894. ---------------------
  895. identifier {790be26a-5586-11e4-aee0-ef7c9efe283c}
  896. device partition=C:
  897. path \shldr.mbr
  898. description SpyHunter Rescue
  899.  
  900. EMS Settings
  901. ------------
  902. identifier {emssettings}
  903. bootems Yes
  904.  
  905. Debugger Settings
  906. -----------------
  907. identifier {dbgsettings}
  908. debugtype Serial
  909. debugport 1
  910. baudrate 115200
  911.  
  912. RAM Defects
  913. -----------
  914. identifier {badmemory}
  915.  
  916. Global Settings
  917. ---------------
  918. identifier {globalsettings}
  919. inherit {dbgsettings}
  920. {emssettings}
  921. {badmemory}
  922.  
  923. Boot Loader Settings
  924. --------------------
  925. identifier {bootloadersettings}
  926. inherit {globalsettings}
  927. {hypervisorsettings}
  928.  
  929. Hypervisor Settings
  930. -------------------
  931. identifier {hypervisorsettings}
  932. hypervisordebugtype Serial
  933. hypervisordebugport 1
  934. hypervisorbaudrate 115200
  935.  
  936. Resume Loader Settings
  937. ----------------------
  938. identifier {resumeloadersettings}
  939. inherit {globalsettings}
  940.  
  941. Device options
  942. --------------
  943. identifier {790be269-5586-11e4-aee0-ef7c9efe283c}
  944. description Ramdisk Options
  945. ramdisksdidevice partition=C:
  946. ramdisksdipath \Recovery\790be268-5586-11e4-aee0-ef7c9efe283c\boot.sdi
  947.  
  948.  
  949.  
  950. LastRegBack: 2014-10-16 19:08
  951.  
  952. ==================== End Of Log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement