OTL Extras logfile created on: 1/23/2017 12:44:58 PM - Run 1OTL by OldTimer -

1. OTL Extras logfile created on: 1/23/2017 12:44:58 PM - Run 1
2. OTL by OldTimer - Version 3.2.69.0 Folder = D:\
3. 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
4. Internet Explorer (Version = 8.0.7601.17514)
5. Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
6.  
7. 3.87 Gb Total Physical Memory | 1.28 Gb Available Physical Memory | 33.07% Memory free
8. 7.75 Gb Paging File | 5.04 Gb Available in Paging File | 65.05% Paging File free
9. Paging file location(s): ?:\pagefile.sys [binary data]
10.  
11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
12. Drive C: | 195.21 Gb Total Space | 164.70 Gb Free Space | 84.37% Space Free | Partition Type: NTFS
13. Drive D: | 292.97 Gb Total Space | 273.30 Gb Free Space | 93.29% Space Free | Partition Type: NTFS
14. Drive E: | 292.97 Gb Total Space | 292.87 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
15. Drive G: | 150.26 Gb Total Space | 144.04 Gb Free Space | 95.86% Space Free | Partition Type: NTFS
16.  
17. Computer Name: GUNADI-PC | User Name: gunadi | Logged in as Administrator.
18. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
19. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
20.  
21. [color=#E56717]========== Extra Registry (SafeList) ==========[/color]
22.  
23.  
24. [color=#E56717]========== File Associations ==========[/color]
25.  
26. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
27. .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
28.  
29. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
30. .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
31.  
32. [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
33. .html [@ = ChromeHTML] -- Reg Error: Key error. File not found
34.  
35. [color=#E56717]========== Shell Spawning ==========[/color]
36.  
37. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
38. batfile [open] -- "%1" %*
39. cmdfile [open] -- "%1" %*
40. comfile [open] -- "%1" %*
41. exefile [open] -- "%1" %*
42. helpfile [open] -- Reg Error: Key error.
43. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
44. InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
45. InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
46. piffile [open] -- "%1" %*
47. regfile [merge] -- Reg Error: Key error.
48. scrfile [config] -- "%1"
49. scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
50. scrfile [open] -- "%1" /S
51. txtfile [edit] -- Reg Error: Key error.
52. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
53. Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
54. Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
55. Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
56. Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
57. Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
58. Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
59. Folder [explore] -- Reg Error: Value error.
60. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
61.  
62. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
63. batfile [open] -- "%1" %*
64. cmdfile [open] -- "%1" %*
65. comfile [open] -- "%1" %*
66. cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
67. exefile [open] -- "%1" %*
68. helpfile [open] -- Reg Error: Key error.
69. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
70. piffile [open] -- "%1" %*
71. regfile [merge] -- Reg Error: Key error.
72. scrfile [config] -- "%1"
73. scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
74. scrfile [open] -- "%1" /S
75. txtfile [edit] -- Reg Error: Key error.
76. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
77. Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
78. Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
79. Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
80. Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
81. Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
82. Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
83. Folder [explore] -- Reg Error: Value error.
84. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
85.  
86. [color=#E56717]========== Security Center Settings ==========[/color]
87.  
88. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
89. "cval" = 1
90.  
91. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
92.  
93. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
94. "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
95. "AntiVirusOverride" = 0
96. "AntiSpywareOverride" = 0
97. "FirewallOverride" = 0
98.  
99. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
100.  
101. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
102.  
103. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
104.  
105. [color=#E56717]========== Firewall Settings ==========[/color]
106.  
107. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
108. "EnableFirewall" = 1
109. "DisableNotifications" = 0
110.  
111. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
112. "EnableFirewall" = 1
113. "DisableNotifications" = 0
114.  
115. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
116. "EnableFirewall" = 1
117. "DisableNotifications" = 0
118.  
119. [color=#E56717]========== Authorized Applications List ==========[/color]
120.  
121.  
122. [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
123.  
124. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
125. "{003E0F6F-AD52-490D-BFD2-5E106A062F3D}" = lport=137 | protocol=17 | dir=in | app=system |
126. "{131C828D-4ED3-4AEB-842E-5E2F60B705A1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
127. "{1B032173-C327-4E40-BAA6-899B0483C6A4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
128. "{21134D77-7B80-41A0-8235-1108A4CC9D76}" = lport=139 | protocol=6 | dir=in | app=system |
129. "{22E4B9B2-B436-48B1-84FB-1AE8A4E38CAE}" = rport=137 | protocol=17 | dir=out | app=system |
130. "{429D5E5B-C679-4DB4-B80A-9DDF2B83CD68}" = rport=139 | protocol=6 | dir=out | app=system |
131. "{52C64C94-FCE0-48EB-B611-73E707F81BEE}" = lport=138 | protocol=17 | dir=in | app=system |
132. "{720D3A76-0CDF-4741-BDDB-03BCE7B4F0DC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
133. "{972C3FF3-8FD1-4032-8080-ACD1CB951BC2}" = rport=138 | protocol=17 | dir=out | app=system |
134. "{AB16A163-A502-4432-97E4-9BAD884DF2E6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
135. "{B2B48118-4E49-438A-9A27-370FB7ED4F06}" = lport=445 | protocol=6 | dir=in | app=system |
136. "{BBB5F5F1-D68F-459D-AB60-6CE7E8DFF7B9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
137. "{D67F1132-60C7-41AA-8D2F-9FDFF00AF3C7}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
138. "{DE079644-D731-4CE2-9459-FA7963E8A3B0}" = lport=1688 | protocol=6 | dir=in | app=c:\windows\kms-r@1n.exe |
139. "{F0A08C7E-0283-424A-8582-E35B727E97A0}" = rport=445 | protocol=6 | dir=out | app=system |
140. "{F2EA3381-BA94-47E0-BFD0-840D20E601D5}" = lport=1688 | protocol=6 | dir=out | app=c:\windows\kms-r@1n.exe |
141.  
142. [color=#E56717]========== Vista Active Application Exception List ==========[/color]
143.  
144. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
145. "{334BFA3E-F054-467B-B9D2-EBC644F3CA14}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
146. "{3E2460F9-168A-4769-AFB6-496E6B9EE98C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
147. "{4B225CCE-C2F6-415B-B54B-F0491EE1A055}" = dir=in | app=c:\program files (x86)\firefox\firefox.exe |
148. "{4F4A7B4F-C7E3-45A0-9679-B649E10D54E3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
149. "{6646940B-2999-43C0-AEDC-BF43973EC873}" = dir=in | app=c:\program files (x86)\applefat\application\chrome.exe |
150. "{7FAD5BC3-EE8B-4B43-80A9-054128A0D3B6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
151. "{B3A845F7-193B-46C0-9B4E-88A3BA271B2A}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
152. "{B990B6EF-16EF-4FDA-AB82-539A68565FA4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
153. "{BBC7DE54-1750-4AE2-A1BA-05D373E7CEDA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
154. "{C8523A72-A777-4278-90B8-446D4FA015F9}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
155. "{D9C4C8CB-34E9-4FFD-90F5-AF3E34A092C4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
156. "{E31D8B46-24D2-43A8-B08D-4BFB34E7F057}" = dir=in | app=c:\program files (x86)\firefox\bin\firefoxupdate.exe |
157. "{F72FB879-F297-4B88-82E6-7A73FACD9028}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
158. "TCP Query User{57C5024B-9696-42D0-A5F5-DE3DB001C68D}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
159. "TCP Query User{5B7F6A68-9C90-4A3F-AC93-BB98FB5FE68B}C:\program files (x86)\amulec2\amule.exe" = protocol=6 | dir=in | app=c:\program files (x86)\amulec2\amule.exe |
160. "UDP Query User{1FB20A16-8B77-45B7-9CA2-F9F3E17059FB}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
161. "UDP Query User{9FEC9F86-16FB-4DA6-AE6D-F491BE840AB4}C:\program files (x86)\amulec2\amule.exe" = protocol=17 | dir=in | app=c:\program files (x86)\amulec2\amule.exe |
162.  
163. [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
164.  
165. 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
166. "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
167. "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
168. "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
169. "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
170. "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
171. "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
172. "{9EA981E5-EE67-4662-86F1-58937D31FE07}" = Nitro Reader 3
173. "{B5E06417-A4AC-4225-B36E-7E34C91616E7}" = Intel® Trusted Connect Service Client
174. "CPUID CPU-Z_is1" = CPUID CPU-Z 1.78
175. "EPSON L120 Series" = EPSON L120 Series Printer Uninstall
176. "PerformanceTest 7_is1" = PerformanceTest v7.0 (64-bit)
177.  
178. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
179. "{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
180. "{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
181. "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
182. "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
183. "{8B9FA5FF-3E61-4658-B0DA-E6DDB46D6BAD}_is1" = SMADAV version 11.1
184. "{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1" = Zemana AntiMalware
185. "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
186. "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
187. "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
188. "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
189. "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
190. "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
191. "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
192. "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
193. "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
194. "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
195. "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
196. "{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
197. "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
198. "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
199. "{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
200. "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
201. "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
202. "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
203. "{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
204. "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
205. "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
206. "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
207. "AVG Secure Search" = AVG Security Toolbar
208. "BlueStacks" = BlueStacks App Player
209. "GOM Player" = GOM Player
210. "Google Chrome" = Google Chrome
211. "Hard Disk Sentinel_is1" = Hard Disk Sentinel PRO
212. "iSafe" = YAC(Yet Another Cleaner!)
213. "KLiteCodecPack_is1" = K-Lite Codec Pack 6.9.0 (Basic)
214. "Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
215. "Mozilla Firefox 43.0.1 (x86 en-US)" = Mozilla Firefox 43.0.1 (x86 en-US)
216. "MozillaMaintenanceService" = Mozilla Maintenance Service
217. "Office14.PROPLUS" = Microsoft Office Professional Plus 2010
218. "PowerISO" = PowerISO
219. "Winamp" = Winamp
220. "WinRAR archiver" = WinRAR archiver
221.  
222. [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
223.  
224. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
225. "Winamp Detect" = Winamp Detector Plug-in
226.  
227. [color=#E56717]========== Last 20 Event Log Errors ==========[/color]
228.  
229. [ Application Events ]
230. Error - 1/22/2017 9:13:00 PM | Computer Name = gunadi-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1500
231. Description = Windows cannot log you on because your profile cannot be loaded. Check
232. that you are connected to the network, and that your network is functioning correctly.
233. DETAIL - The system cannot find the file specified.
234.  
235. Error - 1/22/2017 9:13:08 PM | Computer Name = gunadi-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1500
236. Description = Windows cannot log you on because your profile cannot be loaded. Check
237. that you are connected to the network, and that your network is functioning correctly.
238. DETAIL - The system cannot find the file specified.
239.  
240. Error - 1/22/2017 9:13:17 PM | Computer Name = gunadi-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1500
241. Description = Windows cannot log you on because your profile cannot be loaded. Check
242. that you are connected to the network, and that your network is functioning correctly.
243. DETAIL - The system cannot find the file specified.
244.  
245. Error - 1/22/2017 9:13:45 PM | Computer Name = gunadi-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1500
246. Description = Windows cannot log you on because your profile cannot be loaded. Check
247. that you are connected to the network, and that your network is functioning correctly.
248. DETAIL - The system cannot find the file specified.
249.  
250. Error - 1/22/2017 9:13:56 PM | Computer Name = gunadi-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1500
251. Description = Windows cannot log you on because your profile cannot be loaded. Check
252. that you are connected to the network, and that your network is functioning correctly.
253. DETAIL - The system cannot find the file specified.
254.  
255. Error - 1/22/2017 9:14:28 PM | Computer Name = gunadi-PC | Source = WinMgmt | ID = 10
256. Description =
257.  
258. Error - 1/22/2017 9:14:45 PM | Computer Name = gunadi-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1500
259. Description = Windows cannot log you on because your profile cannot be loaded. Check
260. that you are connected to the network, and that your network is functioning correctly.
261. DETAIL - The system cannot find the file specified.
262.  
263. Error - 1/22/2017 9:16:03 PM | Computer Name = gunadi-PC | Source = WinMgmt | ID = 10
264. Description =
265.  
266. Error - 1/22/2017 9:39:15 PM | Computer Name = gunadi-PC | Source = Customer Experience Improvement Program | ID = 1008
267. Description =
268.  
269. Error - 1/22/2017 9:49:09 PM | Computer Name = gunadi-PC | Source = WinMgmt | ID = 10
270. Description =
271.  
272. [ System Events ]
273. Error - 1/22/2017 9:45:52 PM | Computer Name = gunadi-PC | Source = Service Control Manager | ID = 7034
274. Description = The YAC Service service terminated unexpectedly. It has done this
275. 1 time(s).
276.  
277. Error - 1/22/2017 9:47:18 PM | Computer Name = gunadi-PC | Source = EventLog | ID = 6008
278. Description = The previous system shutdown at 8:45:44 AM on ?1/?23/?2017 was unexpected.
279.  
280. Error - 1/22/2017 9:47:18 PM | Computer Name = gunadi-PC | Source = Service Control Manager | ID = 7000
281. Description = The YAC Service service failed to start due to the following error:
282. %%2
283.  
284. Error - 1/22/2017 9:47:25 PM | Computer Name = gunadi-PC | Source = Service Control Manager | ID = 7026
285. Description = The following boot-start or system-start driver(s) failed to load:
286. iSafeKrnlR3
287.  
288. Error - 1/22/2017 9:55:14 PM | Computer Name = gunadi-PC | Source = Service Control Manager | ID = 7034
289. Description = The iThemes5 service terminated unexpectedly. It has done this 1
290. time(s).
291.  
292. Error - 1/22/2017 9:55:14 PM | Computer Name = gunadi-PC | Source = Service Control Manager | ID = 7034
293. Description = The ed2k idle service service terminated unexpectedly. It has done
294. this 1 time(s).
295.  
296. Error - 1/22/2017 9:55:15 PM | Computer Name = gunadi-PC | Source = Service Control Manager | ID = 7034
297. Description = The Office Software Protection Platform service terminated unexpectedly.
298. It has done this 1 time(s).
299.  
300. Error - 1/22/2017 9:55:15 PM | Computer Name = gunadi-PC | Source = Service Control Manager | ID = 7031
301. Description = The Update Service(FirefoxU) service terminated unexpectedly. It
302. has done this 1 time(s). The following corrective action will be taken in 300000
303. milliseconds: Restart the service.
304.  
305. Error - 1/22/2017 9:55:15 PM | Computer Name = gunadi-PC | Source = Service Control Manager | ID = 7034
306. Description = The KMS-R@1n service terminated unexpectedly. It has done this 1
307. time(s).
308.  
309. Error - 1/22/2017 10:00:15 PM | Computer Name = gunadi-PC | Source = Service Control Manager | ID = 7000
310. Description = The Update Service(FirefoxU) service failed to start due to the following
311. error: %%3
312.  
313.  
314. < End of report >
315. OTL logfile created on: 1/23/2017 12:44:58 PM - Run 1
316. OTL by OldTimer - Version 3.2.69.0 Folder = D:\
317. 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
318. Internet Explorer (Version = 8.0.7601.17514)
319. Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
320.  
321. 3.87 Gb Total Physical Memory | 1.28 Gb Available Physical Memory | 33.07% Memory free
322. 7.75 Gb Paging File | 5.04 Gb Available in Paging File | 65.05% Paging File free
323. Paging file location(s): ?:\pagefile.sys [binary data]
324.  
325. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
326. Drive C: | 195.21 Gb Total Space | 164.70 Gb Free Space | 84.37% Space Free | Partition Type: NTFS
327. Drive D: | 292.97 Gb Total Space | 273.30 Gb Free Space | 93.29% Space Free | Partition Type: NTFS
328. Drive E: | 292.97 Gb Total Space | 292.87 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
329. Drive G: | 150.26 Gb Total Space | 144.04 Gb Free Space | 95.86% Space Free | Partition Type: NTFS
330.  
331. Computer Name: GUNADI-PC | User Name: gunadi | Logged in as Administrator.
332. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
333. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
334.  
335. [color=#E56717]========== Processes (SafeList) ==========[/color]
336.  
337. PRC - D:\OTL.exe (OldTimer Tools)
338. PRC - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Zemana Ltd.)
339. PRC - C:\Program Files (x86)\Explorer\iedvutils.exe ()
340. PRC - C:\Program Files (x86)\SMADAV\SMΔRTP.exe (Smadsoft)
341. PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
342. PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.5.0\ToolbarUpdater.exe (AVG Secure Search)
343. PRC - C:\Program Files (x86)\SMADAV\SmadavProtect32.exe (Smadav Software)
344. PRC - C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Google Inc.)
345. PRC - C:\Program Files (x86)\Bluestacks\HD-Agent.exe (BlueStack Systems, Inc.)
346. PRC - C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
347. PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
348. PRC - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe ()
349. PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
350. PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
351. PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
352. PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
353. PRC - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
354. PRC - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
355.  
356.  
357. [color=#E56717]========== Modules (No Company Name) ==========[/color]
358.  
359. MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a2eb039301af47660eebc7566ce02b9c\PresentationFramework.ni.dll ()
360. MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b9fe579783a35b57dd7e69375f35e239\PresentationCore.ni.dll ()
361. MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\ef90aeb894485d14b249d102309b6df3\WindowsBase.ni.dll ()
362. MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\1cf870daa92622a1f98b0b5c818a3381\System.Web.ni.dll ()
363. MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\ae01d58bd1cb283ec7b603919e2a8fb3\PresentationFramework.Aero.ni.dll ()
364. MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\05ca0ca95b6fcc0d710b63b6200cc178\System.Windows.Forms.ni.dll ()
365. MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d91f3556f8011a5d48e1448e3fa8df9e\System.Xml.ni.dll ()
366. MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\4e69f1e7d86d79012db2d7e0dadc8880\System.Core.ni.dll ()
367. MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\c4477b3ce64d0d612d1ab0dba425b77f\System.Drawing.ni.dll ()
368. MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\639f444db9491d25b5d158531e1f7d9b\System.Xaml.ni.dll ()
369. MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\13f5eb7285c90c219d2be24eebb55cd9\System.Management.ni.dll ()
370. MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\1f56d5786274992934de0c900431c447\System.Configuration.ni.dll ()
371. MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\79f6324a598a7c4446a4a1168be7c4b1\System.ni.dll ()
372. MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\045c9588954c3662d542b53f4462268b\mscorlib.ni.dll ()
373. MOD - C:\Program Files (x86)\Smadav\SM?RTP.exe ()
374. MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
375. MOD - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll ()
376. MOD - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll ()
377. MOD - C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
378. MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
379.  
380.  
381. [color=#E56717]========== Services (SafeList) ==========[/color]
382.  
383. SRV:[b]64bit:[/b] - (Intel(R) -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation)
384. SRV:[b]64bit:[/b] - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
385. SRV:[b]64bit:[/b] - (NitroReaderDriverReadSpool3) -- C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe (Nitro PDF Software)
386. SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
387. SRV:[b]64bit:[/b] - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
388. SRV:[b]64bit:[/b] - (PowerISOReferenceAssemblies) -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
389. SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
390. SRV - (ZAMSvc) -- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Zemana Ltd.)
391. SRV - (MSLN) -- C:\ProgramData\Microsoft\IdentityCRL\ppcrlconf.dll ()
392. SRV - (iedvutils) -- C:\Program Files (x86)\Explorer\iedvutils.exe ()
393. SRV - (vToolbarUpdater19.5.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.5.0\ToolbarUpdater.exe (AVG Secure Search)
394. SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
395. SRV - (BstHdLogRotatorSvc) -- C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
396. SRV - (BstHdAndroidSvc) -- C:\Program Files (x86)\Bluestacks\HD-Service.exe (BlueStack Systems, Inc.)
397. SRV - (BstHdPlusAndroidSvc) -- C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe (BlueStack Systems, Inc.)
398. SRV - (asComSvc) -- C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe ()
399. SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
400. SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
401. SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
402. SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
403.  
404.  
405. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
406.  
407. DRV:[b]64bit:[/b] - (ZAM_Guard) -- C:\Windows\SysNative\drivers\zamguard64.sys (Zemana Ltd.)
408. DRV:[b]64bit:[/b] - (ZAM_EarlyBoot) -- C:\Windows\SysNative\drivers\zam64.sys (Zemana Ltd.)
409. DRV:[b]64bit:[/b] - (ZAM) -- C:\Windows\SysNative\drivers\zam64.sys (Zemana Ltd.)
410. DRV:[b]64bit:[/b] - (RTTEAMPT) -- C:\Windows\SysNative\drivers\RtTeam620.sys (Realtek Corporation)
411. DRV:[b]64bit:[/b] - (RtNdPt60) -- C:\Windows\SysNative\drivers\RtNdPt60.sys (Realtek )
412. DRV:[b]64bit:[/b] - (RTVLANPT) -- C:\Windows\SysNative\drivers\RtVlan620.sys (Realtek Corporation)
413. DRV:[b]64bit:[/b] - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
414. DRV:[b]64bit:[/b] - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
415. DRV:[b]64bit:[/b] - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
416. DRV:[b]64bit:[/b] - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
417. DRV:[b]64bit:[/b] - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
418. DRV:[b]64bit:[/b] - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
419. DRV:[b]64bit:[/b] - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek )
420. DRV:[b]64bit:[/b] - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (Power Software Ltd)
421. DRV:[b]64bit:[/b] - (TEAM) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation)
422. DRV:[b]64bit:[/b] - (tpg64win7) -- C:\Windows\SysNative\drivers\tpg64win7.sys (TP-LINK TECHNOLOGIES CO., LTD)
423. DRV:[b]64bit:[/b] - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
424. DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
425. DRV:[b]64bit:[/b] - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
426. DRV:[b]64bit:[/b] - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
427. DRV:[b]64bit:[/b] - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
428. DRV:[b]64bit:[/b] - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
429. DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
430. DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
431. DRV:[b]64bit:[/b] - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
432. DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
433. DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
434. DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
435. DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
436. DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
437. DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
438. DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
439. DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
440. DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
441. DRV - (BstHdDrv) -- C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys (BlueStack Systems)
442. DRV - (BstkDrv) -- C:\Program Files (x86)\Bluestacks\BstkDrv.sys (Bluestack System Inc. )
443. DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
444.  
445.  
446. [color=#E56717]========== Standard Registry (All) ==========[/color]
447.  
448.  
449. [color=#E56717]========== Internet Explorer ==========[/color]
450.  
451. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
452. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
453. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
454. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
455. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
456. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
457. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
458. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
459. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope =
460. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
461. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.amisites.com/?type=hp&ts=1484265018&z=290a08558abf030c79d71edg1z9bbz3ofq0w8edg5m&from=che0812&uid=WDCXWD10EZEX-00WN4A0_WD-WCC6Y0RSKVTHSKVTH
462. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.amisites.com/search/?type=ds&ts=1484265018&z=290a08558abf030c79d71edg1z9bbz3ofq0w8edg5m&from=che0812&uid=WDCXWD10EZEX-00WN4A0_WD-WCC6Y0RSKVTHSKVTH&q={searchTerms}
463. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
464. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
465. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
466. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.amisites.com/search/?type=ds&ts=1484265018&z=290a08558abf030c79d71edg1z9bbz3ofq0w8edg5m&from=che0812&uid=WDCXWD10EZEX-00WN4A0_WD-WCC6Y0RSKVTHSKVTH&q={searchTerms}
467. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
468. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.amisites.com/?type=hp&ts=1484265018&z=290a08558abf030c79d71edg1z9bbz3ofq0w8edg5m&from=che0812&uid=WDCXWD10EZEX-00WN4A0_WD-WCC6Y0RSKVTHSKVTH
469. IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
470. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
471. IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.amisites.com/search/?type=ds&ts=1484265018&z=290a08558abf030c79d71edg1z9bbz3ofq0w8edg5m&from=che0812&uid=WDCXWD10EZEX-00WN4A0_WD-WCC6Y0RSKVTHSKVTH&q={searchTerms}
472.  
473. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
474. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
475. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
476. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
477. IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
478. IE - HKCU\..\SearchScopes,DefaultScope =
479. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
480. IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={E280C532-5732-4475-9616-F6205526F18A}&mid=e078338ac04c47cfafa802edbd1556ca-1202a8ed2f2104b8661330ab5fd628bb4fcb069f&lang=en&ds=st011&coid=&cmpid=&pr=sa&d=2016-12-29 18:14:39&v=19.6.0.592&pid=avg&sg=&sap=dsp&q={searchTerms}
481. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
482.  
483. [color=#E56717]========== FireFox ==========[/color]
484.  
485. FF - prefs.js..browser.search.countryCode: "ID"
486. FF - prefs.js..browser.search.order.1: "luck"
487. FF - prefs.js..browser.search.region: "ID"
488. FF - prefs.js..browser.search.useDBForOrder: true
489. FF - prefs.js..browser.startup.homepage: "about:home"
490. FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:13.2.4
491. FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:43.0.1
492. FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.6
493. FF - user.js - File not found
494.  
495. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
496. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
497. FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\19.5.0\\npsitesafety.dll File not found
498. FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
499. FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
500. FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
501. FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
502. FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
503. FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
504. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
505. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
506.  
507. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.3
508. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 43.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
509. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 43.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
510. FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 43.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
511. FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 43.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
512.  
513. [2016/12/30 09:21:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gunadi\AppData\Roaming\Mozilla\Extensions
514. [2016/12/30 09:21:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gunadi\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
515. [2017/01/10 14:26:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gunadi\AppData\Roaming\Mozilla\Firefox\Profiles\46rpzh0y.default\extensions
516. [2017/01/10 14:22:56 | 000,000,000 | ---D | M] ("Flash Video Downloader - YouTube HD Download [4K]") -- C:\Users\gunadi\AppData\Roaming\Mozilla\Firefox\Profiles\46rpzh0y.default\extensions\artur.dubovoy@gmail.com
517. [2017/01/10 14:11:11 | 000,050,432 | ---- | M] () (No name found) -- C:\Users\gunadi\AppData\Roaming\Mozilla\Firefox\Profiles\46rpzh0y.default\extensions\cccc5f0d-b9d0-4314-88b5-7e27551f9e84@jetpack.xpi
518. [2017/01/10 14:26:22 | 000,208,039 | ---- | M] () (No name found) -- C:\Users\gunadi\AppData\Roaming\Mozilla\Firefox\Profiles\46rpzh0y.default\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi
519. [2017/01/10 14:22:56 | 000,021,080 | ---- | M] () (No name found) -- C:\Users\gunadi\AppData\Roaming\Mozilla\Firefox\Profiles\46rpzh0y.default\extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a5}.xpi
520. [2017/01/23 10:22:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
521. [2017/01/23 10:22:14 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
522.  
523. O1 HOSTS File: ([2009/06/11 04:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
524. O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
525. O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
526. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
527. O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\19.6.0.592\AVG Secure Search_toolbar.dll (AVG Secure Search)
528. O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
529. O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\19.6.0.592\AVG Secure Search_toolbar.dll (AVG Secure Search)
530. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
531. O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
532. O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
533. O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
534. O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
535. O4:[b]64bit:[/b] - HKLM..\Run: [ZAM] C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Zemana Ltd.)
536. O4 - HKLM..\Run: [BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
537. O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
538. O4 - HKLM..\Run: [ROC_roc_ssl_v12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe ()
539. O4 - HKLM..\Run: [SMΔRT-Protection] C:\Program Files (x86)\Smadav\SMΔRTP.exe (Smadsoft)
540. O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
541. O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
542. O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
543. O4 - HKCU..\Run: [BlueStacks Agent] C:\Program Files (x86)\Bluestacks\HD-Agent.exe (BlueStack Systems, Inc.)
544. O4:[b]64bit:[/b] - HKLM..\RunOnce: [Zemana AntiMalware] C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Zemana Ltd.)
545. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
546. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
547. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
548. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
549. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
550. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
551. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
552. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
553. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
554. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
555. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
556. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
557. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
558. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
559. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
560. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
561. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
562. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
563. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
564. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
565. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
566. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
567. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
568. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
569. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
570. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
571. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
572. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 1 = Mshta.exe (Microsoft Corporation)
573. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 2 = powershell.exe (Microsoft Corporation)
574. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 3 = bitsadmin.exe (Microsoft Corporation)
575. O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
576. O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
577. O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
578. O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
579. O9:[b]64bit:[/b] - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
580. O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
581. O9:[b]64bit:[/b] - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
582. O9:[b]64bit:[/b] - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
583. O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
584. O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
585. O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
586. O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
587. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
588. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
589. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
590. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
591. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
592. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
593. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
594. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
595. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
596. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
597. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
598. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
599. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
600. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
601. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
602. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
603. O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
604. O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
605. O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
606. O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
607. O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
608. O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
609. O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
610. O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
611. O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
612. O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
613. O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
614. O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
615. O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
616. O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
617. O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
618. O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
619. O13[b]64bit:[/b] - gopher Prefix: missing
620. O13 - gopher Prefix: missing
621. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7CA4753C-5461-4CD0-82E1-3B3DF95289B9}: NameServer = 8.8.8.8
622. O18:[b]64bit:[/b] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
623. O18:[b]64bit:[/b] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
624. O18:[b]64bit:[/b] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
625. O18:[b]64bit:[/b] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
626. O18:[b]64bit:[/b] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
627. O18:[b]64bit:[/b] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
628. O18:[b]64bit:[/b] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
629. O18:[b]64bit:[/b] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
630. O18:[b]64bit:[/b] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
631. O18:[b]64bit:[/b] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
632. O18:[b]64bit:[/b] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
633. O18:[b]64bit:[/b] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
634. O18:[b]64bit:[/b] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
635. O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
636. O18:[b]64bit:[/b] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
637. O18:[b]64bit:[/b] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
638. O18:[b]64bit:[/b] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
639. O18:[b]64bit:[/b] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
640. O18:[b]64bit:[/b] - Protocol\Handler\viprotocol - No CLSID value found
641. O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
642. O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
643. O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
644. O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
645. O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
646. O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
647. O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
648. O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
649. O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
650. O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
651. O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
652. O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
653. O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
654. O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
655. O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
656. O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
657. O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
658. O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
659. O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\19.5.0\ViProtocol.dll (AVG Secure Search)
660. O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
661. O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
662. O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
663. O18:[b]64bit:[/b] - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
664. O18:[b]64bit:[/b] - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
665. O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
666. O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
667. O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
668. O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
669. O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
670. O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
671. O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
672. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
673. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
674. O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
675. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
676. O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
677. O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
678. O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
679. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
680. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
681. O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
682. O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {F797446C-D3F2-11E6-AB72-64006A5CFC35} - C:\Users\gunadi\AppData\Roaming\Terlcultclhach\Hejuck.dll File not found
683. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
684. O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
685. O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
686. O30:[b]64bit:[/b] - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
687. O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
688. O30:[b]64bit:[/b] - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
689. O30:[b]64bit:[/b] - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
690. O30:[b]64bit:[/b] - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
691. O30:[b]64bit:[/b] - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
692. O30:[b]64bit:[/b] - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
693. O30:[b]64bit:[/b] - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
694. O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
695. O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
696. O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
697. O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
698. O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
699. O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
700. O31 - SafeBoot: AlternateShell - cmd.exe
701. O32 - HKLM CDRom: AutoRun - 1
702. O34 - HKLM BootExecute: (autocheck autochk *)
703. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
704. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
705. O35 - HKLM\..comfile [open] -- "%1" %*
706. O35 - HKLM\..exefile [open] -- "%1" %*
707. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
708. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
709. O37 - HKLM\...com [@ = comfile] -- "%1" %*
710. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
711. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
712. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
713. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
714.  
715. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
716.  
717. [2017/01/23 10:22:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
718. [2017/01/23 08:39:01 | 000,203,680 | ---- | C] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\zamguard64.sys
719. [2017/01/23 08:39:01 | 000,203,680 | ---- | C] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\zam64.sys
720. [2017/01/23 08:39:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
721. [2017/01/23 08:38:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zemana AntiMalware
722. [2017/01/23 08:38:54 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Local\Zemana
723. [2017/01/19 14:19:37 | 000,000,000 | -H-D | C] -- C:\$Windows.~WS
724. [2017/01/19 14:10:37 | 000,000,000 | ---D | C] -- C:\ESD
725. [2017/01/19 14:05:17 | 000,000,000 | ---D | C] -- C:\$WINDOWS.~BT
726. [2017/01/19 13:33:02 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicISO
727. [2017/01/19 13:33:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
728. [2017/01/19 13:33:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicISO
729. [2017/01/19 06:41:05 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Local\Applefat
730. [2017/01/19 06:41:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Applefat
731. [2017/01/19 06:27:35 | 000,052,392 | ---- | C] (Elex do Brasil Participações Ltda) -- C:\Windows\SysNative\drivers\iSafeNetFilter.sys
732. [2017/01/19 06:27:34 | 000,055,056 | ---- | C] (Elex do Brasil Participações Ltda) -- C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys
733. [2017/01/19 06:27:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\log
734. [2017/01/19 06:27:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elex-tech
735. [2017/01/19 06:17:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Explorer
736. [2017/01/18 13:03:00 | 000,000,000 | ---D | C] -- C:\Users\gunadi\Documents\PassMark
737. [2017/01/18 13:02:56 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Local\PassMark
738. [2017/01/18 13:02:51 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
739. [2017/01/18 13:02:51 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
740. [2017/01/18 13:02:51 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
741. [2017/01/18 13:02:51 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
742. [2017/01/18 13:02:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest (64-bit)
743. [2017/01/18 13:02:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Passmark
744. [2017/01/18 13:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\PerformanceTest
745. [2017/01/18 08:08:19 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\Macromedia
746. [2017/01/18 08:08:19 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Local\Macromedia
747. [2017/01/18 08:08:19 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\Adobe
748. [2017/01/18 07:25:23 | 000,000,000 | ---D | C] -- C:\Users\gunadi\Documents\aMule Downloads
749. [2017/01/18 07:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
750. [2017/01/18 07:23:47 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Local\Bluestacks
751. [2017/01/18 07:21:17 | 000,000,000 | ---D | C] -- C:\Windows\Migration
752. [2017/01/18 07:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Bluestacks
753. [2017/01/18 07:10:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bluestacks
754. [2017/01/16 12:44:39 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\Hard Disk Sentinel
755. [2017/01/16 12:44:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Sentinel
756. [2017/01/16 12:44:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hard Disk Sentinel
757. [2017/01/16 11:17:20 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Local\Firefox
758. [2017/01/16 11:17:17 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\Firefox
759. [2017/01/16 11:17:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Firefox
760. [2017/01/16 10:30:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus
761. [2017/01/13 15:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
762. [2017/01/13 15:00:58 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\Canneverbe Limited
763. [2017/01/13 15:00:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
764. [2017/01/13 07:11:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\58781B22_jumpeasy
765. [2017/01/12 09:26:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
766. [2017/01/11 11:46:59 | 000,000,000 | -HSD | C] -- C:\[Smad-Cage]
767. [2017/01/11 11:46:59 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\Smadav
768. [2017/01/11 11:46:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SMADAV
769. [2017/01/11 10:50:03 | 000,000,000 | ---D | C] -- C:\Program Files\f09er35s
770. [2017/01/11 08:12:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\3p03nvn0
771. [2017/01/11 06:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\3p03nvn0
772. [2017/01/10 14:12:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
773. [2017/01/10 14:12:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg
774. [2017/01/10 14:12:21 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
775. [2017/01/10 14:12:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Shawosataleent Cloud
776. [2017/01/10 14:12:07 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\Profiles
777. [2017/01/10 14:12:07 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Local\Presowardanahotion
778. [2017/01/10 14:12:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anomusyercit
779. [2017/01/09 14:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
780. [2017/01/09 14:19:47 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
781. [2017/01/09 14:19:41 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Local\Programs
782. [2017/01/09 14:17:33 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\Nitro
783. [2017/01/09 14:17:33 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\FileOpen
784. [2017/01/09 14:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\FileOpen
785. [2017/01/09 12:00:32 | 000,029,712 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalmon2.dll
786. [2017/01/09 12:00:32 | 000,017,936 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalui2.dll
787. [2017/01/09 12:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro
788. [2017/01/09 12:00:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro
789. [2017/01/09 12:00:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro
790. [2017/01/09 12:00:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro
791. [2017/01/09 12:00:03 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\Downloaded Installations
792. [2017/01/09 11:31:48 | 000,648,808 | ---- | C] (TP-LINK TECHNOLOGIES CO., LTD) -- C:\Windows\SysNative\drivers\tpg64win7.sys
793. [2017/01/09 11:31:48 | 000,074,344 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp.dll
794. [2017/01/09 11:00:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
795. [2017/01/09 11:00:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
796. [2017/01/09 11:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
797. [2017/01/09 10:57:11 | 000,760,032 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt630x64.sys
798. [2017/01/09 10:57:10 | 000,074,344 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
799. [2017/01/09 10:52:43 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
800. [2017/01/05 20:28:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
801. [2017/01/05 20:28:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
802. [2017/01/05 20:27:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
803. [2017/01/05 20:27:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
804. [2017/01/05 20:27:41 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
805. [2017/01/05 20:27:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
806. [2017/01/05 20:27:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
807. [2017/01/05 20:26:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
808. [2017/01/05 20:25:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
809. [2017/01/05 20:25:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
810. [2017/01/05 20:25:24 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Local\Microsoft Help
811. [2017/01/05 20:25:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
812. [2017/01/05 20:25:13 | 000,000,000 | RH-D | C] -- C:\MSOCache
813. [2017/01/05 02:48:45 | 000,058,000 | ---- | C] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtTeam60.sys
814. [2017/01/05 02:48:45 | 000,032,400 | ---- | C] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtVlan60.sys
815. [2016/12/31 03:09:47 | 000,000,000 | ---D | C] -- C:\Users\gunadi\Documents\GomPlayer
816. [2016/12/30 09:30:10 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Local\Google
817. [2016/12/30 09:30:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
818. [2016/12/30 09:29:10 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\WinRAR
819. [2016/12/30 09:28:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
820. [2016/12/30 09:28:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
821. [2016/12/30 09:24:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
822. [2016/12/30 09:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
823. [2016/12/30 09:23:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
824. [2016/12/30 09:23:54 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\GRETECH
825. [2016/12/30 09:23:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH
826. [2016/12/30 09:21:38 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
827. [2016/12/30 09:21:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
828. [2016/12/30 09:21:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
829. [2016/12/30 09:21:18 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\Mozilla
830. [2016/12/30 09:21:18 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Local\Mozilla
831. [2016/12/30 09:16:20 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\PowerISO
832. [2016/12/30 09:14:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
833. [2016/12/30 09:14:49 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Local\AVG Secure Search
834. [2016/12/30 09:14:44 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
835. [2016/12/30 09:14:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
836. [2016/12/30 09:14:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
837. [2016/12/30 09:14:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
838. [2016/12/30 09:14:26 | 000,126,944 | ---- | C] (Power Software Ltd) -- C:\Windows\SysNative\drivers\scdemu.sys
839. [2016/12/30 09:14:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerISO
840. [2016/12/30 08:47:08 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Local\Diagnostics
841. [2016/12/30 08:44:10 | 000,058,512 | ---- | C] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtTeam620.sys
842. [2016/12/30 08:44:10 | 000,032,544 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\RtNdPt60.sys
843. [2016/12/30 08:44:10 | 000,032,400 | ---- | C] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtVlan620.sys
844. [2016/12/30 08:44:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
845. [2016/12/30 06:19:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
846. [2016/12/30 06:19:50 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
847. [2016/12/30 06:19:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
848. [2016/12/30 06:19:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
849. [2016/12/30 06:19:48 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\Winamp
850. [2016/12/30 06:19:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
851. [2016/12/30 06:16:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
852. [2016/12/30 03:19:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
853. [2016/12/30 03:16:16 | 000,064,000 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.DLL
854. [2016/12/30 03:16:16 | 000,060,416 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.DLL
855. [2016/12/30 03:16:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
856. [2016/12/30 03:06:09 | 000,028,672 | ---- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysWow64\AsIO.dll
857. [2016/12/30 03:06:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
858. [2016/12/30 03:06:05 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
859. [2016/12/30 03:06:05 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
860. [2016/12/30 03:06:05 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
861. [2016/12/30 03:06:05 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
862. [2016/12/30 03:06:03 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
863. [2016/12/30 03:04:57 | 000,041,984 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\USB3Ver.dll
864. [2016/12/30 03:04:22 | 000,016,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
865. [2016/12/30 03:04:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
866. [2016/12/30 03:04:15 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
867. [2016/12/30 03:04:02 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
868. [2016/12/30 03:03:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
869. [2016/12/30 03:03:51 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
870. [2016/12/30 03:03:51 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
871. [2016/12/30 03:03:41 | 000,000,000 | ---D | C] -- C:\Intel
872. [2016/12/30 03:03:39 | 001,795,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01011.dll
873. [2016/12/30 03:03:39 | 000,099,288 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys
874. [2016/12/30 03:03:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
875. [2016/12/30 03:03:26 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\InstallShield
876. [2016/12/30 03:02:57 | 000,016,896 | ---- | C] (ASUS) -- C:\Windows\AsTaskSched.dll
877. [2016/12/30 03:02:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
878. [2016/12/30 03:02:45 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
879. [2016/12/30 03:02:36 | 002,080,120 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
880. [2016/12/30 03:02:36 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
881. [2016/12/30 03:02:36 | 000,836,544 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
882. [2016/12/30 03:02:36 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
883. [2016/12/30 03:02:36 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
884. [2016/12/30 03:02:36 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
885. [2016/12/30 03:02:36 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
886. [2016/12/30 03:02:36 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
887. [2016/12/30 03:02:36 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
888. [2016/12/30 03:02:35 | 001,561,744 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
889. [2016/12/30 03:02:35 | 000,772,224 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
890. [2016/12/30 03:02:35 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
891. [2016/12/30 03:02:35 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
892. [2016/12/30 03:02:35 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
893. [2016/12/30 03:02:35 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
894. [2016/12/30 03:02:34 | 002,743,440 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
895. [2016/12/30 03:02:34 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
896. [2016/12/30 03:02:33 | 003,673,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
897. [2016/12/30 03:02:33 | 000,881,808 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
898. [2016/12/30 03:02:33 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
899. [2016/12/30 03:02:33 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
900. [2016/12/30 03:02:33 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
901. [2016/12/30 03:02:33 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
902. [2016/12/30 03:02:33 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
903. [2016/12/30 03:02:33 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
904. [2016/12/30 03:02:32 | 001,269,904 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
905. [2016/12/30 03:02:32 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
906. [2016/12/30 03:02:32 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
907. [2016/12/30 03:02:31 | 010,619,904 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
908. [2016/12/30 03:02:31 | 000,118,928 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
909. [2016/12/30 03:02:29 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
910. [2016/12/30 03:02:29 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
911. [2016/12/30 03:02:29 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
912. [2016/12/30 03:02:29 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
913. [2016/12/30 03:02:29 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
914. [2016/12/30 03:02:28 | 000,394,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
915. [2016/12/30 03:02:27 | 009,546,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
916. [2016/12/30 03:02:27 | 001,460,600 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
917. [2016/12/30 03:02:26 | 002,028,920 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
918. [2016/12/30 03:02:26 | 000,869,752 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
919. [2016/12/30 03:02:26 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
920. [2016/12/30 03:02:26 | 000,394,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
921. [2016/12/30 03:02:26 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
922. [2016/12/30 03:02:21 | 002,714,720 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
923. [2016/12/30 03:02:21 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
924. [2016/12/30 03:02:21 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
925. [2016/12/30 03:02:21 | 000,501,192 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
926. [2016/12/30 03:02:21 | 000,487,368 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
927. [2016/12/30 03:02:21 | 000,415,688 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
928. [2016/12/30 03:02:20 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
929. [2016/12/30 03:02:20 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
930. [2016/12/30 03:02:20 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
931. [2016/12/30 03:02:20 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
932. [2016/12/30 03:02:20 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
933. [2016/12/30 03:02:20 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
934. [2016/12/30 03:02:20 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
935. [2016/12/30 03:02:20 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
936. [2016/12/30 03:02:20 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
937. [2016/12/30 03:02:19 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
938. [2016/12/30 03:02:19 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
939. [2016/12/30 03:02:18 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
940. [2016/12/30 03:02:18 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
941. [2016/12/30 03:02:09 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
942. [2016/12/30 03:02:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
943. [2016/12/30 03:02:06 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
944. [2016/12/30 03:02:04 | 001,706,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
945. [2016/12/30 03:02:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
946. [2016/12/29 13:23:31 | 000,000,000 | R--D | C] -- C:\Users\gunadi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
947. [2016/12/29 13:23:31 | 000,000,000 | R--D | C] -- C:\Users\gunadi\Searches
948. [2016/12/29 13:23:31 | 000,000,000 | R--D | C] -- C:\Users\gunadi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
949. [2016/12/29 13:23:31 | 000,000,000 | -H-D | C] -- C:\Users\gunadi\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
950. [2016/12/29 13:23:24 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\Identities
951. [2016/12/29 13:23:22 | 000,000,000 | R--D | C] -- C:\Users\gunadi\Contacts
952. [2016/12/29 13:23:16 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Local\VirtualStore
953. [2016/12/29 13:23:12 | 000,000,000 | --SD | C] -- C:\Users\gunadi\AppData\Roaming\Microsoft
954. [2016/12/29 13:23:12 | 000,000,000 | R--D | C] -- C:\Users\gunadi\Videos
955. [2016/12/29 13:23:12 | 000,000,000 | R--D | C] -- C:\Users\gunadi\Saved Games
956. [2016/12/29 13:23:12 | 000,000,000 | R--D | C] -- C:\Users\gunadi\Pictures
957. [2016/12/29 13:23:12 | 000,000,000 | R--D | C] -- C:\Users\gunadi\Music
958. [2016/12/29 13:23:12 | 000,000,000 | R--D | C] -- C:\Users\gunadi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
959. [2016/12/29 13:23:12 | 000,000,000 | R--D | C] -- C:\Users\gunadi\Links
960. [2016/12/29 13:23:12 | 000,000,000 | R--D | C] -- C:\Users\gunadi\Favorites
961. [2016/12/29 13:23:12 | 000,000,000 | R--D | C] -- C:\Users\gunadi\Downloads
962. [2016/12/29 13:23:12 | 000,000,000 | R--D | C] -- C:\Users\gunadi\Documents
963. [2016/12/29 13:23:12 | 000,000,000 | R--D | C] -- C:\Users\gunadi\Desktop
964. [2016/12/29 13:23:12 | 000,000,000 | R--D | C] -- C:\Users\gunadi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
965. [2016/12/29 13:23:12 | 000,000,000 | -HSD | C] -- C:\Users\gunadi\AppData\Local\Temporary Internet Files
966. [2016/12/29 13:23:12 | 000,000,000 | -HSD | C] -- C:\Users\gunadi\Templates
967. [2016/12/29 13:23:12 | 000,000,000 | -HSD | C] -- C:\Users\gunadi\Start Menu
968. [2016/12/29 13:23:12 | 000,000,000 | -HSD | C] -- C:\Users\gunadi\SendTo
969. [2016/12/29 13:23:12 | 000,000,000 | -HSD | C] -- C:\Users\gunadi\Recent
970. [2016/12/29 13:23:12 | 000,000,000 | -HSD | C] -- C:\Users\gunadi\PrintHood
971. [2016/12/29 13:23:12 | 000,000,000 | -HSD | C] -- C:\Users\gunadi\NetHood
972. [2016/12/29 13:23:12 | 000,000,000 | -HSD | C] -- C:\Users\gunadi\Documents\My Videos
973. [2016/12/29 13:23:12 | 000,000,000 | -HSD | C] -- C:\Users\gunadi\Documents\My Pictures
974. [2016/12/29 13:23:12 | 000,000,000 | -HSD | C] -- C:\Users\gunadi\Documents\My Music
975. [2016/12/29 13:23:12 | 000,000,000 | -HSD | C] -- C:\Users\gunadi\My Documents
976. [2016/12/29 13:23:12 | 000,000,000 | -HSD | C] -- C:\Users\gunadi\Local Settings
977. [2016/12/29 13:23:12 | 000,000,000 | -HSD | C] -- C:\Users\gunadi\AppData\Local\History
978. [2016/12/29 13:23:12 | 000,000,000 | -HSD | C] -- C:\Users\gunadi\Cookies
979. [2016/12/29 13:23:12 | 000,000,000 | -HSD | C] -- C:\Users\gunadi\Application Data
980. [2016/12/29 13:23:12 | 000,000,000 | -HSD | C] -- C:\Users\gunadi\AppData\Local\Application Data
981. [2016/12/29 13:23:12 | 000,000,000 | -H-D | C] -- C:\Users\gunadi\AppData
982. [2016/12/29 13:23:12 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Local\Temp
983. [2016/12/29 13:23:12 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Local\Microsoft
984. [2016/12/29 13:23:12 | 000,000,000 | ---D | C] -- C:\Users\gunadi\AppData\Roaming\Media Center Programs
985. [2016/12/29 13:22:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
986. [2016/12/29 13:22:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
987. [2016/12/29 13:22:17 | 000,000,000 | -HSD | C] -- C:\Recovery
988. [2016/12/29 13:22:16 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
989. [2016/12/29 13:19:23 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
990. [2016/12/29 13:18:59 | 000,000,000 | -HSD | C] -- C:\System Volume Information
991. [2016/12/29 13:18:29 | 000,000,000 | ---D | C] -- C:\Windows\Panther
992. [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
993.  
994. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
995.  
996. [2017/01/23 12:46:04 | 000,543,289 | ---- | M] () -- C:\Windows\ZAM.krnl.trace
997. [2017/01/23 12:46:04 | 000,091,464 | ---- | M] () -- C:\Windows\ZAM_Guard.krnl.trace
998. [2017/01/23 12:42:59 | 000,000,678 | ---- | M] () -- C:\Users\gunadi\Desktop\OTL - Shortcut.lnk
999. [2017/01/23 10:22:25 | 000,001,064 | ---- | M] () -- C:\Users\gunadi\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
1000. [2017/01/23 08:55:16 | 000,001,000 | ---- | M] () -- C:\Users\gunadi\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
1001. [2017/01/23 08:55:16 | 000,001,000 | ---- | M] () -- C:\Users\Public\Desktop\Internet Explorer.lnk
1002. [2017/01/23 08:55:15 | 000,001,160 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
1003. [2017/01/23 08:55:15 | 000,001,160 | ---- | M] () -- C:\Users\gunadi\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
1004. [2017/01/23 08:55:15 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
1005. [2017/01/23 08:53:20 | 000,781,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
1006. [2017/01/23 08:53:20 | 000,661,656 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
1007. [2017/01/23 08:53:20 | 000,121,524 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
1008. [2017/01/23 08:49:33 | 000,000,000 | ---- | M] () -- C:\Users\Public\Documents\report.dat
1009. [2017/01/23 08:47:22 | 000,000,000 | ---- | M] () -- C:\Users\Public\Documents\temp.dat
1010. [2017/01/23 08:47:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
1011. [2017/01/23 08:47:14 | 3120,128,000 | -HS- | M] () -- C:\hiberfil.sys
1012. [2017/01/23 08:39:01 | 000,203,680 | ---- | M] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\zamguard64.sys
1013. [2017/01/23 08:39:01 | 000,203,680 | ---- | M] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\zam64.sys
1014. [2017/01/23 08:39:00 | 000,001,148 | ---- | M] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
1015. [2017/01/20 06:57:16 | 000,000,019 | ---- | M] () -- C:\Users\Public\Documents\cc.ini
1016. [2017/01/19 14:24:39 | 000,023,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
1017. [2017/01/19 14:24:39 | 000,023,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
1018. [2017/01/19 14:18:30 | 000,004,379 | ---- | M] () -- C:\Windows\diagwrn.xml
1019. [2017/01/19 14:18:30 | 000,002,507 | ---- | M] () -- C:\Windows\diagerr.xml
1020. [2017/01/19 13:58:14 | 000,000,400 | RHS- | M] () -- C:\ProgramData\ntuser.pol
1021. [2017/01/19 13:33:02 | 000,001,799 | ---- | M] () -- C:\Users\gunadi\Desktop\MagicISO.lnk
1022. [2017/01/19 09:40:00 | 000,395,429 | ---- | M] () -- C:\Users\gunadi\Documents\lazada.jpg
1023. [2017/01/18 11:44:40 | 000,292,466 | ---- | M] () -- C:\Users\gunadi\Documents\wifi.jpg
1024. [2017/01/18 07:24:18 | 000,001,632 | ---- | M] () -- C:\Users\Public\Desktop\BlueStacks.lnk
1025. [2017/01/18 07:22:07 | 000,773,536 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
1026. [2017/01/17 12:44:18 | 000,001,209 | ---- | M] () -- C:\Users\gunadi\Desktop\Panduan Pengguna Presensi Online Woowtime 6 - Shortcut.lnk
1027. [2017/01/16 12:44:37 | 000,001,027 | ---- | M] () -- C:\Users\gunadi\Application Data\Microsoft\Internet Explorer\Quick Launch\Hard Disk Sentinel.lnk
1028. [2017/01/16 12:44:37 | 000,001,003 | ---- | M] () -- C:\Users\gunadi\Desktop\Hard Disk Sentinel.lnk
1029. [2017/01/13 15:00:58 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
1030. [2017/01/11 11:15:25 | 000,002,003 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
1031. [2017/01/09 14:19:47 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
1032. [2017/01/05 22:20:19 | 000,442,248 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
1033. [2017/01/05 02:47:19 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
1034. [2016/12/30 09:23:55 | 000,001,209 | ---- | M] () -- C:\Users\gunadi\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
1035. [2016/12/30 09:23:55 | 000,001,185 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
1036. [2016/12/30 09:21:18 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
1037. [2016/12/30 09:14:52 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk
1038. [2016/12/30 08:43:23 | 000,058,512 | ---- | M] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtTeam620.sys
1039. [2016/12/30 08:43:23 | 000,032,544 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\RtNdPt60.sys
1040. [2016/12/30 08:43:23 | 000,032,400 | ---- | M] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtVlan620.sys
1041. [2016/12/30 06:19:55 | 000,001,003 | ---- | M] () -- C:\Users\gunadi\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
1042. [2016/12/30 06:19:55 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
1043. [2016/12/30 03:17:20 | 000,015,396 | ---- | M] () -- C:\Windows\SysNative\results.xml
1044. [2016/12/30 03:16:18 | 000,000,716 | ---- | M] () -- C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
1045. [2016/12/30 03:13:55 | 000,733,184 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\MetroIntelGenericUIFramework.dll
1046. [2016/12/30 03:13:52 | 000,064,000 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.DLL
1047. [2016/12/30 03:13:52 | 000,064,000 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\Intel_OpenCL_ICD64.dll
1048. [2016/12/30 03:13:52 | 000,060,416 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.DLL
1049. [2016/12/30 03:13:52 | 000,060,416 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\Intel_OpenCL_ICD32.dll
1050. [2016/12/30 03:13:50 | 000,320,512 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\IntelOpenCL64.dll
1051. [2016/12/30 03:13:50 | 000,279,024 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe
1052. [2016/12/30 03:13:50 | 000,265,216 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\IntelOpenCL32.dll
1053. [2016/12/30 03:13:49 | 002,813,952 | ---- | M] () -- C:\Windows\SysNative\iglhxa64.cpa
1054. [2016/12/30 03:13:49 | 000,182,784 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v3412.dll
1055. [2016/12/30 03:13:49 | 000,044,025 | ---- | M] () -- C:\Windows\SysNative\iglhxo64.vp
1056. [2016/12/30 03:13:49 | 000,043,816 | ---- | M] () -- C:\Windows\SysNative\iglhxc64_dev.vp
1057. [2016/12/30 03:13:49 | 000,043,494 | ---- | M] () -- C:\Windows\SysNative\iglhxc64.vp
1058. [2016/12/30 03:13:49 | 000,043,298 | ---- | M] () -- C:\Windows\SysNative\iglhxg64_dev.vp
1059. [2016/12/30 03:13:49 | 000,043,256 | ---- | M] () -- C:\Windows\SysNative\iglhxg64.vp
1060. [2016/12/30 03:13:49 | 000,042,079 | ---- | M] () -- C:\Windows\SysNative\iglhxo64_dev.vp
1061. [2016/12/30 03:13:49 | 000,002,944 | ---- | M] () -- C:\Windows\SysNative\iglhxs64.vp
1062. [2016/12/30 03:13:49 | 000,001,125 | ---- | M] () -- C:\Windows\SysNative\iglhxa64.vp
1063. [2016/12/30 03:13:48 | 001,127,424 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll
1064. [2016/12/30 03:13:48 | 001,123,328 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll
1065. [2016/12/30 03:13:48 | 000,391,152 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
1066. [2016/12/30 03:13:48 | 000,346,624 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
1067. [2016/12/30 03:13:48 | 000,214,528 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll
1068. [2016/12/30 03:13:48 | 000,179,712 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll
1069. [2016/12/30 03:13:47 | 000,906,224 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxstarter.exe
1070. [2016/12/30 03:13:47 | 000,845,296 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
1071. [2016/12/30 03:13:47 | 000,525,824 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
1072. [2016/12/30 03:13:47 | 000,525,312 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
1073. [2016/12/30 03:13:47 | 000,525,312 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
1074. [2016/12/30 03:13:47 | 000,524,800 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
1075. [2016/12/30 03:13:47 | 000,523,776 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
1076. [2016/12/30 03:13:47 | 000,066,560 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
1077. [2016/12/30 03:13:46 | 000,527,360 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
1078. [2016/12/30 03:13:46 | 000,526,848 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
1079. [2016/12/30 03:13:46 | 000,526,336 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc
1080. [2016/12/30 03:13:46 | 000,526,336 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
1081. [2016/12/30 03:13:46 | 000,525,824 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
1082. [2016/12/30 03:13:46 | 000,524,800 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
1083. [2016/12/30 03:13:46 | 000,524,288 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
1084. [2016/12/30 03:13:46 | 000,516,096 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
1085. [2016/12/30 03:13:45 | 009,081,856 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
1086. [2016/12/30 03:13:45 | 000,527,360 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
1087. [2016/12/30 03:13:45 | 000,526,336 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
1088. [2016/12/30 03:13:45 | 000,525,824 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
1089. [2016/12/30 03:13:45 | 000,525,824 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc
1090. [2016/12/30 03:13:45 | 000,525,312 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
1091. [2016/12/30 03:13:45 | 000,522,240 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
1092. [2016/12/30 03:13:45 | 000,517,632 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
1093. [2016/12/30 03:13:44 | 000,527,872 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
1094. [2016/12/30 03:13:44 | 000,527,360 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
1095. [2016/12/30 03:13:44 | 000,526,848 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
1096. [2016/12/30 03:13:44 | 000,524,288 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
1097. [2016/12/30 03:13:44 | 000,371,200 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
1098. [2016/12/30 03:13:43 | 000,770,544 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
1099. [2016/12/30 03:13:43 | 000,548,864 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
1100. [2016/12/30 03:13:43 | 000,525,824 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
1101. [2016/12/30 03:13:43 | 000,521,728 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
1102. [2016/12/30 03:13:43 | 000,514,048 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
1103. [2016/12/30 03:13:43 | 000,513,536 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
1104. [2016/12/30 03:13:43 | 000,397,808 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
1105. [2016/12/30 03:13:42 | 000,624,640 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
1106. [2016/12/30 03:13:42 | 000,493,056 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
1107. [2016/12/30 03:13:42 | 000,279,040 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
1108. [2016/12/30 03:13:42 | 000,243,712 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
1109. [2016/12/30 03:13:42 | 000,163,328 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
1110. [2016/12/30 03:13:42 | 000,137,728 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
1111. [2016/12/30 03:13:42 | 000,029,696 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
1112. [2016/12/30 03:13:42 | 000,025,600 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
1113. [2016/12/30 03:13:42 | 000,012,288 | ---- | M] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
1114. [2016/12/30 03:13:41 | 004,474,368 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdusc64.dll
1115. [2016/12/30 03:13:41 | 003,558,912 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdusc32.dll
1116. [2016/12/30 03:13:41 | 002,065,920 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll
1117. [2016/12/30 03:13:41 | 001,815,040 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll
1118. [2016/12/30 03:13:41 | 000,155,136 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfx11cmrt64.dll
1119. [2016/12/30 03:13:41 | 000,133,120 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfx11cmrt32.dll
1120. [2016/12/30 03:13:40 | 019,380,224 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdumdim64.dll
1121. [2016/12/30 03:13:39 | 018,629,632 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdumdim32.dll
1122. [2016/12/30 03:13:38 | 003,224,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdrcl64.dll
1123. [2016/12/30 03:13:38 | 002,896,384 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdrcl32.dll
1124. [2016/12/30 03:13:38 | 000,373,760 | ---- | M] () -- C:\Windows\SysNative\igdmd64.dll
1125. [2016/12/30 03:13:38 | 000,299,520 | ---- | M] () -- C:\Windows\SysWow64\igdmd32.dll
1126. [2016/12/30 03:13:37 | 025,971,712 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdfcl64.dll
1127. [2016/12/30 03:13:37 | 004,221,440 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
1128. [2016/12/30 03:13:35 | 020,954,112 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdfcl32.dll
1129. [2016/12/30 03:13:34 | 000,222,208 | ---- | M] () -- C:\Windows\SysNative\igdde64.dll
1130. [2016/12/30 03:13:33 | 021,088,256 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igd10iumd64.dll
1131. [2016/12/30 03:13:33 | 000,329,216 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdbcl64.dll
1132. [2016/12/30 03:13:33 | 000,290,816 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdbcl32.dll
1133. [2016/12/30 03:13:33 | 000,182,272 | ---- | M] () -- C:\Windows\SysWow64\igdde32.dll
1134. [2016/12/30 03:13:33 | 000,160,256 | ---- | M] () -- C:\Windows\SysNative\igdail64.dll
1135. [2016/12/30 03:13:33 | 000,142,848 | ---- | M] () -- C:\Windows\SysWow64\igdail32.dll
1136. [2016/12/30 03:13:32 | 020,433,408 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igd10iumd32.dll
1137. [2016/12/30 03:13:28 | 007,947,776 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\ig75icd64.dll
1138. [2016/12/30 03:13:28 | 006,289,408 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\ig75icd32.dll
1139. [2016/12/30 03:13:26 | 000,771,568 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
1140. [2016/12/30 03:13:26 | 000,094,208 | ---- | M] () -- C:\Windows\SysNative\IccLibDll_x64.dll
1141. [2016/12/30 03:13:25 | 007,597,040 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\GfxUIEx.exe
1142. [2016/12/30 03:13:25 | 000,755,184 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\GfxUIHotKeyMenu.exe
1143. [2016/12/30 03:13:25 | 000,224,256 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
1144. [2016/12/30 03:13:25 | 000,001,806 | ---- | M] () -- C:\Windows\SysNative\GfxUIEx.exe.config
1145. [2016/12/30 03:13:25 | 000,000,264 | ---- | M] () -- C:\Windows\SysNative\GfxUIHotKeyMenu.exe.config
1146. [2016/12/30 03:13:24 | 000,194,560 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
1147. [2016/12/30 03:13:24 | 000,175,571 | ---- | M] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
1148. [2016/12/30 03:13:24 | 000,154,805 | ---- | M] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
1149. [2016/12/30 03:13:24 | 000,152,993 | ---- | M] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
1150. [2016/12/30 03:13:23 | 000,267,407 | ---- | M] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
1151. [2016/12/30 03:13:23 | 000,235,401 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
1152. [2016/12/30 03:13:23 | 000,180,936 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
1153. [2016/12/30 03:13:23 | 000,176,838 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
1154. [2016/12/30 03:13:23 | 000,175,067 | ---- | M] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
1155. [2016/12/30 03:13:23 | 000,174,802 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
1156. [2016/12/30 03:13:23 | 000,174,269 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
1157. [2016/12/30 03:13:23 | 000,173,276 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
1158. [2016/12/30 03:13:23 | 000,173,059 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
1159. [2016/12/30 03:13:23 | 000,172,833 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
1160. [2016/12/30 03:13:23 | 000,168,215 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
1161. [2016/12/30 03:13:23 | 000,166,833 | ---- | M] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
1162. [2016/12/30 03:13:22 | 002,384,896 | ---- | M] () -- C:\Windows\SysNative\GfxRes.dll
1163. [2016/12/30 03:13:22 | 000,253,466 | ---- | M] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
1164. [2016/12/30 03:13:22 | 000,198,725 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
1165. [2016/12/30 03:13:22 | 000,192,758 | ---- | M] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
1166. [2016/12/30 03:13:22 | 000,180,850 | ---- | M] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
1167. [2016/12/30 03:13:22 | 000,178,473 | ---- | M] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
1168. [2016/12/30 03:13:22 | 000,178,290 | ---- | M] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
1169. [2016/12/30 03:13:22 | 000,175,862 | ---- | M] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
1170. [2016/12/30 03:13:22 | 000,173,792 | ---- | M] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
1171. [2016/12/30 03:13:22 | 000,171,691 | ---- | M] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
1172. [2016/12/30 03:13:22 | 000,161,534 | ---- | M] () -- C:\Windows\SysNative\Gfxres.en-US.resources
1173. [2016/12/30 03:13:21 | 000,530,928 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\DPTopologyApp.exe
1174. [2016/12/30 03:13:21 | 000,201,128 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
1175. [2016/12/30 03:13:21 | 000,178,123 | ---- | M] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
1176. [2016/12/30 03:13:21 | 000,172,554 | ---- | M] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
1177. [2016/12/30 03:13:21 | 000,166,220 | ---- | M] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
1178. [2016/12/30 03:13:21 | 000,153,072 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe
1179. [2016/12/30 03:13:21 | 000,000,935 | ---- | M] () -- C:\Windows\SysNative\DPTopologyApp.exe.config
1180. [2016/12/30 03:13:19 | 000,450,520 | ---- | M] (Intel(R) Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
1181. [2016/12/30 03:13:19 | 000,397,296 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\CustomModeApp.exe
1182. [2016/12/30 03:13:19 | 000,000,935 | ---- | M] () -- C:\Windows\SysNative\CustomModeApp.exe.config
1183. [2016/12/30 03:08:06 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_ASMBSW_01_11_00.Wdf
1184. [2016/12/30 03:06:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_user_01_11_00.Wdf
1185. [2016/12/30 03:05:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
1186. [2016/12/30 03:03:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
1187. [2016/12/30 03:03:55 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
1188. [2016/12/30 03:02:57 | 000,016,896 | ---- | M] (ASUS) -- C:\Windows\AsTaskSched.dll
1189. [2016/12/30 03:01:59 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
1190. [2016/12/29 13:22:43 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
1191. [2016/12/29 13:22:43 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
1192. [2016/12/29 13:22:42 | 001,008,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
1193. [2016/12/29 13:22:42 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
1194. [2016/12/29 13:20:48 | 000,116,385 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
1195. [2016/12/29 13:20:48 | 000,116,385 | ---- | M] () -- C:\Windows\SysNative\license.rtf
1196. [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
1197.  
1198. [color=#E56717]========== Files Created - No Company Name ==========[/color]
1199.  
1200. [2017/01/23 12:42:59 | 000,000,678 | ---- | C] () -- C:\Users\gunadi\Desktop\OTL - Shortcut.lnk
1201. [2017/01/23 08:47:17 | 000,539,099 | ---- | C] () -- C:\Windows\ZAM.krnl.trace
1202. [2017/01/23 08:47:17 | 000,090,977 | ---- | C] () -- C:\Windows\ZAM_Guard.krnl.trace
1203. [2017/01/23 08:39:00 | 000,001,148 | ---- | C] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
1204. [2017/01/20 06:57:16 | 000,000,019 | ---- | C] () -- C:\Users\Public\Documents\cc.ini
1205. [2017/01/19 14:18:03 | 000,004,379 | ---- | C] () -- C:\Windows\diagwrn.xml
1206. [2017/01/19 14:18:03 | 000,002,507 | ---- | C] () -- C:\Windows\diagerr.xml
1207. [2017/01/19 13:33:02 | 000,001,799 | ---- | C] () -- C:\Users\gunadi\Desktop\MagicISO.lnk
1208. [2017/01/19 09:40:00 | 000,395,429 | ---- | C] () -- C:\Users\gunadi\Documents\lazada.jpg
1209. [2017/01/19 06:17:05 | 000,001,000 | ---- | C] () -- C:\Users\Public\Desktop\Internet Explorer.lnk
1210. [2017/01/18 11:44:40 | 000,292,466 | ---- | C] () -- C:\Users\gunadi\Documents\wifi.jpg
1211. [2017/01/18 07:24:33 | 000,000,570 | ---- | C] () -- C:\Users\gunadi\AppData\Local\TroubleshooterConfig.json
1212. [2017/01/18 07:24:18 | 000,001,632 | ---- | C] () -- C:\Users\Public\Desktop\BlueStacks.lnk
1213. [2017/01/17 12:44:18 | 000,001,209 | ---- | C] () -- C:\Users\gunadi\Desktop\Panduan Pengguna Presensi Online Woowtime 6 - Shortcut.lnk
1214. [2017/01/16 12:44:37 | 000,001,027 | ---- | C] () -- C:\Users\gunadi\Application Data\Microsoft\Internet Explorer\Quick Launch\Hard Disk Sentinel.lnk
1215. [2017/01/16 12:44:37 | 000,001,003 | ---- | C] () -- C:\Users\gunadi\Desktop\Hard Disk Sentinel.lnk
1216. [2017/01/13 15:00:58 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
1217. [2017/01/13 15:00:58 | 000,001,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
1218. [2017/01/13 14:41:29 | 000,000,400 | RHS- | C] () -- C:\ProgramData\ntuser.pol
1219. [2017/01/13 07:11:13 | 000,000,000 | ---- | C] () -- C:\Users\Public\Documents\report.dat
1220. [2017/01/13 07:11:11 | 000,000,000 | ---- | C] () -- C:\Users\Public\Documents\temp.dat
1221. [2017/01/09 14:19:47 | 000,000,869 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
1222. [2017/01/09 12:00:30 | 000,002,003 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
1223. [2017/01/09 12:00:29 | 000,002,499 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
1224. [2017/01/05 02:47:19 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
1225. [2016/12/30 09:30:18 | 000,001,160 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
1226. [2016/12/30 09:30:18 | 000,001,160 | ---- | C] () -- C:\Users\gunadi\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
1227. [2016/12/30 09:30:18 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
1228. [2016/12/30 09:28:26 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
1229. [2016/12/30 09:24:25 | 000,000,983 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
1230. [2016/12/30 09:23:55 | 000,001,209 | ---- | C] () -- C:\Users\gunadi\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
1231. [2016/12/30 09:23:55 | 000,001,185 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk
1232. [2016/12/30 09:21:18 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
1233. [2016/12/30 09:21:16 | 000,001,064 | ---- | C] () -- C:\Users\gunadi\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
1234. [2016/12/30 09:21:16 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
1235. [2016/12/30 09:14:52 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\PowerISO.lnk
1236. [2016/12/30 06:24:59 | 000,001,000 | ---- | C] () -- C:\Users\gunadi\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
1237. [2016/12/30 06:19:55 | 000,001,003 | ---- | C] () -- C:\Users\gunadi\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
1238. [2016/12/30 06:19:55 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
1239. [2016/12/30 06:18:31 | 000,773,536 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
1240. [2016/12/30 03:17:20 | 000,015,396 | ---- | C] () -- C:\Windows\SysNative\results.xml
1241. [2016/12/30 03:16:18 | 000,000,716 | ---- | C] () -- C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
1242. [2016/12/30 03:08:06 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_ASMBSW_01_11_00.Wdf
1243. [2016/12/30 03:06:09 | 000,015,232 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
1244. [2016/12/30 03:06:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_user_01_11_00.Wdf
1245. [2016/12/30 03:06:05 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
1246. [2016/12/30 03:05:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
1247. [2016/12/30 03:03:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
1248. [2016/12/30 03:03:55 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
1249. [2016/12/30 03:03:51 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
1250. [2016/12/30 03:02:32 | 000,378,949 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
1251. [2016/12/30 03:01:59 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
1252. [2016/12/29 13:23:36 | 000,001,000 | ---- | C] () -- C:\Users\gunadi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
1253. [2016/12/29 13:23:33 | 000,001,000 | ---- | C] () -- C:\Users\gunadi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
1254. [2016/12/29 13:23:12 | 000,000,290 | ---- | C] () -- C:\Users\gunadi\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
1255. [2016/12/29 13:23:12 | 000,000,272 | ---- | C] () -- C:\Users\gunadi\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
1256. [2016/12/29 13:20:43 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
1257. [2016/12/29 13:20:34 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
1258. [2016/12/29 13:18:59 | 3120,128,000 | -HS- | C] () -- C:\hiberfil.sys
1259.  
1260. [color=#E56717]========== ZeroAccess Check ==========[/color]
1261.  
1262. [2009/07/14 11:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
1263.  
1264. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
1265.  
1266. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
1267.  
1268. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
1269.  
1270. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
1271.  
1272. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
1273. "" = C:\Windows\SysNative\shell32.dll -- [2010/11/21 10:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
1274. "ThreadingModel" = Apartment
1275.  
1276. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
1277. "" = %SystemRoot%\system32\shell32.dll -- [2010/11/21 10:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
1278. "ThreadingModel" = Apartment
1279.  
1280. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
1281. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 08:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
1282. "ThreadingModel" = Free
1283.  
1284. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
1285. "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 10:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
1286. "ThreadingModel" = Free
1287.  
1288. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
1289. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 08:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
1290. "ThreadingModel" = Both
1291.  
1292. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
1293.  
1294. [color=#E56717]========== LOP Check ==========[/color]
1295.  
1296. [2017/01/13 15:00:58 | 000,000,000 | ---D | M] -- C:\Users\gunadi\AppData\Roaming\Canneverbe Limited
1297. [2017/01/09 12:00:03 | 000,000,000 | ---D | M] -- C:\Users\gunadi\AppData\Roaming\Downloaded Installations
1298. [2017/01/09 14:17:33 | 000,000,000 | ---D | M] -- C:\Users\gunadi\AppData\Roaming\FileOpen
1299. [2017/01/16 11:17:17 | 000,000,000 | ---D | M] -- C:\Users\gunadi\AppData\Roaming\Firefox
1300. [2017/01/16 12:44:39 | 000,000,000 | ---D | M] -- C:\Users\gunadi\AppData\Roaming\Hard Disk Sentinel
1301. [2017/01/09 14:17:33 | 000,000,000 | ---D | M] -- C:\Users\gunadi\AppData\Roaming\Nitro
1302. [2016/12/30 09:16:20 | 000,000,000 | ---D | M] -- C:\Users\gunadi\AppData\Roaming\PowerISO
1303. [2017/01/10 14:12:09 | 000,000,000 | ---D | M] -- C:\Users\gunadi\AppData\Roaming\Profiles
1304. [2017/01/16 10:31:00 | 000,000,000 | ---D | M] -- C:\Users\gunadi\AppData\Roaming\Smadav
1305.  
1306. [color=#E56717]========== Purity Check ==========[/color]
1307.  
1308.  
1309.  
1310. [color=#E56717]========== Files - Unicode (All) ==========[/color]
1311. [2017/01/16 10:30:57 | 000,001,072 | ---- | M] ()(C:\Users\Public\Desktop\SMAD?V.lnk) -- C:\Users\Public\Desktop\SMADΔV.lnk
1312. [2017/01/11 11:46:57 | 000,001,072 | ---- | C] ()(C:\Users\Public\Desktop\SMAD?V.lnk) -- C:\Users\Public\Desktop\SMADΔV.lnk
1313.  
1314. < End of report >