API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 20th, 2013
142
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 99.00 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 20.5.2013. 21:25:06 - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dino\Downloads
  3. 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.0.8112.16421)
  5. Locale: 0000041A | Country: Croatia | Language: HRV | Date Format: d.M.yyyy.
  6.  
  7. 4,00 Gb Total Physical Memory | 2,29 Gb Available Physical Memory | 57,15% Memory free
  8. 8,00 Gb Paging File | 5,80 Gb Available in Paging File | 72,48% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 100,30 Gb Total Space | 10,76 Gb Free Space | 10,73% Space Free | Partition Type: NTFS
  13. Drive D: | 120,66 Gb Total Space | 11,58 Gb Free Space | 9,60% Space Free | Partition Type: NTFS
  14. Drive E: | 50,11 Gb Total Space | 22,66 Gb Free Space | 45,22% Space Free | Partition Type: NTFS
  15. Drive F: | 194,59 Gb Total Space | 32,03 Gb Free Space | 16,46% Space Free | Partition Type: NTFS
  16. Drive G: | 149,04 Gb Total Space | 1,30 Gb Free Space | 0,87% Space Free | Partition Type: NTFS
  17.  
  18. Computer Name: DINO-PC | User Name: Dino | Logged in as Administrator.
  19. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
  20. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  21.  
  22. [color=#E56717]========== Processes (SafeList) ==========[/color]
  23.  
  24. PRC - [2013.05.20 21:24:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dino\Downloads\OTL.exe
  25. PRC - [2013.05.15 15:20:29 | 000,920,472 | ---- | M] (Mozilla Corporation) -- E:\Program Files (x86)\Mozilla Firefox\firefox.exe
  26. PRC - [2013.05.15 15:12:04 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
  27. PRC - [2013.05.06 12:01:19 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
  28. PRC - [2013.03.27 13:01:53 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
  29. PRC - [2013.03.27 13:01:37 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
  30. PRC - [2013.03.25 17:32:00 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
  31. PRC - [2013.03.23 03:16:09 | 000,256,600 | ---- | M] (Microsoft Corporation) -- C:\Users\Dino\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
  32. PRC - [2012.11.05 09:29:14 | 000,886,664 | ---- | M] (Repkasoft) -- E:\Program Files (x86)\YoWindow\yowindow.exe
  33. PRC - [2012.10.03 21:07:02 | 002,415,104 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Online Armor\oaui.exe
  34. PRC - [2012.10.03 21:06:42 | 004,463,864 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Online Armor\OAsrv.exe
  35. PRC - [2012.10.03 21:05:54 | 001,248,144 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Online Armor\oahlp.exe
  36. PRC - [2012.10.03 21:05:44 | 000,216,072 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Online Armor\oacat.exe
  37. PRC - [2012.04.08 22:00:32 | 000,883,712 | ---- | M] (Carthago Software) -- E:\Program Files (x86)\MemInfo\meminfo.exe
  38. PRC - [2009.08.29 08:00:12 | 000,966,656 | ---- | M] () -- C:\Users\Dino\Local Settings\Apps\F.lux\flux.exe
  39. PRC - [2009.01.16 18:12:28 | 000,221,184 | ---- | M] () -- C:\Windows\system\cm106eye.exe
  40. PRC - [2007.12.10 15:55:26 | 000,323,584 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac7302\Monitor.exe
  41.  
  42.  
  43. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  44.  
  45. MOD - [2013.05.15 15:20:29 | 003,128,728 | ---- | M] () -- E:\Program Files (x86)\Mozilla Firefox\mozjs.dll
  46. MOD - [2013.05.15 15:12:04 | 016,033,160 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
  47. MOD - [2013.02.08 16:26:33 | 001,027,072 | ---- | M] () -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\i5s7rexs.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
  48. MOD - [2012.10.01 21:37:48 | 006,522,480 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
  49. MOD - [2009.08.29 08:00:12 | 000,966,656 | ---- | M] () -- C:\Users\Dino\Local Settings\Apps\F.lux\flux.exe
  50. MOD - [2009.01.16 18:12:28 | 000,221,184 | ---- | M] () -- C:\Windows\system\cm106eye.exe
  51. MOD - [2006.09.13 13:08:00 | 000,491,520 | ---- | M] () -- C:\Windows\system\cmau106.dll
  52.  
  53.  
  54. [color=#E56717]========== Services (SafeList) ==========[/color]
  55.  
  56. SRV:[b]64bit:[/b] - [2012.11.16 22:44:58 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
  57. SRV:[b]64bit:[/b] - [2012.11.16 15:27:28 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
  58. SRV:[b]64bit:[/b] - [2012.06.25 15:10:22 | 000,185,856 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
  59. SRV:[b]64bit:[/b] - [2012.06.18 22:37:33 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
  60. SRV:[b]64bit:[/b] - [2011.09.27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
  61. SRV:[b]64bit:[/b] - [2011.08.05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
  62. SRV:[b]64bit:[/b] - [2011.08.05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\WMZuneComm.exe -- (WMZuneComm)
  63. SRV:[b]64bit:[/b] - [2011.08.05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\ZuneNss.exe -- (ZuneNetworkSvc)
  64. SRV:[b]64bit:[/b] - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
  65. SRV:[b]64bit:[/b] - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
  66. SRV - [2013.05.15 15:20:29 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
  67. SRV - [2013.05.15 15:12:04 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  68. SRV - [2013.03.27 13:01:53 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
  69. SRV - [2013.03.27 13:01:37 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
  70. SRV - [2013.03.25 17:32:00 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
  71. SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
  72. SRV - [2012.12.12 22:49:50 | 000,042,496 | ---- | M] (ree7) [Auto | Running] -- C:\Program Files (x86)\ree7\Wake my PC Lighthouse\WakeMyPC.WindowsService.exe -- (Wake my PC Lighthouse)
  73. SRV - [2012.10.03 21:06:42 | 004,463,864 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Online Armor\OAsrv.exe -- (SvcOnlineArmor)
  74. SRV - [2012.10.03 21:05:44 | 000,216,072 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Online Armor\oacat.exe -- (OAcat)
  75. SRV - [2012.07.11 20:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- E:\Program Files\Super Anti Spyware\SASCore64.exe -- (!SASCORE)
  76. SRV - [2012.06.18 22:36:07 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
  77. SRV - [2012.06.18 22:19:45 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
  78. SRV - [2012.05.26 13:27:59 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
  79. SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
  80. SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
  81.  
  82.  
  83. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  84.  
  85. DRV:[b]64bit:[/b] - [2013.03.29 18:55:49 | 000,868,848 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
  86. DRV:[b]64bit:[/b] - [2013.03.27 13:01:59 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
  87. DRV:[b]64bit:[/b] - [2013.03.27 13:01:59 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
  88. DRV:[b]64bit:[/b] - [2013.03.27 13:01:59 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
  89. DRV:[b]64bit:[/b] - [2013.01.31 10:19:52 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
  90. DRV:[b]64bit:[/b] - [2013.01.31 10:19:52 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
  91. DRV:[b]64bit:[/b] - [2013.01.31 10:19:46 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
  92. DRV:[b]64bit:[/b] - [2013.01.31 10:19:46 | 000,128,000 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bserd.sys -- (ss_bserd)
  93. DRV:[b]64bit:[/b] - [2013.01.31 10:19:46 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus)
  94. DRV:[b]64bit:[/b] - [2013.01.31 10:19:46 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl)
  95. DRV:[b]64bit:[/b] - [2012.11.16 23:08:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
  96. DRV:[b]64bit:[/b] - [2012.11.16 23:08:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
  97. DRV:[b]64bit:[/b] - [2012.11.16 21:39:12 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
  98. DRV:[b]64bit:[/b] - [2012.10.03 21:07:33 | 000,035,376 | ---- | M] (Emsisoft) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OAnet.sys -- (OAnet)
  99. DRV:[b]64bit:[/b] - [2012.10.03 00:26:46 | 000,066,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
  100. DRV:[b]64bit:[/b] - [2012.09.28 11:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
  101. DRV:[b]64bit:[/b] - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
  102. DRV:[b]64bit:[/b] - [2012.05.31 06:10:48 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
  103. DRV:[b]64bit:[/b] - [2012.03.05 15:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
  104. DRV:[b]64bit:[/b] - [2012.02.23 14:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
  105. DRV:[b]64bit:[/b] - [2011.09.22 06:00:04 | 000,097,792 | ---- | M] (WIBU-SYSTEMS AG) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\WibuKey64.sys -- (WIBUKEY)
  106. DRV:[b]64bit:[/b] - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
  107. DRV:[b]64bit:[/b] - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
  108. DRV:[b]64bit:[/b] - [2010.11.21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
  109. DRV:[b]64bit:[/b] - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  110. DRV:[b]64bit:[/b] - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
  111. DRV:[b]64bit:[/b] - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
  112. DRV:[b]64bit:[/b] - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
  113. DRV:[b]64bit:[/b] - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
  114. DRV:[b]64bit:[/b] - [2010.11.21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  115. DRV:[b]64bit:[/b] - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  116. DRV:[b]64bit:[/b] - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
  117. DRV:[b]64bit:[/b] - [2010.11.21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  118. DRV:[b]64bit:[/b] - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
  119. DRV:[b]64bit:[/b] - [2009.11.24 03:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
  120. DRV:[b]64bit:[/b] - [2009.11.24 03:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
  121. DRV:[b]64bit:[/b] - [2009.10.01 18:04:54 | 001,307,648 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CM10664.sys -- (USBMULCD)
  122. DRV:[b]64bit:[/b] - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  123. DRV:[b]64bit:[/b] - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
  124. DRV:[b]64bit:[/b] - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  125. DRV:[b]64bit:[/b] - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  126. DRV:[b]64bit:[/b] - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
  127. DRV:[b]64bit:[/b] - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  128. DRV:[b]64bit:[/b] - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  129. DRV:[b]64bit:[/b] - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
  130. DRV:[b]64bit:[/b] - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
  131. DRV:[b]64bit:[/b] - [2009.04.28 10:07:52 | 000,532,480 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PAC7302.SYS -- (PAC7302)
  132. DRV:[b]64bit:[/b] - [2009.03.07 13:03:40 | 000,019,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz132_x64.sys -- (cpuz132)
  133. DRV:[b]64bit:[/b] - [2008.06.27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
  134. DRV - [2012.10.03 21:07:33 | 000,061,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysWOW64\drivers\OADriver.sys -- (OADevice)
  135. DRV - [2012.10.03 21:07:33 | 000,040,520 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\OAmon.sys -- (OAmon)
  136. DRV - [2012.10.03 21:05:54 | 000,062,016 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\oahlp64.sys -- (oahlpXX)
  137. DRV - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- E:\Program Files\Super Anti Spyware\sasdifsv64.sys -- (SASDIFSV)
  138. DRV - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- E:\Program Files\Super Anti Spyware\saskutil64.sys -- (SASKUTIL)
  139. DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
  140.  
  141.  
  142. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  143.  
  144.  
  145. [color=#E56717]========== Internet Explorer ==========[/color]
  146.  
  147. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Program Files\GRAPHISOFT\ArchiCAD 16\Help\Files\wwhelp\wwhimpl\common\html\blank.htm
  148. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  149. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  150. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  151. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  152.  
  153. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
  154. IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
  155. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  156. IE - HKCU\..\SearchScopes\{92F7E220-5EC4-4052-B2BD-980A64E6C664}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10267&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGY&apn_dtid=^YYYYYY^YY^HR&apn_uid=ae0e71f5-df89-4a9f-8446-a5487dfa6c13&apn_sauid=CBB62526-51DF-4394-A2F1-0C4F9BC38762
  157. IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={5B2316D7-3839-44EE-B8E6-0578EAF3CA6D}&mid=5c0325b7ef6b47d08cacd16d5bcb8535-d8845227aadff769f0d5a88f2220f0773ee26caa&lang=en&ds=st011&pr=sa&d=2012-06-18 17:20:38&v=11.1.0.7&sap=dsp&q={searchTerms}
  158. IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb167/?search={searchTerms}&loc=IB_DS&a=6OyJ9ypI9u&i=26
  159. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  160. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
  161.  
  162. [color=#E56717]========== FireFox ==========[/color]
  163.  
  164. FF - prefs.js..browser.search.defaultengine: "Ask.com"
  165. FF - prefs.js..browser.search.defaultenginename: "Ask.com"
  166. FF - prefs.js..browser.search.defaultthis.engineName: "Search"
  167. FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
  168. FF - prefs.js..browser.search.order.1: "Ask.com"
  169. FF - prefs.js..browser.search.selectedEngine: "Google"
  170. FF - prefs.js..browser.search.suggest.enabled: false
  171. FF - prefs.js..browser.search.useDBForOrder: true
  172. FF - prefs.js..browser.startup.homepage: "about:home"
  173. FF - prefs.js..extensions.enabledAddons: testpilot%40labs.mozilla.com:1.2.2
  174. FF - prefs.js..extensions.enabledAddons: %7B4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064%7D:1.2
  175. FF - prefs.js..extensions.enabledAddons: showpassword%40pratikpoddar:1.7
  176. FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:2.0.20
  177. FF - prefs.js..extensions.enabledAddons: cryenginebrowserplugin%40crytek.com:0.29.0
  178. FF - prefs.js..extensions.enabledAddons: %7B3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d%7D:2.0
  179. FF - prefs.js..extensions.enabledAddons: %7B888d99e7-e8b5-46a3-851e-1ec45da1e644%7D:17.0.0
  180. FF - prefs.js..extensions.enabledAddons: ffaddon%40vagex.com:1.6.1
  181. FF - prefs.js..extensions.enabledAddons: stefanvandamme%40stefanvd.net:2.2.0.2
  182. FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130515
  183. FF - prefs.js..extensions.enabledAddons: %7B77d2ed30-4cd2-11e0-b8af-0800200c9a66%7D:5.6
  184. FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
  185. FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
  186. FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.2
  187. FF - prefs.js..extensions.enabledItems: sxipper@sxip.com:2.3.4
  188. FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
  189. FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2
  190. FF - prefs.js..extensions.enabledItems: {582195F5-92E7-40a0-A127-DB71295901D7}:0.6.4
  191. FF - prefs.js..extensions.enabledItems: morningCoffee@shaneliesegang:1.33
  192. FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
  193. FF - prefs.js..keyword.URL: "https://www.google.hr/"
  194.  
  195.  
  196. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
  197. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: e:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
  198. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
  199. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
  200. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
  201. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: e:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
  202. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
  203. FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
  204. FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
  205. FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: e:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
  206. FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
  207. FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
  208. FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
  209. FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
  210. FF - HKLM\Software\MozillaPlugins\@graphisoft.com/GDL Web Plug-in: C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll (Graphisoft SE)
  211. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  212. FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
  213. FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
  214. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
  215. FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
  216. FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
  217. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
  218. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
  219. FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: e:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
  220. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
  221. FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: e:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
  222. FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: File not found
  223.  
  224. 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012.07.27 00:50:30 | 000,000,000 | ---D | M]
  225. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
  226. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: E:\Program Files (x86)\Mozilla Firefox\components [2013.05.15 15:20:30 | 000,000,000 | ---D | M]
  227. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: E:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.15 15:20:24 | 000,000,000 | ---D | M]
  228.  
  229. [2012.06.18 16:33:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dino\AppData\Roaming\Mozilla\Extensions
  230. [2013.05.16 22:39:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\i5s7rexs.default\extensions
  231. [2013.03.21 14:41:57 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\i5s7rexs.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
  232. [2013.05.16 22:39:34 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\i5s7rexs.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
  233. [2013.03.13 10:21:49 | 000,000,000 | ---D | M] (GFACE Experience Plugin) -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\i5s7rexs.default\extensions\cryenginebrowserplugin@crytek.com
  234. [2013.04.13 20:02:52 | 000,000,000 | ---D | M] (Vagex Firefox Add-On) -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\i5s7rexs.default\extensions\ffaddon@vagex.com
  235. [2013.02.10 17:22:29 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\i5s7rexs.default\extensions\support@lastpass.com
  236. [2013.04.20 08:53:56 | 000,301,821 | ---- | M] () (No name found) -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\i5s7rexs.default\extensions\compatibility@addons.mozilla.org.xpi
  237. [2012.12.29 16:51:14 | 000,005,367 | ---- | M] () (No name found) -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\i5s7rexs.default\extensions\showpassword@pratikpoddar.xpi
  238. [2013.05.01 20:58:37 | 000,651,215 | ---- | M] () (No name found) -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\i5s7rexs.default\extensions\stefanvandamme@stefanvd.net.xpi
  239. [2012.09.13 07:43:08 | 000,621,521 | ---- | M] () (No name found) -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\i5s7rexs.default\extensions\testpilot@labs.mozilla.com.xpi
  240. [2013.03.14 22:00:16 | 000,049,690 | ---- | M] () (No name found) -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\i5s7rexs.default\extensions\{3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}.xpi
  241. [2012.11.13 23:56:26 | 000,049,303 | ---- | M] () (No name found) -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\i5s7rexs.default\extensions\{4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064}.xpi
  242. [2013.04.07 10:12:39 | 000,030,502 | ---- | M] () (No name found) -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\i5s7rexs.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
  243. [2013.05.09 21:54:09 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\i5s7rexs.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
  244. [2012.12.17 23:32:06 | 000,002,413 | ---- | M] () -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\i5s7rexs.default\searchplugins\askcom.xml
  245. [2012.10.01 21:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
  246.  
  247. Hosts file not found
  248. O2:[b]64bit:[/b] - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll ()
  249. O2 - BHO: (PDFXChange 2012) - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - e:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll (Tracker Software Products (Canada) Ltd.)
  250. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
  251. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
  252. O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  253. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
  254. O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  255. O3 - HKLM\..\Toolbar: (PDFXChange 2012) - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - e:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll (Tracker Software Products (Canada) Ltd.)
  256. O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  257. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
  258. O4:[b]64bit:[/b] - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files (x86)\Online Armor\oaui.exe (Emsisoft GmbH)
  259. O4:[b]64bit:[/b] - HKLM..\Run: [Cm106Sound] C:\Windows\Syswow64\cm106.dll (C-Media Corporation)
  260. O4:[b]64bit:[/b] - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
  261. O4:[b]64bit:[/b] - HKLM..\Run: [PAC7302_Monitor] C:\Windows\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
  262. O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
  263. O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
  264. O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
  265. O4 - HKCU..\Run: [F.lux] C:\Users\Dino\Local Settings\Apps\F.lux\flux.exe ()
  266. O4 - HKCU..\Run: [SkyDrive] C:\Users\Dino\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
  267. O4 - Startup: C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MemInfo.lnk = E:\Program Files (x86)\MemInfo\meminfo.exe (Carthago Software)
  268. O4 - Startup: C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YoWindow.lnk = E:\Program Files (x86)\YoWindow\yowindow.exe (Repkasoft)
  269. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  270. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  271. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
  272. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  273. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
  274. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
  275. O8:[b]64bit:[/b] - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  276. O8:[b]64bit:[/b] - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
  277. O8:[b]64bit:[/b] - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
  278. O8:[b]64bit:[/b] - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
  279. O8:[b]64bit:[/b] - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
  280. O8:[b]64bit:[/b] - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  281. O8:[b]64bit:[/b] - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  282. O8:[b]64bit:[/b] - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  283. O8:[b]64bit:[/b] - Extra context menu item: Free YouTube Download - C:\Users\Dino\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
  284. O8:[b]64bit:[/b] - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Dino\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
  285. O8:[b]64bit:[/b] - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html File not found
  286. O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  287. O8 - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
  288. O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
  289. O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
  290. O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
  291. O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  292. O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  293. O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  294. O8 - Extra context menu item: Free YouTube Download - C:\Users\Dino\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
  295. O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Dino\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
  296. O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html File not found
  297. O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html File not found
  298. O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html File not found
  299. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
  300. O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
  301. O13[b]64bit:[/b] - gopher Prefix: missing
  302. O13 - gopher Prefix: missing
  303. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Value error.)
  304. O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
  305. O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 10.5.1)
  306. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{074A1557-773B-4A2F-857B-7AB1FE386023}: NameServer = 192.168.1.1
  307. O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
  308. O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
  309. O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
  310. O18 - Protocol\Handler\livecall - No CLSID value found
  311. O18 - Protocol\Handler\ms-help - No CLSID value found
  312. O18 - Protocol\Handler\msnim - No CLSID value found
  313. O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
  314. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  315. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  316. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  317. O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
  318. O20:[b]64bit:[/b] - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
  319. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  320. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  321. O32 - HKLM CDRom: AutoRun - 1
  322. O32 - AutoRun File - [2013.03.24 14:29:46 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
  323. O33 - MountPoints2\I\Shell - "" = AutoRun
  324. O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\setup.exe
  325. O33 - MountPoints2\J\Shell - "" = AutoRun
  326. O34 - HKLM BootExecute: (autocheck autochk *)
  327. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  328. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  329. O35 - HKLM\..comfile [open] -- "%1" %*
  330. O35 - HKLM\..exefile [open] -- "%1" %*
  331. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  332. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  333. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  334. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  335. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  336. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  337. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  338.  
  339. CREATERESTOREPOINT
  340. Restore point Set: OTL Restore Point
  341.  
  342. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  343.  
  344. [2013.05.20 12:04:32 | 000,000,000 | ---D | C] -- C:\Users\Dino\Desktop\Video
  345. [2013.05.20 11:35:26 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
  346. [2013.05.20 11:19:08 | 000,000,000 | ---D | C] -- C:\Qoobox
  347. [2013.05.20 11:18:51 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
  348. [2013.05.20 11:18:50 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
  349. [2013.05.20 10:19:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
  350. [2013.05.19 12:53:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro Last Light
  351. [2013.05.18 16:41:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
  352. [2013.05.13 21:28:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
  353. [2013.05.12 19:06:07 | 000,000,000 | ---D | C] -- C:\Users\Dino\AppData\Local\stellarium
  354. [2013.05.12 19:06:05 | 000,000,000 | ---D | C] -- C:\Users\Dino\AppData\Roaming\Stellarium
  355. [2013.05.12 19:05:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium
  356. [2013.05.06 12:02:20 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
  357. [2013.04.29 16:15:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
  358. [2013.04.29 15:58:33 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
  359. [2013.04.21 19:20:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ree7
  360. [2013.04.21 19:20:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ree7
  361. [2013.04.21 19:09:49 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry First Aid 8
  362. [2013.04.21 19:00:11 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry First Aid 9
  363. [2011.08.05 12:56:34 | 001,530,592 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UIX.dll
  364. [2011.08.05 12:56:34 | 001,288,928 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UIXcontrols.dll
  365. [2011.08.05 12:56:34 | 001,272,544 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneShell.dll
  366. [2011.08.05 12:56:34 | 001,175,264 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneDBApi.dll
  367. [2011.08.05 12:56:34 | 000,645,856 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UIX.renderapi.dll
  368. [2011.08.05 12:53:12 | 016,921,312 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneShellResources.dll
  369. [2011.08.05 12:53:12 | 004,020,448 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneSetup.exe
  370. [2011.08.05 12:53:12 | 000,863,968 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneWmdu.dll
  371. [2011.08.05 12:53:12 | 000,507,104 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneSP.dll
  372. [2011.08.05 12:53:12 | 000,467,680 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneWlanCfgSvc.exe
  373. [2011.08.05 12:53:12 | 000,366,816 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneSrcWrp.dll
  374. [2011.08.05 12:53:12 | 000,306,400 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WMZuneComm.exe
  375. [2011.08.05 12:53:12 | 000,196,832 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneZMDB.Mobile.dll
  376. [2011.08.05 12:53:12 | 000,157,920 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneZMDB.Library.dll
  377. [2011.08.05 12:53:12 | 000,157,408 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneZMDB.ZuneHD.dll
  378. [2011.08.05 12:53:12 | 000,152,288 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneZMDB.Classic.dll
  379. [2011.08.05 12:53:12 | 000,100,064 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneTaskbar.dll
  380. [2011.08.05 12:53:12 | 000,074,464 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneShellExt.dll
  381. [2011.08.05 12:53:12 | 000,027,872 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WMZuneTCP2UDP.dll
  382. [2011.08.05 12:53:12 | 000,021,216 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WMZuneDTPTDNS.dll
  383. [2011.08.05 12:53:12 | 000,018,656 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WMZuneCommProxyStub.dll
  384. [2011.08.05 12:53:12 | 000,017,632 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneShare.exe
  385. [2011.08.05 12:53:12 | 000,009,440 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneWmduResources.dll
  386. [2011.08.05 12:53:10 | 003,889,376 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneResources.dll
  387. [2011.08.05 12:53:10 | 001,257,184 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneService.dll
  388. [2011.08.05 12:53:10 | 000,916,704 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneQP.dll
  389. [2011.08.05 12:53:10 | 000,683,744 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneSH.dll
  390. [2011.08.05 12:53:10 | 000,514,272 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneSE.dll
  391. [2011.08.05 12:53:10 | 000,155,872 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneSA.dll
  392. [2011.08.05 12:53:06 | 010,061,536 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneNativeLib.dll
  393. [2011.08.05 12:53:06 | 008,277,728 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneNss.exe
  394. [2011.08.05 12:53:06 | 002,110,176 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneEncEng.dll
  395. [2011.08.05 12:53:06 | 001,752,288 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UIXrender.dll
  396. [2011.08.05 12:53:06 | 001,481,440 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneCore.dll
  397. [2011.08.05 12:53:06 | 001,184,480 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneH264Dec.dll
  398. [2011.08.05 12:53:06 | 001,161,440 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneMde.dll
  399. [2011.08.05 12:53:06 | 001,096,928 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneMarketplaceResources.dll
  400. [2011.08.05 12:53:06 | 000,879,328 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneMBR.dll
  401. [2011.08.05 12:53:06 | 000,707,808 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZUNEMP4SDECD.dll
  402. [2011.08.05 12:53:06 | 000,376,544 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneEvr.dll
  403. [2011.08.05 12:53:06 | 000,347,872 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneNssci.dll
  404. [2011.08.05 12:53:06 | 000,223,968 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Zune.exe
  405. [2011.08.05 12:53:06 | 000,218,848 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneHost.exe
  406. [2011.08.05 12:53:06 | 000,212,192 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneDB.dll
  407. [2011.08.05 12:53:06 | 000,163,552 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneLauncher.exe
  408. [2011.08.05 12:53:06 | 000,131,296 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZunePresenter.dll
  409. [2011.08.05 12:53:06 | 000,129,248 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneEffects.dll
  410. [2011.08.05 12:53:06 | 000,121,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneAACDec.dll
  411. [2011.08.05 12:53:06 | 000,072,928 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneDXVA2.dll
  412. [2011.08.05 12:53:06 | 000,061,664 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneCfg.dll
  413. [2011.08.05 12:53:06 | 000,056,544 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneConfig.exe
  414. [2011.08.05 12:53:06 | 000,038,624 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneEnc.exe
  415. [2011.08.05 12:53:06 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UIXsup.dll
  416. [2011.08.05 12:53:06 | 000,020,704 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZunePS.dll
  417. [2011.08.05 12:31:32 | 000,182,784 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Program Files\l3codecp.acm
  418. [2011.06.06 13:48:50 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcp90.dll
  419. [2011.06.06 13:48:50 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcr90.dll
  420. [2011.06.06 13:48:50 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcm90.dll
  421. [2007.10.02 14:12:44 | 001,642,568 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msidcrl40.dll
  422. [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  423.  
  424. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  425.  
  426. [2013.05.20 20:59:56 | 000,029,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  427. [2013.05.20 20:59:55 | 000,029,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  428. [2013.05.20 20:52:19 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
  429. [2013.05.20 20:51:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  430. [2013.05.20 20:51:50 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
  431. [2013.05.20 12:47:33 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
  432. [2013.05.20 11:12:39 | 000,783,270 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  433. [2013.05.20 11:12:39 | 000,655,054 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  434. [2013.05.20 11:12:39 | 000,121,926 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  435. [2013.05.20 10:20:15 | 000,001,239 | ---- | M] () -- C:\Users\Dino\Desktop\DVDVideoSoft Free Studio.lnk
  436. [2013.05.20 09:10:39 | 000,182,592 | ---- | M] () -- C:\Users\Dino\Desktop\54967744646541254794.jpg
  437. [2013.05.20 09:09:41 | 000,015,709 | ---- | M] () -- C:\Users\Dino\Desktop\pc-magazine-2013-05-may.pdf.torrent
  438. [2013.05.19 23:21:26 | 000,029,198 | ---- | M] () -- C:\Users\Dino\Desktop\2013-05-19_232125.png
  439. [2013.05.19 23:19:10 | 000,103,392 | ---- | M] () -- C:\Users\Dino\Desktop\Shema gradilista iva.dwg
  440. [2013.05.19 23:18:45 | 000,047,863 | ---- | M] () -- C:\Users\Dino\Desktop\Shema gradilista iva-Layout1.pdf
  441. [2013.05.19 23:18:36 | 000,103,104 | ---- | M] () -- C:\Users\Dino\Desktop\Shema gradilista iva.bak
  442. [2013.05.19 22:47:00 | 000,101,568 | ---- | M] () -- C:\Users\Dino\Desktop\2013-05-19_224659.png
  443. [2013.05.19 22:46:39 | 000,109,093 | ---- | M] () -- C:\Users\Dino\Desktop\2013-05-19_224638.png
  444. [2013.05.19 22:46:16 | 000,025,244 | ---- | M] () -- C:\Users\Dino\Desktop\2013-05-19_224615.png
  445. [2013.05.19 21:12:57 | 000,000,191 | -H-- | M] () -- C:\Users\Dino\Documents\Drawing1.dwl2
  446. [2013.05.19 21:12:57 | 000,000,041 | -H-- | M] () -- C:\Users\Dino\Documents\Drawing1.dwl
  447. [2013.05.19 21:06:22 | 000,118,961 | ---- | M] () -- C:\Users\Dino\Desktop\974144_4491332535305_1454678199_n.jpg
  448. [2013.05.19 19:40:25 | 000,026,145 | ---- | M] () -- C:\Users\Dino\Desktop\$T2eC16JHJGwE9n)ySd8KBP8bCUl6Ig~~60_3.JPG
  449. [2013.05.19 18:19:40 | 000,115,520 | ---- | M] () -- C:\Users\Dino\Desktop\Shema gradilista.dwg
  450. [2013.05.19 17:48:03 | 000,018,818 | ---- | M] () -- C:\Users\Dino\Desktop\2013-05-19_174802.png
  451. [2013.05.19 17:45:52 | 000,115,776 | ---- | M] () -- C:\Users\Dino\Desktop\Shema gradilista.bak
  452. [2013.05.19 17:16:25 | 000,108,640 | ---- | M] () -- C:\Users\Dino\Desktop\jhghhg.dwg
  453. [2013.05.19 17:12:39 | 000,017,109 | ---- | M] () -- C:\Users\Dino\Desktop\Shema gradilista-Layout1.pdf
  454. [2013.05.19 16:30:16 | 000,129,245 | ---- | M] () -- C:\Users\Dino\Desktop\963039_4489885379127_1443756924_n.jpg
  455. [2013.05.19 16:18:05 | 000,099,487 | ---- | M] () -- C:\Users\Dino\Desktop\979742_4490315269874_537637908_n.jpg
  456. [2013.05.19 16:08:26 | 000,015,667 | ---- | M] () -- C:\Users\Dino\Desktop\2013-05-19_160825.png
  457. [2013.05.19 15:05:24 | 000,133,218 | ---- | M] () -- C:\Users\Dino\Desktop\972912_4489885459129_99608187_n.jpg
  458. [2013.05.19 15:03:59 | 000,068,660 | ---- | M] () -- C:\Users\Dino\Desktop\973255_4489885339126_934446884_n.jpg
  459. [2013.05.19 13:49:12 | 000,124,660 | ---- | M] () -- C:\Users\Dino\Desktop\962972_4489890299250_1990723263_n.jpg
  460. [2013.05.19 12:53:26 | 000,000,849 | ---- | M] () -- C:\Users\Public\Desktop\Metro Last Light.lnk
  461. [2013.05.18 21:45:57 | 000,000,400 | RHS- | M] () -- C:\ProgramData\ntuser.pol
  462. [2013.05.18 14:44:07 | 003,122,256 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
  463. [2013.05.17 11:01:45 | 000,090,656 | ---- | M] () -- C:\Users\Dino\Desktop\10.5.2013.dwg
  464. [2013.05.16 22:33:11 | 000,082,725 | ---- | M] () -- C:\Users\Dino\Desktop\10.5.2013.bak
  465. [2013.05.15 15:12:04 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
  466. [2013.05.15 15:12:04 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
  467. [2013.05.13 17:43:37 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  468. [2013.05.13 17:43:37 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  469. [2013.05.11 15:22:18 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
  470. [2013.05.11 15:22:18 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
  471. [2013.05.06 12:01:49 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
  472. [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  473.  
  474. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  475.  
  476. [2013.05.20 10:20:15 | 000,001,239 | ---- | C] () -- C:\Users\Dino\Desktop\DVDVideoSoft Free Studio.lnk
  477. [2013.05.20 09:10:38 | 000,182,592 | ---- | C] () -- C:\Users\Dino\Desktop\54967744646541254794.jpg
  478. [2013.05.20 09:09:33 | 000,015,709 | ---- | C] () -- C:\Users\Dino\Desktop\pc-magazine-2013-05-may.pdf.torrent
  479. [2013.05.19 23:21:26 | 000,029,198 | ---- | C] () -- C:\Users\Dino\Desktop\2013-05-19_232125.png
  480. [2013.05.19 22:47:00 | 000,101,568 | ---- | C] () -- C:\Users\Dino\Desktop\2013-05-19_224659.png
  481. [2013.05.19 22:46:39 | 000,109,093 | ---- | C] () -- C:\Users\Dino\Desktop\2013-05-19_224638.png
  482. [2013.05.19 22:46:16 | 000,025,244 | ---- | C] () -- C:\Users\Dino\Desktop\2013-05-19_224615.png
  483. [2013.05.19 22:42:38 | 000,047,863 | ---- | C] () -- C:\Users\Dino\Desktop\Shema gradilista iva-Layout1.pdf
  484. [2013.05.19 21:12:57 | 000,103,392 | ---- | C] () -- C:\Users\Dino\Desktop\Shema gradilista iva.dwg
  485. [2013.05.19 21:12:57 | 000,103,104 | ---- | C] () -- C:\Users\Dino\Desktop\Shema gradilista iva.bak
  486. [2013.05.19 21:12:57 | 000,000,191 | -H-- | C] () -- C:\Users\Dino\Documents\Drawing1.dwl2
  487. [2013.05.19 21:12:57 | 000,000,041 | -H-- | C] () -- C:\Users\Dino\Documents\Drawing1.dwl
  488. [2013.05.19 21:06:21 | 000,118,961 | ---- | C] () -- C:\Users\Dino\Desktop\974144_4491332535305_1454678199_n.jpg
  489. [2013.05.19 19:40:24 | 000,026,145 | ---- | C] () -- C:\Users\Dino\Desktop\$T2eC16JHJGwE9n)ySd8KBP8bCUl6Ig~~60_3.JPG
  490. [2013.05.19 17:48:03 | 000,018,818 | ---- | C] () -- C:\Users\Dino\Desktop\2013-05-19_174802.png
  491. [2013.05.19 17:16:25 | 000,108,640 | ---- | C] () -- C:\Users\Dino\Desktop\jhghhg.dwg
  492. [2013.05.19 16:59:09 | 000,017,109 | ---- | C] () -- C:\Users\Dino\Desktop\Shema gradilista-Layout1.pdf
  493. [2013.05.19 16:17:41 | 000,099,487 | ---- | C] () -- C:\Users\Dino\Desktop\979742_4490315269874_537637908_n.jpg
  494. [2013.05.19 16:08:26 | 000,015,667 | ---- | C] () -- C:\Users\Dino\Desktop\2013-05-19_160825.png
  495. [2013.05.19 15:03:59 | 000,068,660 | ---- | C] () -- C:\Users\Dino\Desktop\973255_4489885339126_934446884_n.jpg
  496. [2013.05.19 15:03:48 | 000,133,218 | ---- | C] () -- C:\Users\Dino\Desktop\972912_4489885459129_99608187_n.jpg
  497. [2013.05.19 15:03:40 | 000,129,245 | ---- | C] () -- C:\Users\Dino\Desktop\963039_4489885379127_1443756924_n.jpg
  498. [2013.05.19 14:18:29 | 000,115,776 | ---- | C] () -- C:\Users\Dino\Desktop\Shema gradilista.bak
  499. [2013.05.19 14:18:29 | 000,115,520 | ---- | C] () -- C:\Users\Dino\Desktop\Shema gradilista.dwg
  500. [2013.05.19 13:49:12 | 000,124,660 | ---- | C] () -- C:\Users\Dino\Desktop\962972_4489890299250_1990723263_n.jpg
  501. [2013.05.19 12:53:26 | 000,000,849 | ---- | C] () -- C:\Users\Public\Desktop\Metro Last Light.lnk
  502. [2013.05.18 20:11:49 | 000,000,400 | RHS- | C] () -- C:\ProgramData\ntuser.pol
  503. [2013.05.18 19:45:40 | 000,082,725 | ---- | C] () -- C:\Users\Dino\Desktop\10.5.2013.bak
  504. [2013.05.18 19:45:38 | 000,090,656 | ---- | C] () -- C:\Users\Dino\Desktop\10.5.2013.dwg
  505. [2013.05.18 15:16:25 | 000,000,571 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro Last Light.lnk
  506. [2013.05.18 14:43:54 | 003,122,256 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
  507. [2013.05.01 16:33:37 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
  508. [2013.03.23 19:10:31 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
  509. [2013.03.23 19:10:05 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
  510. [2013.02.05 18:52:50 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
  511. [2013.02.05 18:52:50 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
  512. [2013.02.05 18:52:50 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
  513. [2013.02.05 18:52:50 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
  514. [2012.12.12 00:46:18 | 000,042,440 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
  515. [2012.11.21 15:10:20 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
  516. [2012.10.30 20:26:09 | 000,000,089 | ---- | C] () -- C:\Users\Dino\AppData\Local\msmathematics.qat.Dino
  517. [2012.09.28 17:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
  518. [2012.09.23 12:12:12 | 000,768,738 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
  519. [2012.08.04 11:43:36 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
  520. [2012.07.04 07:34:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
  521. [2012.07.04 07:34:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
  522. [2012.07.01 20:06:39 | 000,000,885 | ---- | C] () -- C:\Windows\SysWow64\SP7302.ini
  523. [2012.06.26 21:45:29 | 000,062,016 | ---- | C] () -- C:\Windows\SysWow64\drivers\oahlp64.sys
  524. [2012.06.26 21:45:29 | 000,061,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\OADriver.sys
  525. [2012.06.18 17:33:04 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix106.dll
  526. [2012.06.18 17:33:04 | 000,000,603 | ---- | C] () -- C:\Windows\Cm106.ini.cfl
  527. [2012.06.18 17:32:54 | 000,003,059 | ---- | C] () -- C:\Windows\Cm106.ini.cfg
  528. [2012.06.18 17:32:54 | 000,001,694 | ---- | C] () -- C:\Windows\Cm106.ini.imi
  529. [2012.06.18 17:32:54 | 000,000,964 | ---- | C] () -- C:\Windows\cm106.ini
  530. [2012.06.18 14:37:57 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
  531. [2012.04.18 18:39:10 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
  532. [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
  533. [2011.06.21 23:45:28 | 000,122,484 | ---- | C] () -- C:\Program Files\quickplaymap_msl.png
  534. [2011.06.21 23:45:28 | 000,122,210 | ---- | C] () -- C:\Program Files\quickplaymap_ind.png
  535. [2011.06.21 23:45:28 | 000,093,248 | ---- | C] () -- C:\Program Files\softwaremap_msl.png
  536. [2011.06.21 23:45:28 | 000,092,713 | ---- | C] () -- C:\Program Files\softwaremap_ind.png
  537. [2011.06.21 23:45:26 | 009,532,452 | ---- | C] () -- C:\Program Files\Meiryoz.ttc
  538. [2011.06.06 13:50:40 | 000,000,659 | ---- | C] () -- C:\Program Files\Zune.exe.config
  539. [2011.06.06 13:50:26 | 000,251,333 | ---- | C] () -- C:\Program Files\softwaremap.png
  540. [2011.06.06 13:50:26 | 000,122,790 | ---- | C] () -- C:\Program Files\quickplaymap_rus.png
  541. [2011.06.06 13:50:26 | 000,122,620 | ---- | C] () -- C:\Program Files\quickplaymap_ell.png
  542. [2011.06.06 13:50:26 | 000,122,458 | ---- | C] () -- C:\Program Files\quickplaymap.png
  543. [2011.06.06 13:50:26 | 000,122,414 | ---- | C] () -- C:\Program Files\quickplaymap_plk.png
  544. [2011.06.06 13:50:26 | 000,122,134 | ---- | C] () -- C:\Program Files\quickplaymap_ptb.png
  545. [2011.06.06 13:50:26 | 000,122,068 | ---- | C] () -- C:\Program Files\quickplaymap_csy.png
  546. [2011.06.06 13:50:26 | 000,122,060 | ---- | C] () -- C:\Program Files\quickplaymap_jpn.png
  547. [2011.06.06 13:50:26 | 000,122,053 | ---- | C] () -- C:\Program Files\quickplaymap_nld.png
  548. [2011.06.06 13:50:26 | 000,121,952 | ---- | C] () -- C:\Program Files\quickplaymap_esp.png
  549. [2011.06.06 13:50:26 | 000,121,837 | ---- | C] () -- C:\Program Files\quickplaymap_deu.png
  550. [2011.06.06 13:50:26 | 000,121,834 | ---- | C] () -- C:\Program Files\quickplaymap_hun.png
  551. [2011.06.06 13:50:26 | 000,121,635 | ---- | C] () -- C:\Program Files\quickplaymap_ptg.png
  552. [2011.06.06 13:50:26 | 000,121,621 | ---- | C] () -- C:\Program Files\quickplaymap_ita.png
  553. [2011.06.06 13:50:26 | 000,121,558 | ---- | C] () -- C:\Program Files\quickplaymap_sve.png
  554. [2011.06.06 13:50:26 | 000,121,489 | ---- | C] () -- C:\Program Files\quickplaymap_dan.png
  555. [2011.06.06 13:50:26 | 000,121,403 | ---- | C] () -- C:\Program Files\quickplaymap_fra.png
  556. [2011.06.06 13:50:26 | 000,121,358 | ---- | C] () -- C:\Program Files\quickplaymap_chs.png
  557. [2011.06.06 13:50:26 | 000,121,257 | ---- | C] () -- C:\Program Files\quickplaymap_fin.png
  558. [2011.06.06 13:50:26 | 000,121,162 | ---- | C] () -- C:\Program Files\quickplaymap_cht.png
  559. [2011.06.06 13:50:26 | 000,121,155 | ---- | C] () -- C:\Program Files\quickplaymap_nor.png
  560. [2011.06.06 13:50:26 | 000,120,995 | ---- | C] () -- C:\Program Files\quickplaymap_kor.png
  561. [2011.06.06 13:50:26 | 000,100,499 | ---- | C] () -- C:\Program Files\softwaremap_ell.png
  562. [2011.06.06 13:50:26 | 000,099,979 | ---- | C] () -- C:\Program Files\softwaremap_rus.png
  563. [2011.06.06 13:50:26 | 000,098,663 | ---- | C] () -- C:\Program Files\softwaremap_plk.png
  564. [2011.06.06 13:50:26 | 000,098,431 | ---- | C] () -- C:\Program Files\softwaremap_ita.png
  565. [2011.06.06 13:50:26 | 000,098,102 | ---- | C] () -- C:\Program Files\softwaremap_ptb.png
  566. [2011.06.06 13:50:26 | 000,097,782 | ---- | C] () -- C:\Program Files\softwaremap_esp.png
  567. [2011.06.06 13:50:26 | 000,097,716 | ---- | C] () -- C:\Program Files\softwaremap_ptg.png
  568. [2011.06.06 13:50:26 | 000,097,580 | ---- | C] () -- C:\Program Files\softwaremap_deu.png
  569. [2011.06.06 13:50:26 | 000,097,435 | ---- | C] () -- C:\Program Files\softwaremap_fra.png
  570. [2011.06.06 13:50:26 | 000,097,298 | ---- | C] () -- C:\Program Files\softwaremap_csy.png
  571. [2011.06.06 13:50:26 | 000,096,751 | ---- | C] () -- C:\Program Files\softwaremap_cht.png
  572. [2011.06.06 13:50:26 | 000,096,737 | ---- | C] () -- C:\Program Files\softwaremap_hun.png
  573. [2011.06.06 13:50:26 | 000,096,603 | ---- | C] () -- C:\Program Files\softwaremap_jpn.png
  574. [2011.06.06 13:50:26 | 000,096,513 | ---- | C] () -- C:\Program Files\softwaremap_nld.png
  575. [2011.06.06 13:50:26 | 000,096,441 | ---- | C] () -- C:\Program Files\softwaremap_fin.png
  576. [2011.06.06 13:50:26 | 000,096,323 | ---- | C] () -- C:\Program Files\softwaremap_dan.png
  577. [2011.06.06 13:50:26 | 000,095,912 | ---- | C] () -- C:\Program Files\softwaremap_chs.png
  578. [2011.06.06 13:50:26 | 000,094,750 | ---- | C] () -- C:\Program Files\softwaremap_nor.png
  579. [2011.06.06 13:50:26 | 000,094,597 | ---- | C] () -- C:\Program Files\softwaremap_sve.png
  580. [2011.06.06 13:50:26 | 000,093,267 | ---- | C] () -- C:\Program Files\softwaremap_kor.png
  581. [2011.06.06 13:50:26 | 000,001,922 | ---- | C] () -- C:\Program Files\TopBar.gif
  582. [2011.06.06 13:50:26 | 000,000,988 | ---- | C] () -- C:\Program Files\ZuneLogo.gif
  583. [2011.06.06 13:50:26 | 000,000,631 | ---- | C] () -- C:\Program Files\Background.jpg
  584. [2011.06.06 13:50:26 | 000,000,054 | ---- | C] () -- C:\Program Files\Arrow.gif
  585.  
  586. [color=#E56717]========== ZeroAccess Check ==========[/color]
  587.  
  588. [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  589.  
  590. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  591.  
  592. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  593.  
  594. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  595.  
  596. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  597.  
  598. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  599. "" = C:\Windows\SysNative\shell32.dll -- [2010.11.21 05:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
  600. "ThreadingModel" = Apartment
  601.  
  602. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  603. "" = %SystemRoot%\system32\shell32.dll -- [2010.11.21 05:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
  604. "ThreadingModel" = Apartment
  605.  
  606. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  607. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
  608. "ThreadingModel" = Free
  609.  
  610. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  611. "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
  612. "ThreadingModel" = Free
  613.  
  614. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  615. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
  616. "ThreadingModel" = Both
  617.  
  618. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  619.  
  620. [color=#E56717]========== Custom Scans ==========[/color]
  621.  
  622. [color=#E56717]========== Drive Information ==========[/color]
  623.  
  624. Physical Drives
  625. ---------------
  626.  
  627. Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
  628. Interface type: IDE
  629. Media Type: Fixed hard disk media
  630. Model: SAMSUNG HD502HJ ATA Device
  631. Partitions: 5
  632. Status: OK
  633. Status Info: 0
  634.  
  635. Drive: \\\\.\\PHYSICALDRIVE1 - Fixed hard disk media
  636. Interface type: IDE
  637. Media Type: Fixed hard disk media
  638. Model: ST3160815AS ATA Device
  639. Partitions: 1
  640. Status: OK
  641. Status Info: 0
  642.  
  643. Partitions
  644. ---------------
  645.  
  646. DeviceID: Disk #0, Partition #0
  647. PartitionType: Installable File System
  648. Bootable: True
  649. BootPartition: True
  650. PrimaryPartition: True
  651. Size: 100,00MB
  652. Starting Offset: 1048576
  653. Hidden sectors: 0
  654.  
  655.  
  656. DeviceID: Disk #0, Partition #1
  657. PartitionType: Installable File System
  658. Bootable: False
  659. BootPartition: False
  660. PrimaryPartition: True
  661. Size: 100,00GB
  662. Starting Offset: 108380160
  663. Hidden sectors: 0
  664.  
  665.  
  666. DeviceID: Disk #0, Partition #2
  667. PartitionType: Extended w/Extended Int 13
  668. Bootable: False
  669. BootPartition: False
  670. PrimaryPartition: False
  671. Size: 365,00GB
  672. Starting Offset: 107799552000
  673. Hidden sectors: 0
  674.  
  675.  
  676. DeviceID: Disk #1, Partition #0
  677. PartitionType: Extended w/Extended Int 13
  678. Bootable: False
  679. BootPartition: False
  680. PrimaryPartition: False
  681. Size: 149,00GB
  682. Starting Offset: 7741440
  683. Hidden sectors: 0
  684.  
  685.  
  686. [color=#A23BEC]< >[/color]
  687.  
  688. [color=#E56717]========== Base Services ==========[/color]
  689. SRV:[b]64bit:[/b] - [2009.07.14 03:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
  690. SRV:[b]64bit:[/b] - [2010.11.21 05:24:08 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
  691. SRV:[b]64bit:[/b] - [2009.07.14 03:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
  692. SRV:[b]64bit:[/b] - [2010.11.21 05:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
  693. SRV:[b]64bit:[/b] - [2010.11.21 05:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
  694. SRV:[b]64bit:[/b] - [2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
  695. SRV:[b]64bit:[/b] - [2009.07.14 03:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
  696. SRV - [2009.07.14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
  697. SRV:[b]64bit:[/b] - [2010.11.21 05:24:16 | 000,136,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
  698. SRV:[b]64bit:[/b] - [2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
  699. SRV - [2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
  700. SRV:[b]64bit:[/b] - [2010.11.21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
  701. SRV:[b]64bit:[/b] - [2010.11.21 05:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
  702. SRV - [2010.11.21 05:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
  703. SRV:[b]64bit:[/b] - [2010.11.21 05:24:15 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
  704. SRV:[b]64bit:[/b] - [2009.07.14 03:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
  705. SRV:[b]64bit:[/b] - [2009.07.14 03:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
  706. SRV - [2009.07.14 03:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
  707. SRV:[b]64bit:[/b] - [2009.07.14 03:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
  708. SRV:[b]64bit:[/b] - [2010.11.21 05:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
  709. No service found with a name of MsMpSvc
  710. No service found with a name of NisSrv
  711. SRV:[b]64bit:[/b] - [2009.07.14 03:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
  712. SRV:[b]64bit:[/b] - [2009.07.14 03:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
  713. SRV:[b]64bit:[/b] - [2009.07.14 03:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
  714. SRV:[b]64bit:[/b] - [2009.07.14 03:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
  715. SRV - [2009.07.14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
  716. SRV:[b]64bit:[/b] - [2010.11.21 05:23:54 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
  717. SRV:[b]64bit:[/b] - [2009.07.14 03:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
  718. SRV:[b]64bit:[/b] - [2010.11.21 05:24:00 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
  719. SRV:[b]64bit:[/b] - [2010.11.21 05:24:27 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
  720. SRV:[b]64bit:[/b] - [2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
  721. No service found with a name of EMDMgmt
  722. SRV:[b]64bit:[/b] - [2009.07.14 03:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
  723. SRV:[b]64bit:[/b] - [2010.11.21 05:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
  724. SRV:[b]64bit:[/b] - [2010.11.21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
  725. SRV:[b]64bit:[/b] - [2010.11.21 05:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
  726. SRV:[b]64bit:[/b] - [2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
  727. SRV:[b]64bit:[/b] - [2009.07.14 03:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
  728. SRV:[b]64bit:[/b] - [2010.11.21 05:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
  729. SRV:[b]64bit:[/b] - [2010.11.21 05:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
  730. SRV - [2010.11.21 05:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
  731. No service found with a name of slsvc
  732. SRV:[b]64bit:[/b] - [2010.11.21 05:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
  733. SRV:[b]64bit:[/b] - [2010.11.21 05:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
  734. SRV - [2010.11.21 05:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
  735. SRV:[b]64bit:[/b] - [2009.07.14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
  736. SRV:[b]64bit:[/b] - [2010.11.21 05:24:01 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
  737. SRV:[b]64bit:[/b] - [2010.11.21 05:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
  738. SRV:[b]64bit:[/b] - [2010.11.21 05:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
  739. SRV:[b]64bit:[/b] - [2010.11.21 05:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
  740. SRV:[b]64bit:[/b] - [2010.11.21 05:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
  741. SRV:[b]64bit:[/b] - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
  742. SRV:[b]64bit:[/b] - [2010.11.21 05:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
  743. SRV:[b]64bit:[/b] - [2010.11.21 05:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
  744. SRV:[b]64bit:[/b] - [2010.11.21 05:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
  745. SRV:[b]64bit:[/b] - [2010.11.21 05:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
  746. SRV - [2010.11.21 05:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
  747. SRV:[b]64bit:[/b] - [2009.07.14 03:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
  748. SRV:[b]64bit:[/b] - [2012.06.03 00:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
  749. SRV:[b]64bit:[/b] - [2010.11.21 05:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
  750. SRV:[b]64bit:[/b] - [2009.07.14 03:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
  751. SRV:[b]64bit:[/b] - [2010.11.21 05:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
  752.  
  753. [color=#A23BEC]< >[/color]
  754.  
  755. [color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
  756. [2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
  757. [2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
  758.  
  759. [color=#A23BEC]< >[/color]
  760.  
  761. [color=#A23BEC]< %systemroot%\assembly\GAC_32\*.* /S /MD5 >[/color]
  762. [2009.07.14 03:19:59 | 000,004,608 | ---- | M] () MD5=2CBEAFED3233C20DF11B88DF909CD74F -- C:\Windows\assembly\GAC_32\AuditPolicyGPManagedStubs.Interop\6.1.0.0__31bf3856ad364e35\AuditPolicyGPManagedStubs.Interop.dll
  763. [2010.11.21 05:25:07 | 000,238,080 | ---- | M] () MD5=D6D26A698BCCD17AB0761E6221C5F3C4 -- C:\Windows\assembly\GAC_32\BDATunePIA\6.1.0.0__31bf3856ad364e35\BDATunePIA.dll
  764. [2010.11.21 05:24:01 | 000,069,120 | ---- | M] () MD5=C80DA476BFBAD97D874A0EFE037D7113 -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
  765. [2009.07.14 03:22:13 | 000,139,264 | ---- | M] () MD5=3723B29BBFE648380ED9B70B164E33A2 -- C:\Windows\assembly\GAC_32\ehexthost32\6.1.0.0__31bf3856ad364e35\ehexthost32.exe
  766. [2009.07.13 23:04:37 | 000,002,274 | ---- | M] () MD5=C343B566A3B8DA7743C30796BE0A54D7 -- C:\Windows\assembly\GAC_32\ehexthost32\6.1.0.0__31bf3856ad364e35\ehexthost32.exe.config
  767. [2010.11.21 05:24:26 | 000,072,192 | ---- | M] () MD5=D58D4E4AA8D6146D838BE02500F50B27 -- C:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
  768. [2010.11.21 05:25:07 | 000,134,656 | ---- | M] () MD5=7D8676EC6A6ABCF57E1F6CA5372E56EE -- C:\Windows\assembly\GAC_32\mcstoredb\6.1.0.0__31bf3856ad364e35\mcstoredb.dll
  769. [2011.04.12 10:17:31 | 000,090,112 | ---- | M] () MD5=7643FE2D5D8DC339868BD4D952E0F385 -- C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.Resources.dll
  770. [2010.11.21 05:25:06 | 000,189,952 | ---- | M] () MD5=38D88B9F15909C5EB12543B9ADD60665 -- C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\6.1.0.0__31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.dll
  771. [2010.11.21 05:25:06 | 000,145,920 | ---- | M] () MD5=7473DCFFD01F73BA2B2621555B02E09A -- C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.Interop\2.0.0.0__31bf3856ad364e35\Microsoft.GroupPolicy.Interop.dll
  772. [2009.07.14 03:24:14 | 000,507,904 | ---- | M] () MD5=269691AFEE6C44C52CDCA23C24BDBB0C -- C:\Windows\assembly\GAC_32\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Microsoft.Ink.dll
  773. [2009.07.14 03:24:28 | 000,077,824 | ---- | M] () MD5=BB2BB7BFE455562249E922A7AA4493A5 -- C:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.dll
  774. [2009.07.14 03:23:55 | 000,008,192 | ---- | M] () MD5=79D7E7A3CB56C91FE9030C5EFE2DC13C -- C:\Windows\assembly\GAC_32\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.dll
  775. [2010.11.21 05:25:11 | 000,163,840 | ---- | M] () MD5=059B857CCA35C20F06B5DEBD51C4FB38 -- C:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
  776. [2009.07.14 03:26:31 | 000,008,192 | ---- | M] () MD5=FA44A672F1C12791984D9ECAB7DC3177 -- C:\Windows\assembly\GAC_32\Microsoft.Windows.Diagnosis.SDEngine\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDEngine.dll
  777. [2009.06.10 23:14:52 | 000,087,888 | ---- | M] () MD5=2E5F1CF69F92392F8829FC9C9263AE9B -- C:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\MSBuild.exe
  778. [2009.06.10 23:14:53 | 000,001,581 | ---- | M] () MD5=1EA3E30080C0E256C2EF0C621E91C345 -- C:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\msbuild.exe.config
  779. [2009.06.10 23:22:47 | 000,066,728 | ---- | M] () MD5=C01B81BB10AD14DBC5C4ECD350638096 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\big5.nlp
  780. [2009.06.10 23:22:47 | 000,082,172 | ---- | M] () MD5=EE1F60F8774D74BED8B13498F3FE737A -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\bopomofo.nlp
  781. [2009.06.10 23:22:58 | 000,116,756 | ---- | M] () MD5=F6DFDA5A31162D848634504565F6D321 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\ksc.nlp
  782. [2010.11.21 05:24:09 | 004,550,656 | ---- | M] () MD5=2795EAA90EDAB15BB239B4DCD3BEB633 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
  783. [2009.06.10 23:23:13 | 000,059,342 | ---- | M] () MD5=DA5748A89E22A3932387E65694B25BBB -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normidna.nlp
  784. [2009.06.10 23:23:13 | 000,045,794 | ---- | M] () MD5=3831A5E217D6FA828CCE1011DA26E677 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfc.nlp
  785. [2009.06.10 23:23:13 | 000,039,284 | ---- | M] () MD5=DBDE664E0BA4BACD0A6A04AE2232B205 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfd.nlp
  786. [2009.06.10 23:23:13 | 000,066,384 | ---- | M] () MD5=C9B88B759FE81D59CE8EBF5A0A8EB75A -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkc.nlp
  787. [2009.06.10 23:23:13 | 000,060,294 | ---- | M] () MD5=3CAB6AB66759FCDF73B61EE262C9ACF4 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkd.nlp
  788. [2009.06.10 23:23:14 | 000,083,748 | ---- | M] () MD5=54144F43EDF5AA8F504A30E7C1D1A7B5 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prc.nlp
  789. [2009.06.10 23:23:14 | 000,083,748 | ---- | M] () MD5=901863C68E6523336CAC602FE9320ABC -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prcp.nlp
  790. [2009.06.10 23:23:17 | 000,262,148 | ---- | M] () MD5=FB59D247F7143C3B9683A547E808A88B -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp
  791. [2009.06.10 23:23:17 | 000,020,320 | ---- | M] () MD5=FF13BA175F0013D2311827E0D438C60B -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp
  792. [2009.06.10 23:23:23 | 000,028,288 | ---- | M] () MD5=09E420F90A329BDA68477FA4AF43CB28 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\xjis.nlp
  793. [2010.11.21 05:24:32 | 000,046,080 | ---- | M] () MD5=93C4029DABC19166076BE347283AB969 -- C:\Windows\assembly\GAC_32\napcrypt\6.1.0.0__31bf3856ad364e35\NAPCRYPT.DLL
  794. [2010.11.21 05:23:48 | 000,107,008 | ---- | M] () MD5=E9CFC1884D1E579E82073103827FA62B -- C:\Windows\assembly\GAC_32\naphlpr\6.1.0.0__31bf3856ad364e35\NAPHLPR.DLL
  795. [2009.07.14 00:04:07 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.0.Microsoft.Ink.config
  796. [2009.07.14 03:25:25 | 000,005,632 | ---- | M] () MD5=608232474C33C71F863B0866E5165C1C -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.0.Microsoft.Ink.dll
  797. [2009.06.10 23:32:22 | 000,000,494 | ---- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.config
  798. [2009.07.14 03:26:15 | 000,005,632 | ---- | M] () MD5=2641880E8C12BEE37DDC2813908A2A0F -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.0.Microsoft.Interop.Security.AzRoles.dll
  799. [2009.06.10 23:32:22 | 000,000,494 | ---- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 -- C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.config
  800. [2009.07.14 03:23:30 | 000,005,632 | ---- | M] () MD5=D6C077082EAA747911C212A9EB64A813 -- C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.dll
  801. [2009.07.14 00:04:07 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.7.Microsoft.Ink.config
  802. [2009.07.14 03:22:54 | 000,005,632 | ---- | M] () MD5=331021DA8B00A9ADCDD54B5782943204 -- C:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.7.Microsoft.Ink.dll
  803. [2009.07.14 00:04:08 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.config
  804. [2009.07.14 03:23:04 | 000,005,632 | ---- | M] () MD5=B3DB67C90DBBB75BFE110A86E951C2EC -- C:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.dll
  805. [2010.11.21 05:24:56 | 004,218,880 | ---- | M] () MD5=8A68B7F6F17377EFC0E7B12ABE54A8A4 -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
  806. [2009.06.10 23:14:51 | 000,000,161 | ---- | M] () MD5=C0856EC51C8C75B8FDF02C1BBCFE7B93 -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe.config
  807. [2010.11.21 05:24:56 | 001,736,536 | ---- | M] () MD5=189EF45EB56724A888159C084588155D -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
  808. [2010.11.21 05:24:15 | 000,486,400 | ---- | M] () MD5=ED40D020A6A82748394F1653CE324CE4 -- C:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
  809. [2010.11.21 05:24:08 | 002,927,616 | ---- | M] () MD5=35CAB7CF3754C41AEB69DCE1D5ACA5A4 -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
  810. [2010.11.21 05:24:07 | 000,258,048 | ---- | M] () MD5=6DB969DF540BC71722848940D180AC08 -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
  811. [2010.11.21 05:24:07 | 000,113,664 | ---- | M] () MD5=C865DC05ADE0B41A9E14DD585E0CDF94 -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
  812. [2010.11.21 05:24:55 | 000,372,736 | ---- | M] () MD5=D5DB261885C0FEBF106DD3921C764F1E -- C:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
  813. [2009.06.10 23:23:19 | 000,261,632 | ---- | M] () MD5=5F3F1BF5F5B43293953FC915845910C4 -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
  814. [2010.11.21 05:24:26 | 005,251,072 | ---- | M] () MD5=03A5313EEC92FB067B774C220761BD7B -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
  815.  
  816. [color=#A23BEC]< >[/color]
  817.  
  818. [color=#A23BEC]< %systemroot%\assembly\GAC_64\*.* /S /MD5 >[/color]
  819. [2009.07.14 03:46:07 | 000,004,608 | ---- | M] () MD5=72A9C3F3B78CA92C93E78A46B3D73A7B -- C:\Windows\assembly\GAC_64\AuditPolicyGPManagedStubs.Interop\6.1.0.0__31bf3856ad364e35\AuditPolicyGPManagedStubs.Interop.dll
  820. [2010.11.21 05:24:42 | 000,249,344 | ---- | M] () MD5=0EB9F2F8649FC0DE0DB55AFF18093E1C -- C:\Windows\assembly\GAC_64\BDATunePIA\6.1.0.0__31bf3856ad364e35\BDATunePIA.dll
  821. [2010.11.21 05:23:56 | 000,080,896 | ---- | M] () MD5=28D0AAEB2F5D05629B287E3534FCAFB3 -- C:\Windows\assembly\GAC_64\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
  822. [2010.11.21 05:24:22 | 000,089,600 | ---- | M] () MD5=8658D501224F8EAA18BCF8104F07AA29 -- C:\Windows\assembly\GAC_64\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
  823. [2010.11.21 05:24:42 | 000,139,264 | ---- | M] () MD5=D32088C67317F5B64C13352E6EB5FFB1 -- C:\Windows\assembly\GAC_64\mcstoredb\6.1.0.0__31bf3856ad364e35\mcstoredb.dll
  824. [2010.11.21 05:24:42 | 000,198,656 | ---- | M] () MD5=073C37CEFEB4D5CD86646171C5D999F2 -- C:\Windows\assembly\GAC_64\mcupdate\6.1.0.0__31bf3856ad364e35\mcupdate.exe
  825. [2010.11.21 05:24:42 | 000,133,120 | ---- | M] () MD5=948ECE6043513473FF26B6A43DCD67C8 -- C:\Windows\assembly\GAC_64\Mcx2Dvcs\6.1.0.0__31bf3856ad364e35\Mcx2Dvcs.dll
  826. [2011.04.12 10:17:31 | 000,090,112 | ---- | M] () MD5=36FC4413674DEE77D586535E7075ACB4 -- C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.Resources.dll
  827. [2010.11.21 05:24:41 | 000,196,096 | ---- | M] () MD5=6E1F814CEEFC54E14DDBA66415823CFE -- C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\6.1.0.0__31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.dll
  828. [2010.11.21 05:24:41 | 000,151,040 | ---- | M] () MD5=63A87E4AEF8F906BABEF2612C2A00586 -- C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.Interop\2.0.0.0__31bf3856ad364e35\Microsoft.GroupPolicy.Interop.dll
  829. [2009.07.14 03:51:37 | 000,507,904 | ---- | M] () MD5=80BC35C4CA953CCACFECEE0EDBA14F5A -- C:\Windows\assembly\GAC_64\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Microsoft.Ink.dll
  830. [2009.07.14 03:51:13 | 000,077,824 | ---- | M] () MD5=ADE7BDD9DFFFB5A965DF204114F36951 -- C:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.dll
  831. [2010.11.21 05:24:42 | 000,315,392 | ---- | M] () MD5=62D0F13290C425B8C2389CB0D8E00AC6 -- C:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Interop.dll
  832. [2010.11.21 05:24:42 | 000,147,968 | ---- | M] () MD5=9453A71711D51C31DD607EC19CA604B0 -- C:\Windows\assembly\GAC_64\Microsoft.MediaCenter.iTV.Media\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.iTV.Media.dll
  833. [2010.11.21 05:24:42 | 000,056,320 | ---- | M] () MD5=6B365422C9E1417C9C99FD1234C42F48 -- C:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Mheg\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Mheg.dll
  834. [2010.11.21 05:24:42 | 000,114,688 | ---- | M] () MD5=2920CBCE0700F34AC9E27423CBD87798 -- C:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Playback\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Playback.dll
  835. [2010.11.21 05:24:42 | 000,327,168 | ---- | M] () MD5=2288CBDEBF5D78E0CB9158D251DE4016 -- C:\Windows\assembly\GAC_64\Microsoft.MediaCenter.TV.Tuners.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.TV.Tuners.Interop.dll
  836. [2009.07.14 03:48:19 | 000,008,192 | ---- | M] () MD5=0B61293239545BDB5CF2EF7208F225DA -- C:\Windows\assembly\GAC_64\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.dll
  837. [2010.11.21 05:24:53 | 000,163,840 | ---- | M] () MD5=DAC8353CA6D1919C7FF87C00672FBF2E -- C:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
  838. [2009.07.14 03:49:27 | 000,008,192 | ---- | M] () MD5=6790FBD2C832CBB26A694E1046F7F2BA -- C:\Windows\assembly\GAC_64\Microsoft.Windows.Diagnosis.SDEngine\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDEngine.dll
  839. [2010.11.21 05:24:49 | 000,019,968 | ---- | M] () MD5=DBE659C5CE6689D009D9414CB27FD110 -- C:\Windows\assembly\GAC_64\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop\6.1.0.0__31bf3856ad364e35\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.dll
  840. [2010.11.21 05:24:59 | 000,083,792 | ---- | M] () MD5=15885A86E87CC4291EF628E4F8A9BD6D -- C:\Windows\assembly\GAC_64\MSBuild\3.5.0.0__b03f5f7f11d50a3a\MSBuild.exe
  841. [2009.06.10 22:31:02 | 000,001,581 | ---- | M] () MD5=1EA3E30080C0E256C2EF0C621E91C345 -- C:\Windows\assembly\GAC_64\MSBuild\3.5.0.0__b03f5f7f11d50a3a\msbuild.exe.config
  842. [2009.06.10 22:39:44 | 000,066,728 | ---- | M] () MD5=C01B81BB10AD14DBC5C4ECD350638096 -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\big5.nlp
  843. [2009.06.10 22:39:44 | 000,082,172 | ---- | M] () MD5=EE1F60F8774D74BED8B13498F3FE737A -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\bopomofo.nlp
  844. [2009.06.10 22:39:54 | 000,116,756 | ---- | M] () MD5=F6DFDA5A31162D848634504565F6D321 -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\ksc.nlp
  845. [2010.11.21 05:24:07 | 004,567,040 | ---- | M] () MD5=D46B3027FDE4729E484364A8B10C69A5 -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
  846. [2009.06.10 22:40:01 | 000,059,342 | ---- | M] () MD5=DA5748A89E22A3932387E65694B25BBB -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\normidna.nlp
  847. [2009.06.10 22:40:01 | 000,045,794 | ---- | M] () MD5=3831A5E217D6FA828CCE1011DA26E677 -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\normnfc.nlp
  848. [2009.06.10 22:40:01 | 000,039,284 | ---- | M] () MD5=DBDE664E0BA4BACD0A6A04AE2232B205 -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\normnfd.nlp
  849. [2009.06.10 22:40:01 | 000,066,384 | ---- | M] () MD5=C9B88B759FE81D59CE8EBF5A0A8EB75A -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\normnfkc.nlp
  850. [2009.06.10 22:40:01 | 000,060,294 | ---- | M] () MD5=3CAB6AB66759FCDF73B61EE262C9ACF4 -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\normnfkd.nlp
  851. [2009.06.10 22:40:01 | 000,083,748 | ---- | M] () MD5=54144F43EDF5AA8F504A30E7C1D1A7B5 -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\prc.nlp
  852. [2009.06.10 22:40:01 | 000,083,748 | ---- | M] () MD5=901863C68E6523336CAC602FE9320ABC -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\prcp.nlp
  853. [2009.06.10 22:40:02 | 000,262,148 | ---- | M] () MD5=FB59D247F7143C3B9683A547E808A88B -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp
  854. [2009.06.10 22:40:02 | 000,020,320 | ---- | M] () MD5=FF13BA175F0013D2311827E0D438C60B -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp
  855. [2009.06.10 22:40:10 | 000,028,288 | ---- | M] () MD5=09E420F90A329BDA68477FA4AF43CB28 -- C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\xjis.nlp
  856. [2010.11.21 05:24:16 | 000,050,176 | ---- | M] () MD5=E0773633E4193B183FB396192581BD86 -- C:\Windows\assembly\GAC_64\napcrypt\6.1.0.0__31bf3856ad364e35\NAPCRYPT.DLL
  857. [2010.11.21 05:24:24 | 000,133,632 | ---- | M] () MD5=A302DA1404664CEF1D416ED4DE49EA2B -- C:\Windows\assembly\GAC_64\naphlpr\6.1.0.0__31bf3856ad364e35\NAPHLPR.DLL
  858. [2009.06.10 22:51:13 | 000,000,494 | ---- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 -- C:\Windows\assembly\GAC_64\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.config
  859. [2009.07.14 03:52:10 | 000,005,120 | ---- | M] () MD5=C3554C9F9650380CD6A292CD5E7F02C6 -- C:\Windows\assembly\GAC_64\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.0.Microsoft.Interop.Security.AzRoles.dll
  860. [2009.06.10 22:51:13 | 000,000,494 | ---- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 -- C:\Windows\assembly\GAC_64\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.config
  861. [2009.07.14 03:50:32 | 000,005,120 | ---- | M] () MD5=265830B968EC5512E923C5482A5F5EEB -- C:\Windows\assembly\GAC_64\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.dll
  862. [2009.07.13 23:54:48 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\Windows\assembly\GAC_64\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.config
  863. [2009.07.14 03:50:49 | 000,005,120 | ---- | M] () MD5=6162FCE93CE4C29318C179E457CFE656 -- C:\Windows\assembly\GAC_64\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.dll
  864. [2010.11.21 05:24:53 | 003,997,696 | ---- | M] () MD5=B3B14A927ECE4440D58052E0B5679B8C -- C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
  865. [2009.06.10 22:30:59 | 000,000,161 | ---- | M] () MD5=C0856EC51C8C75B8FDF02C1BBCFE7B93 -- C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe.config
  866. [2010.11.21 05:24:53 | 002,255,192 | ---- | M] () MD5=04A7A2D3B9AC06609AA93834785F0C92 -- C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
  867. [2010.11.21 05:24:09 | 000,502,272 | ---- | M] () MD5=2D8090F04B14059E23FE68F9FF3E318C -- C:\Windows\assembly\GAC_64\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
  868. [2010.11.21 05:24:02 | 003,095,552 | ---- | M] () MD5=98D53BB2DB8E11762D30C3CF41FA140B -- C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
  869. [2010.11.21 05:24:01 | 000,245,760 | ---- | M] () MD5=B395F8BE6E578FAB80A1D568911857D7 -- C:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
  870. [2010.11.21 05:24:01 | 000,133,120 | ---- | M] () MD5=D9C192B9CD25DC5C9C05DF98C945E3F1 -- C:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
  871. [2010.11.21 05:24:53 | 000,358,912 | ---- | M] () MD5=183FCB53541A77FCCF22CAAC19DD2BA0 -- C:\Windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
  872. [2009.06.10 22:40:06 | 000,283,136 | ---- | M] () MD5=E4806AC8BE2D890193252D4BEE7EA95C -- C:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
  873. [2010.11.21 05:24:23 | 005,259,264 | ---- | M] () MD5=508E39B48592FD3BDE914054DDE31CCF -- C:\Windows\assembly\GAC_64\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
  874.  
  875. [color=#A23BEC]< >[/color]
  876.  
  877. [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
  878.  
  879. [color=#A23BEC]< >[/color]
  880.  
  881. [color=#A23BEC]< c:\windows\installer\@ /s >[/color]
  882.  
  883. [color=#A23BEC]< >[/color]
  884.  
  885. [color=#A23BEC]< c:\windows\installer\*.@ /s >[/color]
  886.  
  887. [color=#A23BEC]< >[/color]
  888.  
  889. [color=#A23BEC]< %systemdrive%\$Recycle.Bin|@;true;true;true >[/color]
  890.  
  891. [color=#A23BEC]< >[/color]
  892.  
  893. [color=#A23BEC]< >[/color]
  894.  
  895. [color=#A23BEC]< >[/color]
  896.  
  897. [color=#A23BEC]< >[/color]
  898.  
  899. [color=#A23BEC]< >[/color]
  900.  
  901. [color=#A23BEC]< type c:\diskreport.txt /c >[/color]
  902. Microsoft DiskPart version 6.1.7601
  903. Copyright (C) 1999-2008 Microsoft Corporation.
  904. On computer: DINO-PC
  905. Volume ### Ltr Label Fs Type Size Status Info
  906. ---------- --- ----------- ----- ---------- ------- --------- --------
  907. Volume 0 H DVD-ROM 0 B No Media
  908. Volume 1 System Rese NTFS Partition 100 MB Healthy System
  909. Volume 2 C NTFS Partition 100 GB Healthy Boot
  910. Volume 3 D Igre NTFS Partition 120 GB Healthy
  911. Volume 4 E Programi NTFS Partition 50 GB Healthy
  912. Volume 5 F Video Mater NTFS Partition 194 GB Healthy
  913. Volume 6 G Torrenti NTFS Partition 149 GB Healthy
  914.  
  915. [color=#A23BEC]< >[/color]
  916.  
  917. [color=#A23BEC]< >[/color]
  918.  
  919. [color=#A23BEC]< >[/color]
  920.  
  921. [color=#A23BEC]< >[/color]
  922.  
  923. [color=#A23BEC]< >[/color]
  924.  
  925. [color=#E56717]========== Alternate Data Streams ==========[/color]
  926.  
  927. @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86
  928.  
  929. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!