Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malware infected work pc [Solved]

Started by Andreib18 , Aug 04 2014 12:56 AM

  • This topic is locked This topic is locked

#16
Essexboy
Posted 05 August 2014 - 08:08 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Fix for PC2

Once run could you let me know what symptoms remain

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

C:\Documents and Settings\Radu\ACmd.dll
C:\Documents and Settings\Radu\APipe.dll
C:\Documents and Settings\Radu\AwPluginVector.dll
C:\Documents and Settings\Radu\Config.dll
C:\Documents and Settings\Radu\crc32.dll
C:\Documents and Settings\Radu\drvinstaller_IA64.exe
C:\Documents and Settings\Radu\drvinstaller_X64.exe
C:\Documents and Settings\Radu\drvinstaller_X86.exe
C:\Documents and Settings\Radu\eFex.dll
C:\Documents and Settings\Radu\encode.dll
C:\Documents and Settings\Radu\idfactory.dll
C:\Documents and Settings\Radu\ImgDecode.dll
C:\Documents and Settings\Radu\KSDecode.dll
C:\Documents and Settings\Radu\LangPlg.dll
C:\Documents and Settings\Radu\LiveSuit.dat
C:\Documents and Settings\Radu\LiveSuit.exe
C:\Documents and Settings\Radu\Phoenix_Elf.dll
C:\Documents and Settings\Radu\Phoenix_Fes.dll
C:\Documents and Settings\Radu\roottools.dll
C:\Documents and Settings\Radu\sdata.dll
C:\Documents and Settings\Radu\single.dll
C:\Documents and Settings\Radu\ZipModule.dll
CMD: bitsadmin /reset /allusers
CMD: DEL %TEMP%\*.* /F /S /Q
CMD: RD /S /Q %TEMP%
REBOOT:


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that


  • 0

Advertisements

#17
Andreib18
Posted 05 August 2014 - 08:09 AM

Andreib18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts

and from 3rd pc 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014
Ran by Radu (administrator) on RADU-PC on 05-08-2014 07:07:09
Running from C:\Users\Radu\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
() D:\Unprotectd\Htc\HTC One Toolkit - Squabbi - 3.1.2\HTC One Toolkit.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-06-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
HKU\S-1-5-21-2749856353-3442545345-1305978658-1001\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-2749856353-3442545345-1305978658-1001\...\MountPoints2: E - E:\SETUP.EXE
HKU\S-1-5-21-2749856353-3442545345-1305978658-1001\...\MountPoints2: {3bae1793-1c8e-11e4-85da-001966ea65f6} - F:\AutoRun.exe
HKU\S-1-5-21-2749856353-3442545345-1305978658-1001\...\MountPoints2: {3bae17a1-1c8e-11e4-85da-001966ea65f6} - F:\AutoRun.exe
HKU\S-1-5-21-2749856353-3442545345-1305978658-1001\...\MountPoints2: {9f218532-0bf4-11e4-b3f3-001966ea65f6} - E:\Setup.exe
HKU\S-1-5-21-2749856353-3442545345-1305978658-1001\...\MountPoints2: {9f21853e-0bf4-11e4-b3f3-001966ea65f6} - E:\Setup.exe
HKU\S-1-5-21-2749856353-3442545345-1305978658-1001\...\MountPoints2: {9f218590-0bf4-11e4-b3f3-001966ea65f6} - E:\Setup.exe
HKU\S-1-5-21-2749856353-3442545345-1305978658-1001\...\MountPoints2: {9f2185df-0bf4-11e4-b3f3-001966ea65f6} - E:\Setup.exe
HKU\S-1-5-21-2749856353-3442545345-1305978658-1001\...\MountPoints2: {c2e6f1e2-0e44-11e4-83f3-001966ea65f6} - E:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-2749856353-3442545345-1305978658-1001\...\MountPoints2: {c2e6f20d-0e44-11e4-83f3-001966ea65f6} - E:\AutoRun.exe
HKU\S-1-5-21-2749856353-3442545345-1305978658-1001\...\MountPoints2: {c4057df6-0d81-11e4-8cb8-001966ea65f6} - E:\LGAutoRun.exe
HKU\S-1-5-21-2749856353-3442545345-1305978658-1001\...\MountPoints2: {ee84898f-120a-11e4-91f7-001966ea65f6} - E:\AutoRun.exe
ShellIconOverlayIdentifiers: KAVOverlayIcon -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: KAVOverlayIcon -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll (Kaspersky Lab ZAO)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7E2D4686F89DCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 193.231.242.2 193.226.60.2
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014-08-04]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014-08-04]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]
FF Extension: Gevaarlijke websiteblokkering - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014-08-04]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014-08-04]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014-08-04]
 
Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://www.google.com/intl/ro/"
CHR Extension: (Google Docs) - C:\Users\Radu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-12]
CHR Extension: (Disc Google) - C:\Users\Radu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-12]
CHR Extension: (YouTube) - C:\Users\Radu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-12]
CHR Extension: (căutare Google) - C:\Users\Radu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-12]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Radu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-08-04]
CHR Extension: (Safe Money) - C:\Users\Radu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-08-04]
CHR Extension: (Content Blocker) - C:\Users\Radu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-08-04]
CHR Extension: (Virtual Keyboard) - C:\Users\Radu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-08-04]
CHR Extension: (Kaspersky Protection) - C:\Users\Radu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2014-08-05]
CHR Extension: (Google Wallet) - C:\Users\Radu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-12]
CHR Extension: (Gmail) - C:\Users\Radu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-12]
CHR Extension: (Anti-Banner) - C:\Users\Radu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-08-04]
CHR Extension: (Extutil) - C:\Users\Radu\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-07-12]
CHR Extension: (Managera) - C:\Users\Radu\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-07-12]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.googl...dnajaicnklhfplh [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2013-11-11]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [818888 2013-09-25] (Infowatch)
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [137024 2014-01-28] ()
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-04-02] (Nero AG)
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [204096 2014-01-28] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S2 AcerSyncServiceWinService; C:\Program Files\Acer\AcerSync\AcerSyncService.exe -p [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [243200 2009-10-21] (Huawei Technologies Co., Ltd.)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [38424 2010-10-18] (Google Inc)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
R3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-23] (Huawei Technologies Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-08-05] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-08-05] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628288 2014-08-05] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-08-05] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-11-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-11-11] (Kaspersky Lab ZAO)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [11776 2010-10-20] (HandSet Incorporated)
S3 motport; C:\Windows\System32\DRIVERS\motport.sys [30208 2011-03-31] (Motorola)
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [118272 2009-02-23] (QUALCOMM Incorporated)
R3 R5BaseSmc; C:\Windows\System32\DRIVERS\smccard.sys [23592 2013-07-27] (OEM)
S3 riffbox; C:\Windows\System32\DRIVERS\riffbox64.sys [32768 2012-04-24] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [206080 2014-04-11] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-04-11] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 SzCCID; C:\Windows\System32\DRIVERS\SzCCID.sys [45568 2011-11-21] (Generic)
S3 token; C:\Windows\System32\DRIVERS\eps2kt1.sys [43432 2013-07-27] (OEM)
S3 wdf_usb; C:\Windows\System32\drivers\usb2ser.sys [67192 2011-05-20] (MediaTek Inc.)
S3 zghsdiag; C:\Windows\System32\DRIVERS\zghsdiag.sys [122624 2011-01-13] (ZTE Incorporated)
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [122624 2011-01-13] (ZTE Incorporated)
S3 zghsnmea; C:\Windows\System32\DRIVERS\zghsnmea.sys [122624 2011-01-13] (ZTE Incorporated)
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 ZTEusbnet; system32\DRIVERS\ZTEusbnet.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-05 06:31 - 2014-08-05 06:38 - 00000000 ____D () C:\Users\Radu\Desktop\i9305 decodat
2014-08-05 06:18 - 2014-08-05 06:18 - 00152768 _____ () C:\Users\Radu\Downloads\Degrated_Shadow's_KNOX_removerV2.1.zip
2014-08-05 06:06 - 2014-08-05 06:06 - 07137368 _____ () C:\Users\Radu\Downloads\philz_touch_4.00-b21-i9305-fixed_Ported_By_ausdim.tar.md5
2014-08-05 05:59 - 2014-08-05 05:59 - 00000000 ____D () C:\Windows\LastGood
2014-08-05 05:37 - 2014-08-05 05:37 - 00000000 ____D () C:\Users\Radu\Downloads\UPDATE-SuperSU-v1.93
2014-08-05 05:35 - 2014-08-05 05:35 - 01206254 _____ () C:\Users\Radu\Downloads\UPDATE-SuperSU-v1.93.zip
2014-08-05 05:28 - 2014-08-05 05:28 - 03243548 _____ () C:\Users\Radu\Downloads\saferoot.zip
2014-08-05 04:46 - 2014-08-05 04:47 - 00040667 _____ () C:\Users\Radu\Downloads\Addition.txt
2014-08-05 04:45 - 2014-08-05 07:07 - 00019279 _____ () C:\Users\Radu\Downloads\FRST.txt
2014-08-05 04:45 - 2014-08-05 07:07 - 00000000 ____D () C:\FRST
2014-08-05 04:45 - 2014-08-05 04:45 - 02094080 _____ (Farbar) C:\Users\Radu\Downloads\FRST64.exe
2014-08-05 04:44 - 2014-08-05 04:44 - 00054274 _____ () C:\Users\Radu\Downloads\Extras.Txt
2014-08-05 04:43 - 2014-08-05 04:43 - 00153162 _____ () C:\Users\Radu\Downloads\OTL.Txt
2014-08-05 04:37 - 2014-08-05 04:37 - 00602112 _____ (OldTimer Tools) C:\Users\Radu\Downloads\OTL (1).exe
2014-08-05 04:08 - 2014-08-05 04:08 - 00038564 _____ () C:\Users\Radu\Documents\E(14.84 GB) Lost File Recovery 2014-08-05 at 04.07.57.res
2014-08-05 03:59 - 2014-08-05 03:59 - 00001083 _____ () C:\Users\Public\Desktop\Mobile Partner.lnk
2014-08-05 03:59 - 2014-08-05 03:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner
2014-08-05 03:59 - 2014-08-05 03:59 - 00000000 ____D () C:\Program Files (x86)\Mobile Partner
2014-08-05 03:59 - 2009-10-21 17:16 - 00243200 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbnet.sys
2014-08-05 03:59 - 2009-10-12 15:23 - 00114304 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbdev.sys
2014-08-05 03:59 - 2007-08-09 04:10 - 00029696 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2014-08-04 23:40 - 2014-08-05 06:58 - 00000000 ____D () C:\ProgramData\MCShield
2014-08-04 23:40 - 2014-08-04 23:40 - 00602112 _____ (OldTimer Tools) C:\Users\Radu\Downloads\OTL.exe
2014-08-04 23:40 - 2014-08-04 23:40 - 00001080 _____ () C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk
2014-08-04 23:40 - 2014-08-04 23:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2014-08-04 23:40 - 2014-08-04 23:40 - 00000000 ____D () C:\Program Files (x86)\MCShield
2014-08-04 23:39 - 2014-08-04 23:39 - 02856736 _____ (MyCity) C:\Users\Radu\Downloads\MCShield-Setup.exe
2014-08-04 23:30 - 2014-08-04 23:30 - 00002220 _____ () C:\Users\Radu\Desktop\Safe Money.lnk
2014-08-04 23:29 - 2014-08-04 23:29 - 00001078 _____ () C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
2014-08-04 23:29 - 2014-08-04 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 3.0
2014-08-04 23:29 - 2013-11-11 20:55 - 00064856 _____ (Kaspersky Lab) C:\Windows\system32\klfphc.dll
2014-08-04 23:29 - 2011-06-02 14:39 - 00066616 _____ (Infowatch) C:\Windows\system32\Drivers\CSVirtualDiskDrv.sys
2014-08-04 23:28 - 2014-08-05 07:06 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-08-04 23:28 - 2014-08-05 00:06 - 00628288 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-08-04 23:28 - 2014-08-05 00:06 - 00092768 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-08-04 23:28 - 2014-08-04 23:28 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-08-04 23:28 - 2014-08-04 23:28 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-08-04 23:28 - 2011-06-02 14:39 - 00084536 _____ (Infowatch) C:\Windows\system32\Drivers\CSCrySec.sys
2014-08-04 23:23 - 2014-08-04 23:24 - 189644040 _____ (Kaspersky Lab ZAO) C:\Users\Radu\Downloads\pure13.0.2.558EN_4486.exe
2014-08-01 00:14 - 2014-08-01 00:37 - 00000000 ____D () C:\Users\Radu\AppData\Local\pangu
2014-07-31 22:32 - 2014-07-31 22:32 - 34293548 _____ () C:\Users\Radu\Downloads\Pangu_v1.1.exe.zip
2014-07-31 21:50 - 2014-05-14 09:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-31 21:50 - 2014-05-14 09:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-31 21:50 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-31 21:50 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-31 21:50 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-07-31 21:50 - 2014-05-14 09:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-31 21:50 - 2014-05-14 09:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-07-31 21:50 - 2014-05-14 09:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-07-31 21:50 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-07-31 21:50 - 2014-05-14 09:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-31 21:50 - 2014-05-14 09:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-31 21:50 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-31 21:50 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-31 21:50 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-30 07:53 - 2014-07-30 05:59 - 570271342 _____ () C:\Users\Radu\Downloads\SOP-i6(MX1029)更新删除锁定2G网络相关功能,量产软件.rar
2014-07-30 03:01 - 2014-07-30 03:22 - 1180577030 _____ () C:\Users\Radu\Downloads\One_4.06.1540.2_odexed.zip
2014-07-28 09:09 - 2014-07-28 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2014-07-28 09:09 - 2014-07-28 09:09 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2014-07-26 10:09 - 2009-02-23 14:58 - 00118272 _____ (QUALCOMM Incorporated) C:\Windows\system32\Drivers\qcusbser.sys
2014-07-25 16:47 - 2014-07-25 16:47 - 00000000 ____D () C:\Users\Radu\Downloads\AM_64
2014-07-25 16:46 - 2014-07-25 16:46 - 00100694 _____ () C:\Users\Radu\Downloads\AM_64 (1).zip
2014-07-25 16:42 - 2014-07-25 16:42 - 00000000 ____D () C:\Users\Radu\Downloads\all haier driver
2014-07-25 16:39 - 2014-07-25 16:39 - 00168413 _____ () C:\Users\Radu\Downloads\all haier driver.rar
2014-07-25 16:38 - 2014-07-25 16:38 - 00073999 _____ () C:\Users\Radu\Downloads\QHSUSB_Drivers_(x64).zip
2014-07-25 16:38 - 2014-07-25 16:38 - 00000000 ____D () C:\Users\Radu\Downloads\QHSUSB_Drivers_(x64)
2014-07-25 16:36 - 2014-07-25 16:36 - 00304980 _____ () C:\Users\Radu\Downloads\ZTE_C261_WinXP_32.rar
2014-07-25 16:36 - 2014-07-25 16:36 - 00304980 _____ () C:\Users\Radu\Downloads\ZTE_C261_WinXP_32 (1).rar
2014-07-25 16:36 - 2014-07-25 16:36 - 00000000 ____D () C:\Users\Radu\Downloads\ZTE_C261_WinXP_32 (1)
2014-07-25 16:34 - 2014-07-25 16:34 - 00132131 _____ () C:\Users\Radu\Downloads\XperiaPLAY_DiagDrivers.zip
2014-07-25 16:13 - 2014-07-25 16:13 - 00100694 _____ () C:\Users\Radu\Downloads\AM_64.zip
2014-07-25 16:12 - 2014-07-25 16:12 - 03596602 _____ (USB CCID ) C:\Users\Radu\Downloads\CCID64.exe
2014-07-25 16:12 - 2014-07-25 16:12 - 00044402 _____ () C:\Users\Radu\Downloads\FT2K_64.zip
2014-07-25 16:12 - 2014-07-25 16:12 - 00000000 ____D () C:\Users\Radu\Downloads\FT2K_64
2014-07-25 16:12 - 2014-07-25 16:12 - 00000000 ____D () C:\Program Files (x86)\USB CCID
2014-07-25 15:58 - 2014-07-25 15:58 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\4SE
2014-07-25 15:45 - 2014-07-25 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-07-25 15:45 - 2014-07-25 15:45 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-07-25 15:44 - 2014-07-25 15:44 - 07254168 _____ () C:\Users\Radu\Downloads\2012-06-18 - DRVR_Chipset_NEC_USB3_A02-36X7D_setup_ZPE.exe
2014-07-25 15:44 - 2014-07-25 15:44 - 00000000 ____D () C:\Dell
2014-07-25 15:42 - 2014-07-25 15:42 - 00632152 _____ () C:\Users\Radu\Downloads\DriverGuide_Driver_Download_1882172.exe
2014-07-25 15:25 - 2014-07-25 15:25 - 00000975 _____ () C:\Users\Public\Desktop\Client 4SE.lnk
2014-07-25 15:25 - 2014-07-25 15:25 - 00000963 _____ () C:\Users\Public\Desktop\Tool 4SE.lnk
2014-07-25 15:25 - 2014-07-25 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4SE
2014-07-25 15:25 - 2014-07-25 15:25 - 00000000 ____D () C:\Program Files (x86)\4SE
2014-07-25 15:22 - 2014-07-25 15:23 - 56649353 _____ (darkmen ) C:\Users\Radu\Downloads\setup4SE_203.exe
2014-07-25 13:45 - 2014-07-25 13:45 - 00029411 _____ () C:\Users\Radu\Downloads\Broadcom_smartphone_USB_Driver.rar
2014-07-25 13:45 - 2014-07-25 13:45 - 00000000 ____D () C:\Users\Radu\Downloads\Broadcom_smartphone_USB_Driver
2014-07-22 13:40 - 2014-07-22 13:40 - 01244055 _____ () C:\Users\Radu\Downloads\UPDATE-SuperSU-v2.00.zip
2014-07-22 13:35 - 2014-07-22 13:35 - 00000000 ____D () C:\Windows\system32\files
2014-07-22 13:29 - 2014-07-22 13:29 - 00000699 _____ () C:\Windows\KB943198-v2.log
2014-07-22 13:22 - 2014-07-22 13:22 - 07396820 _____ () C:\Users\Radu\Downloads\ZTE_MTK_drivers.zip
2014-07-22 13:00 - 2014-07-22 13:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_usb2ser_01009.Wdf
2014-07-22 12:58 - 2014-07-22 13:33 - 00000000 ____D () C:\Users\Radu\.android
2014-07-22 12:58 - 2014-07-22 12:58 - 06612290 _____ () C:\Users\Radu\Downloads\ZTE_Android_USB_Driver (1).rar
2014-07-22 12:58 - 2014-07-22 12:58 - 04444440 _____ (ZTE Corporation ) C:\Users\Radu\Downloads\ZTE_HS_Driver_SetupV5.2066.1.8 (1).exe
2014-07-22 12:58 - 2014-07-22 12:58 - 03506362 _____ () C:\Users\Radu\Downloads\Orange_Boston_Driver (1).zip
2014-07-21 10:58 - 2014-07-21 10:58 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-21 10:58 - 2014-07-21 10:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-21 10:58 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-07-21 10:57 - 2014-07-21 10:58 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-21 10:57 - 2014-07-21 10:58 - 00000000 ____D () C:\Program Files\iTunes
2014-07-21 10:57 - 2014-07-21 10:58 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-21 10:57 - 2014-07-21 10:57 - 00000000 ____D () C:\Program Files\iPod
2014-07-19 12:56 - 2014-07-19 12:56 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-07-19 12:56 - 2014-07-19 12:56 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-07-19 12:56 - 2014-07-19 12:56 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-07-19 11:28 - 2014-07-19 11:28 - 113509200 _____ (Apple Inc.) C:\Users\Radu\Downloads\iTunes64Setup.exe
2014-07-19 11:13 - 2014-07-19 11:13 - 00001218 _____ () C:\Users\Public\Desktop\Wondershare Data Recovery.lnk
2014-07-19 11:13 - 2014-07-19 11:13 - 00000000 ____D () C:\Users\Radu\AppData\Local\Wondershare
2014-07-19 11:13 - 2014-07-19 11:13 - 00000000 ____D () C:\ProgramData\Wondershare
2014-07-19 11:13 - 2014-07-19 11:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-07-19 11:13 - 2014-07-19 11:13 - 00000000 ____D () C:\Program Files (x86)\Wondershare Software Co.,Ltd
2014-07-19 11:13 - 2014-07-19 11:13 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-07-19 11:13 - 2014-07-19 11:13 - 00000000 ____D () C:\Program Files (x86)\Temp
2014-07-19 11:12 - 2014-07-19 11:12 - 00000000 ____D () C:\Users\Radu\Downloads\Wondershare.Data.Recovery.for.Android.v1.0.Incl.Keymaker-CORE
2014-07-19 11:12 - 2014-07-19 11:12 - 00000000 ____D () C:\Users\Radu\Downloads\Wondershare Data Recovery 4.5.0.16 Multilingual Incl. Crack-SND
2014-07-19 11:10 - 2014-07-19 11:10 - 01859152 _____ (BitTorrent Inc.) C:\Users\Radu\Downloads\uTorrent.exe
2014-07-19 11:10 - 2014-07-19 11:10 - 00006523 _____ () C:\Users\Radu\Downloads\Wondershare Data Recovery 4.5.0.16 Multilingual Incl. Crack-SND.torrent
2014-07-19 11:10 - 2014-07-19 11:10 - 00004935 _____ () C:\Users\Radu\Downloads\Wondershare.Data.Recovery.for.Android.v1.0.Incl.Keymaker-CORE.torrent
2014-07-19 01:08 - 2014-07-19 01:08 - 00000000 ____D () C:\Users\Radu\AppData\Local\ADDP
2014-07-19 01:08 - 2014-07-19 01:08 - 00000000 ____D () C:\Users\Radu\AppData\Local\Acer
2014-07-19 01:08 - 2014-07-19 01:08 - 00000000 ____D () C:\ProgramData\Acer
2014-07-19 01:07 - 2014-07-19 01:07 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-07-19 01:07 - 2014-07-19 01:07 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework
2014-07-19 01:07 - 2014-07-19 01:07 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-07-19 01:07 - 2014-07-19 01:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-07-19 01:07 - 2014-07-19 01:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-07-19 01:06 - 2014-07-19 01:06 - 00000000 ____D () C:\Users\Radu\Downloads\AcerSync
2014-07-19 01:05 - 2014-07-19 01:05 - 53808178 _____ () C:\Users\Radu\Downloads\AcerSync.zip
2014-07-19 00:57 - 2014-07-19 00:57 - 00000995 _____ () C:\Users\Public\Desktop\HiSuite.lnk
2014-07-19 00:57 - 2014-07-19 00:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2014-07-19 00:57 - 2014-07-19 00:57 - 00000000 ____D () C:\ProgramData\HiSuiteOuc
2014-07-19 00:57 - 2014-07-19 00:57 - 00000000 ____D () C:\ProgramData\HandSetService
2014-07-19 00:56 - 2014-08-05 04:29 - 00000000 ____D () C:\Program Files (x86)\HiSuite
2014-07-18 03:25 - 2014-07-18 03:29 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppCB
2014-07-17 07:17 - 2014-07-17 07:17 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\HTC
2014-07-17 07:16 - 2014-08-05 04:31 - 00000000 ____D () C:\Users\Radu\AppData\Local\HTC MediaHub
2014-07-17 07:16 - 2014-07-17 07:16 - 00002031 _____ () C:\Users\Public\Desktop\HTC Sync Manager.lnk
2014-07-17 07:16 - 2014-07-17 07:16 - 00000000 ____D () C:\Users\Radu\Documents\HTC
2014-07-17 07:16 - 2014-07-17 07:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-07-17 07:16 - 2014-07-17 07:16 - 00000000 ____D () C:\ProgramData\HTC
2014-07-17 07:16 - 2014-07-17 07:16 - 00000000 ____D () C:\Program Files (x86)\Spirent Communications
2014-07-17 07:16 - 2014-07-17 07:16 - 00000000 ____D () C:\Program Files (x86)\HTC
2014-07-17 07:10 - 2014-07-17 07:10 - 136072080 _____ (HTC) C:\Users\Radu\Downloads\setup_3.1.13.0_htc.exe
2014-07-17 07:10 - 2014-07-17 07:10 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\LG Electronics
2014-07-17 00:20 - 2014-07-17 00:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_lgandnetadb_01005.Wdf
2014-07-17 00:18 - 2014-07-17 00:18 - 00000000 ____D () C:\Users\Radu\Downloads\CUSTOM ROM - STOCK - NOT ROOTED - EN-UK_EN-US_GE_FR_RO_HU
2014-07-17 00:16 - 2014-07-17 00:18 - 124525123 _____ () C:\Users\Radu\Downloads\CUSTOM ROM - STOCK - NOT ROOTED - EN-UK_EN-US_GE_FR_RO_HU.exe
2014-07-17 00:15 - 2014-07-17 00:15 - 00000093 _____ () C:\Users\Radu\Downloads\CUSTOM ROM - STOCK - ROOTED - EN-UK_EN-US_GE_FR_RO_HU.md5
2014-07-16 03:00 - 2014-07-16 03:00 - 00259972 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-07-15 10:30 - 2014-07-15 10:30 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motport_01007.Wdf
2014-07-15 10:30 - 2014-07-15 10:30 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motmodem_01007.Wdf
2014-07-15 10:22 - 2014-07-15 10:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motoandroid_01007.Wdf
2014-07-15 10:21 - 2014-07-15 10:21 - 00000000 ____D () C:\Program Files\Motorola Inc
2014-07-15 10:19 - 2014-07-15 10:19 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-15 10:17 - 2014-07-15 10:17 - 03871851 _____ () C:\Users\Radu\Downloads\Motorola_driver_5.4.0.rar
2014-07-15 10:17 - 2014-07-15 10:17 - 00000000 ____D () C:\Users\Radu\Downloads\Motorola_driver_5.4.0
2014-07-15 10:16 - 2014-07-15 10:16 - 00000000 ____D () C:\Program Files (x86)\Switcher
2014-07-15 10:04 - 2014-07-15 10:04 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motoandroid_01009.Wdf
2014-07-15 09:59 - 2014-07-15 09:59 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\Motorola Mobility
2014-07-15 09:59 - 2014-07-15 09:59 - 00000000 ____D () C:\Temp
2014-07-15 09:59 - 2014-07-15 09:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
2014-07-15 09:59 - 2014-07-15 09:59 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-07-15 09:59 - 2014-07-15 09:59 - 00000000 ____D () C:\Program Files (x86)\Motorola Mobility
2014-07-15 09:59 - 2014-07-15 09:59 - 00000000 ____D () C:\Program Files (x86)\Motorola
2014-07-15 09:58 - 2014-07-15 09:58 - 00000000 ____D () C:\Program Files\Common Files\Motorola Shared
2014-07-15 09:57 - 2014-07-15 09:57 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\Motorola
2014-07-15 09:55 - 2014-07-15 09:55 - 33586888 _____ (Motorola Mobility) C:\Users\Radu\Downloads\MotorolaDeviceManager_2.4.5.exe
2014-07-15 09:53 - 2014-07-15 09:52 - 51370750 _____ () C:\Users\Radu\Downloads\motorola-pc-suite-5.0.0 [1].exe
2014-07-15 09:51 - 2014-07-15 09:51 - 00765024 _____ ( ) C:\Users\Radu\Downloads\motorola-pc-suite-5.0.0.exe
2014-07-15 08:51 - 2014-08-05 06:09 - 00000000 __SHD () C:\Users\Radu\wc
2014-07-15 08:51 - 2014-07-30 02:57 - 00000000 __SHD () C:\Users\Radu\AppData\Roaming\wyUpdate AU
2014-07-15 08:50 - 2014-07-15 08:50 - 01817448 _____ () C:\Users\Radu\Downloads\HTC One Toolkit - Squabbi - 3.1.2.rar
2014-07-15 08:11 - 2014-07-15 08:22 - 414608712 _____ (Acresso Software Inc. ) C:\Users\Radu\Downloads\RUU_Pyramid_hTC_Asia_TW_1.35.709.1_Radio_10.43a.9007.00U_10.51.9007.27_M3_release_198188_signed.exe
2014-07-15 07:27 - 2014-07-15 08:33 - 1155644496 _____ () C:\Users\Radu\Downloads\Guru_Reset_M7_2.24.161.1.zip
2014-07-15 07:04 - 2014-07-15 07:10 - 239572539 _____ () C:\Users\Radu\Downloads\OTA_M7_UL_JB_50_Vodafone_UK_1.29.161.11-1.28.161.7_release_315813_signedoj2qp335qmm8qjso.zip
2014-07-15 04:30 - 2014-07-15 04:30 - 00001893 _____ () C:\Users\Radu\Desktop\Android Tool.lnk
2014-07-15 04:28 - 2014-07-15 04:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-07-15 01:16 - 2014-07-15 01:16 - 00001210 _____ () C:\Users\Public\Desktop\LG PC Suite.lnk
2014-07-15 01:15 - 2014-07-15 01:15 - 00000000 ____D () C:\Users\Radu\AppData\Local\LG Electronics
2014-07-15 01:15 - 2014-07-15 01:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
2014-07-15 01:14 - 2014-07-15 01:15 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2014-07-15 01:11 - 2014-07-15 01:11 - 00000000 ____D () C:\Users\Radu\Desktop\LG3Q
2014-07-15 00:44 - 2014-07-15 00:44 - 00000861 _____ () C:\Users\Public\Desktop\VS2.lnk
2014-07-15 00:44 - 2014-07-15 00:44 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VS2
2014-07-15 00:44 - 2014-07-15 00:44 - 00000000 ____D () C:\Program Files\The Colombian Team
2014-07-15 00:30 - 2014-07-15 00:43 - 216317856 _____ (LG Electronics) C:\Users\Radu\Downloads\LGPCSuite_Setup.exe
2014-07-15 00:19 - 2014-07-15 00:42 - 212235923 _____ () C:\Users\Radu\Downloads\Vygis_Shell_2_00_Install.rar
2014-07-14 05:28 - 2014-07-14 05:28 - 00000962 _____ () C:\Users\Public\Desktop\VROOT.lnk
2014-07-14 05:28 - 2014-07-14 05:28 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\mgyun
2014-07-14 05:28 - 2014-07-14 05:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VROOT
2014-07-14 05:28 - 2014-07-14 05:28 - 00000000 ____D () C:\Program Files (x86)\VROOT
2014-07-14 05:26 - 2014-07-22 12:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZTE Handset USB Driver
2014-07-14 05:26 - 2014-07-22 12:58 - 00000000 ____D () C:\Program Files\ZTE Handset USB Driver
2014-07-14 05:26 - 2011-01-13 11:17 - 00122624 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\zghsvousb.sys
2014-07-14 05:26 - 2011-01-13 11:17 - 00122624 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\zghsnmea.sys
2014-07-14 05:26 - 2011-01-13 11:17 - 00122624 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\zghsmdm.sys
2014-07-14 05:26 - 2011-01-13 11:17 - 00122624 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\zghsdiag.sys
2014-07-14 05:26 - 2011-01-13 11:17 - 00122624 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\zghsat.sys
2014-07-14 05:26 - 2011-01-07 09:43 - 00584584 _____ () C:\Windows\adb.exe
2014-07-14 05:26 - 2010-10-20 16:10 - 00011776 _____ (HandSet Incorporated) C:\Windows\system32\Drivers\massfilter_hs.sys
2014-07-14 05:26 - 2010-05-07 11:48 - 00096256 _____ (Google, inc) C:\Windows\AdbWinApi.dll
2014-07-14 05:25 - 2014-07-22 12:58 - 00000000 ____D () C:\Program Files (x86)\ZTE Smartphone Driver
2014-07-14 05:25 - 2014-07-14 05:25 - 00000000 ____D () C:\Users\Radu\Downloads\ZTE_Android_USB_Driver
2014-07-14 05:25 - 2010-04-29 15:46 - 00122624 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\zgwhsnmea.sys
2014-07-14 05:25 - 2010-04-29 15:46 - 00122624 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\zgwhsmdm.sys
2014-07-14 05:25 - 2010-04-29 15:46 - 00122624 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\zgwhsdiag.sys
2014-07-14 05:24 - 2014-07-14 05:25 - 06612290 _____ () C:\Users\Radu\Downloads\ZTE_Android_USB_Driver.rar
2014-07-14 05:24 - 2014-07-14 05:25 - 04444440 _____ (ZTE Corporation ) C:\Users\Radu\Downloads\ZTE_HS_Driver_SetupV5.2066.1.8.exe
2014-07-14 05:24 - 2014-07-14 05:25 - 03506362 _____ () C:\Users\Radu\Downloads\Orange_Boston_Driver.zip
2014-07-14 05:05 - 2014-07-14 05:06 - 06926776 _____ (Shenzhen Xinyi Network Co.,Ltd. ) C:\Users\Radu\Downloads\VRoot_1.7.3.4863_english_cid1005_7337ba1e_89.exe
2014-07-14 04:49 - 2014-07-22 13:35 - 00000000 ____D () C:\Users\Radu\Documents\HiSuite
2014-07-14 04:49 - 2014-07-19 00:57 - 00000000 ____D () C:\Users\Radu\AppData\Local\HiSuite
2014-07-14 04:49 - 2012-02-08 02:07 - 00281088 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys
2014-07-14 04:49 - 2011-10-23 21:04 - 00223232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
2014-07-14 04:49 - 2011-10-23 20:51 - 00116864 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
2014-07-14 04:49 - 2010-02-18 16:00 - 01533512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01007.dll
2014-07-14 04:49 - 2010-02-18 16:00 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
2014-07-14 04:49 - 2010-02-18 16:00 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WinUSBCoInstaller.dll
2014-07-14 04:48 - 2014-07-14 04:48 - 36283976 _____ () C:\Users\Radu\Downloads\HiSuiteSetup_v1.8.10.26.06.zip
2014-07-14 04:48 - 2014-07-14 04:48 - 00000000 ____D () C:\Users\Radu\Downloads\HiSuiteSetup_v1.8.10.26.06
2014-07-14 04:43 - 2014-07-14 04:43 - 00000000 ____D () C:\Archivos de programa
2014-07-14 04:42 - 2014-07-14 04:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-07-14 04:41 - 2014-07-14 04:41 - 00000512 _____ () C:\Users\Radu\Downloads\Reg01019F71_LG.dat
2014-07-14 01:16 - 2014-07-14 01:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-07-14 01:07 - 2014-08-05 06:31 - 00000000 ____D () C:\Users\Radu\Documents\SelfMV
2014-07-14 01:07 - 2014-08-01 04:13 - 00000000 ____D () C:\Users\Radu\Desktop\R E C U P E R A R I
2014-07-13 23:49 - 2014-06-18 17:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-13 23:49 - 2014-02-03 19:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-07-13 23:49 - 2014-02-03 19:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-07-13 23:49 - 2013-12-24 16:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-07-13 23:49 - 2013-12-24 15:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-07-13 23:49 - 2013-11-26 01:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-07-13 23:49 - 2013-11-23 11:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-07-13 23:49 - 2013-11-23 10:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-07-13 23:49 - 2013-11-22 15:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-07-13 23:49 - 2012-02-10 23:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-07-13 23:49 - 2012-02-10 23:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-07-13 23:49 - 2011-03-10 23:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-07-13 23:49 - 2011-03-10 23:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-07-13 23:49 - 2011-03-10 23:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-07-13 23:49 - 2011-03-10 23:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-07-13 23:49 - 2011-03-10 23:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-07-13 23:49 - 2011-03-10 23:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-07-13 23:49 - 2011-03-10 23:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-07-13 23:49 - 2011-03-10 22:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-07-13 23:49 - 2011-03-10 22:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-07-13 23:49 - 2011-03-10 21:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-07-13 23:49 - 2011-02-24 23:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-07-13 23:49 - 2011-02-24 22:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-07-13 23:40 - 2014-07-13 23:40 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\Adobe
2014-07-12 11:34 - 2014-07-12 11:34 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-07-12 11:34 - 2014-07-12 10:40 - 00000000 ____D () C:\Windows\Panther
2014-07-12 11:34 - 2010-11-20 20:23 - 00383786 __RSH () C:\bootmgr
2014-07-12 10:42 - 2014-08-05 06:47 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-12 10:42 - 2014-08-05 04:31 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-12 10:42 - 2014-07-19 11:52 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-12 10:42 - 2014-07-12 10:42 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-12 10:42 - 2014-07-12 10:42 - 00003848 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-12 10:42 - 2014-07-12 10:42 - 00000000 ____D () C:\Users\Radu\AppData\Local\Google
2014-07-12 10:42 - 2014-07-12 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-12 10:42 - 2014-07-12 10:42 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-12 10:41 - 2014-07-22 13:35 - 00000000 ____D () C:\Users\Radu\AppData\Local\VirtualStore
2014-07-12 10:41 - 2014-07-17 07:16 - 00093104 _____ () C:\Users\Radu\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-12 10:41 - 2014-07-13 23:40 - 00001417 _____ () C:\Users\Radu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-12 10:41 - 2014-07-12 10:42 - 00000000 ____D () C:\Users\Radu\AppData\Local\Deployment
2014-07-12 10:41 - 2014-07-12 10:41 - 00000000 ____D () C:\Users\Radu\AppData\Local\Apps\2.0
2014-07-12 10:40 - 2014-07-22 12:58 - 00000000 ____D () C:\Users\Radu
2014-07-12 10:40 - 2014-07-12 10:40 - 00000020 ___SH () C:\Users\Radu\ntuser.ini
2014-07-12 10:40 - 2014-07-12 10:40 - 00000000 __SHD () C:\Recovery
2014-07-12 10:40 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\Radu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-12 10:40 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\Radu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-12 10:38 - 2014-08-05 04:33 - 01669179 _____ () C:\Windows\WindowsUpdate.log
2014-07-12 10:38 - 2014-07-12 10:38 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-07-12 10:38 - 2014-07-12 10:38 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-07-12 10:37 - 2014-07-12 10:37 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-07-12 10:36 - 2014-07-12 10:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-07-12 07:13 - 2013-05-09 22:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-07-12 07:13 - 2013-05-09 22:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-07-12 07:13 - 2013-05-09 21:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-07-12 07:13 - 2013-05-09 21:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-07-12 06:42 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-07-12 06:37 - 2014-07-12 06:37 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-12 06:37 - 2014-07-12 06:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-12 06:37 - 2014-07-12 06:37 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-12 06:37 - 2014-07-12 06:37 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-12 06:37 - 2014-07-12 06:37 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-07-12 06:37 - 2014-07-12 06:37 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-07-12 06:37 - 2014-07-12 06:37 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-07-12 06:37 - 2014-07-12 06:37 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-07-12 06:37 - 2014-07-12 06:37 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-07-12 06:37 - 2014-07-12 06:37 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-07-12 06:37 - 2014-07-12 06:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-12 06:29 - 2014-07-12 06:42 - 00012863 _____ () C:\Windows\IE11_main.log
2014-07-12 05:54 - 2014-07-12 05:54 - 00001119 _____ () C:\Users\Public\Desktop\RIFF Box JTAG Manager.lnk
2014-07-12 05:54 - 2014-07-12 05:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RIFF Box JTAG Manager
2014-07-12 05:52 - 2014-07-12 05:52 - 00000000 ____D () C:\ProgramData\SZCCID
2014-07-12 05:52 - 2014-07-12 05:52 - 00000000 ____D () C:\Program Files (x86)\AlcorMicro
2014-07-12 05:47 - 2014-07-12 05:47 - 00045256 _____ () C:\Users\Radu\Downloads\smart-card-reader-driver-feitian-64bit.zip
2014-07-12 05:47 - 2014-07-12 05:47 - 00000000 ____D () C:\Users\Radu\Downloads\smart-card-reader-driver-feitian-64bit
2014-07-12 05:47 - 2013-07-27 16:52 - 00043432 _____ (OEM) C:\Windows\system32\Drivers\eps2kt1.sys
2014-07-12 05:47 - 2013-07-27 16:52 - 00023592 _____ (OEM) C:\Windows\system32\Drivers\smccard.sys
2014-07-12 05:47 - 2013-07-27 16:52 - 00008192 _____ () C:\Windows\system32\R5CoInst.dll
2014-07-12 05:37 - 2014-07-14 05:24 - 00000000 ____D () C:\Users\Radu\Documents\SigmaKey
2014-07-12 05:37 - 2014-07-12 05:37 - 00001997 _____ () C:\Users\Public\Desktop\SigmaKey.lnk
2014-07-12 05:37 - 2014-07-12 05:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmServer
2014-07-12 05:37 - 2014-07-12 05:37 - 00000000 ____D () C:\Program Files (x86)\GsmServer
2014-07-12 05:30 - 2014-07-12 05:30 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Radu\Downloads\revosetup.exe
2014-07-12 05:30 - 2014-07-12 05:30 - 00001268 _____ () C:\Users\Radu\Desktop\Revo Uninstaller.lnk
2014-07-12 05:30 - 2014-07-12 05:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-12 05:29 - 2014-07-12 05:29 - 01653147 _____ () C:\Users\Radu\Downloads\DDUv12940-[Guru3D.com].exe
2014-07-12 05:29 - 2014-07-12 05:29 - 01653147 _____ () C:\Users\Radu\Downloads\DDUv12940-[Guru3D.com] (1).exe
2014-07-12 05:29 - 2014-06-12 18:44 - 03287040 _____ () C:\Users\Radu\Downloads\Display Driver Uninstaller.exe
2014-07-12 05:29 - 2014-06-12 18:44 - 00171520 _____ () C:\Users\Radu\Downloads\Display Driver Uninstaller.pdb
2014-07-12 05:29 - 2014-05-14 10:57 - 00000000 ____D () C:\Users\Radu\Downloads\settings
2014-07-12 05:28 - 2014-07-12 05:28 - 00000201 _____ () C:\Users\Radu\Downloads\DC-Uninstall_Device_V.1001 (1).log
2014-07-12 05:27 - 2014-07-12 05:27 - 04001080 _____ (UAB Digiteka) C:\Users\Radu\Downloads\DC-Uninstall_Device_V.1001 (1).exe
2014-07-12 05:23 - 2014-07-12 05:25 - 00002281 _____ () C:\Users\Radu\Downloads\DC-Uninstall_Device_V.1001.log
2014-07-12 05:23 - 2014-07-12 05:23 - 00000190 _____ () C:\Users\Radu\Downloads\DCUninstall.INI
2014-07-12 05:22 - 2014-07-12 05:22 - 04001080 _____ (UAB Digiteka) C:\Users\Radu\Downloads\DC-Uninstall_Device_V.1001.exe
2014-07-12 05:17 - 2014-07-12 05:17 - 00000624 _____ () C:\Windows\WININIT.INI
2014-07-12 04:55 - 2014-07-12 04:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-12 04:55 - 2014-06-26 17:40 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-12 04:43 - 2010-02-23 01:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-07-12 04:37 - 2014-07-12 05:17 - 00005688 _____ () C:\ft_inst.log
2014-07-12 04:37 - 2014-07-12 04:53 - 00023312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\_shfoldr.dll
2014-07-12 04:37 - 2014-07-12 04:37 - 00000000 ____D () C:\Program Files (x86)\Software Installation Information
2014-07-12 04:29 - 2014-07-12 04:29 - 00003260 _____ () C:\Windows\System32\Tasks\{0F6512F6-DBBB-439F-B8DA-3A1BD53E5FF9}
2014-07-12 04:24 - 2009-10-22 15:17 - 00330056 _____ (FTDI Ltd.) C:\Windows\system32\vsd2xx.dll
2014-07-12 04:24 - 2009-10-22 15:17 - 00206144 _____ (FTDI Ltd.) C:\Windows\SysWOW64\vsd2xx.dll
2014-07-12 04:10 - 2012-07-25 20:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-07-12 04:10 - 2012-07-25 20:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-07-12 04:10 - 2012-07-25 20:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-07-12 04:10 - 2012-07-25 20:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-07-12 04:10 - 2012-07-25 20:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-07-12 04:10 - 2012-07-25 19:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-07-12 04:10 - 2012-07-25 19:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-07-12 04:10 - 2012-06-02 07:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-07-12 03:48 - 2012-02-29 23:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-07-12 03:48 - 2012-02-29 23:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-07-12 03:48 - 2012-02-29 22:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-07-12 03:40 - 2014-07-12 03:43 - 370763706 _____ () C:\Users\Radu\Downloads\adt-bundle-windows-x86_64-20140702.zip
2014-07-12 03:37 - 2014-03-04 02:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-12 03:37 - 2014-03-04 02:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-07-12 03:37 - 2014-03-04 02:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-07-12 03:37 - 2014-03-04 02:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-07-12 03:37 - 2014-03-04 02:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-07-12 03:37 - 2014-03-04 02:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-07-12 03:37 - 2014-03-04 02:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-07-12 03:37 - 2014-03-04 02:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-07-12 03:37 - 2014-03-04 02:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-07-12 03:37 - 2014-03-04 02:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-07-12 03:37 - 2014-03-04 02:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-07-12 03:37 - 2014-03-04 02:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-07-12 03:37 - 2014-03-04 02:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-07-12 03:37 - 2014-03-04 02:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-07-12 03:37 - 2014-03-04 02:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-07-12 03:37 - 2014-03-04 02:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-07-12 03:37 - 2014-03-04 02:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-07-12 03:37 - 2014-03-04 02:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-07-12 03:37 - 2014-03-04 02:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-07-12 03:37 - 2014-03-04 02:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-07-12 03:37 - 2013-08-01 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-07-12 03:37 - 2013-08-01 19:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-07-12 03:37 - 2013-08-01 18:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-07-12 03:37 - 2013-08-01 17:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-07-12 03:37 - 2012-12-07 06:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-07-12 03:37 - 2012-12-07 06:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-07-12 03:37 - 2012-12-07 05:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-07-12 03:37 - 2012-12-07 05:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-07-12 03:37 - 2012-12-07 04:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-07-12 03:37 - 2012-12-07 04:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-07-12 03:37 - 2012-12-07 04:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-07-12 03:37 - 2012-12-07 04:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-07-12 03:37 - 2012-12-07 04:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-07-12 03:37 - 2012-12-07 04:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-07-12 03:37 - 2012-12-07 04:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-07-12 03:37 - 2012-12-07 04:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-07-12 03:37 - 2012-12-07 04:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-07-12 03:37 - 2012-12-07 04:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-07-12 03:37 - 2012-12-07 04:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-07-12 03:37 - 2012-12-07 04:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-07-12 03:37 - 2012-12-07 04:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-07-12 03:37 - 2012-12-07 04:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-07-12 03:37 - 2012-12-07 03:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-07-12 03:37 - 2012-12-07 03:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-07-12 03:37 - 2012-12-07 03:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-07-12 03:37 - 2012-12-07 03:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-07-12 03:37 - 2012-12-07 03:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-07-12 03:37 - 2012-12-07 03:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-07-12 03:37 - 2012-12-07 03:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-07-12 03:37 - 2012-12-07 03:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-07-12 03:37 - 2012-12-07 03:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-07-12 03:37 - 2012-12-07 03:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-07-12 03:37 - 2012-12-07 03:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-07-12 03:37 - 2012-12-07 03:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-07-12 03:37 - 2012-12-07 03:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-07-12 03:37 - 2012-12-07 03:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-07-12 03:36 - 2013-10-03 19:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-07-12 03:36 - 2013-10-03 19:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-07-12 03:36 - 2013-10-03 19:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-07-12 03:36 - 2013-10-03 19:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-07-12 03:36 - 2013-10-03 18:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-07-12 03:36 - 2013-10-03 18:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-07-12 03:36 - 2013-10-03 18:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-07-12 03:36 - 2013-10-03 18:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-07-12 03:36 - 2013-06-05 22:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-07-12 03:36 - 2013-06-05 22:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-07-12 03:36 - 2013-06-05 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-07-12 03:36 - 2013-06-05 22:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-07-12 03:36 - 2013-06-05 21:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-07-12 03:36 - 2013-06-05 21:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-07-12 03:36 - 2013-06-05 21:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-07-12 03:36 - 2013-06-05 20:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-07-12 03:36 - 2013-06-05 20:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-07-12 03:36 - 2013-06-05 20:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-07-12 03:36 - 2013-02-26 23:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-07-12 03:36 - 2013-02-26 22:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-07-12 03:36 - 2011-04-08 23:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-07-12 03:36 - 2011-04-08 22:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-07-12 03:35 - 2014-06-17 19:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-12 03:35 - 2014-06-17 18:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-12 03:35 - 2014-06-17 18:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-12 03:35 - 2014-05-29 23:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-12 03:35 - 2014-04-24 19:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-07-12 03:35 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-07-12 03:35 - 2014-03-24 19:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-07-12 03:35 - 2014-03-24 19:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-07-12 03:35 - 2013-12-03 19:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-07-12 03:35 - 2013-12-03 19:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-07-12 03:35 - 2013-12-03 19:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-07-12 03:35 - 2013-12-03 19:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-07-12 03:35 - 2013-12-03 19:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-07-12 03:35 - 2013-12-03 19:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-07-12 03:35 - 2013-12-03 19:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-07-12 03:35 - 2013-12-03 19:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-07-12 03:35 - 2013-12-03 19:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-07-12 03:35 - 2013-12-03 19:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-07-12 03:35 - 2013-12-03 19:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-07-12 03:35 - 2013-12-03 19:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-07-12 03:35 - 2013-12-03 19:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-07-12 03:35 - 2013-12-03 19:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-07-12 03:35 - 2013-12-03 18:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-07-12 03:35 - 2013-12-03 18:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-07-12 03:35 - 2013-12-03 18:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-07-12 03:35 - 2013-12-03 18:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-07-12 03:35 - 2013-10-05 13:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-07-12 03:35 - 2013-10-05 12:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-07-12 03:35 - 2013-09-07 19:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-07-12 03:35 - 2013-09-07 19:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-07-12 03:35 - 2013-08-28 19:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-12 03:35 - 2013-08-28 19:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-07-12 03:35 - 2013-08-28 19:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-07-12 03:35 - 2013-08-28 18:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-12 03:35 - 2013-08-28 18:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-07-12 03:35 - 2013-08-28 18:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-07-12 03:35 - 2013-07-25 02:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-07-12 03:35 - 2013-07-25 01:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-07-12 03:35 - 2013-07-08 22:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-07-12 03:35 - 2013-07-08 22:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-07-12 03:35 - 2013-07-08 22:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-07-12 03:35 - 2013-07-08 21:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-07-12 03:35 - 2013-07-08 21:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-07-12 03:35 - 2013-07-08 21:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-07-12 03:35 - 2013-04-25 16:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-07-12 03:35 - 2013-03-31 15:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-07-12 03:35 - 2013-02-14 23:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-07-12 03:35 - 2013-02-14 23:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-07-12 03:35 - 2013-02-14 23:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-07-12 03:35 - 2013-02-14 21:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-07-12 03:35 - 2013-02-14 21:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-07-12 03:35 - 2013-02-14 20:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-07-12 03:35 - 2012-10-03 10:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-07-12 03:35 - 2012-10-03 10:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-07-12 03:35 - 2012-10-03 10:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-07-12 03:35 - 2012-10-03 10:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-07-12 03:35 - 2012-10-03 10:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-07-12 03:35 - 2012-10-03 10:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-07-12 03:35 - 2012-10-03 09:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-07-12 03:35 - 2012-10-03 09:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-07-12 03:35 - 2012-10-03 09:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-07-12 03:35 - 2012-10-03 09:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-07-12 03:35 - 2012-08-22 11:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-07-12 03:35 - 2012-08-21 14:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-07-12 03:35 - 2012-07-04 13:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-07-12 03:35 - 2012-04-30 22:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-07-12 03:35 - 2012-04-07 05:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-07-12 03:35 - 2012-04-07 04:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-07-12 03:35 - 2012-01-13 00:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-07-12 03:35 - 2011-11-16 23:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-07-12 03:35 - 2011-11-16 22:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-07-12 03:35 - 2011-03-10 23:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-07-12 03:35 - 2011-03-10 23:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-07-12 03:35 - 2011-03-10 22:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-07-12 03:35 - 2011-03-10 22:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-07-12 03:35 - 2010-12-23 03:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-07-12 03:35 - 2010-12-23 03:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-07-12 03:35 - 2010-12-23 03:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-07-12 03:35 - 2010-12-22 22:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-07-12 03:35 - 2010-12-22 22:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-07-12 03:35 - 2010-12-22 22:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-07-12 03:34 - 2014-06-06 03:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-12 03:34 - 2014-06-06 02:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-12 03:34 - 2014-05-08 02:32 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-07-12 03:34 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-07-12 03:34 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-07-12 03:34 - 2014-03-26 07:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-07-12 03:34 - 2014-03-26 07:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-07-12 03:34 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-07-12 03:34 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-07-12 03:34 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-07-12 03:34 - 2014-03-26 07:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-07-12 03:34 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-07-12 03:34 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-07-12 03:34 - 2014-01-28 19:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-07-12 03:34 - 2014-01-28 19:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-07-12 03:34 - 2014-01-27 19:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-07-12 03:34 - 2013-12-31 16:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-07-12 03:34 - 2013-12-31 16:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-07-12 03:34 - 2013-11-26 18:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-07-12 03:34 - 2013-11-26 18:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-07-12 03:34 - 2013-11-26 18:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-07-12 03:34 - 2013-11-26 18:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-07-12 03:34 - 2013-11-26 18:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-07-12 03:34 - 2013-11-26 18:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-07-12 03:34 - 2013-11-26 04:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-07-12 03:34 - 2013-11-11 19:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-07-12 03:34 - 2013-11-11 19:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-07-12 03:34 - 2013-10-29 19:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-07-12 03:34 - 2013-10-29 19:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-07-12 03:34 - 2013-10-18 19:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-07-12 03:34 - 2013-10-18 18:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-07-12 03:34 - 2013-08-28 18:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2014-07-12 03:34 - 2013-08-04 19:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-07-12 03:34 - 2013-07-12 03:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-07-12 03:34 - 2013-07-08 22:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-07-12 03:34 - 2013-07-08 21:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-07-12 03:34 - 2013-07-04 05:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-07-12 03:34 - 2013-07-04 05:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-07-12 03:34 - 2013-07-04 05:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-07-12 03:34 - 2013-07-04 04:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-07-12 03:34 - 2013-07-04 04:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-07-12 03:34 - 2013-07-04 04:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-07-12 03:34 - 2013-07-04 03:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-07-12 03:34 - 2013-07-02 21:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-07-12 03:34 - 2013-07-02 21:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-07-12 03:34 - 2013-06-25 15:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-07-12 03:34 - 2013-06-14 21:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-07-12 03:34 - 2013-03-18 22:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-07-12 03:34 - 2013-02-11 21:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023x.sys
2014-07-12 03:34 - 2013-02-11 21:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-07-12 03:34 - 2012-11-28 15:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-07-12 03:34 - 2012-11-28 15:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-07-12 03:34 - 2012-11-28 15:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-07-12 03:34 - 2012-11-01 22:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-07-12 03:34 - 2012-11-01 22:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-07-12 03:34 - 2012-10-09 11:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-07-12 03:34 - 2012-10-09 11:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-07-12 03:34 - 2012-10-09 10:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-07-12 03:34 - 2012-10-09 10:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-07-12 03:34 - 2012-07-04 13:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rndismpx.sys
2014-07-12 03:34 - 2012-04-27 20:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-07-12 03:34 - 2012-04-25 22:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-07-12 03:34 - 2012-04-25 22:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-07-12 03:34 - 2012-04-25 22:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-07-12 03:34 - 2012-03-17 00:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-07-12 03:34 - 2012-01-04 03:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-07-12 03:34 - 2012-01-04 01:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-07-12 03:34 - 2011-12-29 23:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-07-12 03:34 - 2011-12-29 22:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-07-12 03:34 - 2011-10-25 22:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-07-12 03:34 - 2011-10-25 22:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-07-12 03:34 - 2011-10-25 21:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-07-12 03:34 - 2011-10-25 21:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-07-12 03:34 - 2011-08-16 22:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-07-12 03:34 - 2011-08-16 22:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-07-12 03:34 - 2011-08-16 21:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-07-12 03:34 - 2011-08-16 21:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-07-12 03:34 - 2011-07-08 19:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-07-12 03:34 - 2011-06-15 22:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-07-12 03:34 - 2011-06-15 21:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-07-12 03:34 - 2011-06-15 03:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-07-12 03:34 - 2011-06-15 03:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-07-12 03:34 - 2011-06-15 03:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-07-12 03:34 - 2011-06-15 03:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-07-12 03:34 - 2011-06-15 01:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-07-12 03:34 - 2011-06-15 01:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-07-12 03:34 - 2011-06-15 01:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-07-12 03:34 - 2011-06-15 01:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-07-12 03:34 - 2011-06-15 01:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-07-12 03:34 - 2011-05-03 22:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-07-12 03:34 - 2011-05-03 22:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-07-12 03:34 - 2011-05-03 22:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-07-12 03:34 - 2011-05-03 22:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-07-12 03:34 - 2011-05-03 22:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-07-12 03:34 - 2011-05-03 22:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-07-12 03:34 - 2011-05-03 22:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-07-12 03:34 - 2011-05-03 22:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-07-12 03:34 - 2011-05-03 22:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-07-12 03:34 - 2011-05-03 21:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-07-12 03:34 - 2011-05-03 21:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-07-12 03:34 - 2011-05-03 21:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-07-12 03:34 - 2011-05-03 21:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-07-12 03:34 - 2011-05-03 21:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-07-12 03:34 - 2011-05-03 21:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-07-12 03:34 - 2011-05-03 21:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-07-12 03:34 - 2011-05-03 21:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-07-12 03:34 - 2011-05-03 21:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-07-12 03:34 - 2011-04-26 19:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-07-12 03:34 - 2011-04-26 19:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-07-12 03:33 - 2011-04-28 20:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-07-12 03:33 - 2011-04-28 20:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-07-12 03:33 - 2011-04-28 20:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-07-12 03:33 - 2011-03-02 23:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-07-12 03:33 - 2011-03-02 23:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-07-12 03:33 - 2011-03-02 23:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-07-12 03:33 - 2011-03-02 22:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-07-12 03:33 - 2011-03-02 22:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-07-12 03:30 - 2014-02-03 19:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-07-12 03:30 - 2014-02-03 19:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-07-12 03:30 - 2014-02-03 19:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-07-12 03:30 - 2014-02-03 19:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-07-12 03:30 - 2014-02-03 19:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-07-12 03:22 - 2014-06-05 07:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-12 03:22 - 2014-06-05 07:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-12 03:22 - 2014-06-05 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-12 03:22 - 2014-04-11 19:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-07-12 03:22 - 2014-04-11 19:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-07-12 03:22 - 2014-04-11 19:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-07-12 03:22 - 2014-04-11 19:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-07-12 03:22 - 2014-04-11 19:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-07-12 03:22 - 2014-04-11 19:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-07-12 03:22 - 2013-08-01 05:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-07-12 03:22 - 2013-07-04 05:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-07-12 03:22 - 2013-04-09 23:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-07-12 03:22 - 2011-08-26 22:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-07-12 03:22 - 2011-08-26 22:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-07-12 03:22 - 2011-08-26 21:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-07-12 03:22 - 2011-08-26 21:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-07-12 03:22 - 2011-02-03 04:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-07-12 03:21 - 2014-05-30 01:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-12 03:21 - 2014-05-30 01:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-12 03:21 - 2014-05-30 01:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-12 03:21 - 2014-05-30 01:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-12 03:21 - 2014-05-30 01:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-12 03:21 - 2014-05-30 01:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-12 03:21 - 2014-05-30 01:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-12 03:21 - 2014-05-30 00:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-12 03:21 - 2014-05-30 00:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-12 03:21 - 2014-05-30 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-12 03:21 - 2014-05-30 00:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-12 03:21 - 2014-05-30 00:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-12 03:21 - 2014-05-30 00:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-12 03:21 - 2014-05-30 00:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-12 03:21 - 2014-03-04 02:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-07-12 03:21 - 2014-03-04 02:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-07-12 03:21 - 2014-03-04 02:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-07-12 03:21 - 2014-03-04 02:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-07-12 03:21 - 2014-03-04 02:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-07-12 03:21 - 2014-03-04 02:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-07-12 03:21 - 2014-03-04 02:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-07-12 03:21 - 2014-03-04 02:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-07-12 03:21 - 2014-03-04 02:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-07-12 03:21 - 2014-03-04 01:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-07-12 03:21 - 2014-03-04 01:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-07-12 03:21 - 2014-01-23 19:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-07-12 03:21 - 2013-10-11 19:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-07-12 03:21 - 2013-10-11 19:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-07-12 03:21 - 2013-10-11 19:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-07-12 03:21 - 2013-10-11 19:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-07-12 03:21 - 2013-10-11 19:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-07-12 03:21 - 2013-10-11 19:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-07-12 03:21 - 2013-10-11 19:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-07-12 03:21 - 2013-10-11 19:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-07-12 03:21 - 2013-10-11 19:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-07-12 03:21 - 2013-10-11 18:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-07-12 03:21 - 2013-10-11 18:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-07-12 03:21 - 2013-10-11 18:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-07-12 03:21 - 2013-10-11 18:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-07-12 03:21 - 2013-08-27 18:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-07-12 03:21 - 2013-08-01 19:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 18:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-07-12 03:21 - 2013-08-01 17:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 17:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 17:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-07-12 03:21 - 2013-08-01 17:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-07-12 03:21 - 2013-07-25 19:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-07-12 03:21 - 2013-07-25 18:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-07-12 03:21 - 2013-07-20 03:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-07-12 03:21 - 2013-07-20 03:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-07-12 03:21 - 2013-05-12 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-07-12 03:21 - 2013-05-12 20:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-07-12 03:21 - 2013-05-12 20:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-07-12 03:21 - 2013-05-12 20:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-07-12 03:21 - 2013-05-09 22:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-07-12 03:21 - 2013-05-09 20:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-07-12 03:21 - 2013-04-25 22:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-07-12 03:21 - 2013-04-25 21:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-07-12 03:21 - 2012-09-25 15:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-07-12 03:21 - 2012-09-25 15:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-07-12 03:21 - 2012-06-05 23:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-07-12 03:21 - 2012-06-05 22:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-07-12 03:21 - 2012-05-13 22:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-07-12 03:21 - 2011-12-16 01:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-07-12 03:21 - 2011-12-16 00:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-07-12 03:21 - 2011-10-14 23:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-07-12 03:21 - 2011-10-14 22:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-07-12 03:21 - 2011-05-24 04:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-07-12 03:21 - 2011-05-24 03:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-07-12 03:21 - 2011-05-24 03:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-07-12 03:21 - 2011-05-24 03:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-07-12 03:21 - 2011-05-24 03:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-07-12 03:21 - 2011-05-02 22:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-07-12 03:21 - 2011-05-02 21:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-07-12 03:21 - 2011-02-22 21:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-07-12 03:21 - 2011-02-05 10:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-07-12 03:21 - 2011-02-05 10:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-07-12 03:21 - 2011-02-05 10:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-07-12 03:21 - 2011-02-05 10:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-07-12 03:21 - 2011-02-05 10:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-07-12 03:21 - 2011-02-05 10:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-07-12 03:21 - 2011-02-05 10:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-07-12 03:20 - 2013-10-02 19:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-07-12 03:20 - 2013-10-02 19:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-07-12 03:20 - 2013-01-23 23:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-07-12 03:20 - 2012-11-22 20:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-07-12 03:20 - 2012-07-04 15:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-07-12 03:20 - 2012-07-04 15:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-07-12 03:20 - 2012-07-04 15:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-07-12 03:20 - 2012-07-04 14:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-07-12 03:20 - 2012-07-04 14:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-07-12 03:20 - 2012-05-05 01:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-07-12 03:20 - 2012-05-05 00:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-07-12 03:20 - 2011-02-18 03:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-07-12 03:20 - 2011-02-17 22:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-07-12 03:20 - 2011-02-12 04:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-07-12 03:19 - 2014-07-12 03:19 - 00001973 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-07-12 03:19 - 2011-11-19 07:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-07-12 03:19 - 2011-11-19 07:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-07-12 03:11 - 2014-08-04 07:04 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\Samsung
2014-07-12 03:11 - 2014-07-12 03:11 - 00000000 ____D () C:\Users\Radu\Documents\samsung
2014-07-12 03:11 - 2014-07-12 03:11 - 00000000 ____D () C:\Users\Radu\AppData\Local\Samsung
2014-07-12 03:11 - 2014-07-12 03:11 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-07-12 03:10 - 2014-07-12 03:10 - 00002006 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-07-12 03:10 - 2014-07-12 03:10 - 00001996 _____ () C:\Users\Public\Desktop\Samsung Kies.lnk
2014-07-12 03:06 - 2014-04-11 01:39 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2014-07-12 03:06 - 2014-04-11 01:39 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudserd.sys
2014-07-12 03:06 - 2014-04-11 01:39 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudobex.sys
2014-07-12 03:06 - 2014-04-11 01:39 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-07-12 03:06 - 2014-04-11 01:39 - 00188232 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdm.sys
2014-07-12 03:06 - 2014-04-11 01:39 - 00169288 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadbus.sys
2014-07-12 03:06 - 2014-04-11 01:39 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-07-12 03:06 - 2014-04-11 01:39 - 00021320 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdfl.sys
2014-07-12 03:06 - 2014-04-11 01:39 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwhnt.sys
2014-07-12 03:06 - 2014-04-11 01:39 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwh.sys
2014-07-12 03:06 - 2014-04-11 01:39 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcmnt.sys
2014-07-12 03:06 - 2014-04-11 01:39 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcm.sys
2014-07-12 03:05 - 2014-07-12 03:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-07-12 03:05 - 2014-04-30 19:43 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-07-12 03:04 - 2014-07-12 03:11 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-07-12 03:04 - 2014-07-12 03:06 - 00000000 ____D () C:\ProgramData\Samsung
2014-07-12 03:04 - 2014-04-30 19:43 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2014-07-12 03:02 - 2014-07-12 03:02 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-07-12 02:59 - 2014-07-17 07:16 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\Apple Computer
2014-07-12 02:59 - 2014-07-17 07:16 - 00000000 ____D () C:\Users\Radu\AppData\Local\Apple Computer
2014-07-12 02:58 - 2014-07-12 02:58 - 00000000 ____D () C:\Users\Radu\AppData\Local\Apple
2014-07-12 02:58 - 2014-07-12 02:58 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-12 02:58 - 2014-07-12 02:58 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-12 02:58 - 2014-07-12 02:58 - 00000000 ____D () C:\Program Files\Bonjour
2014-07-12 02:58 - 2014-07-12 02:58 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-07-12 02:57 - 2014-07-19 12:56 - 00000000 ____D () C:\ProgramData\Apple
2014-07-12 02:57 - 2014-07-17 07:14 - 00000000 ____D () C:\Users\Radu\AppData\Local\Downloaded Installations
2014-07-12 02:53 - 2014-08-05 06:39 - 00000000 ____D () C:\Users\Radu\Documents\Fișiere Outlook
2014-07-12 02:48 - 2014-07-12 02:48 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\WinRAR
2014-07-12 02:48 - 2014-07-12 02:48 - 00000000 ____D () C:\TokensBackup
2014-07-12 02:37 - 2014-07-12 02:37 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-07-12 02:36 - 2014-07-12 06:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-12 02:36 - 2014-07-12 02:36 - 00002910 _____ () C:\Users\Radu\Desktop\Outlook 2013.lnk
2014-07-12 02:36 - 2014-07-12 02:36 - 00000000 ____D () C:\Windows\PCHEALTH
2014-07-12 02:36 - 2014-07-12 02:36 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-07-12 02:36 - 2014-07-12 02:36 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-07-12 02:36 - 2014-07-12 02:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-07-12 02:35 - 2014-07-12 02:35 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-07-12 02:35 - 2014-07-12 02:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-07-12 02:34 - 2014-07-12 06:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-12 02:34 - 2014-07-12 02:36 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-07-12 02:34 - 2014-07-12 02:34 - 00000000 __RHD () C:\MSOCache
2014-07-12 02:34 - 2014-07-12 02:34 - 00000000 ____D () C:\Users\Radu\AppData\Local\Microsoft Help
2014-07-12 02:34 - 2014-07-12 02:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-07-12 02:17 - 2014-07-12 02:17 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\PowerISO
2014-07-12 02:15 - 2014-07-12 02:15 - 00000826 _____ () C:\Users\Public\Desktop\PowerISO.lnk
2014-07-12 02:15 - 2014-07-12 02:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-07-12 02:15 - 2014-07-12 02:15 - 00000000 ____D () C:\Program Files\PowerISO
2014-07-12 02:15 - 2014-06-26 23:59 - 00131856 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2014-07-12 02:06 - 2014-07-12 02:06 - 00001082 _____ () C:\Users\Radu\Desktop\DC-Unlocker client.lnk
2014-07-12 02:06 - 2014-07-12 02:06 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC-Unlocker
2014-07-12 02:06 - 2014-07-12 02:06 - 00000000 ____D () C:\Program Files (x86)\DC-Unlocker
2014-07-12 02:04 - 2014-07-14 03:02 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-07-12 02:01 - 2014-07-19 01:08 - 00000000 ____D () C:\Program Files\DIFX
2014-07-12 01:59 - 2014-07-26 09:54 - 00000000 ____D () C:\Program Files (x86)\RIFF Box JTAG Manager
2014-07-12 01:59 - 2014-07-19 01:08 - 00177154 _____ () C:\Windows\DPINST.LOG
2014-07-12 01:59 - 2012-04-24 20:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\riffbox64.sys
2014-07-12 01:24 - 2014-08-05 04:31 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-12 01:24 - 2014-07-12 01:24 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-12 01:20 - 2014-07-12 01:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-12 01:20 - 2014-07-12 01:20 - 00000000 ____D () C:\Windows\SysWOW64\AGEIA
2014-07-12 01:20 - 2014-07-12 01:20 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-07-12 01:06 - 2014-07-12 01:06 - 00000000 ____D () C:\NVIDIA
2014-07-12 01:06 - 2009-07-14 11:54 - 15005696 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-12 01:06 - 2009-07-14 11:54 - 11327776 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-12 01:06 - 2009-07-14 11:54 - 10854400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-12 01:06 - 2009-07-14 11:54 - 09375232 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-12 01:06 - 2009-07-14 11:54 - 03287040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-07-12 01:06 - 2009-07-14 11:54 - 02617856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-12 01:06 - 2009-07-14 11:54 - 02258976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-12 01:06 - 2009-07-14 11:54 - 02169376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-12 01:06 - 2009-07-14 11:54 - 02116096 _____ (NVIDIA Corporation) C:\Windows\system32\nvencodemft.dll
2014-07-12 01:06 - 2009-07-14 11:54 - 01983488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-12 01:06 - 2009-07-14 11:54 - 01919520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvencodemft.dll
2014-07-12 01:06 - 2009-07-14 11:54 - 01723424 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-07-12 01:06 - 2009-07-14 11:54 - 01706528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-07-12 01:06 - 2009-07-14 11:54 - 01291776 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-07-12 01:06 - 2009-07-14 11:54 - 01044992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-07-12 01:06 - 2009-07-14 11:54 - 00930272 _____ (Microsoft Corporation) C:\Windows\system32\dpinst.exe
2014-07-12 01:06 - 2009-07-14 11:54 - 00539168 _____ (NVIDIA Corporation) C:\Windows\system32\nvudisp.exe
2014-07-12 01:06 - 2009-07-14 11:54 - 00315936 _____ (NVIDIA Corporation) C:\Windows\system32\nvdecodemft.dll
2014-07-12 01:06 - 2009-07-14 11:54 - 00252448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvdecodemft.dll
2014-07-12 01:06 - 2009-07-14 11:54 - 00167936 _____ (NVIDIA Corporation) C:\Windows\system32\nvcod157.dll
2014-07-12 01:06 - 2009-07-14 11:54 - 00167936 _____ (NVIDIA Corporation) C:\Windows\system32\nvcod.dll
2014-07-12 01:06 - 2009-07-14 11:54 - 00011168 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvBridge.kmd
2014-07-12 01:06 - 2009-07-14 11:54 - 00010161 _____ () C:\Windows\system32\nvdisp.nvu
2014-07-12 00:59 - 2014-07-25 15:45 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-12 00:59 - 2014-07-12 05:53 - 00000000 ____D () C:\Program Files (x86)\AlcorMicroData
2014-07-12 00:58 - 2014-07-12 00:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf
2014-07-12 00:58 - 2009-10-22 15:17 - 00330056 _____ (FTDI Ltd.) C:\Windows\system32\ftd2xx.dll
2014-07-12 00:58 - 2009-10-22 15:17 - 00206144 _____ (FTDI Ltd.) C:\Windows\SysWOW64\ftd2xx.dll
2014-07-12 00:58 - 2009-10-22 15:17 - 00143688 _____ (FTDI Ltd.) C:\Windows\system32\ftbusui.dll
2014-07-12 00:58 - 2009-10-22 15:16 - 00284992 _____ (FTDI Ltd.) C:\Windows\system32\FTLang.dll
2014-07-12 00:58 - 2009-10-22 15:10 - 00069320 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\ftdibus.sys
2014-07-12 00:58 - 2009-10-22 15:09 - 00084808 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\ftser2k.sys
2014-07-12 00:58 - 2009-10-22 15:08 - 00055112 _____ (FTDI Ltd.) C:\Windows\system32\ftserui2.dll
2014-07-12 00:56 - 2012-02-16 23:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-07-12 00:56 - 2012-02-16 22:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-07-12 00:56 - 2012-02-16 21:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-07-12 00:52 - 2014-07-12 00:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-12 00:52 - 2014-07-12 00:52 - 00000000 ____D () C:\Program Files\7-Zip
2014-07-12 00:52 - 2014-07-12 00:51 - 00704000 _____ (NVIDIA Corporation) C:\Windows\system32\cohelper.dll
2014-07-12 00:52 - 2014-07-12 00:51 - 00006136 _____ () C:\Windows\system32\Drivers\nvphy.bin
2014-07-12 00:52 - 2009-07-21 00:48 - 00539680 _____ (NVIDIA Corporation) C:\Windows\system32\NVUNINST.EXE
2014-07-12 00:47 - 2014-07-12 00:47 - 00285044 __RSH () C:\ENJQO
2014-07-12 00:47 - 2014-07-12 00:47 - 00000869 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2014-07-12 00:47 - 2014-07-12 00:47 - 00000020 __RSH () C:\win7.ld
2014-07-12 00:47 - 2014-07-12 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-07-12 00:47 - 2014-07-12 00:47 - 00000000 ____D () C:\Program Files\CPUID
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-05 07:07 - 2014-08-05 04:45 - 00019279 _____ () C:\Users\Radu\Downloads\FRST.txt
2014-08-05 07:07 - 2014-08-05 04:45 - 00000000 ____D () C:\FRST
2014-08-05 07:06 - 2014-08-04 23:28 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-08-05 06:58 - 2014-08-04 23:40 - 00000000 ____D () C:\ProgramData\MCShield
2014-08-05 06:47 - 2014-07-12 10:42 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-05 06:40 - 2009-07-13 22:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-05 06:39 - 2014-07-12 02:53 - 00000000 ____D () C:\Users\Radu\Documents\Fișiere Outlook
2014-08-05 06:38 - 2014-08-05 06:31 - 00000000 ____D () C:\Users\Radu\Desktop\i9305 decodat
2014-08-05 06:31 - 2014-07-14 01:07 - 00000000 ____D () C:\Users\Radu\Documents\SelfMV
2014-08-05 06:18 - 2014-08-05 06:18 - 00152768 _____ () C:\Users\Radu\Downloads\Degrated_Shadow's_KNOX_removerV2.1.zip
2014-08-05 06:09 - 2014-07-15 08:51 - 00000000 __SHD () C:\Users\Radu\wc
2014-08-05 06:09 - 2009-07-13 21:51 - 00175476 _____ () C:\Windows\setupact.log
2014-08-05 06:06 - 2014-08-05 06:06 - 07137368 _____ () C:\Users\Radu\Downloads\philz_touch_4.00-b21-i9305-fixed_Ported_By_ausdim.tar.md5
2014-08-05 05:59 - 2014-08-05 05:59 - 00000000 ____D () C:\Windows\LastGood
2014-08-05 05:37 - 2014-08-05 05:37 - 00000000 ____D () C:\Users\Radu\Downloads\UPDATE-SuperSU-v1.93
2014-08-05 05:35 - 2014-08-05 05:35 - 01206254 _____ () C:\Users\Radu\Downloads\UPDATE-SuperSU-v1.93.zip
2014-08-05 05:28 - 2014-08-05 05:28 - 03243548 _____ () C:\Users\Radu\Downloads\saferoot.zip
2014-08-05 04:47 - 2014-08-05 04:46 - 00040667 _____ () C:\Users\Radu\Downloads\Addition.txt
2014-08-05 04:45 - 2014-08-05 04:45 - 02094080 _____ (Farbar) C:\Users\Radu\Downloads\FRST64.exe
2014-08-05 04:44 - 2014-08-05 04:44 - 00054274 _____ () C:\Users\Radu\Downloads\Extras.Txt
2014-08-05 04:43 - 2014-08-05 04:43 - 00153162 _____ () C:\Users\Radu\Downloads\OTL.Txt
2014-08-05 04:38 - 2009-07-13 21:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-05 04:38 - 2009-07-13 21:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-05 04:37 - 2014-08-05 04:37 - 00602112 _____ (OldTimer Tools) C:\Users\Radu\Downloads\OTL (1).exe
2014-08-05 04:33 - 2014-07-12 10:38 - 01669179 _____ () C:\Windows\WindowsUpdate.log
2014-08-05 04:31 - 2014-07-17 07:16 - 00000000 ____D () C:\Users\Radu\AppData\Local\HTC MediaHub
2014-08-05 04:31 - 2014-07-12 10:42 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-05 04:31 - 2014-07-12 01:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-05 04:30 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-05 04:29 - 2014-07-19 00:56 - 00000000 ____D () C:\Program Files (x86)\HiSuite
2014-08-05 04:08 - 2014-08-05 04:08 - 00038564 _____ () C:\Users\Radu\Documents\E(14.84 GB) Lost File Recovery 2014-08-05 at 04.07.57.res
2014-08-05 03:59 - 2014-08-05 03:59 - 00001083 _____ () C:\Users\Public\Desktop\Mobile Partner.lnk
2014-08-05 03:59 - 2014-08-05 03:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner
2014-08-05 03:59 - 2014-08-05 03:59 - 00000000 ____D () C:\Program Files (x86)\Mobile Partner
2014-08-05 00:06 - 2014-08-04 23:28 - 00628288 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-08-05 00:06 - 2014-08-04 23:28 - 00092768 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-08-05 00:06 - 2013-11-11 20:55 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-08-05 00:06 - 2012-08-02 15:09 - 00029792 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2014-08-04 23:40 - 2014-08-04 23:40 - 00602112 _____ (OldTimer Tools) C:\Users\Radu\Downloads\OTL.exe
2014-08-04 23:40 - 2014-08-04 23:40 - 00001080 _____ () C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk
2014-08-04 23:40 - 2014-08-04 23:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2014-08-04 23:40 - 2014-08-04 23:40 - 00000000 ____D () C:\Program Files (x86)\MCShield
2014-08-04 23:39 - 2014-08-04 23:39 - 02856736 _____ (MyCity) C:\Users\Radu\Downloads\MCShield-Setup.exe
2014-08-04 23:30 - 2014-08-04 23:30 - 00002220 _____ () C:\Users\Radu\Desktop\Safe Money.lnk
2014-08-04 23:29 - 2014-08-04 23:29 - 00001078 _____ () C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
2014-08-04 23:29 - 2014-08-04 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 3.0
2014-08-04 23:28 - 2014-08-04 23:28 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-08-04 23:28 - 2014-08-04 23:28 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-08-04 23:24 - 2014-08-04 23:23 - 189644040 _____ (Kaspersky Lab ZAO) C:\Users\Radu\Downloads\pure13.0.2.558EN_4486.exe
2014-08-04 07:04 - 2014-07-12 03:11 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\Samsung
2014-08-01 04:13 - 2014-07-14 01:07 - 00000000 ____D () C:\Users\Radu\Desktop\R E C U P E R A R I
2014-08-01 04:03 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-08-01 00:37 - 2014-08-01 00:14 - 00000000 ____D () C:\Users\Radu\AppData\Local\pangu
2014-07-31 22:32 - 2014-07-31 22:32 - 34293548 _____ () C:\Users\Radu\Downloads\Pangu_v1.1.exe.zip
2014-07-30 05:59 - 2014-07-30 07:53 - 570271342 _____ () C:\Users\Radu\Downloads\SOP-i6(MX1029)更新删除锁定2G网络相关功能,量产软件.rar
2014-07-30 03:22 - 2014-07-30 03:01 - 1180577030 _____ () C:\Users\Radu\Downloads\One_4.06.1540.2_odexed.zip
2014-07-30 02:57 - 2014-07-15 08:51 - 00000000 __SHD () C:\Users\Radu\AppData\Roaming\wyUpdate AU
2014-07-28 09:09 - 2014-07-28 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2014-07-28 09:09 - 2014-07-28 09:09 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2014-07-26 09:54 - 2014-07-12 01:59 - 00000000 ____D () C:\Program Files (x86)\RIFF Box JTAG Manager
2014-07-25 16:47 - 2014-07-25 16:47 - 00000000 ____D () C:\Users\Radu\Downloads\AM_64
2014-07-25 16:46 - 2014-07-25 16:46 - 00100694 _____ () C:\Users\Radu\Downloads\AM_64 (1).zip
2014-07-25 16:42 - 2014-07-25 16:42 - 00000000 ____D () C:\Users\Radu\Downloads\all haier driver
2014-07-25 16:39 - 2014-07-25 16:39 - 00168413 _____ () C:\Users\Radu\Downloads\all haier driver.rar
2014-07-25 16:38 - 2014-07-25 16:38 - 00073999 _____ () C:\Users\Radu\Downloads\QHSUSB_Drivers_(x64).zip
2014-07-25 16:38 - 2014-07-25 16:38 - 00000000 ____D () C:\Users\Radu\Downloads\QHSUSB_Drivers_(x64)
2014-07-25 16:36 - 2014-07-25 16:36 - 00304980 _____ () C:\Users\Radu\Downloads\ZTE_C261_WinXP_32.rar
2014-07-25 16:36 - 2014-07-25 16:36 - 00304980 _____ () C:\Users\Radu\Downloads\ZTE_C261_WinXP_32 (1).rar
2014-07-25 16:36 - 2014-07-25 16:36 - 00000000 ____D () C:\Users\Radu\Downloads\ZTE_C261_WinXP_32 (1)
2014-07-25 16:34 - 2014-07-25 16:34 - 00132131 _____ () C:\Users\Radu\Downloads\XperiaPLAY_DiagDrivers.zip
2014-07-25 16:13 - 2014-07-25 16:13 - 00100694 _____ () C:\Users\Radu\Downloads\AM_64.zip
2014-07-25 16:12 - 2014-07-25 16:12 - 03596602 _____ (USB CCID ) C:\Users\Radu\Downloads\CCID64.exe
2014-07-25 16:12 - 2014-07-25 16:12 - 00044402 _____ () C:\Users\Radu\Downloads\FT2K_64.zip
2014-07-25 16:12 - 2014-07-25 16:12 - 00000000 ____D () C:\Users\Radu\Downloads\FT2K_64
2014-07-25 16:12 - 2014-07-25 16:12 - 00000000 ____D () C:\Program Files (x86)\USB CCID
2014-07-25 15:58 - 2014-07-25 15:58 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\4SE
2014-07-25 15:45 - 2014-07-25 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-07-25 15:45 - 2014-07-25 15:45 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-07-25 15:45 - 2014-07-12 00:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-25 15:44 - 2014-07-25 15:44 - 07254168 _____ () C:\Users\Radu\Downloads\2012-06-18 - DRVR_Chipset_NEC_USB3_A02-36X7D_setup_ZPE.exe
2014-07-25 15:44 - 2014-07-25 15:44 - 00000000 ____D () C:\Dell
2014-07-25 15:42 - 2014-07-25 15:42 - 00632152 _____ () C:\Users\Radu\Downloads\DriverGuide_Driver_Download_1882172.exe
2014-07-25 15:25 - 2014-07-25 15:25 - 00000975 _____ () C:\Users\Public\Desktop\Client 4SE.lnk
2014-07-25 15:25 - 2014-07-25 15:25 - 00000963 _____ () C:\Users\Public\Desktop\Tool 4SE.lnk
2014-07-25 15:25 - 2014-07-25 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4SE
2014-07-25 15:25 - 2014-07-25 15:25 - 00000000 ____D () C:\Program Files (x86)\4SE
2014-07-25 15:23 - 2014-07-25 15:22 - 56649353 _____ (darkmen ) C:\Users\Radu\Downloads\setup4SE_203.exe
2014-07-25 13:45 - 2014-07-25 13:45 - 00029411 _____ () C:\Users\Radu\Downloads\Broadcom_smartphone_USB_Driver.rar
2014-07-25 13:45 - 2014-07-25 13:45 - 00000000 ____D () C:\Users\Radu\Downloads\Broadcom_smartphone_USB_Driver
2014-07-22 13:40 - 2014-07-22 13:40 - 01244055 _____ () C:\Users\Radu\Downloads\UPDATE-SuperSU-v2.00.zip
2014-07-22 13:35 - 2014-07-22 13:35 - 00000000 ____D () C:\Windows\system32\files
2014-07-22 13:35 - 2014-07-14 04:49 - 00000000 ____D () C:\Users\Radu\Documents\HiSuite
2014-07-22 13:35 - 2014-07-12 10:41 - 00000000 ____D () C:\Users\Radu\AppData\Local\VirtualStore
2014-07-22 13:33 - 2014-07-22 12:58 - 00000000 ____D () C:\Users\Radu\.android
2014-07-22 13:29 - 2014-07-22 13:29 - 00000699 _____ () C:\Windows\KB943198-v2.log
2014-07-22 13:22 - 2014-07-22 13:22 - 07396820 _____ () C:\Users\Radu\Downloads\ZTE_MTK_drivers.zip
2014-07-22 13:00 - 2014-07-22 13:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_usb2ser_01009.Wdf
2014-07-22 12:58 - 2014-07-22 12:58 - 06612290 _____ () C:\Users\Radu\Downloads\ZTE_Android_USB_Driver (1).rar
2014-07-22 12:58 - 2014-07-22 12:58 - 04444440 _____ (ZTE Corporation ) C:\Users\Radu\Downloads\ZTE_HS_Driver_SetupV5.2066.1.8 (1).exe
2014-07-22 12:58 - 2014-07-22 12:58 - 03506362 _____ () C:\Users\Radu\Downloads\Orange_Boston_Driver (1).zip
2014-07-22 12:58 - 2014-07-14 05:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZTE Handset USB Driver
2014-07-22 12:58 - 2014-07-14 05:26 - 00000000 ____D () C:\Program Files\ZTE Handset USB Driver
2014-07-22 12:58 - 2014-07-14 05:25 - 00000000 ____D () C:\Program Files (x86)\ZTE Smartphone Driver
2014-07-22 12:58 - 2014-07-12 10:40 - 00000000 ____D () C:\Users\Radu
2014-07-21 10:58 - 2014-07-21 10:58 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-21 10:58 - 2014-07-21 10:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-21 10:58 - 2014-07-21 10:57 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-21 10:58 - 2014-07-21 10:57 - 00000000 ____D () C:\Program Files\iTunes
2014-07-21 10:58 - 2014-07-21 10:57 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-21 10:57 - 2014-07-21 10:57 - 00000000 ____D () C:\Program Files\iPod
2014-07-19 12:56 - 2014-07-19 12:56 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-07-19 12:56 - 2014-07-19 12:56 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-07-19 12:56 - 2014-07-19 12:56 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-07-19 12:56 - 2014-07-12 02:57 - 00000000 ____D () C:\ProgramData\Apple
2014-07-19 12:47 - 2010-11-20 20:47 - 00022948 _____ () C:\Windows\PFRO.log
2014-07-19 11:52 - 2014-07-12 10:42 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-19 11:28 - 2014-07-19 11:28 - 113509200 _____ (Apple Inc.) C:\Users\Radu\Downloads\iTunes64Setup.exe
2014-07-19 11:13 - 2014-07-19 11:13 - 00001218 _____ () C:\Users\Public\Desktop\Wondershare Data Recovery.lnk
2014-07-19 11:13 - 2014-07-19 11:13 - 00000000 ____D () C:\Users\Radu\AppData\Local\Wondershare
2014-07-19 11:13 - 2014-07-19 11:13 - 00000000 ____D () C:\ProgramData\Wondershare
2014-07-19 11:13 - 2014-07-19 11:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-07-19 11:13 - 2014-07-19 11:13 - 00000000 ____D () C:\Program Files (x86)\Wondershare Software Co.,Ltd
2014-07-19 11:13 - 2014-07-19 11:13 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-07-19 11:13 - 2014-07-19 11:13 - 00000000 ____D () C:\Program Files (x86)\Temp
2014-07-19 11:12 - 2014-07-19 11:12 - 00000000 ____D () C:\Users\Radu\Downloads\Wondershare.Data.Recovery.for.Android.v1.0.Incl.Keymaker-CORE
2014-07-19 11:12 - 2014-07-19 11:12 - 00000000 ____D () C:\Users\Radu\Downloads\Wondershare Data Recovery 4.5.0.16 Multilingual Incl. Crack-SND
2014-07-19 11:10 - 2014-07-19 11:10 - 01859152 _____ (BitTorrent Inc.) C:\Users\Radu\Downloads\uTorrent.exe
2014-07-19 11:10 - 2014-07-19 11:10 - 00006523 _____ () C:\Users\Radu\Downloads\Wondershare Data Recovery 4.5.0.16 Multilingual Incl. Crack-SND.torrent
2014-07-19 11:10 - 2014-07-19 11:10 - 00004935 _____ () C:\Users\Radu\Downloads\Wondershare.Data.Recovery.for.Android.v1.0.Incl.Keymaker-CORE.torrent
2014-07-19 01:08 - 2014-07-19 01:08 - 00000000 ____D () C:\Users\Radu\AppData\Local\ADDP
2014-07-19 01:08 - 2014-07-19 01:08 - 00000000 ____D () C:\Users\Radu\AppData\Local\Acer
2014-07-19 01:08 - 2014-07-19 01:08 - 00000000 ____D () C:\ProgramData\Acer
2014-07-19 01:08 - 2014-07-12 02:01 - 00000000 ____D () C:\Program Files\DIFX
2014-07-19 01:08 - 2014-07-12 01:59 - 00177154 _____ () C:\Windows\DPINST.LOG
2014-07-19 01:07 - 2014-07-19 01:07 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-07-19 01:07 - 2014-07-19 01:07 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework
2014-07-19 01:07 - 2014-07-19 01:07 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-07-19 01:07 - 2014-07-19 01:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-07-19 01:07 - 2014-07-19 01:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-07-19 01:06 - 2014-07-19 01:06 - 00000000 ____D () C:\Users\Radu\Downloads\AcerSync
2014-07-19 01:05 - 2014-07-19 01:05 - 53808178 _____ () C:\Users\Radu\Downloads\AcerSync.zip
2014-07-19 00:57 - 2014-07-19 00:57 - 00000995 _____ () C:\Users\Public\Desktop\HiSuite.lnk
2014-07-19 00:57 - 2014-07-19 00:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2014-07-19 00:57 - 2014-07-19 00:57 - 00000000 ____D () C:\ProgramData\HiSuiteOuc
2014-07-19 00:57 - 2014-07-19 00:57 - 00000000 ____D () C:\ProgramData\HandSetService
2014-07-19 00:57 - 2014-07-14 04:49 - 00000000 ____D () C:\Users\Radu\AppData\Local\HiSuite
2014-07-18 03:29 - 2014-07-18 03:25 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppCB
2014-07-17 23:29 - 2009-07-13 21:45 - 00388688 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-17 07:17 - 2014-07-17 07:17 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\HTC
2014-07-17 07:16 - 2014-07-17 07:16 - 00002031 _____ () C:\Users\Public\Desktop\HTC Sync Manager.lnk
2014-07-17 07:16 - 2014-07-17 07:16 - 00000000 ____D () C:\Users\Radu\Documents\HTC
2014-07-17 07:16 - 2014-07-17 07:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-07-17 07:16 - 2014-07-17 07:16 - 00000000 ____D () C:\ProgramData\HTC
2014-07-17 07:16 - 2014-07-17 07:16 - 00000000 ____D () C:\Program Files (x86)\Spirent Communications
2014-07-17 07:16 - 2014-07-17 07:16 - 00000000 ____D () C:\Program Files (x86)\HTC
2014-07-17 07:16 - 2014-07-12 10:41 - 00093104 _____ () C:\Users\Radu\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-17 07:16 - 2014-07-12 02:59 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\Apple Computer
2014-07-17 07:16 - 2014-07-12 02:59 - 00000000 ____D () C:\Users\Radu\AppData\Local\Apple Computer
2014-07-17 07:14 - 2014-07-12 02:57 - 00000000 ____D () C:\Users\Radu\AppData\Local\Downloaded Installations
2014-07-17 07:10 - 2014-07-17 07:10 - 136072080 _____ (HTC) C:\Users\Radu\Downloads\setup_3.1.13.0_htc.exe
2014-07-17 07:10 - 2014-07-17 07:10 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\LG Electronics
2014-07-17 00:20 - 2014-07-17 00:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_lgandnetadb_01005.Wdf
2014-07-17 00:18 - 2014-07-17 00:18 - 00000000 ____D () C:\Users\Radu\Downloads\CUSTOM ROM - STOCK - NOT ROOTED - EN-UK_EN-US_GE_FR_RO_HU
2014-07-17 00:18 - 2014-07-17 00:16 - 124525123 _____ () C:\Users\Radu\Downloads\CUSTOM ROM - STOCK - NOT ROOTED - EN-UK_EN-US_GE_FR_RO_HU.exe
2014-07-17 00:15 - 2014-07-17 00:15 - 00000093 _____ () C:\Users\Radu\Downloads\CUSTOM ROM - STOCK - ROOTED - EN-UK_EN-US_GE_FR_RO_HU.md5
2014-07-16 03:00 - 2014-07-16 03:00 - 00259972 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-07-15 10:30 - 2014-07-15 10:30 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motport_01007.Wdf
2014-07-15 10:30 - 2014-07-15 10:30 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motmodem_01007.Wdf
2014-07-15 10:22 - 2014-07-15 10:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motoandroid_01007.Wdf
2014-07-15 10:21 - 2014-07-15 10:21 - 00000000 ____D () C:\Program Files\Motorola Inc
2014-07-15 10:19 - 2014-07-15 10:19 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-15 10:17 - 2014-07-15 10:17 - 03871851 _____ () C:\Users\Radu\Downloads\Motorola_driver_5.4.0.rar
2014-07-15 10:17 - 2014-07-15 10:17 - 00000000 ____D () C:\Users\Radu\Downloads\Motorola_driver_5.4.0
2014-07-15 10:16 - 2014-07-15 10:16 - 00000000 ____D () C:\Program Files (x86)\Switcher
2014-07-15 10:04 - 2014-07-15 10:04 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_motoandroid_01009.Wdf
2014-07-15 09:59 - 2014-07-15 09:59 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\Motorola Mobility
2014-07-15 09:59 - 2014-07-15 09:59 - 00000000 ____D () C:\Temp
2014-07-15 09:59 - 2014-07-15 09:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
2014-07-15 09:59 - 2014-07-15 09:59 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-07-15 09:59 - 2014-07-15 09:59 - 00000000 ____D () C:\Program Files (x86)\Motorola Mobility
2014-07-15 09:59 - 2014-07-15 09:59 - 00000000 ____D () C:\Program Files (x86)\Motorola
2014-07-15 09:58 - 2014-07-15 09:58 - 00000000 ____D () C:\Program Files\Common Files\Motorola Shared
2014-07-15 09:57 - 2014-07-15 09:57 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\Motorola
2014-07-15 09:55 - 2014-07-15 09:55 - 33586888 _____ (Motorola Mobility) C:\Users\Radu\Downloads\MotorolaDeviceManager_2.4.5.exe
2014-07-15 09:52 - 2014-07-15 09:53 - 51370750 _____ () C:\Users\Radu\Downloads\motorola-pc-suite-5.0.0 [1].exe
2014-07-15 09:51 - 2014-07-15 09:51 - 00765024 _____ ( ) C:\Users\Radu\Downloads\motorola-pc-suite-5.0.0.exe
2014-07-15 08:50 - 2014-07-15 08:50 - 01817448 _____ () C:\Users\Radu\Downloads\HTC One Toolkit - Squabbi - 3.1.2.rar
2014-07-15 08:33 - 2014-07-15 07:27 - 1155644496 _____ () C:\Users\Radu\Downloads\Guru_Reset_M7_2.24.161.1.zip
2014-07-15 08:22 - 2014-07-15 08:11 - 414608712 _____ (Acresso Software Inc. ) C:\Users\Radu\Downloads\RUU_Pyramid_hTC_Asia_TW_1.35.709.1_Radio_10.43a.9007.00U_10.51.9007.27_M3_release_198188_signed.exe
2014-07-15 07:10 - 2014-07-15 07:04 - 239572539 _____ () C:\Users\Radu\Downloads\OTA_M7_UL_JB_50_Vodafone_UK_1.29.161.11-1.28.161.7_release_315813_signedoj2qp335qmm8qjso.zip
2014-07-15 04:30 - 2014-07-15 04:30 - 00001893 _____ () C:\Users\Radu\Desktop\Android Tool.lnk
2014-07-15 04:28 - 2014-07-15 04:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-07-15 01:16 - 2014-07-15 01:16 - 00001210 _____ () C:\Users\Public\Desktop\LG PC Suite.lnk
2014-07-15 01:15 - 2014-07-15 01:15 - 00000000 ____D () C:\Users\Radu\AppData\Local\LG Electronics
2014-07-15 01:15 - 2014-07-15 01:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
2014-07-15 01:15 - 2014-07-15 01:14 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2014-07-15 01:11 - 2014-07-15 01:11 - 00000000 ____D () C:\Users\Radu\Desktop\LG3Q
2014-07-15 00:44 - 2014-07-15 00:44 - 00000861 _____ () C:\Users\Public\Desktop\VS2.lnk
2014-07-15 00:44 - 2014-07-15 00:44 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VS2
2014-07-15 00:44 - 2014-07-15 00:44 - 00000000 ____D () C:\Program Files\The Colombian Team
2014-07-15 00:43 - 2014-07-15 00:30 - 216317856 _____ (LG Electronics) C:\Users\Radu\Downloads\LGPCSuite_Setup.exe
2014-07-15 00:42 - 2014-07-15 00:19 - 212235923 _____ () C:\Users\Radu\Downloads\Vygis_Shell_2_00_Install.rar
2014-07-14 05:28 - 2014-07-14 05:28 - 00000962 _____ () C:\Users\Public\Desktop\VROOT.lnk
2014-07-14 05:28 - 2014-07-14 05:28 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\mgyun
2014-07-14 05:28 - 2014-07-14 05:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VROOT
2014-07-14 05:28 - 2014-07-14 05:28 - 00000000 ____D () C:\Program Files (x86)\VROOT
2014-07-14 05:25 - 2014-07-14 05:25 - 00000000 ____D () C:\Users\Radu\Downloads\ZTE_Android_USB_Driver
2014-07-14 05:25 - 2014-07-14 05:24 - 06612290 _____ () C:\Users\Radu\Downloads\ZTE_Android_USB_Driver.rar
2014-07-14 05:25 - 2014-07-14 05:24 - 04444440 _____ (ZTE Corporation ) C:\Users\Radu\Downloads\ZTE_HS_Driver_SetupV5.2066.1.8.exe
2014-07-14 05:25 - 2014-07-14 05:24 - 03506362 _____ () C:\Users\Radu\Downloads\Orange_Boston_Driver.zip
2014-07-14 05:24 - 2014-07-12 05:37 - 00000000 ____D () C:\Users\Radu\Documents\SigmaKey
2014-07-14 05:06 - 2014-07-14 05:05 - 06926776 _____ (Shenzhen Xinyi Network Co.,Ltd. ) C:\Users\Radu\Downloads\VRoot_1.7.3.4863_english_cid1005_7337ba1e_89.exe
2014-07-14 04:48 - 2014-07-14 04:48 - 36283976 _____ () C:\Users\Radu\Downloads\HiSuiteSetup_v1.8.10.26.06.zip
2014-07-14 04:48 - 2014-07-14 04:48 - 00000000 ____D () C:\Users\Radu\Downloads\HiSuiteSetup_v1.8.10.26.06
2014-07-14 04:43 - 2014-07-14 04:43 - 00000000 ____D () C:\Archivos de programa
2014-07-14 04:42 - 2014-07-14 04:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-07-14 04:41 - 2014-07-14 04:41 - 00000512 _____ () C:\Users\Radu\Downloads\Reg01019F71_LG.dat
2014-07-14 03:02 - 2014-07-12 02:04 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-07-14 01:16 - 2014-07-14 01:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-07-13 23:40 - 2014-07-13 23:40 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\Adobe
2014-07-13 23:40 - 2014-07-12 10:41 - 00001417 _____ () C:\Users\Radu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-12 11:34 - 2014-07-12 11:34 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-07-12 11:34 - 2009-07-13 22:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-07-12 11:34 - 2009-07-13 22:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-07-12 10:42 - 2014-07-12 10:42 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-12 10:42 - 2014-07-12 10:42 - 00003848 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-12 10:42 - 2014-07-12 10:42 - 00000000 ____D () C:\Users\Radu\AppData\Local\Google
2014-07-12 10:42 - 2014-07-12 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-12 10:42 - 2014-07-12 10:42 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-12 10:42 - 2014-07-12 10:41 - 00000000 ____D () C:\Users\Radu\AppData\Local\Deployment
2014-07-12 10:41 - 2014-07-12 10:41 - 00000000 ____D () C:\Users\Radu\AppData\Local\Apps\2.0
2014-07-12 10:40 - 2014-07-12 11:34 - 00000000 ____D () C:\Windows\Panther
2014-07-12 10:40 - 2014-07-12 10:40 - 00000020 ___SH () C:\Users\Radu\ntuser.ini
2014-07-12 10:40 - 2014-07-12 10:40 - 00000000 __SHD () C:\Recovery
2014-07-12 10:40 - 2009-07-13 20:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-07-12 10:40 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-07-12 10:38 - 2014-07-12 10:38 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-07-12 10:38 - 2014-07-12 10:38 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-07-12 10:38 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-12 10:38 - 2009-07-13 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-12 10:37 - 2014-07-12 10:37 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-07-12 10:37 - 2009-07-13 21:46 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-07-12 10:37 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-07-12 10:36 - 2014-07-12 10:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-07-12 10:35 - 2011-04-12 01:28 - 00000000 ____D () C:\Windows\CSC
2014-07-12 07:22 - 2011-04-12 01:28 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-12 07:22 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-07-12 07:22 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-07-12 07:22 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-07-12 07:22 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-07-12 07:22 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-12 07:22 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-07-12 07:22 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-07-12 07:22 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-12 07:22 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-12 07:22 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-07-12 06:42 - 2014-07-12 06:29 - 00012863 _____ () C:\Windows\IE11_main.log
2014-07-12 06:37 - 2014-07-12 06:37 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-12 06:37 - 2014-07-12 06:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-12 06:37 - 2014-07-12 06:37 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-12 06:37 - 2014-07-12 06:37 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-12 06:37 - 2014-07-12 06:37 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-07-12 06:37 - 2014-07-12 06:37 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-07-12 06:37 - 2014-07-12 06:37 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-07-12 06:37 - 2014-07-12 06:37 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-07-12 06:37 - 2014-07-12 06:37 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-07-12 06:37 - 2014-07-12 06:37 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-07-12 06:37 - 2014-07-12 06:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-07-12 06:37 - 2014-07-12 06:37 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-12 06:37 - 2014-07-12 06:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-12 06:31 - 2014-07-12 06:31 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-12 06:26 - 2014-07-12 02:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-12 06:07 - 2014-07-12 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-12 05:54 - 2014-07-12 05:54 - 00001119 _____ () C:\Users\Public\Desktop\RIFF Box JTAG Manager.lnk
2014-07-12 05:54 - 2014-07-12 05:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RIFF Box JTAG Manager
2014-07-12 05:53 - 2014-07-12 00:59 - 00000000 ____D () C:\Program Files (x86)\AlcorMicroData
2014-07-12 05:52 - 2014-07-12 05:52 - 00000000 ____D () C:\ProgramData\SZCCID
2014-07-12 05:52 - 2014-07-12 05:52 - 00000000 ____D () C:\Program Files (x86)\AlcorMicro
2014-07-12 05:47 - 2014-07-12 05:47 - 00045256 _____ () C:\Users\Radu\Downloads\smart-card-reader-driver-feitian-64bit.zip
2014-07-12 05:47 - 2014-07-12 05:47 - 00000000 ____D () C:\Users\Radu\Downloads\smart-card-reader-driver-feitian-64bit
2014-07-12 05:37 - 2014-07-12 05:37 - 00001997 _____ () C:\Users\Public\Desktop\SigmaKey.lnk
2014-07-12 05:37 - 2014-07-12 05:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmServer
2014-07-12 05:37 - 2014-07-12 05:37 - 00000000 ____D () C:\Program Files (x86)\GsmServer
2014-07-12 05:30 - 2014-07-12 05:30 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Radu\Downloads\revosetup.exe
2014-07-12 05:30 - 2014-07-12 05:30 - 00001268 _____ () C:\Users\Radu\Desktop\Revo Uninstaller.lnk
2014-07-12 05:30 - 2014-07-12 05:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-12 05:29 - 2014-07-12 05:29 - 01653147 _____ () C:\Users\Radu\Downloads\DDUv12940-[Guru3D.com].exe
2014-07-12 05:29 - 2014-07-12 05:29 - 01653147 _____ () C:\Users\Radu\Downloads\DDUv12940-[Guru3D.com] (1).exe
2014-07-12 05:28 - 2014-07-12 05:28 - 00000201 _____ () C:\Users\Radu\Downloads\DC-Uninstall_Device_V.1001 (1).log
2014-07-12 05:27 - 2014-07-12 05:27 - 04001080 _____ (UAB Digiteka) C:\Users\Radu\Downloads\DC-Uninstall_Device_V.1001 (1).exe
2014-07-12 05:25 - 2014-07-12 05:23 - 00002281 _____ () C:\Users\Radu\Downloads\DC-Uninstall_Device_V.1001.log
2014-07-12 05:23 - 2014-07-12 05:23 - 00000190 _____ () C:\Users\Radu\Downloads\DCUninstall.INI
2014-07-12 05:22 - 2014-07-12 05:22 - 04001080 _____ (UAB Digiteka) C:\Users\Radu\Downloads\DC-Uninstall_Device_V.1001.exe
2014-07-12 05:17 - 2014-07-12 05:17 - 00000624 _____ () C:\Windows\WININIT.INI
2014-07-12 05:17 - 2014-07-12 04:37 - 00005688 _____ () C:\ft_inst.log
2014-07-12 04:56 - 2014-07-12 04:55 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-12 04:53 - 2014-07-12 04:37 - 00023312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\_shfoldr.dll
2014-07-12 04:37 - 2014-07-12 04:37 - 00000000 ____D () C:\Program Files (x86)\Software Installation Information
2014-07-12 04:29 - 2014-07-12 04:29 - 00003260 _____ () C:\Windows\System32\Tasks\{0F6512F6-DBBB-439F-B8DA-3A1BD53E5FF9}
2014-07-12 03:43 - 2014-07-12 03:40 - 370763706 _____ () C:\Users\Radu\Downloads\adt-bundle-windows-x86_64-20140702.zip
2014-07-12 03:40 - 2009-07-13 19:34 - 00000478 _____ () C:\Windows\win.ini
2014-07-12 03:19 - 2014-07-12 03:19 - 00001973 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-07-12 03:19 - 2014-07-12 03:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-07-12 03:11 - 2014-07-12 03:11 - 00000000 ____D () C:\Users\Radu\Documents\samsung
2014-07-12 03:11 - 2014-07-12 03:11 - 00000000 ____D () C:\Users\Radu\AppData\Local\Samsung
2014-07-12 03:11 - 2014-07-12 03:11 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-07-12 03:11 - 2014-07-12 03:04 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-07-12 03:10 - 2014-07-12 03:10 - 00002006 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-07-12 03:10 - 2014-07-12 03:10 - 00001996 _____ () C:\Users\Public\Desktop\Samsung Kies.lnk
2014-07-12 03:06 - 2014-07-12 03:04 - 00000000 ____D () C:\ProgramData\Samsung
2014-07-12 03:02 - 2014-07-12 03:02 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-07-12 02:58 - 2014-07-12 02:58 - 00000000 ____D () C:\Users\Radu\AppData\Local\Apple
2014-07-12 02:58 - 2014-07-12 02:58 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-12 02:58 - 2014-07-12 02:58 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-12 02:58 - 2014-07-12 02:58 - 00000000 ____D () C:\Program Files\Bonjour
2014-07-12 02:58 - 2014-07-12 02:58 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-07-12 02:48 - 2014-07-12 02:48 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\WinRAR
2014-07-12 02:48 - 2014-07-12 02:48 - 00000000 ____D () C:\TokensBackup
2014-07-12 02:37 - 2014-07-12 02:37 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-07-12 02:36 - 2014-07-12 02:36 - 00002910 _____ () C:\Users\Radu\Desktop\Outlook 2013.lnk
2014-07-12 02:36 - 2014-07-12 02:36 - 00000000 ____D () C:\Windows\PCHEALTH
2014-07-12 02:36 - 2014-07-12 02:36 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-07-12 02:36 - 2014-07-12 02:36 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-07-12 02:36 - 2014-07-12 02:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-07-12 02:36 - 2014-07-12 02:34 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-07-12 02:36 - 2011-04-12 01:28 - 00000000 ____D () C:\Windows\ShellNew
2014-07-12 02:36 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-07-12 02:35 - 2014-07-12 02:35 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-07-12 02:35 - 2014-07-12 02:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-07-12 02:34 - 2014-07-12 02:34 - 00000000 __RHD () C:\MSOCache
2014-07-12 02:34 - 2014-07-12 02:34 - 00000000 ____D () C:\Users\Radu\AppData\Local\Microsoft Help
2014-07-12 02:34 - 2014-07-12 02:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-07-12 02:17 - 2014-07-12 02:17 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\PowerISO
2014-07-12 02:15 - 2014-07-12 02:15 - 00000826 _____ () C:\Users\Public\Desktop\PowerISO.lnk
2014-07-12 02:15 - 2014-07-12 02:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-07-12 02:15 - 2014-07-12 02:15 - 00000000 ____D () C:\Program Files\PowerISO
2014-07-12 02:06 - 2014-07-12 02:06 - 00001082 _____ () C:\Users\Radu\Desktop\DC-Unlocker client.lnk
2014-07-12 02:06 - 2014-07-12 02:06 - 00000000 ____D () C:\Users\Radu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC-Unlocker
2014-07-12 02:06 - 2014-07-12 02:06 - 00000000 ____D () C:\Program Files (x86)\DC-Unlocker
2014-07-12 01:24 - 2014-07-12 01:24 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-12 01:24 - 2014-07-12 01:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-12 01:24 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Help
2014-07-12 01:20 - 2014-07-12 01:20 - 00000000 ____D () C:\Windows\SysWOW64\AGEIA
2014-07-12 01:20 - 2014-07-12 01:20 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-07-12 01:06 - 2014-07-12 01:06 - 00000000 ____D () C:\NVIDIA
2014-07-12 00:58 - 2014-07-12 00:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf
2014-07-12 00:52 - 2014-07-12 00:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-12 00:52 - 2014-07-12 00:52 - 00000000 ____D () C:\Program Files\7-Zip
2014-07-12 00:52 - 2009-06-29 00:36 - 00028704 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvsmu.sys
2014-07-12 00:52 - 2009-06-26 16:15 - 00539168 _____ (NVIDIA Corporation) C:\Windows\system32\nvusmu.exe
2014-07-12 00:52 - 2009-06-26 16:15 - 00167936 _____ (NVIDIA Corporation) C:\Windows\system32\NVCOSMU.DLL
2014-07-12 00:52 - 2009-05-20 17:36 - 00001383 _____ () C:\Windows\system32\nvsmu.nvu
2014-07-12 00:51 - 2014-07-12 00:52 - 00704000 _____ (NVIDIA Corporation) C:\Windows\system32\cohelper.dll
2014-07-12 00:51 - 2014-07-12 00:52 - 00006136 _____ () C:\Windows\system32\Drivers\nvphy.bin
2014-07-12 00:51 - 2009-07-21 00:46 - 00007090 _____ () C:\Windows\system32\nvnrm.nvu
2014-07-12 00:51 - 2009-07-13 22:32 - 00000000 ____D () C:\Windows\system32\restore
2014-07-12 00:51 - 2009-07-01 12:20 - 00339744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvmf6264.sys
2014-07-12 00:51 - 2009-07-01 11:55 - 00898560 _____ (NVIDIA Corporation) C:\Windows\system32\fdco1.dll
2014-07-12 00:51 - 2009-07-01 07:00 - 00845736 _____ (Microsoft Corporation) C:\Windows\system32\eDPInst.exe
2014-07-12 00:51 - 2009-07-01 00:42 - 00539168 _____ (NVIDIA Corporation) C:\Windows\system32\nvunrm.exe
2014-07-12 00:51 - 2009-07-01 00:42 - 00167936 _____ (NVIDIA Corporation) C:\Windows\system32\nvconrm.dll
2014-07-12 00:47 - 2014-07-12 00:47 - 00285044 __RSH () C:\ENJQO
2014-07-12 00:47 - 2014-07-12 00:47 - 00000869 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2014-07-12 00:47 - 2014-07-12 00:47 - 00000020 __RSH () C:\win7.ld
2014-07-12 00:47 - 2014-07-12 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-07-12 00:47 - 2014-07-12 00:47 - 00000000 ____D () C:\Program Files\CPUID
 
Some content of TEMP:
====================
C:\Users\Radu\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Radu\AppData\Local\Temp\nsc6628.exe
C:\Users\Radu\AppData\Local\Temp\nso93BE.exe
C:\Users\Radu\AppData\Local\Temp\nsq9853.exe
C:\Users\Radu\AppData\Local\Temp\nsw742D.exe
C:\Users\Radu\AppData\Local\Temp\nsz7053.exe
C:\Users\Radu\AppData\Local\Temp\ose00000.exe
C:\Users\Radu\AppData\Local\Temp\ResetDevice.exe
C:\Users\Radu\AppData\Local\Temp\sp-downloader.exe
C:\Users\Radu\AppData\Local\Temp\vcredist9_x86.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-28 07:19
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-08-2014
Ran by Radu at 2014-08-05 07:08:13
Running from C:\Users\Radu\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Kaspersky PURE 3.0 (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky PURE 3.0 (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
4SE version 2.0.3 (HKLM-x32\...\{348BD73D-6C79-4146-BAC6-4DB453B71BB7}_is1) (Version: 2.0.3 - darkmen)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.26.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.26.0 - Alcor Micro Corp.) Hidden
Android Tool (HKLM-x32\...\{A56EFA10-A18F-493E-82EA-0AD60350F54C}) (Version: 1.1.0 - Your Company)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D1C35197-B856-45E2-BA67-5ABB6B0CA9C2}) (Version:  - Microsoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 32.610.26.00.06 - Huawei Technologies Co.,Ltd)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.11.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.13.0 - HTC)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.06.20130913 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (Romanian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Romanian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Romanian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Romanian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Romanian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Romanian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Romanian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Romanian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Romanian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Română (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Romanian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Romanian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Romanian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Romanian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Romanian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Romanian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP1 x64 繁體中文 (HKLM\...\{A423B3FB-C9E6-4953-9A83-2A5F45CAF466}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 繁體中文 (HKLM-x32\...\{0BE37B03-93EF-4B46-A4F3-30ED22569D1A}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 (x64) (HKLM\...\{53D7A054-4598-4947-A159-E8FCC77720AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 (x64) (HKLM\...\{32508A23-C9EA-4D29-83CA-97A42A13701E}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (Romanian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 15.001.05.00.01 - Huawei Technologies Co.,Ltd)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 5.4.0 (HKLM\...\{B0C6CCC9-0BAB-4636-A06F-B43B6FBC25DF}) (Version: 5.4.0 - Motorola Inc.)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.15.11.9038 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.0 - Power Software Ltd)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RIFF Box JTAG Manager (HKLM-x32\...\RIFF Box JTAG Manager) (Version: 1.56 - Rocker Team)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
SigmaKey (HKLM-x32\...\{207D004F-D679-4876-8913-1E6E9C9A9000}) (Version: 2.03.03 - GsmServer)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0016-0418-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0018-0418-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-001B-0418-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 64-Bit Edition (HKLM\...\{90150000-012B-0418-1000-0000000FF1CE}_Office15.PROPLUS_{60DE207A-2BAB-4350-BC8F-3E178FC411EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0418-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0418-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-006E-0418-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0418-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881074) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9A479F9C-C1EC-4833-A115-A8B7A60480BD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{3A12DFA2-3FF5-450E-BDB1-A742551A5D1A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{EA8072E8-E3CF-46DF-A5DE-9F5975344327}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0418-1000-0000000FF1CE}_Office15.PROPLUS_{6B5A8BA6-3BF6-4EC8-84DD-679F30891D40}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00BA-0418-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0418-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0418-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0418-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881075) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C8955821-EDAC-4E65-BEF3-C9C0A049517A}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881075) 64-Bit Edition (HKLM\...\{90150000-0018-0418-1000-0000000FF1CE}_Office15.PROPLUS_{C8955821-EDAC-4E65-BEF3-C9C0A049517A}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0418-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0418-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-001A-0418-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-001B-0418-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-012B-0418-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
USB CCID Smartcard Reader - Version 1.2.1.2 (HKLM\...\{939913F9-F134-4E9E-B879-BE6755B69952}) (Version: 3.0.0.1 - USB CCID)
VROOT (HKLM-x32\...\{1295E43F-382A-4CB2-9E0F-079C0D7401BB}_is1) (Version: 1.7.3.4863 - Shenzhen Xinyi Network Co.,Ltd.)
VS2 (HKLM-x32\...\VS2) (Version:  - )
Windows Driver Package - ACER Incorporated (qcusbser) Modem  (10/12/2009 2.0.6.6) (HKLM\...\BF39BAA13199B9BFDFC03B6C26851E9F3246C6A2) (Version: 10/12/2009 2.0.6.6 - ACER Incorporated)
Windows Driver Package - ACER Incorporated (qcusbser) Ports  (10/12/2009 2.0.6.6) (HKLM\...\5F3015F0AD4F9F61F4D01EAE1AF322C1A901C27C) (Version: 10/12/2009 2.0.6.6 - ACER Incorporated)
Windows Driver Package - ACER, Inc (androidusb) USB  (10/12/2009 1.0.0010.00000) (HKLM\...\A61AC676A7F61C423134B0621CBA2D4134507A2D) (Version: 10/12/2009 1.0.0010.00000 - ACER, Inc)
Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\68FD8FDA9F7A795E404695BFE13599D830498459) (Version: 10/22/2009 2.06.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\F3A1DC1776BDD60D048A94D8886974B3E279EFA8) (Version: 10/22/2009 2.06.00 - FTDI)
Windows Driver Package - Gemalto (eGateUSB) SmartCardReader  (05/09/2007 4.0.0.2) (HKLM\...\2EC214BF485B1253AD2E6947FE26A242B5C3595E) (Version: 05/09/2007 4.0.0.2 - Gemalto)
Windows Driver Package - Generic PC/SC (SzCCID) SmartCardReader  (01/01/2010 1.1.1.0) (HKLM\...\8702FA028F7973A6AA48E395256CF541D6A4771F) (Version: 01/01/2010 1.1.1.0 - Generic PC/SC)
Windows Driver Package - OEM (cxbu1x64) SmartCardReader  (08/28/2009 1.2.1.2) (HKLM\...\5BCBA3FDACDA4FFDBDD00672123376E3C9402ABD) (Version: 08/28/2009 1.2.1.2 - OEM)
Windows Driver Package - RIFF BOX Limited ©, 2011 (riffbox) Ports  (20/02/2010 1.0.0000.0) (HKLM\...\00D68A9E754416722FF0273B796CF8728B66FEAA) (Version: 20/02/2010 1.0.0000.0 - RIFF BOX Limited ©, 2011)
Windows Driver Package - RIFF BOX Limited ©, 2012 (qcusbser) Ports  (20/02/2010 1.0.0000.0) (HKLM\...\34A57647148FB04F9131B7808B9FEAC6398387C5) (Version: 20/02/2010 1.0.0000.0 - RIFF BOX Limited ©, 2012)
Windows Driver Package - RIFF BOX Limited ©, 2012 (RIFFUSBSER) Ports  (20/02/2010 1.0.0000.0) (HKLM\...\B7BADB55E91D95EFE08CB811056B3EA94CD96754) (Version: 20/02/2010 1.0.0000.0 - RIFF BOX Limited ©, 2012)
Windows Driver Package - Vygis (Ser2pl64) Ports  (11/19/2009 2.0.13.130) (HKLM\...\2F389BB398B78283C662CD95DAEA8A4EA4EFC58B) (Version: 11/19/2009 2.0.13.130 - Vygis)
Wondershare Data Recovery 4.5.0.16 (HKLM-x32\...\Wondershare Data Recovery 4.5.0.16) (Version:  - )
Wondershare Data Recovery(Build 4.5.0.16) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 4.5.0.16 - Wondershare Software Co.,Ltd.)
ZTE Handset USB Driver 5.2066.1.8 (HKLM\...\{EBED0919-4BD0-4718-BA7A-5D2B503F9BC6}_is1) (Version: 5.2066.1.8 - ZTE Corporation)
ZTE Smartphone Driver 1.2066.1.3 (HKLM-x32\...\{66239456-F8B1-49EC-818C-822603C5B712}) (Version: 1.0.0.18 - ZTE Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
24-07-2014 16:50:33 Windows Update
25-07-2014 22:45:28 Installed Renesas Electronics USB 3.0 Host Controller Driver
25-07-2014 23:12:41 Installed USB CCID Smartcard Reader - Version 1.2.1.2.
25-07-2014 23:37:21 Device Driver Package Install: Qualcomm Incorporated Ports (COM & LPT)
25-07-2014 23:38:49 Device Driver Package Install: Qualcomm Incorporated Ports (COM & LPT)
29-07-2014 07:27:24 Windows Update
29-07-2014 10:00:10 Windows Update
01-08-2014 04:50:12 Windows Update
05-08-2014 06:27:33 Windows Update
05-08-2014 06:59:12 Device Driver Package Install: MediaTek Ports (COM & LPT)
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {271FEDEC-1775-477C-8FF8-8AB8C5382C93} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {5B65204E-C517-44F4-9643-7EC051A499F7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7252EA6B-AB9C-4BC4-9133-175B6F63E19F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-12] (Google Inc.)
Task: {7EBE568E-2858-4891-A924-FA4C39670545} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-12] (Google Inc.)
Task: {E7792FBC-2D3D-4DD0-BFFF-A07FD9A142D5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {FAD87A60-1E9D-4CC2-AFBF-16CD5EAB6A9A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-07-19 00:57 - 2014-01-28 00:44 - 00137024 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
2014-07-19 00:57 - 2014-01-28 00:44 - 00204096 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-05-27 12:43 - 2014-05-27 12:43 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-07-15 08:50 - 2014-03-22 01:44 - 00779264 _____ () D:\Unprotectd\Htc\HTC One Toolkit - Squabbi - 3.1.2\HTC One Toolkit.exe
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2014-05-27 12:42 - 2014-05-27 12:42 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-05-27 12:42 - 2014-05-27 12:42 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-05-27 12:43 - 2014-05-27 12:43 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-05-27 12:42 - 2014-05-27 12:42 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-05-27 12:43 - 2014-05-27 12:43 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-05-27 12:44 - 2014-05-27 12:44 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-05-27 12:45 - 2014-05-27 12:45 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2014-07-19 11:51 - 2014-07-15 02:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-19 11:51 - 2014-07-15 02:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-19 11:51 - 2014-07-15 02:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-19 11:51 - 2014-07-15 02:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-19 11:51 - 2014-07-15 02:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/05/2014 04:32:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/05/2014 04:31:29 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error: (08/05/2014 03:51:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/05/2014 03:50:40 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error: (08/05/2014 02:18:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7547
 
Error: (08/05/2014 02:18:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7547
 
Error: (08/05/2014 02:18:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/05/2014 02:18:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5594
 
Error: (08/05/2014 02:18:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5594
 
Error: (08/05/2014 02:18:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (08/05/2014 06:39:11 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on E: cannot be read.
 
Error: (08/05/2014 04:31:20 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (08/05/2014 04:30:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AcerSyncServiceWinService service failed to start due to the following error: 
%%2
 
Error: (08/05/2014 04:30:38 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT AUTHORITY)
Description: Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.
 
Error: (08/05/2014 04:30:45 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:28:59 AM on ‎8/‎5/‎2014 was unexpected.
 
Error: (08/05/2014 04:06:07 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (08/05/2014 04:06:06 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (08/05/2014 04:06:06 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (08/05/2014 04:06:05 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (08/05/2014 04:06:05 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
 
Microsoft Office Sessions:
=========================
Error: (08/05/2014 04:32:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/05/2014 04:31:29 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe
 
Error: (08/05/2014 03:51:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/05/2014 03:50:40 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe
 
Error: (08/05/2014 02:18:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7547
 
Error: (08/05/2014 02:18:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7547
 
Error: (08/05/2014 02:18:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/05/2014 02:18:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5594
 
Error: (08/05/2014 02:18:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5594
 
Error: (08/05/2014 02:18:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-08-05 02:07:17.011
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-05 02:07:17.010
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-05 02:07:17.007
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-05 02:07:16.995
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-05 02:07:16.994
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-05 02:07:16.991
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-22 18:58:43.435
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\usb2ser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-07-22 18:58:43.357
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\usb2ser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-07-22 18:48:55.173
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\usb2ser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-07-22 18:48:55.103
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\usb2ser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 46%
Total physical RAM: 4095.18 MB
Available physical RAM: 2192.3 MB
Total Pagefile: 8188.54 MB
Available Pagefile: 5977.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:234.38 GB) (Free:105.61 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:361.78 GB) (Free:344.31 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 9BB5B34F)
Partition 1: (Active) - (Size=234 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=362 GB) - (Type=OF Extended)
 
==================== End Of Log ============================

  • 0

#18
Essexboy
Posted 05 August 2014 - 08:18 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
It looks as though PC 1 was the carrier of the main infections so could I have a further FRST scan for that one please
 
PC 3 FIX

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CHR Extension: (Extutil) - C:\Users\Radu\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-07-12]
CHR Extension: (Managera) - C:\Users\Radu\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-07-12]
2014-07-12 04:29 - 2014-07-12 04:29 - 00003260 _____ () C:\Windows\System32\Tasks\{0F6512F6-DBBB-439F-B8DA-3A1BD53E5FF9}
CMD: bitsadmin /reset /allusers
CMD: DEL %TEMP%\*.* /F /S /Q
CMD: RD /S /Q %TEMP%
REBOOT:


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#19
Andreib18
Posted 05 August 2014 - 08:31 AM

Andreib18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts

pc3 

 

 Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-08-2014

Ran by Radu at 2014-08-05 07:23:43 Run:1
Running from C:\Users\Radu\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CHR Extension: (Extutil) - C:\Users\Radu\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-07-12]
CHR Extension: (Managera) - C:\Users\Radu\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-07-12]
2014-07-12 04:29 - 2014-07-12 04:29 - 00003260 _____ () C:\Windows\System32\Tasks\{0F6512F6-DBBB-439F-B8DA-3A1BD53E5FF9}
CMD: bitsadmin /reset /allusers
CMD: DEL %TEMP%\*.* /F /S /Q
CMD: RD /S /Q %TEMP%
REBOOT:
*****************
 
C:\Users\Radu\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B => Moved successfully.
C:\Users\Radu\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 => Moved successfully.
C:\Windows\System32\Tasks\{0F6512F6-DBBB-439F-B8DA-3A1BD53E5FF9} => Moved successfully.
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
{250058EA-5C05-4477-BB22-D2F9429A3030} canceled.
1 out of 1 jobs canceled.
 
========= End of CMD: =========
 
 
=========  DEL %TEMP%\*.* /F /S /Q =========
 
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131212_173147.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131212_173223.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131212_173231.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131215_124130.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131215_124152.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131215_124221.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131215_124258.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131215_124340.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131215_124342.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131215_124345.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131215_124352.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131215_125351.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131215_125403.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131215_125459.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131215_125502.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131215_125505.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131215_162821.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_130549.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_130553.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_130555.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_130556.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_130652.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_130654.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_130701.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_130729.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_130735.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_130751.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_130753.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_134133.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_134148.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_134505.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_134547.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_134631.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_134659.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_134713.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_134739.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_134757.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_134806.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_134843.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_134900.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_134910.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_134935.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_134940.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_134958.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_135026.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_135217.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_135302.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_140502.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_140923.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_141111.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_141119.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_141222.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_141312.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_141603.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_141611.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_141706.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_141728.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_141902.mp4
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_142006.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_142127.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131216_142135.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131217_153519.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131217_153524.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131217_153550.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131217_153601.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124024.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124106.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124108.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124117.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124134.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124136.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124139.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124142.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124554.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124555.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124601.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124646.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124712.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124719.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124721.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124722.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124806.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124810.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124825.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131218_124832.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131226_111105.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131226_111109.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131226_111125.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131226_111128.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131226_171755.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131226_171800.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131226_203007.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131226_203105_LLS.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131226_203111_LLS.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131226_203352.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131226_203405.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131226_203636.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131230_161248_Richtone(HDR).jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131231_211440.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131231_211519.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131231_211523.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131231_220143.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131231_220155.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20131231_230439.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140103_131421.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140103_131435.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140103_131444.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140103_171848.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140103_172132.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140103_172314.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140103_172449_Richtone(HDR).jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140103_172504_Richtone(HDR).jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140103_172512_Richtone(HDR).jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140103_172520_Richtone(HDR).jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140103_172525_Richtone(HDR).jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140103_172533_Richtone(HDR).jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140103_172758_Richtone(HDR).jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140103_172817_Richtone(HDR).jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140103_172828_Richtone(HDR).jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140103_204157_LLS.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140103_204220_Richtone(HDR).jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140117_211955.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140118_095603.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140118_095613.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140118_095623.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140126_134928.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140126_140227.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140126_140228.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140126_140540.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140126_140546.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140202_005232.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140202_005239.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140202_005247.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140202_005254.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140202_030531.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140202_030536.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140210_195212.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140227_100758.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140227_100820.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140227_100909.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140227_100915.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140227_100917.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140227_100921.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140227_100938.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140227_100952.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140227_101000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140227_101002.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140308_125107.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140308_125124.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140308_125126.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140309_124502.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140309_124544.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140309_124604.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140309_124609.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140310_105235.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140310_105238.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140310_105251.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140310_105253.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140311_130106.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140311_130120.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140311_130126.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140311_130127.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140311_140702.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140311_140704.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140311_140733.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140311_140737.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140312_131643.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140312_131647.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140312_174412.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140313_181908.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140313_181913.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140313_181914.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140313_181915.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140313_181917.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140316_145908.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140317_141922.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140317_141926.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140317_141929.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140318_092703.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140318_092707.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140318_104949.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140318_105002.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140318_105004.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140319_122119.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140319_122124.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140319_122128.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140319_122154.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140319_122156.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140319_122201.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140319_122209.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140319_122212.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140319_122215.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140328_102734.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140328_102740.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140328_102741.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140328_102835.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140328_102845.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140329_102142.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140329_102156.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140329_102201.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140401_212449.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140404_144758.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140404_144803.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140404_144811.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140525_012810.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140525_012813.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140525_012918.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140630_162702.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140630_162713.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140630_162718.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\20140630_162722.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\2c824662902b6aa9dd00442dfde5876b.dat
Deleted file - C:\Users\Radu\AppData\Local\Temp\51b0.rra
C:\Users\Radu\AppData\Local\Temp\adb.log
The process cannot access the file because it is being used by another process.
Deleted file - C:\Users\Radu\AppData\Local\Temp\AlifeatKailashKherRingtone.mp3
Deleted file - C:\Users\Radu\AppData\Local\Temp\ASPNETSetup_00000.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\ASPNETSetup_00001.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\ASPNETSetup_00002.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\ASPNETSetup_00003.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\ASPNETSetup_00004.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\ASPNETSetup_00005.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\ASPNETSetup_00006.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\ASPNETSetup_00007.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\ASPNETSetup_00008.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\ASPNETSetup_00009.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\ASPNETSetup_00010.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\ASPNETSetup_00011.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\ASPNETSetup_00012.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\ASPNETSetup_00013.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\ASPNETSetup_00014.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\ASPNETSetup_00015.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\AUD-20140102-WA0000.aac
Deleted file - C:\Users\Radu\AppData\Local\Temp\aut7A54.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\bch7B12.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\CFG2B6F.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\CFG4495.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\chrome_installer.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR1030.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR10F4.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR10FB.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR140F.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR1AF1.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR1B19.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR1BAB.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR2B45.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR2DC2.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR2DF6.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR31DA.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR32A4.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR34E1.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR4784.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR4820.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR491A.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR4ED0.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR52C7.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR5495.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR55D3.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR5A31.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR5F28.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR5FD9.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR623F.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR630B.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR6570.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR6CB9.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR711B.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR7242.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR74AE.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR7716.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR7781.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR7CA2.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR7D70.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR7ED4.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR7F5C.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR8071.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR81C0.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR8368.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR86E3.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR8702.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR8785.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR87EC.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR8E55.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR8E6C.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR8F1E.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR9006.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR9460.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR9460.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR94BE.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR9543.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR96C1.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR9AA9.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR9BE2.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR9CFB.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVR9EE2.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRA26A.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRA587.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRA61F.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRA6DE.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRA96F.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRAD66.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRADA5.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRAEF9.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRAEFC.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRB1C6.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRB387.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRB788.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRB7A3.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRB915.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRB92B.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRB95D.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRBCE.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRBE3F.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRC001.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRC11B.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRC35F.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRC60F.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRC7C7.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRC8ED.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRC940.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRC9D7.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRCAB5.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRCD0A.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRCEA4.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRD050.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRD0C0.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRD5ED.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRDAB9.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRDC23.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRDCD7.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRDCDD.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRE2CF.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRE55A.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRE6D3.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRE749.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRE7B0.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRE851.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRE985.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRE9B1.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVREC2B.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRF2BF.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRF85A.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRFB15.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRFC32.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRFE6.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\CVRFF3A.tmp.cvr
Deleted file - C:\Users\Radu\AppData\Local\Temp\DataCard_Setup64.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_clwireg.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_dotNetFx40_Full_setup_decompression_log.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_SetupUtility.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_TMP7B97.tmp_decompression_log.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_TMPDF64.tmp_decompression_log.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_vcredistMSI2CC7.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_vcredistMSI79B1.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_vcredistUI2CC7.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_vcredistUI79B1.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_vc_CompilerCTPNov2012_20140712013934.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_vc_CompilerCTPNov2013_20140712013858.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_wcf_CA_smci_20140712_090420_478.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_wcf_CA_smci_20140712_090429_234.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_wcf_CA_smci_20140712_100245_740.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_wcf_CA_smci_20140712_100249_007.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_wcf_CA_smci_20140712_104739_249.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_wcf_CA_smci_20140712_104740_933.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_wcf_CA_smci_20140712_104937_695.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_wcf_CA_smci_20140712_104940_269.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_wcf_CA_smci_20140712_105427_015.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_wcf_CA_smci_20140712_105430_016.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_wcf_CA_smci_20140712_105815_530.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_wcf_CA_smci_20140712_105819_209.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_wcf_CA_smci_20140712_110857_934.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_wcf_CA_smci_20140712_110900_166.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_wcf_CA_smci_20140712_111527_606.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dd_wcf_CA_smci_20140712_111528_789.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\dkdlqmdlrkqt
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI10C1.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI11B1.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI12CC.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI156D.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI15A.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI1A9A.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI1C17.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI1FF9.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI21CF.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI231C.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI23F7.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI247B.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI27F9.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI2972.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI2A3E.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI2BE.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI2E1E.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI3262.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI3313.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI350.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI35D3.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI37C6.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI387B.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI38AB.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI39E.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI3AF6.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI3EA.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI3F19.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI40FB.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI4148.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI459B.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI47DF.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI4957.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI4A93.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI4CF.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI4E2F.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI52D.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI53B3.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI53EA.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI54D1.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI5528.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI56B1.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI59C2.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI61F1.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI642.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI6818.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI68CD.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI6DAF.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI70E0.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI71A.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI765F.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI7703.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI7722.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI7778.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI7980.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI7BB4.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI7BC0.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI7BE0.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI7BF7.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI7C27.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI7D08.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI8160.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI819B.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI8630.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI889D.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI8A44.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI924F.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI9318.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI9431.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI97E4.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI98B0.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI996D.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI9AB4.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI9B68.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI9C1.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMI9E51.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIA047.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIA31D.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIAC07.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIAC63.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIAC67.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIAD5.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIAEA4.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIAF27.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIB0EA.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIB2BD.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIB476.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIB714.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIB759.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIB7F8.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIB8D4.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIBA20.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIBA72.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIBC8D.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIBEE5.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIC14D.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIC21B.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIC2A1.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIC3C9.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIC77.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIC9FA.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMICC76.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMICE6D.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMICFA7.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMID1D2.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMID221.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMID2D0.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMID33.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMID3E9.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMID5AB.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIDAA2.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIDD63.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIDE78.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIDE7D.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIDF33.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIE574.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIE6B3.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIE974.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIECA7.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIEF6D.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIF106.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIFC31.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIFC6C.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIFC86.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\DMIFFE6.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\E220AutoRunLog.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\FOT_2313.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\FOT_2319.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\FOT_2356.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\FOT_2360.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\FOT_2363.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\FOT_2597.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\FOT_2813.JPG
C:\Users\Radu\AppData\Local\Temp\FXSAPIDebugLogFile.txt
The process cannot access the file because it is being used by another process.
Deleted file - C:\Users\Radu\AppData\Local\Temp\hangouts_incoming_call.ogg
Deleted file - C:\Users\Radu\AppData\Local\Temp\hangouts_message.ogg
Deleted file - C:\Users\Radu\AppData\Local\Temp\hangouts_video_call.ogg
Deleted file - C:\Users\Radu\AppData\Local\Temp\hangout_dingtone.m4a
Deleted file - C:\Users\Radu\AppData\Local\Temp\HiSuiteDownLoader.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140318-WA0014.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140321-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140321-WA0001.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140321-WA0002.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140323-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140324-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140329-WA0001.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140329-WA0002.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140329-WA0003.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140329-WA0004.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140330-WA0007.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140330-WA0008.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140330-WA0009.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140330-WA0010.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140403-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140406-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140407-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140414-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140419-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140420-WA0001.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140420-WA0002.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140422-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140423-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140423-WA0001.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140502-WA0001.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140502-WA0002.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140506-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140512-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140512-WA0002.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140512-WA0003.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140512-WA0005.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140512-WA0012.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140516-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140519-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140521-WA0004.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140523-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140524-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140602-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140603-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140605-WA0004.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140608-WA0001.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140614-WA0004.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140614-WA0008.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140614-WA0009.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140614-WA0010.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140619-WA0005.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140622-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140622-WA0001.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140623-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140623-WA0011.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140623-WA0012.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140623-WA0013.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140623-WA0014.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140623-WA0015.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140624-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140624-WA0001.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140624-WA0002.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140626-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140626-WA0001.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140626-WA0002.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140626-WA0003.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140626-WA0004.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140626-WA0005.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140626-WA0006.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140701-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140701-WA0001.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140701-WA0002.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140701-WA0003.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140702-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140705-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140706-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140706-WA0001.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140706-WA0002.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140707-WA0003.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140709-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140711-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140713-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140713-WA0013.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140714-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140714-WA0001.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140714-WA0002.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140714-WA0003.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140714-WA0004.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140714-WA0005.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140714-WA0006.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140714-WA0007.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140714-WA0008.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140714-WA0009.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140714-WA0010.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140715-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG-20140720-WA0000.jpg
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_5301.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_5375.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_5464.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_5522.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_5538-2.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_5538.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_5597.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_5620.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_5688.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_5779-2.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_5779-3.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_5779.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_5795.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_5808.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_5824.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_5910.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_5914.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_5933.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_5961.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_6050.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_6174.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_6295-2.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_6295-3.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_6295.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_6433-2.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_6433-3.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_6433.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_6512-2.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_6512-3.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\IMG_6512.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\inet.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\is9B7F.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\isCB2.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\ispr529a.rra
Deleted file - C:\Users\Radu\AppData\Local\Temp\IWCSDrvInstaller.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\i_temp.temp
Deleted file - C:\Users\Radu\AppData\Local\Temp\JET60A9.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\JET6184.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2461678_20140712_025810211-Microsoft .NET Framework 4 Client Profile-MSP0.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2461678_20140712_025810211-Microsoft .NET Framework 4 Extended-MSP1.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2461678_20140712_025810211.html
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2487367_20140712_035413639-Microsoft .NET Framework 4 Extended-MSP0.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2487367_20140712_035413639.html
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2533523_20140712_034916377-Microsoft .NET Framework 4 Client Profile-MSP1.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2533523_20140712_034916377-Microsoft .NET Framework 4 Extended-MSP0.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2533523_20140712_034916377.html
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2600217_20140712_034424803-Microsoft .NET Framework 4 Client Profile-MSP0.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2600217_20140712_034424803-Microsoft .NET Framework 4 Extended-MSP1.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2600217_20140712_034424803.html
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2604121_20140712_043115335-Microsoft .NET Framework 4 Client Profile-MSP0.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2604121_20140712_043115335.html
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2729449_20140712_043536238-Microsoft .NET Framework 4 Client Profile-MSP0.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2729449_20140712_043536238.html
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2736428_20140712_040703060-Microsoft .NET Framework 4 Client Profile-MSP0.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2736428_20140712_040703060-Microsoft .NET Framework 4 Extended-MSP1.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2736428_20140712_040703060.html
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2789642_20140712_045700763-Microsoft .NET Framework 4 Client Profile-MSP0.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2789642_20140712_045700763.html
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2836939v3_20140712_035630900-Microsoft .NET Framework 4 Client Profile-MSP0.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2836939v3_20140712_035630900-Microsoft .NET Framework 4 Extended-MSP1.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2836939v3_20140712_035630900.html
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2840628v2_20140712_045122231-Microsoft .NET Framework 4 Client Profile-MSP0.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2840628v2_20140712_045122231.html
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2858302v2_20140712_041311179-Microsoft .NET Framework 4 Client Profile-MSP0.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2858302v2_20140712_041311179-Microsoft .NET Framework 4 Extended-MSP1.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2858302v2_20140712_041311179.html
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2898855v2_20140712_042324487-Microsoft .NET Framework 4 Client Profile-MSP0.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2898855v2_20140712_042324487.html
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2931365_20140712_041054831-Microsoft .NET Framework 4 Client Profile-MSP0.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\KB2931365_20140712_041054831.html
Deleted file - C:\Users\Radu\AppData\Local\Temp\Kies3Install.Log
Deleted file - C:\Users\Radu\AppData\Local\Temp\KiesInstall.Log
Deleted file - C:\Users\Radu\AppData\Local\Temp\kl-install-2014-08-04-23-28-33.log.enc1
Deleted file - C:\Users\Radu\AppData\Local\Temp\kl-preinstall-2014-08-04-23-26-48.log.enc1
Deleted file - C:\Users\Radu\AppData\Local\Temp\kl-setup-2014-08-04-23-25-33.log.enc1
Deleted file - C:\Users\Radu\AppData\Local\Temp\KMSpico.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\LG_USB_Driver.msi
Deleted file - C:\Users\Radu\AppData\Local\Temp\mgyun_driver_64_4.zip
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_20140712_015719869-MSI_netfx_Core_x64.msi.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_20140712_015719869-MSI_netfx_Extended_x64.msi.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_20140712_015719869.html
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft Visual C++ 2010  x64 Redistributable Setup_20140712_015356358-MSI_vc_red.msi.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft Visual C++ 2010  x64 Redistributable Setup_20140712_015356358.html
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft Visual C++ 2010  x86 Redistributable Setup_20140712_015611819-MSI_vc_red.msi.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft Visual C++ 2010  x86 Redistributable Setup_20140712_015611819.html
Deleted file - C:\Users\Radu\AppData\Local\Temp\MSI29843.LOG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MSI3b806.LOG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MSI3eb4d.LOG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MSI53573.LOG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MSI57da5.LOG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MSI77b4e.LOG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MSI810aa.LOG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MSI9b517.LOG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MSIae050.LOG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MSIba0ed.LOG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MSIda8ed.LOG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_2621.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_2650.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_2660.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_2679.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_2695.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_4200.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_4206.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_4215.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_4220.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_4223.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_4250.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_4288.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_4316.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_4399.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_4410.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_4424.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_4547.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_4998.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_5013.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_5120.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_5200.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_5803.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_5852.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_5864.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_5872.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_5895.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\MUS_5902.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\nsb4A04.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\nsc6628.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\nsc6628.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\nsg4E05.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\nsh8F24.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\nsj546E.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\nso93BE.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\nso93BE.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\nsq9853.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\nsq9853.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\nsr67F6.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\nsvE2EC.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\nsw742D.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\nsw742D.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\nsz40A0.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\nsz7053.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\nsz7053.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\ose00000.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\Over_the_horizon.mp3
Deleted file - C:\Users\Radu\AppData\Local\Temp\Radu.bmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\ResetDevice.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\RGI3266.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\RGI3266.tmp-tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\RGI3AB.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\RGI3AB.tmp-tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\RGI6BC8.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\RGI6BC8.tmp-tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\RGI73FE.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\RGI73FE.tmp-tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\RGI9992.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\RGI9992.tmp-tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\RGIA53F.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\RGIA53F.tmp-tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\RGIAC6C.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\RGIAC6C.tmp-tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\RGIE128.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\RGIE128.tmp-tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-17-00-41-48.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-17-00-41-55.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-12-52.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-12-59.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-13-04.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-13-16.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-13-25.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-13-33.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-13-38.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-13-49.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-13-55.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-14-04.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-14-13.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-14-18.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-14-25.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-14-32.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-14-39.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-14-45.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-22-41.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-23-11.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-23-31.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-23-47.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-23-55.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-24-27.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-04-27-10-24-52.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\Screenshot_2014-06-17-19-23-10.png
Deleted file - C:\Users\Radu\AppData\Local\Temp\setup.ini
Deleted file - C:\Users\Radu\AppData\Local\Temp\SetupAdmin11B8.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\SetupAdminDD4.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\SetupAdminDEC.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\SetupAdminFC0.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\SetupExe(20140712023112188).log
Deleted file - C:\Users\Radu\AppData\Local\Temp\sp-downloader.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\ssdkdlqmdlrkqt
Deleted file - C:\Users\Radu\AppData\Local\Temp\sszlrkqt
Deleted file - C:\Users\Radu\AppData\Local\Temp\StructuredQuery.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\SysConfig.dat
Deleted file - C:\Users\Radu\AppData\Local\Temp\SZCCID.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\tmp5760.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\tmp58D8.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\ucaevents.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\utt1C17.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\utt1C17.tmp.bat
Deleted file - C:\Users\Radu\AppData\Local\Temp\utt40C1.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\utt40C1.tmp.bat
Deleted file - C:\Users\Radu\AppData\Local\Temp\utt59F2.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\utt59F2.tmp.old
Deleted file - C:\Users\Radu\AppData\Local\Temp\utt6B81.tmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\utt6B81.tmp.old
Deleted file - C:\Users\Radu\AppData\Local\Temp\vcredis1.cab
Deleted file - C:\Users\Radu\AppData\Local\Temp\vcredist.msi
Deleted file - C:\Users\Radu\AppData\Local\Temp\vcredist9_x86.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\vcredist_x64.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\wmsetup.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\zlrkqt
Deleted file - C:\Users\Radu\AppData\Local\Temp\_HTC_Installer.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\~DFD5414032EDC06C16.TMP
Deleted file - C:\Users\Radu\AppData\Local\Temp\???????????????????.bat
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\20140103_171848.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\20140103_172132.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\20140103_172314.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\FOT_2313.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\FOT_2319.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\FOT_2356.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\FOT_2360.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\FOT_2363.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\FOT_2597.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\FOT_2813.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_5301.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_5375.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_5464.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_5522.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_5538-2.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_5538.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_5597.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_5688.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_5795.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_5808.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_5824.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_5910.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_5914.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_5933.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_5961.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_6050.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_6174.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_6295-2.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_6295-3.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_6295.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_6433-2.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_6433-3.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_6433.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_6512-2.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_6512-3.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Convert\IMG_6512.JPG
Deleted file - C:\Users\Radu\AppData\Local\Temp\Kies3DumpFiles\v3.2.14055_3_0-20140714-031133151-1452-3608.dmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\Kies3DumpFiles\v3.2.14055_3_0-20140714-031133151-1452-4984.dmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\Kies3DumpFiles\v3.2.14055_3_0-20140728-08505619-3776-1664.dmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\KiesLiveupdateTemp\PluginHost.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\KiesTemporary\avrt.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\KiesTemporary\InstallSetting.cfg
Deleted file - C:\Users\Radu\AppData\Local\Temp\KiesTemporary\wlanapi.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\MaAgent.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\MAAuthProc.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\MACLICX13.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\MACLicX15.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\MACSMANAGER.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\MaCSMgr.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\MaCSProHook.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\mapshapi.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\mapwij10.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\MaSyncP.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\MaWAMP.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\MAWebControl.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\MaWMP.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\MPXBox.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\MtpAccess.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\UserShare.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\XSYNCClt.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\UpdateClient\MAFileUpdate.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\UpdateClient\MAUpdate.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\UpdateClient\MAUpdateBoot.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\MarkAny\ContentSafer\UpdateClient\MaUpdateClient.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\mgyun_driver_64_4\androidwinusba64.cat
Deleted file - C:\Users\Radu\AppData\Local\Temp\mgyun_driver_64_4\android_winusb.inf
Deleted file - C:\Users\Radu\AppData\Local\Temp\mgyun_driver_64_4\amd64\WdfCoInstaller01009.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\mgyun_driver_64_4\amd64\winusbcoinstaller2.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\mgyun_driver_64_4\amd64\WUDFUpdate_01009.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\DHtmlHeader.html
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\DisplayIcon.ico
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\header.bmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\netfx_Core.mzz
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\netfx_Core_x64.msi
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\netfx_Extended.mzz
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\netfx_Extended_x64.msi
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\ParameterInfo.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Setup.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupEngine.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUi.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUi.xsd
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUtility.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SplashScreen.bmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\sqmapi.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Strings.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\UiInfo.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\watermark.bmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Windows6.1-KB958488-v6001-x64.msu
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1025\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1025\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1025\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1028\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1028\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1028\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1029\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1029\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1029\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1030\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1030\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1030\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1031\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1031\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1031\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1032\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1032\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1032\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1033\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1033\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1033\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1035\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1035\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1035\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1036\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1036\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1036\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1037\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1037\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1037\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1038\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1038\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1038\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1040\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1040\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1040\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1041\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1041\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1041\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1042\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1042\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1042\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1043\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1043\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1043\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1044\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1044\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1044\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1045\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1045\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1045\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1046\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1046\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1046\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1049\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1049\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1049\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1053\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1053\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1053\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1055\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1055\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1055\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2052\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2052\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2052\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2070\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2070\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2070\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3076\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3076\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3076\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3082\eula.rtf
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3082\LocalizedData.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3082\SetupResources.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Client\Parameterinfo.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Client\UiInfo.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Extended\Parameterinfo.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Extended\UiInfo.xml
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Print.ico
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Rotate1.ico
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Rotate2.ico
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Rotate3.ico
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Rotate4.ico
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Rotate5.ico
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Rotate6.ico
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Rotate7.ico
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Rotate8.ico
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Save.ico
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Setup.ico
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\stop.ico
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\SysReqMet.ico
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\SysReqNotMet.ico
Deleted file - C:\Users\Radu\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\warn.ico
Deleted file - C:\Users\Radu\AppData\Local\Temp\NeroLog\NUT.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\outlook logging\firstrun.log
Deleted file - C:\Users\Radu\AppData\Local\Temp\Temp1_tdsskiller.zip\TDSSKiller.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\UTPSDLL\GdiPlus.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\UTPSDLL\mfc40u.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\UTPSDLL\mfc71.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\UTPSDLL\MFC71u.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\UTPSDLL\msvcp60.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\UTPSDLL\msvcp71.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\UTPSDLL\msvcr71.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\{311AD2AC-10F1-4D71-A1FE-26072288FC94}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\nvuninst.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\{47822709-B383-42B3-A348-5984CF4630C5}\{66239456-F8B1-49EC-818C-822603C5B712}\difxapi.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\{777FB9C3-29C5-4A57-8E27-C01B3A2DFCA7}\{66239456-F8B1-49EC-818C-822603C5B712}\difxapi.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\{B535FA58-E105-448C-A009-912AEAB659DB}\ISBEW64.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D185A69C-E3A5-47B2-8A45-EB8359AB5439}\{66239456-F8B1-49EC-818C-822603C5B712}\difxapi.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\corecomp.ini
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\dotnetinstaller.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\ISBEW64.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\default.pal
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\EULA.txt
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\FontData.ini
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\IsBkgd.bmp
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\isrt.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\NvInstNT.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\nvuninst-amd64.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\nvuninst-ia64.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\nvuninst.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\nvupnp-amd64.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\nvupnp-ia64.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\nvupnpbr.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\Portal_32x32.ico
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\Portal_48x48.ico
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\setup.inx
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\StringTable-0009-English.ips
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\_IsRes.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\_isressm.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\{D4FDD639-3A6B-48B5-84CC-2B18C20BC2FB}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\_ISUser.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\{DEEEDE2A-7418-4F85-8718-7AEF03BE7961}\{1FA08A70-6E60-4E06-90B6-7B96A741E9E0}\androidusb.sys
Deleted file - C:\Users\Radu\AppData\Local\Temp\{DEEEDE2A-7418-4F85-8718-7AEF03BE7961}\{1FA08A70-6E60-4E06-90B6-7B96A741E9E0}\androidusba64.cat
Deleted file - C:\Users\Radu\AppData\Local\Temp\{DEEEDE2A-7418-4F85-8718-7AEF03BE7961}\{1FA08A70-6E60-4E06-90B6-7B96A741E9E0}\android_usb.inf
Deleted file - C:\Users\Radu\AppData\Local\Temp\{DEEEDE2A-7418-4F85-8718-7AEF03BE7961}\{1FA08A70-6E60-4E06-90B6-7B96A741E9E0}\DPInst.exe
Deleted file - C:\Users\Radu\AppData\Local\Temp\{DEEEDE2A-7418-4F85-8718-7AEF03BE7961}\{1FA08A70-6E60-4E06-90B6-7B96A741E9E0}\qcmdm.inf
Deleted file - C:\Users\Radu\AppData\Local\Temp\{DEEEDE2A-7418-4F85-8718-7AEF03BE7961}\{1FA08A70-6E60-4E06-90B6-7B96A741E9E0}\qcsera.inf
Deleted file - C:\Users\Radu\AppData\Local\Temp\{DEEEDE2A-7418-4F85-8718-7AEF03BE7961}\{1FA08A70-6E60-4E06-90B6-7B96A741E9E0}\qcusbser.sys
Deleted file - C:\Users\Radu\AppData\Local\Temp\{DEEEDE2A-7418-4F85-8718-7AEF03BE7961}\{1FA08A70-6E60-4E06-90B6-7B96A741E9E0}\qcusbsera.cat
Deleted file - C:\Users\Radu\AppData\Local\Temp\{DEEEDE2A-7418-4F85-8718-7AEF03BE7961}\{1FA08A70-6E60-4E06-90B6-7B96A741E9E0}\WdfCoInstaller01005.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\{E0459816-3300-4204-B5EA-28D9FE9477E8}\setup.ini
Deleted file - C:\Users\Radu\AppData\Local\Temp\{E0459816-3300-4204-B5EA-28D9FE9477E8}\setup.isn
Deleted file - C:\Users\Radu\AppData\Local\Temp\{E0459816-3300-4204-B5EA-28D9FE9477E8}\_Setup.dll
Deleted file - C:\Users\Radu\AppData\Local\Temp\{F45E1818-D989-4350-9BA3-CAAED02BE482}\ISBEW64.exe
 
========= End of CMD: =========
 
 
=========  RD /S /Q %TEMP% =========
 
C:\Users\Radu\AppData\Local\Temp\adb.log - The process cannot access the file because it is being used by another process.
C:\Users\Radu\AppData\Local\Temp\etilqs_96SKOH10F5N2TE7 - The process cannot access the file because it is being used by another process.
C:\Users\Radu\AppData\Local\Temp\FXSAPIDebugLogFile.txt - The process cannot access the file because it is being used by another process.
 
========= End of CMD: =========
 
 
 
The system needed a reboot. 
 
==== End of Fixlog ====

  • 0

#20
Essexboy
Posted 05 August 2014 - 08:58 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you now run a fresh FRST scan for PC1 please
  • 0

#21
Andreib18
Posted 05 August 2014 - 09:36 AM

Andreib18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts

I cannot because it's not finished yet ..it scand from 9 am ...log from pc2 i think it's 2 big and i';; upload the txt

 

 


  • 0

#22
Andreib18
Posted 05 August 2014 - 10:20 AM

Andreib18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts

The log ..sorry i didn't see that i don't post the log from pc 2

Attached Files


  • 0

#23
Essexboy
Posted 05 August 2014 - 11:02 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

OK once PC1 has finished the Pure scan could you upload it zipped to a file sharing site so that I can look at it


  • 0

#24
Andreib18
Posted 06 August 2014 - 01:41 AM

Andreib18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts

ok ..on pc2 pure still detects malware ..this it the pure log on pc 1 that i left over night to scan 

 

http://www.speedysha...R/pure-scan.rar


  • 0

#25
Essexboy
Posted 06 August 2014 - 03:52 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK could you now run a fresh FRST scan on PC1

For PC2 where is pure showing the infection ?
  • 0

Advertisements

#26
Andreib18
Posted 06 August 2014 - 04:08 AM

Andreib18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts

on pc 2 shows 3 malware on D: and C: both system volume information /and alot of characters and heur.Trojan.Win32>gen win.32cosmu and downloader-win32.VB also pc 2 at every restarts check the disks(could be also a hdd problem ) .On pc1 frst won't start (administrator or not) when launches just quits 


  • 0

#27
Essexboy
Posted 06 August 2014 - 04:16 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK different programme for PC1, for PC2 clear the restore points then run a chkdsk /r

Download OTL to your Desktop
Secondary link
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

    OTL_Main_Tutorial.gif
  • Select All Users
  • Select LOP and Purity
  • Under the Custom Scan box paste this in

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    c:\program files (x86)\Google\Desktop
    c:\program files\Google\Desktop
    dir "%systemdrive%\*" /S /A:L /C
    /md5start
    rpcss.dll
    /md5stop
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Attach both logs

  • 0

#28
Andreib18
Posted 06 August 2014 - 05:03 AM

Andreib18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts

Also on pc3 i installed avira and founded 1 thread dropper gen ,logs from pc1

 

OTL logfile created on: 8/6/2014 1:51:44 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Radu Mamii\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.99 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 65.74% Memory free
4.83 Gb Paging File | 3.72 Gb Available in Paging File | 77.01% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 488.28 Gb Total Space | 136.56 Gb Free Space | 27.97% Space Free | Partition Type: NTFS
Drive D: | 443.22 Gb Total Space | 10.82 Gb Free Space | 2.44% Space Free | Partition Type: NTFS
 
Computer Name: SERVICE-429D9B2 | User Name: Radu Mamii | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/08/04 09:50:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Radu Mamii\Desktop\OTL.exe
PRC - [2014/07/15 12:24:50 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/05/07 15:00:32 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2014/05/07 13:01:30 | 001,324,544 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
PRC - [2014/05/07 12:53:28 | 000,389,632 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
PRC - [2014/01/21 14:41:16 | 000,585,728 | ---- | M] (BlackBerry Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
PRC - [2013/11/11 20:55:10 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
PRC - [2013/10/17 16:41:16 | 000,821,600 | ---- | M] () -- C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
PRC - [2013/09/02 10:51:38 | 000,087,368 | ---- | M] (Nero AG) -- C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
PRC - [2013/04/18 12:06:42 | 000,737,616 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2013/04/18 12:06:32 | 000,179,024 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2013/04/18 12:06:26 | 000,127,312 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2012/12/07 17:26:56 | 000,167,424 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2011/10/31 09:07:55 | 000,048,128 | R--- | M] (Mobile Leader Co.,Ltd.) -- C:\WINDOWS\system32\ScsiCommandService2.exe
PRC - [2011/08/05 12:29:56 | 000,057,056 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Zune\ZuneBusEnum.exe
PRC - [2010/03/05 12:50:19 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) -- C:\WINDOWS\system32\LGScsiCommandService.exe
PRC - [2008/08/21 15:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/07/15 12:24:48 | 000,353,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppgooglenaclpluginchrome.dll
MOD - [2014/07/15 12:24:46 | 014,664,008 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
MOD - [2014/07/15 12:24:44 | 008,537,928 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll
MOD - [2014/07/15 12:24:35 | 001,732,936 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
MOD - [2014/02/12 21:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/12 21:58:10 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/10/17 16:43:40 | 000,223,592 | ---- | M] () -- C:\Program Files\HTC\HTC Sync Manager\DevConnMon.dll
MOD - [2013/10/17 16:42:24 | 000,129,376 | ---- | M] () -- C:\Program Files\HTC\HTC Sync Manager\zlib1.dll
MOD - [2013/10/17 16:41:16 | 000,821,600 | ---- | M] () -- C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
MOD - [2013/10/17 16:40:52 | 000,080,248 | ---- | M] () -- C:\Program Files\HTC\HTC Sync Manager\NInstallerHelper.dll
MOD - [2013/10/17 16:40:34 | 000,044,392 | ---- | M] () -- C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll
MOD - [2013/10/17 16:40:32 | 000,036,216 | ---- | M] () -- C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
MOD - [2013/10/17 16:40:28 | 000,607,376 | ---- | M] () -- C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll
MOD - [2013/10/17 16:40:06 | 000,031,080 | ---- | M] () -- C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll
MOD - [2012/12/20 18:19:52 | 001,310,728 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
MOD - [2012/12/20 18:19:26 | 000,479,752 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
MOD - [2012/12/07 17:26:56 | 000,167,424 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
MOD - [2009/05/16 00:22:42 | 000,716,800 | ---- | M] () -- C:\Program Files\SAMSUNG\Samsung PC Studio 7\PCSCM_Samsung.dll
MOD - [2008/12/06 01:38:50 | 000,619,008 | ---- | M] () -- C:\Program Files\SAMSUNG\Samsung PC Studio 7\PhoneBrowser.dll
MOD - [2008/08/21 15:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/08/21 15:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006/09/10 20:46:38 | 000,020,776 | ---- | M] () -- C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2014/07/09 11:32:06 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/07 15:00:32 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2014/05/07 13:01:30 | 001,324,544 | ---- | M] (Research In Motion Limited) [Auto | Running] -- C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe -- (RIM Tunnel Service)
SRV - [2014/05/07 12:53:28 | 000,389,632 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe -- (RIM MDNS)
SRV - [2014/02/13 03:36:33 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/01/21 14:41:16 | 000,585,728 | ---- | M] (BlackBerry Limited) [On_Demand | Running] -- C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe -- (BlackBerry Device Manager)
SRV - [2013/11/11 20:55:10 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe -- (AVP)
SRV - [2013/09/25 15:42:10 | 000,818,888 | ---- | M] (Infowatch) [Auto | Stopped] -- C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
SRV - [2013/09/02 10:51:38 | 000,087,368 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe -- (HTCMonitorService)
SRV - [2013/04/18 12:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012/12/07 17:26:56 | 000,167,424 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011/10/31 09:07:55 | 000,048,128 | R--- | M] (Mobile Leader Co.,Ltd.) [Auto | Running] -- C:\WINDOWS\system32\ScsiCommandService2.exe -- (ScsiCommandService2)
SRV - [2011/08/05 12:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2011/08/05 12:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2011/08/05 12:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2011/08/05 12:29:56 | 000,057,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Zune\ZuneBusEnum.exe -- (ZuneBusEnum)
SRV - [2010/03/05 12:50:19 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) [Auto | Running] -- C:\WINDOWS\system32\LGScsiCommandService.exe -- (LGScsiCommandService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2014/08/05 10:29:31 | 000,595,008 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2014/08/05 10:29:31 | 000,135,776 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2014/06/27 09:59:18 | 000,116,320 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2014/05/19 19:31:41 | 000,006,784 | ---- | M] (UniversalBox) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ubnredir.sys -- (UBNRedir)
DRV - [2014/05/07 12:41:04 | 000,012,800 | ---- | M] (Research in Motion Limited) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimvndis.sys -- (rimvndis)
DRV - [2014/05/06 17:16:58 | 000,035,226 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\flsvcom.sys -- (FLSVCOM)
DRV - [2014/05/06 17:16:58 | 000,008,344 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\flsser.sys -- (FLSSER)
DRV - [2014/05/06 17:16:57 | 000,016,314 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\flspar.sys -- (FLSPAR)
DRV - [2014/05/06 17:16:57 | 000,014,272 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\flsiface.sys -- (FLSIFACE)
DRV - [2014/05/06 17:16:52 | 000,033,404 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fle5wnnt.sys -- (FLE5WNNT)
DRV - [2013/11/11 20:55:04 | 000,145,040 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kneps.sys -- (kneps)
DRV - [2013/11/11 20:55:04 | 000,044,000 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kltdi.sys -- (kltdi)
DRV - [2013/11/11 20:55:04 | 000,024,672 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2013/11/11 20:55:04 | 000,024,160 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klkbdflt.sys -- (klkbdflt)
DRV - [2013/08/21 07:31:38 | 000,182,680 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2013/08/21 07:31:38 | 000,182,680 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudobex.sys -- (ssudobex)
DRV - [2013/08/21 07:31:38 | 000,182,680 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013/08/21 07:31:38 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013/08/21 07:31:38 | 000,080,664 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudrmnetmp.sys -- (ssudrmnetmp)
DRV - [2013/08/21 07:31:38 | 000,060,184 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudrmnet.sys -- (ssudrmnet)
DRV - [2013/08/21 07:31:30 | 000,016,384 | ---- | M] (Intel Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlashUSB.sys -- (FlashUSB)
DRV - [2013/07/25 16:53:46 | 000,018,944 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2013/05/02 07:23:50 | 000,153,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2013/05/02 07:23:50 | 000,136,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2013/05/02 07:23:50 | 000,017,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2013/05/02 07:23:42 | 000,153,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2013/05/02 07:23:42 | 000,136,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2013/05/02 07:23:42 | 000,130,248 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2013/05/02 07:23:42 | 000,032,064 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2013/05/02 07:23:42 | 000,017,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2013/04/04 12:35:49 | 000,021,888 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\eps2kt1.sys -- (token)
DRV - [2013/04/04 12:35:49 | 000,012,800 | ---- | M] (OEM) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smccard.sys -- (R5BaseSmc)
DRV - [2013/04/02 17:09:13 | 000,007,808 | ---- | M] (UniversalBox) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ubnd.sys -- (UBND)
DRV - [2013/01/23 11:31:52 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2013/01/23 11:31:52 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2013/01/23 11:31:50 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2013/01/23 11:31:50 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2013/01/23 11:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2013/01/23 11:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2012/12/07 18:27:50 | 000,021,248 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2012/10/17 15:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012/09/27 14:44:03 | 000,073,096 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2012/09/04 13:42:16 | 000,107,776 | ---- | M] (HS Coporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ghsser.sys -- (ghsser)
DRV - [2012/07/04 14:47:00 | 000,070,400 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetndis.sys -- (andnetndis)
DRV - [2012/07/03 12:56:00 | 000,025,856 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetadb.sys -- (andnetadb)
DRV - [2012/07/03 12:43:00 | 000,027,776 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetmodem.sys -- (ANDNetModem)
DRV - [2012/07/03 12:43:00 | 000,023,040 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetdiag.sys -- (AndNetDiag)
DRV - [2012/06/27 14:09:08 | 000,035,672 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2012/06/20 11:51:34 | 000,017,672 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter_hs.sys -- (massfilter_hs)
DRV - [2012/04/13 13:42:06 | 000,117,248 | ---- | M] (Spreadtrum Communication Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SciU2S.sys -- (SciU2S)
DRV - [2012/03/02 17:03:00 | 000,025,216 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2012/03/02 17:03:00 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2012/03/02 17:03:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbgps.sys -- (UsbGps)
DRV - [2012/03/02 17:03:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2012/03/02 17:02:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2012/03/02 17:02:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2012/03/02 17:02:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandgps.sys -- (AndGps)
DRV - [2012/03/02 17:02:00 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandbus.sys -- (Andbus)
DRV - [2011/11/09 12:30:42 | 000,108,160 | ---- | M] (TCL Communicate Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qcusbser.sys -- (qcusbser)
DRV - [2011/06/02 14:39:44 | 000,088,632 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\CSCrySec.sys -- (CSCrySec)
DRV - [2011/06/02 14:39:44 | 000,039,736 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
DRV - [2011/05/13 09:07:28 | 000,041,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcmvcp.sys -- (BRCM)
DRV - [2011/03/09 16:37:46 | 000,033,792 | ---- | M] (Texas Instruments Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\csstusb.sys -- (CSSTUSB)
DRV - [2011/03/01 20:36:54 | 000,037,184 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cyclonebox.sys -- (cyclonebox)
DRV - [2010/04/27 05:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010/04/27 05:25:16 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2010/04/27 05:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2010/04/27 05:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2010/04/27 05:25:14 | 000,132,608 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV - [2010/04/27 05:25:14 | 000,104,448 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus)
DRV - [2010/04/27 05:25:14 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl)
DRV - [2010/04/27 05:25:12 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2010/04/27 05:25:12 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2010/04/27 05:25:12 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2010/04/27 05:25:08 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbsa.sys -- (nmwcdsa)
DRV - [2010/04/13 20:40:48 | 000,017,152 | ---- | M] (GSM Dream Team) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dreambox.sys -- (DreamBox)
DRV - [2010/02/11 15:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2010/02/03 15:31:26 | 000,012,416 | ---- | M] (NXP Semiconductors) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\52xdfu.sys -- (DFU)
DRV - [2009/10/22 16:11:14 | 000,057,800 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009/10/21 11:22:32 | 001,425,280 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009/07/22 11:08:40 | 000,062,080 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mstrgen.sys -- (mstrgen)
DRV - [2009/07/13 16:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2009/06/10 15:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009/05/25 15:21:28 | 000,142,336 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/04/05 23:13:52 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2009/04/05 23:13:52 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2009/01/15 10:58:34 | 000,101,120 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NOKIA_3806_PHONE.sys -- (NOKIA_3806_PHONE)
DRV - [2007/06/25 11:43:38 | 000,098,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117obex.sys -- (s117obex)
DRV - [2007/06/25 11:43:36 | 000,108,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mdm.sys -- (s117mdm)
DRV - [2007/06/25 11:43:36 | 000,100,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mgmt.sys -- (s117mgmt)
DRV - [2007/06/25 11:43:36 | 000,098,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117unic.sys -- (s117unic)
DRV - [2007/06/25 11:43:36 | 000,022,952 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117nd5.sys -- (s117nd5)
DRV - [2007/06/25 11:43:26 | 000,014,888 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mdfl.sys -- (s117mdfl)
DRV - [2007/06/25 11:43:22 | 000,082,984 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117bus.sys -- (s117bus)
DRV - [2006/12/28 19:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService)
DRV - [2006/05/19 10:23:00 | 000,018,880 | ---- | M] (Axalto) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\egate.sys -- (Egatecard)
DRV - [2006/05/19 10:23:00 | 000,015,328 | ---- | M] (Axalto) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\egatebus.sys -- (Egatebus)
DRV - [2006/05/19 10:23:00 | 000,013,440 | ---- | M] (Axalto) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\egaterdr.sys -- (Egaterdr)
DRV - [2006/02/26 18:02:50 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004/03/25 16:29:22 | 000,024,144 | ---- | M] (SHARP Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbgx_2.sys -- (USBSHGX)
DRV - [2004/03/02 18:06:36 | 000,010,240 | ---- | M] (SHARP Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gxdlusb.sys -- (gxdlusb)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-299502267-115176313-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ro/
IE - HKU\S-1-5-21-299502267-115176313-682003330-1003\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKU\S-1-5-21-299502267-115176313-682003330-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-299502267-115176313-682003330-1003\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovi.com...rchTerms}&SSPV=
IE - HKU\S-1-5-21-299502267-115176313-682003330-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-299502267-115176313-682003330-1003\..\SearchScopes\{2E22C5E0-253F-4AF3-BCA7-02F476B9E955}: "URL" = http://websearch.ask...E5-1DF470ED5518
IE - HKU\S-1-5-21-299502267-115176313-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-299502267-115176313-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014/08/05 10:30:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014/08/05 10:30:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014/08/05 10:30:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014/08/05 10:30:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014/08/05 10:30:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2014/06/21 13:43:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Radu Mamii\Application Data\Mozilla\Extensions
[2014/06/21 13:51:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Radu Mamii\Application Data\Mozilla\Firefox\Profiles\j7hu8h2q.default\extensions
[2014/07/12 09:40:54 | 000,000,643 | ---- | M] () -- C:\Documents and Settings\Radu Mamii\Application Data\Mozilla\Firefox\Profiles\j7hu8h2q.default\searchplugins\trovi-search.xml
[2013/04/02 16:18:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/06/21 13:42:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/06/21 13:42:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll
CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - Extension: Google Docs = C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: Google Search = C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Kaspersky URL Advisor = C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.2.558_0\
CHR - Extension: Kaspersky Protection = C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh\2.3.0.43_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.2.558_0\
 
O1 HOSTS File: ([2014/08/05 09:45:33 | 000,012,314 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR...l4/strict.dtd">
O1 - Hosts: <html lang='en'>
O1 - Hosts: <head>
O1 - Hosts:             <meta name="description" content="Yahoo! GeoCities offers you a free web site and all the tools you need to build a dynamic site. Features include easy-to-use site building tools, online help, web site statistics, secure and reliable hosting, and an intuitive control panel.">
O1 - Hosts:             <title>Yahoo! GeoCities: Get a web site with easy-to-use site building tools.</title>
O1 - Hosts: <link rel="stylesheet" type="text/css" media="all" href="http://l.yimg.com/a/lib/smbiz/css/geocities_84954.css"> 
O1 - Hosts: <style>
O1 - Hosts: h1 { line-height:30px;height:30px; padding-left:15px; font-weight:bold;font-size:1.6em;color:#1f296a;}
O1 - Hosts: .services li { margin-left:1.0em; padding-left:0.5em; background:url("http://l.yimg.com/a/...ullet_3x3_1.gif") no-repeat 0 0.5em; margin-bottom:0.5em;margin-left:1.5em;margin-right:0.5em;width:6em}
O1 - Hosts: .services li {float:left; width:17em; font-size:116%;margin-top:0.8em}
O1 - Hosts:  .services {  font-size:116%; padding-bottom:20px }
O1 - Hosts: .image_web  {float:right; margin:15px 0 0 15px}
O1 - Hosts: p {margin:20px;font-size:1em;}
O1 - Hosts: h2 {margin:20px 0 0 20px;color:#1F296;font-weight:bold;font-size:1.25em;color:#1f296a;}
O1 - Hosts: h3 {margin:20px;color:#1F296;font-weight:bold;font-size:1.15em;color:#1f296a;}
O1 - Hosts: li.rule {border-top:solid 1px #DBE1E6;}
O1 - Hosts: </style>
O1 - Hosts: </head>
O1 - Hosts: <body>
O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->
O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE -->
O1 - Hosts:  <div class="ez-mw" style ="height:900px;width:905px">
O1 - Hosts:     <div class="ez-wri ez-oh" style="width:900px">
O1 - Hosts:     <div class="ez-box">
O1 - Hosts: 87 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [FLSDeviceControlPanel] C:\WINDOWS\system32\FLSDEVCP.EXE ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKU\.DEFAULT..\Run: [Samsung.PCSync] C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe (Nokia)
O4 - HKU\S-1-5-18..\Run: [Samsung.PCSync] C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe (Nokia)
O4 - HKU\S-1-5-21-299502267-115176313-682003330-1003..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-299502267-115176313-682003330-1003..\Run: [MCShield Monitor] C:\Program Files\MCShield\MCShieldRTM.exe (MyCity)
O4 - HKU\S-1-5-21-299502267-115176313-682003330-1003..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-299502267-115176313-682003330-1003..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-299502267-115176313-682003330-1003..\Run: [Tok-Cirrhatus]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-299502267-115176313-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-299502267-115176313-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\S-1-5-21-299502267-115176313-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.231.242.2 193.226.60.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CB882B8-1AF2-44E8-AB43-6B51E07EDA86}: DhcpNameServer = 193.231.242.2 193.226.60.2
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\klogon: DllName - (C:\windows\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{076eb344-92ef-11e3-b171-0298f9328801}\Shell - "" = AutoRun
O33 - MountPoints2\{076eb344-92ef-11e3-b171-0298f9328801}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{076eb344-92ef-11e3-b171-0298f9328801}\Shell\AutoRun\command - "" = F:\LGAutoRun.exe
O33 - MountPoints2\{076eb356-92ef-11e3-b171-0298f9328801}\Shell - "" = AutoRun
O33 - MountPoints2\{076eb356-92ef-11e3-b171-0298f9328801}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{076eb356-92ef-11e3-b171-0298f9328801}\Shell\AutoRun\command - "" = F:\LGAutoRun.exe
O33 - MountPoints2\{156b969f-0be8-11e3-b072-0208fd748701}\Shell - "" = AutoRun
O33 - MountPoints2\{156b969f-0be8-11e3-b072-0208fd748701}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{156b969f-0be8-11e3-b072-0208fd748701}\Shell\AutoRun\command - "" = F:\XTC-Clip_PLUS.exe
O33 - MountPoints2\{1e86c291-5b50-11e3-b109-02a81c228801}\Shell - "" = AutoRun
O33 - MountPoints2\{1e86c291-5b50-11e3-b109-02a81c228801}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1e86c291-5b50-11e3-b109-02a81c228801}\Shell\AutoRun\command - "" = F:\NokiaPCIA_Autorun.exe
O33 - MountPoints2\{36f85459-d67b-11e3-b1e1-02d885a28801}\Shell - "" = AutoRun
O33 - MountPoints2\{36f85459-d67b-11e3-b1e1-02d885a28801}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{36f85459-d67b-11e3-b1e1-02d885a28801}\Shell\AutoRun\command - "" = F:\LG_PC_Programs.exe
O33 - MountPoints2\{531d4e92-b0a2-11e2-afe5-002354cb06b4}\Shell - "" = AutoRun
O33 - MountPoints2\{531d4e92-b0a2-11e2-afe5-002354cb06b4}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{531d4e92-b0a2-11e2-afe5-002354cb06b4}\Shell\AutoRun\command - "" = F:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
O33 - MountPoints2\{78a79f28-c39c-11e3-b1c9-0230ae878801}\Shell - "" = AutoRun
O33 - MountPoints2\{78a79f28-c39c-11e3-b1c9-0230ae878801}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{78a79f28-c39c-11e3-b1c9-0230ae878801}\Shell\AutoRun\command - "" = F:\LGAutoRun.exe
O33 - MountPoints2\{ca2c0f60-e237-11e2-b02d-02c8e0508701}\Shell - "" = AutoRun
O33 - MountPoints2\{ca2c0f60-e237-11e2-b02d-02c8e0508701}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ca2c0f60-e237-11e2-b02d-02c8e0508701}\Shell\AutoRun\command - "" = F:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A01B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
O33 - MountPoints2\{cf93d1f7-0e44-11e4-b248-02a05d5b8901}\Shell - "" = AutoRun
O33 - MountPoints2\{cf93d1f7-0e44-11e4-b248-02a05d5b8901}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cf93d1f7-0e44-11e4-b248-02a05d5b8901}\Shell\AutoRun\command - "" = G:\LG_PC_Programs.exe
O33 - MountPoints2\{d6adc743-6234-11e3-b123-0258c31f8801}\Shell - "" = AutoRun
O33 - MountPoints2\{d6adc743-6234-11e3-b123-0258c31f8801}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d6adc743-6234-11e3-b123-0258c31f8801}\Shell\AutoRun\command - "" = F:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{d8d1f7f7-b8ab-11e2-aff0-002354cb06b4}\Shell - "" = AutoRun
O33 - MountPoints2\{d8d1f7f7-b8ab-11e2-aff0-002354cb06b4}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d8d1f7f7-b8ab-11e2-aff0-002354cb06b4}\Shell\AutoRun\command - "" = F:\VTP_Manager.exe
O33 - MountPoints2\{d8d1f7f8-b8ab-11e2-aff0-002354cb06b4}\Shell - "" = AutoRun
O33 - MountPoints2\{d8d1f7f8-b8ab-11e2-aff0-002354cb06b4}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d8d1f7f8-b8ab-11e2-aff0-002354cb06b4}\Shell\AutoRun\command - "" = F:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/08/06 13:07:12 | 001,084,928 | ---- | C] (Farbar) -- C:\Documents and Settings\Radu Mamii\Desktop\FRST (1).exe
[2014/08/05 09:43:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Kaspersky PURE 3.0
[2014/08/05 09:41:55 | 000,039,736 | ---- | C] (Infowatch) -- C:\windows\System32\drivers\CSVirtualDiskDrv.sys
[2014/08/05 09:41:54 | 000,088,632 | ---- | C] (Infowatch) -- C:\windows\System32\drivers\CSCrySec.sys
[2014/08/05 09:40:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InfoWatch
[2014/08/05 09:40:53 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2014/08/05 09:40:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
[2014/08/05 09:40:04 | 000,595,008 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\System32\drivers\klif.sys
[2014/08/05 09:40:04 | 000,074,336 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\System32\drivers\klflt.sys
[2014/08/05 09:31:23 | 189,644,040 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Radu Mamii\Desktop\pure13.0.2.558EN_4486.exe
[2014/08/05 09:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Bron.tok-16-5
[2014/08/04 21:55:00 | 000,000,000 | ---D | C] -- C:\FRST
[2014/08/04 21:54:26 | 001,084,928 | ---- | C] (Farbar) -- C:\Documents and Settings\Radu Mamii\Desktop\FRST.exe
[2014/08/04 21:18:31 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2014/08/04 21:18:28 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2014/08/04 21:17:43 | 005,567,674 | ---- | C] (Swearware) -- C:\Documents and Settings\Radu Mamii\Desktop\ComboFix.exe
[2014/08/04 21:10:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\MCShield
[2014/08/04 21:10:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MCShield
[2014/08/04 21:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\MCShield
[2014/08/04 21:10:36 | 002,856,736 | ---- | C] (MyCity) -- C:\Documents and Settings\Radu Mamii\Desktop\MCShield-Setup.exe
[2014/08/04 09:50:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Radu Mamii\Desktop\OTL.exe
[2014/08/01 14:54:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\Desktop\i747 root
[2014/07/29 10:55:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\Desktop\N8-00
[2014/07/26 10:33:47 | 000,000,000 | ---D | C] -- C:\usb_driver
[2014/07/25 09:38:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Bron.tok-16-25
[2014/07/24 11:03:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Bron.tok-16-24
[2014/07/24 09:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Bron.tok-16-24
[2014/07/23 11:03:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Bron.tok-16-23
[2014/07/23 09:12:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Bron.tok-16-23
[2014/07/22 17:08:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Bron.tok-16-22
[2014/07/22 09:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Bron.tok-16-22
[2014/07/21 11:03:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Bron.tok-16-21
[2014/07/21 09:37:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Bron.tok-16-21
[2014/07/19 11:03:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Bron.tok-16-19
[2014/07/19 09:56:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Bron.tok-16-19
[2014/07/18 09:29:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Bron.tok-16-18
[2014/07/17 11:03:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Bron.tok-16-17
[2014/07/17 09:35:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Bron.tok-16-17
[2014/07/16 09:23:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Bron.tok-16-16
[2014/07/15 09:27:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Bron.tok-16-15
[2014/07/14 17:08:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\PowerISO
[2014/07/14 17:08:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Bron.tok-16-14
[2014/07/14 09:50:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\My Documents\BLACKBERRY-3B51
[2014/07/14 09:35:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Bron.tok-16-14
[2014/07/12 09:59:00 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2014/07/12 09:56:02 | 004,181,856 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Radu Mamii\Desktop\tdsskiller.exe
[2014/07/12 09:40:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\Application Data\PowerISO
[2014/07/12 09:39:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PowerISO
[2014/07/12 09:39:30 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2014/07/12 09:38:37 | 002,876,504 | ---- | C] (Power Software Ltd) -- C:\Documents and Settings\Radu Mamii\Desktop\PowerISO6.exe
[2014/07/12 09:35:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Bron.tok-16-12
[2014/07/11 17:38:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\Desktop\i9000
[2014/07/11 11:03:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Bron.tok-16-11
[2014/07/11 09:54:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Bron.tok-16-11
[2014/07/10 19:27:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Bron.tok-16-10
[2014/07/10 13:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radu Mamii\My Documents\lili
[2014/07/09 10:21:20 | 000,000,000 | ---D | C] -- C:\Avenger
[2014/07/09 10:03:54 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\MBAMSwissArmy.sys
[2014/07/09 10:03:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/09 10:03:45 | 000,053,208 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamchameleon.sys
[2014/07/09 10:03:45 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2014/07/09 10:03:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/07/09 10:03:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2014/07/09 10:00:06 | 017,292,760 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Radu Mamii\Desktop\mbam-setup-2.0.2.1012.exe
[3 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/08/06 13:50:44 | 005,567,674 | ---- | M] (Swearware) -- C:\Documents and Settings\Radu Mamii\Desktop\ComboFix.exe
[2014/08/06 13:37:00 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/06 13:32:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/08/06 13:07:16 | 001,084,928 | ---- | M] (Farbar) -- C:\Documents and Settings\Radu Mamii\Desktop\FRST (1).exe
[2014/08/06 10:51:41 | 000,013,646 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2014/08/06 10:51:23 | 000,000,890 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/06 10:51:23 | 000,000,232 | ---- | M] () -- C:\windows\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/08/06 10:51:19 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2014/08/06 10:38:38 | 000,065,315 | ---- | M] () -- C:\Documents and Settings\Radu Mamii\My Documents\pure scan.rar
[2014/08/05 18:21:16 | 000,496,146 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2014/08/05 18:21:16 | 000,085,338 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2014/08/05 10:29:31 | 000,595,008 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\System32\drivers\klif.sys
[2014/08/05 10:29:31 | 000,135,776 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\System32\drivers\kl1.sys
[2014/08/05 10:29:31 | 000,074,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\System32\drivers\klflt.sys
[2014/08/05 09:45:33 | 000,012,314 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2014/08/05 09:45:06 | 000,001,900 | ---- | M] () -- C:\Documents and Settings\Radu Mamii\Desktop\Safe Money.lnk
[2014/08/05 09:43:02 | 000,000,858 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Kaspersky PURE 3.0.lnk
[2014/08/05 09:36:16 | 000,012,393 | ---- | M] () -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Update.16.Bron.Tok.bin
[2014/08/05 09:35:43 | 000,012,393 | ---- | M] () -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Bron.tok.A16.em.bin
[2014/08/05 09:33:59 | 189,644,040 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Radu Mamii\Desktop\pure13.0.2.558EN_4486.exe
[2014/08/04 21:54:27 | 001,084,928 | ---- | M] (Farbar) -- C:\Documents and Settings\Radu Mamii\Desktop\FRST.exe
[2014/08/04 21:10:38 | 002,856,736 | ---- | M] (MyCity) -- C:\Documents and Settings\Radu Mamii\Desktop\MCShield-Setup.exe
[2014/08/04 09:50:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Radu Mamii\Desktop\OTL.exe
[2014/08/01 09:32:54 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\MBAMSwissArmy.sys
[2014/07/30 17:38:16 | 000,000,284 | ---- | M] () -- C:\windows\tasks\AppleSoftwareUpdate.job
[2014/07/18 14:42:45 | 000,001,856 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/07/18 10:30:06 | 000,000,865 | ---- | M] () -- C:\Documents and Settings\Radu Mamii\Desktop\Octoplus LG Tool.lnk
[2014/07/14 09:49:38 | 000,016,695 | ---- | M] () -- C:\ads_err.adt
[2014/07/14 09:49:38 | 000,003,072 | ---- | M] () -- C:\ads_err.adi
[2014/07/12 09:56:51 | 004,181,856 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Radu Mamii\Desktop\tdsskiller.exe
[2014/07/12 09:39:43 | 000,000,743 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk
[2014/07/12 09:39:08 | 002,876,504 | ---- | M] (Power Software Ltd) -- C:\Documents and Settings\Radu Mamii\Desktop\PowerISO6.exe
[2014/07/12 09:38:12 | 000,016,853 | ---- | M] () -- C:\Documents and Settings\Radu Mamii\Desktop\Windows 7 Ultimate with SP1 X64 Genuine Untouched ISO Including Windows7 USB DVD Tool and Loader (1).torrent
[2014/07/12 09:37:40 | 000,016,853 | ---- | M] () -- C:\Documents and Settings\Radu Mamii\Desktop\Windows 7 Ultimate with SP1 X64 Genuine Untouched ISO Including Windows7 USB DVD Tool and Loader.torrent
[2014/07/11 10:57:22 | 000,001,485 | ---- | M] () -- C:\Documents and Settings\Radu Mamii\Desktop\InfinityBox BEST.lnk
[2014/07/11 10:36:37 | 000,000,805 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Activator.lnk
[2014/07/11 10:36:37 | 000,000,671 | ---- | M] () -- C:\Documents and Settings\Radu Mamii\Application Data\Microsoft\Internet Explorer\Quick Launch\SPT.lnk
[2014/07/11 10:36:37 | 000,000,653 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SPT.lnk
[2014/07/11 10:21:29 | 000,000,919 | ---- | M] () -- C:\Documents and Settings\Radu Mamii\Application Data\Microsoft\Internet Explorer\Quick Launch\Octoplus Suite.lnk
[2014/07/11 10:21:28 | 000,000,901 | ---- | M] () -- C:\Documents and Settings\Radu Mamii\Desktop\Octoplus Suite.lnk
[2014/07/11 10:20:38 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\Radu Mamii\Desktop\Octoplus Samsung Tool.lnk
[2014/07/09 11:32:05 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2014/07/09 11:32:05 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2014/07/09 10:03:48 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/09 10:00:45 | 017,292,760 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Radu Mamii\Desktop\mbam-setup-2.0.2.1012.exe
[2014/07/08 15:14:38 | 000,000,226 | ---- | M] () -- C:\windows\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/07/08 10:17:52 | 006,726,888 | ---- | M] () -- C:\Documents and Settings\Radu Mamii\Desktop\Nikkfurie de La Caution-The A La Menthe (OST Ocean's 11).mp3
[3 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/08/06 10:38:38 | 000,065,315 | ---- | C] () -- C:\Documents and Settings\Radu Mamii\My Documents\pure scan.rar
[2014/08/05 09:45:06 | 000,001,900 | ---- | C] () -- C:\Documents and Settings\Radu Mamii\Desktop\Safe Money.lnk
[2014/08/05 09:43:25 | 000,000,858 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Kaspersky PURE 3.0.lnk
[2014/08/05 09:36:16 | 000,012,393 | ---- | C] () -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Update.16.Bron.Tok.bin
[2014/08/05 09:35:43 | 000,012,393 | ---- | C] () -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Bron.tok.A16.em.bin
[2014/07/12 09:39:43 | 000,000,743 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PowerISO.lnk
[2014/07/12 09:38:12 | 000,016,853 | ---- | C] () -- C:\Documents and Settings\Radu Mamii\Desktop\Windows 7 Ultimate with SP1 X64 Genuine Untouched ISO Including Windows7 USB DVD Tool and Loader (1).torrent
[2014/07/12 09:37:39 | 000,016,853 | ---- | C] () -- C:\Documents and Settings\Radu Mamii\Desktop\Windows 7 Ultimate with SP1 X64 Genuine Untouched ISO Including Windows7 USB DVD Tool and Loader.torrent
[2014/07/09 10:03:48 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/08 10:17:51 | 006,726,888 | ---- | C] () -- C:\Documents and Settings\Radu Mamii\Desktop\Nikkfurie de La Caution-The A La Menthe (OST Ocean's 11).mp3
[2014/05/06 17:16:57 | 000,004,430 | ---- | C] () -- C:\windows\System32\flsinst.ini
[2014/05/06 17:16:56 | 000,107,816 | ---- | C] () -- C:\windows\System32\FLSDEVCP.EXE
[2014/05/06 17:16:50 | 001,994,752 | ---- | C] () -- C:\windows\System32\FLSINST.DLL
[2014/04/26 09:32:51 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Radu Mamii\Application Data\winscp.rnd
[2013/11/01 16:28:40 | 000,000,064 | ---- | C] () -- C:\windows\FLS1.INI
[2013/10/23 19:53:31 | 002,150,744 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/10/10 13:07:49 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2013/09/25 14:55:01 | 000,000,010 | ---- | C] () -- C:\windows\WININIT.INI
[2013/09/17 14:36:38 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/07/01 13:20:29 | 000,584,584 | ---- | C] () -- C:\windows\adb.exe
[2013/05/29 12:48:50 | 000,031,557 | ---- | C] () -- C:\Documents and Settings\Radu Mamii\Application Data\Comma Separated Values (Windows).ADR
[2013/05/29 12:46:21 | 000,031,553 | ---- | C] () -- C:\Documents and Settings\Radu Mamii\Application Data\Comma Separated Values (DOS).ADR
[2013/05/21 16:11:50 | 000,159,200 | ---- | C] () -- C:\Documents and Settings\Radu Mamii\Application Data\CrashRpt1402.dll
[2013/04/17 12:20:19 | 000,041,344 | ---- | C] () -- C:\windows\System32\drivers\bcmvcp.sys
[2013/04/09 20:09:17 | 003,924,318 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-299502267-115176313-682003330-1003-0.dat
[2013/04/09 20:09:16 | 000,302,890 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013/04/06 10:09:28 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Radu Mamii\Application Data\$_hpcst$.hpc
[2013/04/04 12:35:49 | 000,021,888 | ---- | C] () -- C:\windows\System32\drivers\eps2kt1.sys
[2013/04/04 12:35:49 | 000,004,608 | ---- | C] () -- C:\windows\System32\R5CoInst.dll
[2013/04/03 21:36:52 | 000,003,072 | ---- | C] () -- C:\windows\System32\iacenc.dll
[2013/04/02 16:58:14 | 000,004,161 | ---- | C] () -- C:\windows\ODBCINST.INI
[2013/04/02 16:57:05 | 000,281,336 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2013/04/02 16:07:04 | 000,005,810 | ---- | C] () -- C:\windows\System32\drivers\ASACPI.sys
[2013/04/02 15:00:25 | 000,354,816 | ---- | C] () -- C:\windows\System32\psisdecd.dll
[2013/04/02 14:52:54 | 000,001,769 | ---- | C] () -- C:\windows\Language_trs.ini
[2013/04/02 14:52:18 | 000,073,728 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll
[2013/04/02 14:16:48 | 000,002,048 | --S- | C] () -- C:\windows\bootstat.dat
[2013/04/02 14:12:03 | 000,021,640 | ---- | C] () -- C:\windows\System32\emptyregdb.dat
[2013/02/07 11:33:33 | 000,015,048 | ---- | C] () -- C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\NetMailTmp.bin
[2013/02/07 11:33:33 | 000,015,048 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\NetMailTmp.bin
[2013/02/05 17:52:54 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2013/02/05 17:52:50 | 000,974,848 | ---- | C] () -- C:\windows\System32\cis-2.4.dll
[2013/02/05 17:52:50 | 000,081,920 | ---- | C] () -- C:\windows\System32\issacapi_bs-2.3.dll
[2013/02/05 17:52:50 | 000,065,536 | ---- | C] () -- C:\windows\System32\issacapi_pe-2.3.dll
[2013/02/05 17:52:50 | 000,057,344 | ---- | C] () -- C:\windows\System32\issacapi_se-2.3.dll
 
========== ZeroAccess Check ==========
 
[2013/04/02 14:58:57 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/08/21 15:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 15:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/08/21 15:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2014/06/04 11:42:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/09/17 14:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2013/06/24 10:27:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask
[2013/04/02 16:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2013/05/28 13:20:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/10/10 12:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HTC
[2013/12/02 16:06:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2014/08/06 10:51:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MCShield
[2013/10/10 12:40:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motorola
[2014/05/06 17:45:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2013/04/02 17:54:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2013/11/02 09:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2013/04/08 10:34:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2013/05/16 11:36:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2013/04/02 18:37:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2013/08/27 16:48:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SP_FT_Logs
[2013/05/22 19:30:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2013/05/28 13:21:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2013/08/19 13:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wondershare
[2013/05/28 13:20:57 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013/05/28 13:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software
[2014/07/14 17:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\PowerISO
[2013/04/02 16:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\Babylon
[2013/07/20 10:26:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\DiskAid
[2014/01/31 15:08:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\HTC
[2013/10/10 12:41:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\HTC Sync
[2013/10/24 09:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2014/02/05 15:56:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\mgyun
[2013/11/01 16:25:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\Nokia
[2013/05/13 13:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\Nokia Suite
[2013/10/10 13:12:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\Outlook
[2014/08/04 20:11:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\PC Suite
[2014/07/12 09:40:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\PowerISO
[2013/10/24 14:51:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\redsn0w
[2013/04/08 17:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\Research In Motion
[2013/12/11 13:50:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\Samsung
[2013/04/02 16:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\TeamViewer
[2013/05/28 13:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\TuneUp Software
[2014/07/12 10:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\uTorrent
[2013/04/10 20:18:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\Windows Search
[2014/05/28 14:45:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\XCPCSync.OEM
[2013/08/23 17:54:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\XTC-Clip
[2014/05/19 13:36:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\ZJMedia
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
========== Base Services ==========
SRV - [2008/08/21 15:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/08/21 15:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/08/21 15:00:00 | 000,409,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2012/07/06 16:58:51 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/08/21 15:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/08/21 15:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/20 20:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/06 14:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/08/21 15:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2009/07/28 02:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/08/21 15:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008/04/14 08:41:56 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2008/08/21 15:00:00 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/08/21 15:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/08/21 15:00:00 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/08/21 15:00:00 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\windows\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/08/21 15:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\System32\dllhost.exe -- (SwPrv)
SRV - [2008/08/21 15:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/08/21 15:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/06/20 19:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2009/02/06 14:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2010/08/17 16:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/08/21 15:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/08/21 15:00:00 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/08/21 15:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2009/02/09 15:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/08/21 15:00:00 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/08/21 15:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/08/21 15:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/08/21 15:00:00 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2010/08/27 08:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)
SRV - [2009/07/28 02:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/08/21 15:00:00 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/08/21 15:00:00 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/08/21 15:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/08/21 15:00:00 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/08/21 15:00:00 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2009/07/28 02:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/08/21 15:00:00 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/08/21 15:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/08/21 15:00:00 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/08/21 15:00:00 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/08/21 15:00:00 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\System32\msiexec.exe -- (MSIServer)
SRV - [2008/08/21 15:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2009/02/09 15:10:48 | 000,617,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2008/08/21 15:00:00 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/08/21 15:00:00 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2009/06/10 09:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
 
< %SYSTEMDRIVE%\*.exe >
 
< c:\program files (x86)\Google\Desktop >
[2013/04/02 14:13:19 | 000,000,065 | RH-- | C] () -- C:\windows\Tasks\desktop.ini
[2013/04/02 14:36:28 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2013/04/02 15:39:10 | 000,000,890 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/04/02 15:39:10 | 000,000,894 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/04/02 16:14:01 | 000,000,830 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2014/03/15 16:45:16 | 000,000,284 | ---- | C] () -- C:\windows\Tasks\AppleSoftwareUpdate.job
[2014/03/20 10:26:56 | 000,000,226 | ---- | C] () -- C:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/03/20 10:26:57 | 000,000,232 | ---- | C] () -- C:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job
 
< c:\program files\Google\Desktop >
 
< dir "%systemdrive%\*" /S /A:L /C >
 Volume in drive C has no label.
 Volume Serial Number is E4C0-7673
 Directory of C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices
02/13/2014  09:49 PM    <JUNCTION>     2.0.0.0__b03f5f7f11d50a3a
               0 File(s)              0 bytes
 Directory of C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote
02/13/2014  09:49 PM    <JUNCTION>     2.0.0.0__b03f5f7f11d50a3a
               0 File(s)              0 bytes
 Directory of C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices
02/13/2014  09:53 PM    <JUNCTION>     v4.0_4.0.0.0__b03f5f7f11d50a3a
               0 File(s)              0 bytes
 Directory of C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler
02/13/2014  09:38 PM    <JUNCTION>     v4.0_4.0.0.0__31bf3856ad364e35
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
               4 Dir(s)  146,566,565,888 bytes free
 
< MD5 for: RPCSS.DLL  >
[2008/08/21 15:00:00 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=2589FE6015A316C0F5D5112B4DA7B509 -- C:\WINDOWS\$NtUninstallKB956572$\rpcss.dll
[2009/02/09 15:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=6B27A5C03DFB94B4245739065431322C -- C:\WINDOWS\system32\dllcache\rpcss.dll
[2009/02/09 15:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=6B27A5C03DFB94B4245739065431322C -- C:\WINDOWS\system32\rpcss.dll
[2009/02/09 13:56:36 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=9222562D44021B988B9F9F62207FB6F2 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\rpcss.dll
 
< End of report >

  • 0

#29
Essexboy
Posted 06 August 2014 - 05:26 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Once this fix has run and the system rebooted a log will appear on the desktop. Could you post that

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    OTL_Fix.GIF
:Commands
[CREATERESTOREPOINT]

:OTL
IE - HKU\S-1-5-21-299502267-115176313-682003330-1003\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovi.com...rchTerms}&SSPV=
[2014/07/12 09:40:54 | 000,000,643 | ---- | M] () -- C:\Documents and Settings\Radu Mamii\Application Data\Mozilla\Firefox\Profiles\j7hu8h2q.default\searchplugins\trovi-search.xml
[2013/06/24 10:27:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask
[2013/04/02 16:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2013/05/22 19:30:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2013/04/02 16:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radu Mamii\Application Data\Babylon

:Files
C:\Documents and Settings\Radu Mamii\Local Settings\Application Data\Bron.*

:Commands
[resethosts]
[emptytemp]
[clearallrestorepoints] 
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN

Run the following programme on all three systems
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

  • 0

#30
Andreib18
Posted 06 August 2014 - 05:48 AM

Andreib18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts

Also on pc3 i run avast on boot up and find some bitcoin miners and other stuff ...


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP