Sporo pokretanje računara prilikom paljenja

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

1.
Ujutro npr. kada uključim kompjuter treba mu jedno 5-10min da učita sve što je potrebno, skype, viber, antivirus i to najosnovnije. Redovno proveravam antivirusom, jednom u nedelju dana odradim to, u msconfigu je uključeno samo ono najosnovnije da se pokreće pri uključivanju računara. Sistem je stavljen pre možda jedno godinu-godinu ipo dana, i ponovo bih ga ja instalirao ali imam photoshop i te ostale programe za koje bi mi posle trebalo 5 dana da ih ponovo instaliram, registrujem i to sve što treba da se uradi posle instalacije novog sistema.
Ovo sporo pokretanje sistema mi se dešava već jedno 4-5 meseci, a pre se pokretao do momenta kada je moguće da upalim internet pregledač možda 1-1.5 minuta a sada mu treba bar 5-7 minuta da bih mogao da pritisnem na chrome ikonicu. Imam možda jednom u 2 nedelje plavi ekran i gašenje kompjutera ali to smatram normalnom pojavom.

2.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014
Ran by AvD.AtArB (administrator) on AVDATARB-PC on 03-08-2014 17:41:24
Running from C:\Users\AvD.AtArB\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: [Link mogu videti samo ulogovani korisnici]
Download link for 64-Bit Version: [Link mogu videti samo ulogovani korisnici]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Link mogu videti samo ulogovani korisnici]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Sony DADC Austria AG.) C:\Windows\SysWOW64\UAService7.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\AvD.AtArB\AppData\Local\Viber\Viber.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-07-04] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-22] (Adobe Systems Incorporated)
HKU\S-1-5-21-1675243283-1723671596-2523844302-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1675243283-1723671596-2523844302-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-1675243283-1723671596-2523844302-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe
HKU\S-1-5-21-1675243283-1723671596-2523844302-1000\...\Run: [Viber] => C:\Users\AvD.AtArB\AppData\Local\Viber\Viber.exe [936656 2014-06-10] ()
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AvD.AtArB\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AvD.AtArB\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AvD.AtArB\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AvD.AtArB\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AvD.AtArB\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AvD.AtArB\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AvD.AtArB\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AvD.AtArB\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3331AA623849CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-zw
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&babsrc=SP_ss&mntrId=3C0F8C89A55561E5&affID=128403&tsp=5264
SearchScopes: HKCU - {8FD0F4AD-ED6D-4831-871C-7749284FE41D} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: DefaultTab Browser Helper -> {7F6AFBF1-E065-4627-A2FD-810366367D01} -> C:\Users\AvD.AtArB\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} [Link mogu videti samo ulogovani korisnici]
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 208.67.222.222

FireFox:
========
FF ProfilePath: C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\AvD.AtArB\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\user.js
FF SearchPlugin: C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\searchplugins\buenosearch.xml
FF Extension: Torntv V9.0 - C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com [2014-06-28]
FF Extension: YoutubeAdblocker - C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\tpwd9zm0@pa.org [2013-11-22]
FF Extension: anonymoX - C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\client@anonymox.net.xpi [2014-01-23]
FF Extension: Exif Viewer - C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\exif_viewer@mozilla.doslash.org.xpi [2012-12-15]
FF Extension: Adblock Plus - C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-31]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-05-12]

Chrome:
=======
CHR HomePage: [Link mogu videti samo ulogovani korisnici]
CHR StartupUrls: "", "https://www.google.rs/"
CHR Extension: (Google диск) - C:\Users\AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-16]
CHR Extension: (YouTube) - C:\Users\AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-12]
CHR Extension: (Adblock Plus) - C:\Users\AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-11]
CHR Extension: (Google претрага) - C:\Users\AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-12]
CHR Extension: (Image Histogram) - C:\Users\AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgefpfienchbbehcjnmbmogdigoedhaj [2014-08-03]
CHR Extension: (EXIF Viewer) - C:\Users\AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbhfeiddhndihdjeganjggkmjapkffm [2014-03-11]
CHR Extension: (EXIF Viewer) - C:\Users\AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafpfdcmppffipmhcpkbplhkoiekndck [2014-07-23]
CHR Extension: (EXIF Reader) - C:\Users\AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchnjcdahncnilbicljpnbfobpnljnki [2014-07-23]
CHR Extension: (Google новчаник) - C:\Users\AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR Extension: (Exponator) - C:\Users\AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdclakkbcpndnjlnajapdlbdncpijdg [2013-11-24]
CHR Extension: (Gmail) - C:\Users\AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-12]
CHR HKCU\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\AvD.AtArB\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx [2012-09-09]
CHR HKCU\...\Chrome\Extension: [kheelobnibmchifldedamogdmhemfjio] - C:\Users\AvD.AtArB\AppData\Local\CRE\kheelobnibmchifldedamogdmhemfjio.crx [2013-06-26]
CHR HKLM-x32\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\AvD.AtArB\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx [2012-09-09]
CHR HKLM-x32\...\Chrome\Extension: [kheelobnibmchifldedamogdmhemfjio] - C:\Users\AvD.AtArB\AppData\Local\CRE\kheelobnibmchifldedamogdmhemfjio.crx [2013-06-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-15] (AVAST Software)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2012-10-30] (Nitro PDF Software)
R2 UserAccess7; C:\Windows\SysWOW64\UAService7.exe [135168 2013-06-06] (Sony DADC Austria AG.) [File not signed]
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-15] ()
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [75888 2010-12-28] (Atheros Communications, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-06-10] () [File not signed]
R3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R1 {2635ac50-5488-40bf-9bfd-accb158f8f3f}w64; C:\Windows\System32\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys [61120 2014-05-27] (StdLib)
U3 ay0ikzrx; C:\Windows\System32\Drivers\ay0ikzrx.sys [0 ] (Microsoft Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-03 17:41 - 2014-08-03 17:41 - 00020467 _____ () C:\Users\AvD.AtArB\Desktop\FRST.txt
2014-08-03 17:41 - 2014-08-03 17:41 - 00000000 ____D () C:\FRST
2014-08-03 17:40 - 2014-08-03 17:40 - 02094080 _____ (Farbar) C:\Users\AvD.AtArB\Desktop\FRST64.exe
2014-08-02 16:56 - 2014-08-02 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2014-08-02 16:56 - 2014-08-02 16:56 - 00000000 ____D () C:\Program Files (x86)\HD Tune
2014-08-02 15:30 - 2014-08-02 15:45 - 00000000 ____D () C:\Users\AvD.AtArB\Documents\DxO FilmPack 3
2014-08-02 15:29 - 2014-08-02 15:29 - 00002059 _____ () C:\Users\Public\Desktop\DxO FilmPack 3.lnk
2014-08-02 15:29 - 2014-08-02 15:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO FilmPack 3
2014-08-02 15:29 - 2014-08-02 15:29 - 00000000 ____D () C:\ProgramData\DxO Labs
2014-08-02 15:29 - 2014-08-02 15:29 - 00000000 ____D () C:\Program Files\DxO Labs
2014-08-02 13:46 - 2014-08-02 13:46 - 00001610 _____ () C:\Users\AvD.AtArB\Desktop\Photoshop.exe - Shortcut.lnk
2014-08-01 19:07 - 2014-08-01 19:26 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\Nikon 70-300 d ed
2014-07-29 17:35 - 2014-07-29 17:35 - 00001030 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CC (64bit).lnk
2014-07-29 17:25 - 2014-07-29 17:25 - 00000000 ___RD () C:\Users\AvD.AtArB\Creative Cloud Files
2014-07-29 17:24 - 2014-07-29 17:24 - 00001313 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-07-28 18:50 - 2014-07-28 19:03 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\Mile i Vida
2014-07-28 08:46 - 2014-07-28 17:39 - 00000145 _____ () C:\Users\AvD.AtArB\Desktop\New Text Document.txt
2014-07-27 18:56 - 2014-08-02 15:46 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\New folder (11)
2014-07-27 13:37 - 2014-07-27 13:37 - 00000000 __SHD () C:\Users\AvD.AtArB\AppData\Local\EmieUserList
2014-07-27 13:37 - 2014-07-27 13:37 - 00000000 __SHD () C:\Users\AvD.AtArB\AppData\Local\EmieSiteList
2014-07-27 11:13 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-07-27 11:13 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-07-27 11:13 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-07-27 11:13 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-07-27 11:03 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-07-27 11:00 - 2014-07-27 11:00 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-27 11:00 - 2014-07-27 11:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-27 11:00 - 2014-07-27 11:00 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-27 11:00 - 2014-07-27 11:00 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-27 11:00 - 2014-07-27 11:00 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-07-27 11:00 - 2014-07-27 11:00 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-07-27 11:00 - 2014-07-27 11:00 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-07-27 11:00 - 2014-07-27 11:00 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-07-27 11:00 - 2014-07-27 11:00 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-07-27 11:00 - 2014-07-27 11:00 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-07-27 11:00 - 2014-07-27 11:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-27 10:57 - 2014-07-27 11:03 - 00007509 _____ () C:\Windows\IE11_main.log
2014-07-27 10:26 - 2014-06-05 15:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-27 10:26 - 2014-06-05 15:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-27 10:26 - 2014-06-05 15:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-27 10:26 - 2014-04-12 03:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-07-27 10:26 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-07-27 10:26 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-07-27 10:26 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-07-27 10:26 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-07-27 10:26 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-07-27 10:26 - 2014-03-04 10:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-27 10:26 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-07-27 10:26 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-07-27 10:26 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-07-27 10:26 - 2014-03-04 10:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-07-27 10:26 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-07-27 10:26 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-07-27 10:26 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-07-27 10:26 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-07-27 10:26 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-07-27 10:26 - 2014-03-04 10:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-07-27 10:26 - 2014-03-04 10:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-07-27 10:26 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-07-27 10:26 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-07-27 10:26 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-07-27 10:26 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-07-27 10:26 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-07-27 10:26 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-07-27 10:26 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-07-27 10:26 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-07-27 10:26 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-07-27 10:26 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-07-27 10:26 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-07-27 10:26 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-07-27 10:26 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-07-27 10:26 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-07-27 10:26 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-07-27 10:25 - 2014-05-08 10:32 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-07-27 10:25 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-07-27 10:25 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-07-27 10:24 - 2014-06-18 02:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-27 10:24 - 2014-05-30 09:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-27 10:24 - 2014-05-30 09:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-27 10:24 - 2014-05-30 09:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-27 10:24 - 2014-05-30 09:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-27 10:24 - 2014-05-30 09:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-27 10:24 - 2014-05-30 09:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-27 10:24 - 2014-05-30 09:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-27 10:24 - 2014-05-30 08:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-27 10:24 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-27 10:24 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-27 10:24 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-27 10:24 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-27 10:24 - 2014-05-30 08:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-27 10:24 - 2014-05-30 08:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-27 10:24 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-07-27 10:24 - 2014-03-26 15:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-07-27 10:24 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-07-27 10:24 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-07-27 10:24 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-07-27 10:24 - 2014-03-26 15:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-07-27 10:24 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-07-27 10:24 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-07-27 10:24 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-07-27 10:24 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-07-27 10:24 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-07-27 10:24 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-07-27 10:24 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-07-27 10:24 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-07-27 10:24 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-07-27 10:24 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-07-27 10:24 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-07-27 10:24 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-07-27 10:24 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-07-27 10:24 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-07-27 10:24 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-07-27 10:24 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-07-27 10:24 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-07-27 10:24 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-07-27 10:24 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-07-27 10:24 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-07-27 10:24 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-07-27 10:24 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-07-27 10:24 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-07-27 10:24 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-07-27 10:24 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-07-27 10:24 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-07-27 10:24 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-07-27 10:24 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-07-27 10:24 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-07-27 10:23 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-27 10:23 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-27 10:23 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-27 10:23 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-27 10:23 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-27 10:23 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-07-27 10:23 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-07-27 10:23 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-07-27 10:23 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-07-27 10:23 - 2014-03-25 03:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-07-27 10:23 - 2014-03-25 03:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-07-27 10:23 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-07-27 10:23 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-07-27 10:23 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-07-27 10:23 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-07-27 10:23 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-07-27 10:23 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-07-27 10:23 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-07-27 10:23 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-07-27 10:23 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-07-27 10:23 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-07-27 10:23 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-07-27 10:23 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-07-27 10:23 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-07-27 10:23 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-07-27 10:23 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-07-27 10:23 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-07-27 10:23 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-07-27 10:23 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-07-27 10:23 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-07-27 10:23 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-07-27 10:23 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-07-27 10:23 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-07-27 10:23 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-07-27 10:23 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-07-27 10:23 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-07-27 10:23 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-07-27 10:23 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-07-27 10:23 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-07-27 10:22 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-07-27 10:22 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-07-27 10:22 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-07-27 10:22 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-07-27 10:22 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-07-27 10:22 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-07-27 10:22 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-07-27 10:22 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-07-27 10:22 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-07-27 10:22 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-07-27 10:22 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-07-27 10:15 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-07-27 10:14 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-07-27 10:14 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-07-27 10:14 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-07-27 10:14 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-07-27 10:14 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-07-27 10:14 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-07-27 10:14 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-07-27 10:14 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-07-27 10:14 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-07-27 10:14 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-07-27 10:12 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-07-27 10:12 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-07-27 10:05 - 2014-07-27 10:05 - 00000000 ____D () C:\Users\AvD.AtArB\AppData\Local\NVIDIA
2014-07-27 10:01 - 2014-03-04 12:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-07-27 09:59 - 2014-07-27 10:01 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-07-26 06:26 - 2014-08-03 17:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-26 06:26 - 2014-07-26 07:22 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-21 18:17 - 2014-07-26 17:59 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\New folder (6)
2014-07-21 06:06 - 2014-07-21 06:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-21 06:06 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-21 06:06 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-21 06:06 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-21 06:06 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-21 06:05 - 2014-07-21 06:06 - 00004114 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-20 00:09 - 2014-07-20 00:09 - 425793396 _____ () C:\Windows\MEMORY.DMP
2014-07-20 00:09 - 2014-07-20 00:09 - 00649072 _____ () C:\Windows\Minidump\072014-24913-01.dmp
2014-07-19 14:30 - 2014-08-02 15:42 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\New folder (3)
2014-07-17 13:52 - 2014-07-17 13:52 - 00493304 _____ () C:\Windows\Minidump\071714-21044-01.dmp
2014-07-15 20:21 - 2014-07-15 20:27 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\New folder (15)
2014-07-14 22:42 - 2014-07-17 15:04 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\6d ML
2014-07-13 17:21 - 2014-07-13 17:25 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\Slike
2014-07-12 17:20 - 2014-07-12 17:21 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\New folder (29)
2014-07-11 22:03 - 2014-07-11 22:03 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\New folder (25)
2014-07-09 21:43 - 2014-07-09 21:43 - 00677808 _____ () C:\Windows\Minidump\070914-33945-01.dmp
2014-07-08 20:42 - 2014-07-08 20:42 - 17262972 _____ () C:\Users\AvD.AtArB\Desktop\MOV04095.MPG
2014-07-07 20:36 - 2014-07-07 20:39 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\New folder (16)
2014-07-06 21:22 - 2014-07-06 21:32 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\Canon 5d ISO Test
2014-07-05 14:37 - 2014-07-05 14:55 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\New folder (28)
2014-07-05 08:33 - 2014-07-05 08:33 - 00000000 ____H () C:\Users\AvD.AtArB\AppData\Local\BIT815F.tmp
2014-07-05 08:33 - 2014-07-05 08:33 - 00000000 _____ () C:\Users\AvD.AtArB\AppData\Local\{4D3236BE-6266-4108-B8A0-F754DB2F7C16}
2014-07-05 08:20 - 2014-07-05 08:20 - 00000000 ____H () C:\Users\AvD.AtArB\AppData\Local\BIT959A.tmp
2014-07-05 08:20 - 2014-07-05 08:20 - 00000000 _____ () C:\Users\AvD.AtArB\AppData\Local\{617F17EA-DFAD-4663-B245-4515C673F1A2}
2014-07-05 08:17 - 2014-07-05 08:17 - 00000000 ____H () C:\Users\AvD.AtArB\AppData\Local\BIT6DBF.tmp
2014-07-05 08:17 - 2014-07-05 08:17 - 00000000 _____ () C:\Users\AvD.AtArB\AppData\Local\{24C334F6-6CB4-44DA-B97F-BF774B638C2A}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-03 17:41 - 2014-08-03 17:41 - 00020467 _____ () C:\Users\AvD.AtArB\Desktop\FRST.txt
2014-08-03 17:41 - 2014-08-03 17:41 - 00000000 ____D () C:\FRST
2014-08-03 17:40 - 2014-08-03 17:40 - 02094080 _____ (Farbar) C:\Users\AvD.AtArB\Desktop\FRST64.exe
2014-08-03 17:36 - 2013-06-29 21:59 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-03 17:22 - 2014-07-26 06:26 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-03 17:20 - 2012-05-12 13:19 - 00000000 ____D () C:\Users\AvD.AtArB\AppData\Roaming\Skype
2014-08-03 13:36 - 2013-06-29 21:59 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-03 08:06 - 2012-05-12 20:46 - 01734579 _____ () C:\Windows\WindowsUpdate.log
2014-08-03 08:03 - 2012-05-13 20:01 - 00000000 ____D () C:\Users\AvD.AtArB\AppData\Local\Adobe
2014-08-03 08:02 - 2014-06-20 10:25 - 00000000 ____D () C:\Users\AvD.AtArB\AppData\Roaming\ViberPC
2014-08-03 08:02 - 2014-06-20 10:24 - 00000000 ____D () C:\Users\AvD.AtArB\AppData\Local\Viber
2014-08-03 08:01 - 2013-10-09 05:41 - 00036056 _____ () C:\Windows\setupact.log
2014-08-03 08:01 - 2012-05-12 13:11 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-03 08:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-02 16:58 - 2013-01-29 21:00 - 00000000 ___RD () C:\Users\AvD.AtArB\Desktop\PROGRAMI
2014-08-02 16:56 - 2014-08-02 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2014-08-02 16:56 - 2014-08-02 16:56 - 00000000 ____D () C:\Program Files (x86)\HD Tune
2014-08-02 15:46 - 2014-07-27 18:56 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\New folder (11)
2014-08-02 15:45 - 2014-08-02 15:30 - 00000000 ____D () C:\Users\AvD.AtArB\Documents\DxO FilmPack 3
2014-08-02 15:42 - 2014-07-19 14:30 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\New folder (3)
2014-08-02 15:29 - 2014-08-02 15:29 - 00002059 _____ () C:\Users\Public\Desktop\DxO FilmPack 3.lnk
2014-08-02 15:29 - 2014-08-02 15:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO FilmPack 3
2014-08-02 15:29 - 2014-08-02 15:29 - 00000000 ____D () C:\ProgramData\DxO Labs
2014-08-02 15:29 - 2014-08-02 15:29 - 00000000 ____D () C:\Program Files\DxO Labs
2014-08-02 15:26 - 2012-09-03 14:21 - 00000000 ____D () C:\Users\AvD.AtArB\AppData\Local\Downloaded Installations
2014-08-02 13:46 - 2014-08-02 13:46 - 00001610 _____ () C:\Users\AvD.AtArB\Desktop\Photoshop.exe - Shortcut.lnk
2014-08-02 12:14 - 2009-07-14 06:13 - 00786558 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-01 19:26 - 2014-08-01 19:07 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\Nikon 70-300 d ed
2014-07-29 21:16 - 2009-07-14 05:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-29 21:16 - 2009-07-14 05:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-29 17:43 - 2012-05-12 13:37 - 00000000 ____D () C:\Users\AvD.AtArB\AppData\Roaming\Adobe
2014-07-29 17:39 - 2012-12-09 21:42 - 00000000 ____D () C:\Program Files\Adobe
2014-07-29 17:35 - 2014-07-29 17:35 - 00001030 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CC (64bit).lnk
2014-07-29 17:35 - 2012-12-09 21:39 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-07-29 17:25 - 2014-07-29 17:25 - 00000000 ___RD () C:\Users\AvD.AtArB\Creative Cloud Files
2014-07-29 17:25 - 2012-05-12 12:53 - 00000000 ____D () C:\Users\AvD.AtArB
2014-07-29 17:24 - 2014-07-29 17:24 - 00001313 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-07-29 17:23 - 2012-05-13 20:00 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-28 19:03 - 2014-07-28 18:50 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\Mile i Vida
2014-07-28 17:39 - 2014-07-28 08:46 - 00000145 _____ () C:\Users\AvD.AtArB\Desktop\New Text Document.txt
2014-07-27 19:03 - 2014-05-30 23:23 - 00000000 ____D () C:\Users\AvD.AtArB\AppData\Roaming\NVIDIA
2014-07-27 18:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-07-27 13:37 - 2014-07-27 13:37 - 00000000 __SHD () C:\Users\AvD.AtArB\AppData\Local\EmieUserList
2014-07-27 13:37 - 2014-07-27 13:37 - 00000000 __SHD () C:\Users\AvD.AtArB\AppData\Local\EmieSiteList
2014-07-27 11:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-27 11:43 - 2012-05-12 12:55 - 00001417 _____ () C:\Users\AvD.AtArB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-27 11:43 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-07-27 11:43 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-07-27 11:42 - 2014-01-17 22:01 - 00000884 __RSH () C:\Users\AvD.AtArB\ntuser.pol
2014-07-27 11:41 - 2009-07-14 05:45 - 04983744 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-27 11:40 - 2013-10-09 05:49 - 00220912 _____ () C:\Windows\PFRO.log
2014-07-27 11:40 - 2012-09-16 12:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 11:40 - 2012-09-16 12:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 11:38 - 2010-11-21 08:16 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-27 11:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-27 11:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-27 11:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-27 11:13 - 2009-07-14 03:34 - 00000601 _____ () C:\Windows\win.ini
2014-07-27 11:08 - 2013-01-16 05:48 - 00778680 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-07-27 11:03 - 2014-07-27 10:57 - 00007509 _____ () C:\Windows\IE11_main.log
2014-07-27 11:00 - 2014-07-27 11:00 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-27 11:00 - 2014-07-27 11:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-27 11:00 - 2014-07-27 11:00 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-27 11:00 - 2014-07-27 11:00 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-27 11:00 - 2014-07-27 11:00 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-07-27 11:00 - 2014-07-27 11:00 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-07-27 11:00 - 2014-07-27 11:00 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-07-27 11:00 - 2014-07-27 11:00 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-07-27 11:00 - 2014-07-27 11:00 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-07-27 11:00 - 2014-07-27 11:00 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-07-27 11:00 - 2014-07-27 11:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-07-27 11:00 - 2014-07-27 11:00 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-27 11:00 - 2014-07-27 11:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-27 10:47 - 2013-11-02 17:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-27 10:32 - 2012-09-16 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-27 10:05 - 2014-07-27 10:05 - 00000000 ____D () C:\Users\AvD.AtArB\AppData\Local\NVIDIA
2014-07-27 10:01 - 2014-07-27 09:59 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-07-27 10:01 - 2014-05-30 22:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-27 10:01 - 2012-05-12 13:11 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-27 10:01 - 2011-07-16 08:01 - 00000000 ____D () C:\temp
2014-07-26 17:59 - 2014-07-21 18:17 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\New folder (6)
2014-07-26 07:22 - 2014-07-26 06:26 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-26 07:22 - 2012-05-12 13:37 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-26 07:22 - 2012-05-12 13:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-25 06:04 - 2014-06-15 19:24 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-21 06:06 - 2014-07-21 06:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-21 06:06 - 2014-07-21 06:05 - 00004114 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-21 06:06 - 2013-10-22 08:56 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-21 06:06 - 2012-12-20 17:07 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-20 08:24 - 2009-07-14 06:08 - 00032554 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-20 00:09 - 2014-07-20 00:09 - 425793396 _____ () C:\Windows\MEMORY.DMP
2014-07-20 00:09 - 2014-07-20 00:09 - 00649072 _____ () C:\Windows\Minidump\072014-24913-01.dmp
2014-07-20 00:09 - 2013-02-25 08:55 - 00000000 ____D () C:\Windows\Minidump
2014-07-17 15:04 - 2014-07-14 22:42 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\6d ML
2014-07-17 13:52 - 2014-07-17 13:52 - 00493304 _____ () C:\Windows\Minidump\071714-21044-01.dmp
2014-07-15 20:27 - 2014-07-15 20:21 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\New folder (15)
2014-07-13 17:25 - 2014-07-13 17:21 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\Slike
2014-07-12 17:21 - 2014-07-12 17:20 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\New folder (29)
2014-07-11 22:03 - 2014-07-11 22:03 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\New folder (25)
2014-07-11 03:02 - 2014-07-21 06:06 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-21 06:06 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-21 06:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-21 06:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-09 21:43 - 2014-07-09 21:43 - 00677808 _____ () C:\Windows\Minidump\070914-33945-01.dmp
2014-07-08 22:39 - 2013-08-14 21:44 - 00000000 ____D () C:\Users\AvD.AtArB\AppData\Roaming\Nitro PDF
2014-07-08 21:20 - 2013-06-25 08:19 - 00000000 ____D () C:\Program Files (x86)\www.eosmsg.com
2014-07-08 20:42 - 2014-07-08 20:42 - 17262972 _____ () C:\Users\AvD.AtArB\Desktop\MOV04095.MPG
2014-07-07 21:19 - 2014-07-02 15:55 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\5d prvo
2014-07-07 20:39 - 2014-07-07 20:36 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\New folder (16)
2014-07-07 11:02 - 2014-04-16 19:42 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\4
2014-07-07 10:57 - 2014-04-22 16:31 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\rođendan
2014-07-06 21:32 - 2014-07-06 21:22 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\Canon 5d ISO Test
2014-07-05 14:55 - 2014-07-05 14:37 - 00000000 ____D () C:\Users\AvD.AtArB\Desktop\New folder (28)
2014-07-05 08:33 - 2014-07-05 08:33 - 00000000 ____H () C:\Users\AvD.AtArB\AppData\Local\BIT815F.tmp
2014-07-05 08:33 - 2014-07-05 08:33 - 00000000 _____ () C:\Users\AvD.AtArB\AppData\Local\{4D3236BE-6266-4108-B8A0-F754DB2F7C16}
2014-07-05 08:20 - 2014-07-05 08:20 - 00000000 ____H () C:\Users\AvD.AtArB\AppData\Local\BIT959A.tmp
2014-07-05 08:20 - 2014-07-05 08:20 - 00000000 _____ () C:\Users\AvD.AtArB\AppData\Local\{617F17EA-DFAD-4663-B245-4515C673F1A2}
2014-07-05 08:17 - 2014-07-05 08:17 - 00000000 ____H () C:\Users\AvD.AtArB\AppData\Local\BIT6DBF.tmp
2014-07-05 08:17 - 2014-07-05 08:17 - 00000000 _____ () C:\Users\AvD.AtArB\AppData\Local\{24C334F6-6CB4-44DA-B97F-BF774B638C2A}

Some content of TEMP:
====================
C:\Users\AvD.AtArB\AppData\Local\Temp\CreativeCloudSet-Up.exe
C:\Users\AvD.AtArB\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprnwakc.dll
C:\Users\AvD.AtArB\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-28 06:46

==================== End Of Log ============================

[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav,


Pristupi Programs and Features preko Control Panel-a i deinstaliraj Software Version Updater. Po potrebi restartuj sistem po deinstalaciji ...



Potom, startuj MSConfig (Start > Run > ukucati 'mcsonfig' bez navodnika > Ok. U novom prozoru, Startup tab)

Imedju ostalog, sledece stavke su iskljucene i namestene da se ne podizu sa sistemom. Potrebno je sledece stavke ukljuciti da se ponovo ucitaju sa sistemom. Potom, restartovati sistem ...

MSCONFIG\Services: DefaultTabSearch => 2
MSCONFIG\Services: DefaultTabUpdate => 2
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe




A zatim preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop.

Raspakuj arhivu u neki folder (uputstvo), a zatim:

zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek na ikonicu programa ;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:

QuickScan;
EmptyFoldersCheck;
{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96};u
C:\Program Files\PCDApp;vs
C:\Users\AvD.AtArB\AppData\Local\{4D3236BE-6266-4108-B8A0-F754DB2F7C16};vs
C:\Users\AvD.AtArB\AppData\Local\{617F17EA-DFAD-4663-B245-4515C673F1A2};vs
C:\Users\AvD.AtArB\AppData\Local\{24C334F6-6CB4-44DA-B97F-BF774B638C2A};vs
EmptyCLSID;
IEDefaults;
{7F6AFBF1-E065-4627-A2FD-810366367D01};c
C:\Users\AvD.AtArB\AppData\Roaming\DefaultTab;fs
FFDefaults;
C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\searchplugins\buenosearch.xml;f
C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com;f
C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\tpwd9zm0@pa.org;f
CHRDefaults;
dknkjnkhedbanphkkpbpcgoblmkbfhlf;chr
kheelobnibmchifldedamogdmhemfjio;chr
ProtectMonitor;s
C:\Program Files\PCDApp\StartHelp.exe;f
C:\Users\AvD.AtArB\AppData\Local\*.tmp;f
C:\Users\AvD.AtArB\AppData\Roaming\DefaultTab;fs
C:\Program Files (x86)\Mobogenie;fs
C:\Program Files (x86)\YourFileDownloader Updater;fs
Uninstall-List;
EmptyAllTemp;

Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadrzaj tog loga u poruku.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

MSCONFIG\Services: DefaultTabSearch => 2
MSCONFIG\Services: DefaultTabUpdate => 2

Ove 2 stavke ne postoje u msconfig/services, ovu treću sam uključio što je u msconfig/startup.

Software Version Updater nisam mogao da deinstaliram već samo da obrišem jer je od pre izgleda deinstaliran

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ok nema veze, pokreni sada zoek alat ...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 03 Avg 2014 21:12

Zoek.exe v5.0.0.0 Updated 03-August-2014
Tool run by AvD.AtArB on Sun 08/03/2014 at 20:44:45.41.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\AvD.AtArB\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

8/3/2014 20:46:32 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\dumps
C:\PROGRA~2\Freemake
C:\PROGRA~2\GUM3FED.tmp
C:\PROGRA~2\Nikon
C:\PROGRA~2\OLYMPUS
C:\PROGRA~2\Opanda
C:\PROGRA~2\surf and kaeep
C:\PROGRA~2\YoutubeAdblocker
C:\PROGRA~3\Freemake
C:\PROGRA~3\Oracle
C:\PROGRA~3\PhotoStitch
C:\PROGRA~3\surf and kaeep
C:\PROGRA~3\TECDOC_CD
C:\PROGRA~3\YoutubeAdblocker
C:\Users\AvD.AtArB\AppData\Roaming\Apple Computer
C:\Users\AvD.AtArB\AppData\Roaming\Publish Providers
C:\Users\AvD.AtArB\AppData\Roaming\SkypePM
C:\Users\AvD.AtArB\AppData\Roaming\SkypePM-BackupBySkypePortable
C:\Users\AvD.AtArB\AppData\Roaming\YourFileDownloader
C:\Users\AvD.AtArB\AppData\Roaming\ZoomBrowser EX
C:\Users\AVD~1.ATA\AppData\Roaming\Apple Computer
C:\Users\AVD~1.ATA\AppData\Roaming\Publish Providers
C:\Users\AVD~1.ATA\AppData\Roaming\SkypePM
C:\Users\AVD~1.ATA\AppData\Roaming\SkypePM-BackupBySkypePortable
C:\Users\AVD~1.ATA\AppData\Roaming\YourFileDownloader
C:\Users\AVD~1.ATA\AppData\Roaming\ZoomBrowser EX
C:\Users\AvD.AtArB\AppData\Local\genienext
C:\Users\AvD.AtArB\AppData\Local\MigWiz
C:\Users\AvD.AtArB\AppData\Local\My Games
C:\Users\AvD.AtArB\AppData\Local\PackageAware
C:\Users\AVD~1.ATA\AppData\Local\genienext
C:\Users\AVD~1.ATA\AppData\Local\MigWiz
C:\Users\AVD~1.ATA\AppData\Local\My Games
C:\Users\AVD~1.ATA\AppData\Local\PackageAware

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1675243283-1723671596-2523844302-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully
HKEY_USERS\S-1-5-21-1675243283-1723671596-2523844302-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ProtectMonitor deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ProtectMonitor deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\AVD~1.ATA\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\prefs.js:

Added to C:\Users\AVD~1.ATA\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\prefs.js:

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\YourFileDownloader Updater not found
"C:\Program Files\PCDApp\StartHelp.exe" not found
C:\Users\AvD.AtArB\AppData\Roaming\DefaultTab deleted
C:\Program Files (x86)\Mobogenie deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\searchplugins\buenosearch.xml" deleted
"C:\Users\AvD.AtArB\AppData\Local\BIT6DBF.tmp" deleted
"C:\Users\AvD.AtArB\AppData\Local\BIT815F.tmp" deleted
"C:\Users\AvD.AtArB\AppData\Local\BIT959A.tmp" deleted
"C:\user.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome.manifest" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\install.rdf" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\tpwd9zm0@pa.org\bootstrap.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\tpwd9zm0@pa.org\chrome.manifest" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\tpwd9zm0@pa.org\install.rdf" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\manifest.xml" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins.json" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\button1.png" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\button2.png" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\button3.png" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\button4.png" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\button5.png" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\crossrider_statusbar.png" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\icon128.png" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\icon16.png" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\icon24.png" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\icon48.png" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\panelarrow-up.png" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\popup.html" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\skin.css" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\update.css" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\36870121e714e178e1764744b7284a61.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\3ccdbd44a883b5a11b5c3a12b9a715d3.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\91d0785dbf151d35eee25eb1289a8940.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\a0f08f70ad16fbcc33ab9386251c81ae.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\background.html" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\browser.xul" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\dialog.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\f5299c93262b491a6c8e945eb3705874.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\ffCoreFilesIndex.txt" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\options.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\options.xul" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\search_dialog.xul" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\16733b0dac9271f6f00a0ef803518159.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\3f289c01dae6717cce8c5491c9b9c73e.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\550ba66abd50253c16eabceb35cfe975.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\594a5f81604d2d34236b6f556a5f1f69.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\59a3e6a21d95fa8e53241f8bbf0b6009.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\6cc8fdf961865c69ae034163e6c9a2e8.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\6e44c018672cd5e43f29ed111ec4890e.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\a36a84034f2b974a6a1c56d0c6cbff84.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\b6ccf6f148bfedaced08d4c6a14d8125.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\cbac62237b470fb36ead9e42c28ea3e6.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\ce25284b988989f07dc12dbee3f35d8d.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\d0a7ce57af0e0a882e8d0e32453f58e7.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\d8085008eef11c5e1f2fa1c0a1d57c3a.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\d8e3360eb7e963b6f50f1a5f3ff98ff2.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\da69c5db0fac92f319af437fddf8d4b6.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\f4481734825c55db118b9278ebb8a10d.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\0c39d34421c10d4588b0b6e8d31745bd.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\11aafb81078a5d3eceea31212c06f8c5.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\3a28277480ff51165036f70bef4d1f9f.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\3aa837d5eb5e48a571bc428915bb379c.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\3d39841048af8415b045d60f3a83b91c.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\4d4f3efba2badb6c9eb247f94eb6cd98.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\4d82c42443756a817a96661fe17509a1.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\66b62c3fa79c54711735c1dde25b69cd.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\66c352c08209cafa01713e8f61c43682.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\6921d875fd9a80b41f399ab82620fce6.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\6ed144c803c3692cac196d6e9fc83aac.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\724d369fc7fbe15f79323ea32a238eeb.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\889bec4f45a8861a2e80bf1b4b20340a.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\8b1a2139e02e6c00aad18e55268ad4df.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\8ea31d0df934c174668b1617fe6f9749.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\ab264aeb98509ff83c913761b718be71.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\b7d1ac75815b6206ac5dd94ee15c3928.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\c84d502bba68dfe9bf97cf60387fa271.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\f04a7617b498f057f8c369972f2e366e.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\f20564582a42e481c82262a663021fcd.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\installer.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\defaults\preferences\prefs.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\1.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\1000020.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\1000025.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\1000030.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\102.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\104.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\123.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\13.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\14.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\155.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\16.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\17.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\175.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\177.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\180.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\182.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\183.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\184.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\192.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\193.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\195.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\207.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\21.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\217.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\22.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\220.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\221.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\223.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\226.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\230.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\233.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\242.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\244.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\246.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\260.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\262.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\263.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\268.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\28.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\281.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\286.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\287.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\4.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\47.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\64.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\7.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\72.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\78.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\9.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\91.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\93.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\98.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\userCode\background.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\userCode\extension.js" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\locale\en-US\translations.dtd" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\tpwd9zm0@pa.org\content\trz5806.tmp" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\tpwd9zm0@pa.org" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\defaults" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\locale" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\defaults\preferences" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\userCode" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\locale\en-US" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Extensions\tpwd9zm0@pa.org\content" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-07-19 23:09:25 FF56A162E74674F16F5C3665070F7797 425793396 ----a-w- C:\Windows\MEMORY.DMP
====== C:\Users\AVD~1.ATA\AppData\Local\Temp ====
2014-07-29 16:19:53 D01D2D06A9D03F2558C81516540A6EA3 2809224 ----a-w- C:\Users\AVD~1.ATA\AppData\Local\Temp\CreativeCloudSet-Up.exe
2014-07-29 16:19:53 D01D2D06A9D03F2558C81516540A6EA3 2809224 ----a-w- C:\Users\AvD.AtArB\AppData\Local\Temp\CreativeCloudSet-Up.exe
====== Java Cache =====
2014-08-02 08:46:06 FE668AB14C48D29EE1DD3729833BD9DF 17197 ----a-w- C:\Users\AvD.AtArB\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\40fd39b-3add33dc
2014-07-31 05:34:51 0ACF7652B7B5D1C0C9BC42137BD22DE1 17176 ----a-w- C:\Users\AvD.AtArB\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\2fb889a6-56a22f8e
2014-08-02 08:46:05 D58DBBC4D658F5A7EF07578E9B8CB897 430 ----a-w- C:\Users\AvD.AtArB\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\421ae1f0-7e364408ff0764e51535fc58ad2b27175f59dfa4cc5864400ac47c5c09ac5b92-6.0.lap
2014-08-02 08:43:31 C70AD7114AEC7D5D0BBF3BFF6BEE7010 435 ----a-w- C:\Users\AvD.AtArB\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\74a032f3-3645508498308c5a54846dcdb04d3c9070d012648acd21f826024d76f9ec2369-6.0.lap
2014-08-02 08:42:41 550D98C3FED4E15451FD8D5C43E0FD65 17193 ----a-w- C:\Users\AvD.AtArB\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\4628e538-583bf19f
2014-08-02 08:42:40 DBEDA8942AC392AAF4F54A0AEBF7521B 424 ----a-w- C:\Users\AvD.AtArB\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\734164ba-6aa1cc879e805a87d21eda2005e862185d26bbc1fdfce1894b7539c91b1f7f86-6.0.lap
2014-08-02 08:46:06 FE668AB14C48D29EE1DD3729833BD9DF 17197 ----a-w- C:\Users\AVD~1.ATA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\40fd39b-3add33dc
2014-07-31 05:34:51 0ACF7652B7B5D1C0C9BC42137BD22DE1 17176 ----a-w- C:\Users\AVD~1.ATA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\2fb889a6-56a22f8e
2014-08-02 08:46:05 D58DBBC4D658F5A7EF07578E9B8CB897 430 ----a-w- C:\Users\AVD~1.ATA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\421ae1f0-7e364408ff0764e51535fc58ad2b27175f59dfa4cc5864400ac47c5c09ac5b92-6.0.lap
2014-08-02 08:43:31 C70AD7114AEC7D5D0BBF3BFF6BEE7010 435 ----a-w- C:\Users\AVD~1.ATA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\74a032f3-3645508498308c5a54846dcdb04d3c9070d012648acd21f826024d76f9ec2369-6.0.lap
2014-08-02 08:42:41 550D98C3FED4E15451FD8D5C43E0FD65 17193 ----a-w- C:\Users\AVD~1.ATA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\4628e538-583bf19f
2014-08-02 08:42:40 DBEDA8942AC392AAF4F54A0AEBF7521B 424 ----a-w- C:\Users\AVD~1.ATA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\734164ba-6aa1cc879e805a87d21eda2005e862185d26bbc1fdfce1894b7539c91b1f7f86-6.0.lap
====== C:\Windows\SysWOW64 =====
2014-07-27 10:13:43 6C4B2E1A25841077084EB9F76FF6FFA7 11410432 ----a-w- C:\Windows\SysWOW64\wmp.dll
2014-07-27 10:13:43 02DF0628BE8B64B84D50FBE53549AA3B 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL
2014-07-27 10:00:34 AD27563BC16AB1EAACAE3033E99C2F78 194048 ----a-w- C:\Windows\SysWOW64\elshyph.dll
2014-07-27 10:00:31 FDA05E78813F543A6E9AC6B23EC696F2 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-27 10:00:31 FC733FD7721200D5136F6F8112E97B00 11742208 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2014-07-27 10:00:31 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\SysWOW64\ieuinit.inf
2014-07-27 10:00:31 F7B6E341F4B1947BEC0E14EEBE3C627E 111616 ----a-w- C:\Windows\SysWOW64\IEAdvpack.dll
2014-07-27 10:00:31 F2A99A4293CAF7956FF7801D36D5A3B2 442368 ----a-w- C:\Windows\SysWOW64\ieui.dll
2014-07-27 10:00:31 EC7038154490E50ACD405A022F51B204 83456 ----a-w- C:\Windows\SysWOW64\inseng.dll
2014-07-27 10:00:31 E739AEDCA67F214F96C2520BA293B12B 526336 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2014-07-27 10:00:31 E3065F51EE0BB099EAAE48C3FC3A25B6 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2014-07-27 10:00:31 DFA59840BB1220AFD261FDAE83543959 17276416 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2014-07-27 10:00:31 D9F12F54E3B5A092F1D5F191F5286E53 337408 ----a-w- C:\Windows\SysWOW64\html.iec
2014-07-27 10:00:31 CFCE4EFF1D6D909EE2EA3AFCB8F1E677 233472 ----a-w- C:\Windows\SysWOW64\url.dll
2014-07-27 10:00:31 CE94480E78CC3A1A17B53F2BB65639BD 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2014-07-27 10:00:31 CCC198257901BEEA2FBF8EB1E7678356 1791488 ----a-w- C:\Windows\SysWOW64\wininet.dll
2014-07-27 10:00:31 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-07-27 10:00:31 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\SysWOW64\ieapfltr.dat
2014-07-27 10:00:31 BE0EA764820239F7785410CBE3880086 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-27 10:00:31 AE6A2C5ECD3E96556E22F12816842F60 48640 ----a-w- C:\Windows\SysWOW64\mshtmler.dll
2014-07-27 10:00:31 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\SysWOW64\mshta.exe
2014-07-27 10:00:31 AB3B2CA52AFB695AFCDD2620A21E5B21 24576 ----a-w- C:\Windows\SysWOW64\licmgr10.dll
2014-07-27 10:00:31 A9F8343A3234FC7A42DDA4569827B411 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2014-07-27 10:00:31 A98E303FCB7058C6E78FD1FBBCBB5EEF 240824 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2014-07-27 10:00:31 9E170B0AF156B478BD2B1FD6A2250C9E 62464 ----a-w- C:\Windows\SysWOW64\tdc.ocx
2014-07-27 10:00:31 9B8701A380CEE1B05D651B4ED4048C8F 645120 ----a-w- C:\Windows\SysWOW64\jsIntl.dll
2014-07-27 10:00:31 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\SysWOW64\iexpress.exe
2014-07-27 10:00:31 98C7B1AFA0A99EE3BE99EAABEFB72CA0 4254720 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2014-07-27 10:00:31 9385D7C5DF2566D01B1FB150F381D50B 367616 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2014-07-27 10:00:31 91CF46BBB827E461C498A1D7D1A71AD6 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2014-07-27 10:00:31 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-07-27 10:00:31 83F49FD1BC0A999B006D564C540C7258 86016 ----a-w- C:\Windows\SysWOW64\iesysprep.dll
2014-07-27 10:00:31 8046CF629D8AE766C22145F4A6AFFBE1 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll
2014-07-27 10:00:31 7C44C697BA6D0B698B91AC6516A731C3 1139200 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2014-07-27 10:00:31 779E142FE2159935E78C0FA2E190FF1E 610304 ----a-w- C:\Windows\SysWOW64\jscript.dll
2014-07-27 10:00:31 6EB0B7301E00F717BD68A742D1391FAF 36352 ----a-w- C:\Windows\SysWOW64\imgutil.dll
2014-07-27 10:00:31 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\SysWOW64\wextract.exe
2014-07-27 10:00:31 67EA1BB7F6428A10C64D5A732976F871 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2014-07-27 10:00:31 573E522A27210701EB8A6C476D36FFF6 239616 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2014-07-27 10:00:31 55969AADF0210A614700F89B48976F68 43008 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-27 10:00:31 557D60DF85D61C290A1D09E7115B294B 62464 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-27 10:00:31 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe
2014-07-27 10:00:31 4F032F1FDEFEA5EC8EEA3562643B5EE8 69120 ----a-w- C:\Windows\SysWOW64\icardie.dll
2014-07-27 10:00:31 4BCC7EB5F20840DA67943BD86AE95735 56832 ----a-w- C:\Windows\SysWOW64\pngfilt.dll
2014-07-27 10:00:31 4B774E842F268D51DB942EF9637828B9 1964544 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2014-07-27 10:00:31 448854C4FE94C0FA329CC38FF103DC74 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-27 10:00:31 42BF66A4DC35DAD3564065173372CCE9 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2014-07-27 10:00:31 298FDE634538B62CEEEC266D8773B21A 182272 ----a-w- C:\Windows\SysWOW64\msls31.dll
2014-07-27 10:00:31 1AFBAA54BDF637F69B8E02A5578286B0 116736 ----a-w- C:\Windows\SysWOW64\iepeers.dll
2014-07-27 10:00:31 175A663547805367C10746FC416D4605 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2014-07-27 10:00:31 1200D9C7DB0ADC1B8143A0A9921BF7DA 127488 ----a-w- C:\Windows\SysWOW64\occache.dll
2014-07-27 10:00:31 09CBE4B1AEF497FC05493B09EA2C1757 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2014-07-27 10:00:31 084FB28A790685F32A6D7D003777696D 2179072 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2014-07-27 10:00:31 045A91095A605BB20FF2B37546FE62B0 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2014-07-27 10:00:31 03B3541AE6986602CF9CB5B3AD169C33 208384 ----a-w- C:\Windows\SysWOW64\webcheck.dll
2014-07-27 09:26:54 A0E053D8D97ED0F913D56E6AF21DD26F 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll
2014-07-27 09:26:54 230AAF45031E87638CA4053C0399C1E6 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll
2014-07-27 09:26:48 EE7CB55F77465CDAC4C80F587FF7C278 1796096 ----a-w- C:\Windows\SysWOW64\authui.dll
2014-07-27 09:26:48 E9BB0CD09DA17C71FD1B9954D75AEEF7 168960 ----a-w- C:\Windows\SysWOW64\credui.dll
2014-07-27 09:26:48 4BCC63ED1C3D15B2635A8AE2B854B3EB 152576 ----a-w- C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-07-27 09:26:17 4D59F470985D08139E42D15842816C47 3969984 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2014-07-27 09:26:16 31FA2485DFC773F1E718A4D19F443FA9 3914176 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2014-07-27 09:26:14 995B39A08421C7725D1DF8DACEBBFC89 538112 ----a-w- C:\Windows\SysWOW64\objsel.dll
2014-07-27 09:26:14 461B713DE7F353C6447B744F1A049930 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll
2014-07-27 09:26:13 FBC78B5D12A4F5A62D9C91E0E0E46D46 49664 ----a-w- C:\Windows\SysWOW64\adprovider.dll
2014-07-27 09:26:13 834A859BB331B0B2CCAE25BB1986F80D 47616 ----a-w- C:\Windows\SysWOW64\dpapiprovider.dll
2014-07-27 09:26:13 62C0798CC68EBF42F29C92E6CD6DC3D6 36864 ----a-w- C:\Windows\SysWOW64\dimsroam.dll
2014-07-27 09:26:13 38A30B8E4216BE24D30F766EF3BAC2C7 48128 ----a-w- C:\Windows\SysWOW64\capiprovider.dll
2014-07-27 09:26:13 335FA669FC952BC4888CEDBDB42607E2 51200 ----a-w- C:\Windows\SysWOW64\cngprovider.dll
2014-07-27 09:26:12 5E11C55CC4D9330E55CCB22B1F20BB33 35328 ----a-w- C:\Windows\SysWOW64\wincredprovider.dll
2014-07-27 09:25:34 4EC2C3B15B9EC41AD0D6CD918D20376E 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll
2014-07-27 09:24:58 D96106CF60505734B14F6AE80AAA4B07 1987584 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll
2014-07-27 09:24:56 14800BD31701A5047AC3145BB1E698AE 3419136 ----a-w- C:\Windows\SysWOW64\d2d1.dll
2014-07-27 09:24:46 E01D2AC63453534DB8AD1EA97DEE9C3A 594944 ----a-w- C:\Windows\SysWOW64\RMActivate_isv.exe
2014-07-27 09:24:46 6142C5540C8D2764D59CBC11AF4A5900 572416 ----a-w- C:\Windows\SysWOW64\RMActivate.exe
2014-07-27 09:24:46 0F5FEF37588AF457E02125674F171A4F 508928 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-07-27 09:24:46 08D323750350A8A29611D1004C0CF319 510976 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-07-27 09:24:45 BBCE3E9E74C7CEA47FA4115B360AC2C6 423936 ----a-w- C:\Windows\SysWOW64\secproc_isv.dll
2014-07-27 09:24:45 7FA485555BF802FE3DB5598004DBDFAC 390144 ----a-w- C:\Windows\SysWOW64\msdrm.dll
2014-07-27 09:24:45 12A9F24DC9F465DA79AC2272D829A81E 428032 ----a-w- C:\Windows\SysWOW64\secproc.dll
2014-07-27 09:24:44 58712A48D31B40EBCB35B47205F87771 87040 ----a-w- C:\Windows\SysWOW64\secproc_ssp.dll
2014-07-27 09:24:43 9158DBE2F8483434FC72F320690C9DB8 87040 ----a-w- C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-07-27 09:24:19 E227B810296AA27E6C69307A7B6456E5 1389056 ----a-w- C:\Windows\SysWOW64\msxml6.dll
2014-07-27 09:24:19 8B8D1CEF498678CAB9DF17145D34BC64 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll
2014-07-27 09:24:19 2E673E776136354ECFB57BFD62E7EC3D 2048 ----a-w- C:\Windows\SysWOW64\msxml6r.dll
2014-07-27 09:24:19 0789F82BAE171323F74B8F175D406AB8 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll
2014-07-27 09:24:13 F95E1E9D97D25C11F29CA34C843A6F4D 247808 ----a-w- C:\Windows\SysWOW64\schannel.dll
2014-07-27 09:24:13 8BA721F76C97A219599E88722AA48875 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll
2014-07-27 09:24:13 1A0BE0092646F564FAF204E678AF8E03 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll
2014-07-27 09:24:12 C71CC796F0E2E9BD542C87532706FCFE 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll
2014-07-27 09:24:12 C61DDFE40204F3BE3DF111981D91560E 220160 ----a-w- C:\Windows\SysWOW64\ncrypt.dll
2014-07-27 09:24:12 6CB2616152ADCDF39F05B08E4858F476 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll
2014-07-27 09:24:10 E3ECF5FFE3DEDF61DC6877B6A99ACBBF 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll
2014-07-27 09:23:59 C6A991D7DF17EBD8DE4739CD1F283133 646144 ----a-w- C:\Windows\SysWOW64\osk.exe
2014-07-27 09:23:57 EA093130471090037BB70A4AF86FAD1B 420008 ----a-w- C:\Windows\SysWOW64\locale.nls
2014-07-27 09:23:56 E9504E484076585F6DA3C59F0E20E122 417792 ----a-w- C:\Windows\SysWOW64\WMPhoto.dll
2014-07-27 09:23:55 492FF9C530EC0352B3C904CE9898269D 509440 ----a-w- C:\Windows\SysWOW64\qedit.dll
2014-07-27 09:23:50 CC09E0C9A2D89C6E71D093DC8BD121B7 1168384 ----a-w- C:\Windows\SysWOW64\crypt32.dll
2014-07-27 09:23:42 E9D88493FBDB36D4B65C6F2F7F122C95 12874240 ----a-w- C:\Windows\SysWOW64\shell32.dll
2014-07-27 09:23:40 E7B9D5FF20FFDD4AAE2EF1D1B8C27A37 159232 ----a-w- C:\Windows\SysWOW64\imagehlp.dll
2014-07-27 09:23:38 4F8CCD3E7D9F17A7C60FA0AE2466CACF 381440 ----a-w- C:\Windows\SysWOW64\wer.dll
2014-07-27 09:23:31 F0D0E883EBBDC7615DC9EDEA0FFB2817 216576 ----a-w- C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-07-27 09:23:31 CE2A48CD0D2B39FB77FA4797C6434E71 656896 ----a-w- C:\Windows\SysWOW64\nshwfp.dll
2014-07-27 09:23:26 AFA53BD631FB0509A91A99391209BB70 301568 ----a-w- C:\Windows\SysWOW64\msieftp.dll
2014-07-27 09:23:25 A5F833506BF6A1B5D693E1499DEE2444 626688 ----a-w- C:\Windows\SysWOW64\usp10.dll
2014-07-27 09:22:58 76161B9D78A275F8F28DD67436013110 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll
2014-07-27 09:22:58 2E1D6624EE2C3F454CADF09DC59E78B0 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe
2014-07-27 09:22:58 1F76F7CB3C690ACB985C2FD419383B49 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll
2014-07-27 09:22:56 A30AB03E7C837A17AC70E67E63B8E2F6 2048 ----a-w- C:\Windows\SysWOW64\user.exe
2014-07-27 09:22:56 9F3D88540DB73F5213D5044CB50006DF 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe
2014-07-27 09:22:56 1E886E327F37F34CC7465F1605D1F3CD 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll
2014-07-27 09:14:59 56E3313690866F99CD17AA1342F64AE1 311808 ----a-w- C:\Windows\SysWOW64\gdi32.dll
2014-07-27 09:14:44 09F65975C1C9793B923BB52A7FA83453 121856 ----a-w- C:\Windows\SysWOW64\wshom.ocx
2014-07-27 09:14:43 A3B1D1312602280839A4A2AFBDFD066E 163840 ----a-w- C:\Windows\SysWOW64\scrrun.dll
2014-07-27 09:14:43 A3A35EE79C64A640152B3113E6E254E2 126976 ----a-w- C:\Windows\SysWOW64\cscript.exe
2014-07-27 09:14:43 979D74799EA6C8B8167869A68DF5204A 141824 ----a-w- C:\Windows\SysWOW64\wscript.exe
2014-07-27 09:12:58 A054EA8FBE16D4D34F06D81A4F0088E2 1230336 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll
2014-07-27 09:01:05 03F4527F7989F3C0A32CC8250353521E 599840 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe
2014-07-21 05:06:35 7F26D694BC7E78958BE38D1D9AAFC2B9 272808 ----a-w- C:\Windows\SysWOW64\javaws.exe
2014-07-21 05:06:30 FFAECE8AEC1D9CCDCEC1C55C2CA450BA 175528 ----a-w- C:\Windows\SysWOW64\java.exe
2014-07-21 05:06:30 67BE34FBF29E783691C713517102E67E 175528 ----a-w- C:\Windows\SysWOW64\javaw.exe
2014-07-21 05:06:30 419094DF76A32252ECD70730382029ED 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-07-27 10:13:44 AB272BBFB05A8585C3405EFA9F605774 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL
2014-07-27 10:13:42 8CBBB27369F9F07BC5E874E750EAF9D0 14631424 ----a-w- C:\Windows\Sysnative\wmp.dll
2014-07-27 10:03:17 2D01F001F8E45924E57B7BB77CF96BC2 28368 ----a-w- C:\Windows\Sysnative\IEUDINIT.EXE
2014-07-27 10:00:34 344DA9D196C0D98A738289BB09CE4CF6 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-07-27 10:00:31 FEC19C351EF1B2C998A85D1BFD765675 23464448 ----a-w- C:\Windows\Sysnative\mshtml.dll
2014-07-27 10:00:31 FD61D51199F3FC9EB0023FBF405EAAD0 147968 ----a-w- C:\Windows\Sysnative\occache.dll
2014-07-27 10:00:31 FC50DF22550C565DD096ACFAF18A37ED 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll
2014-07-27 10:00:31 F876957CA193B20A21D52F91418657D7 195584 ----a-w- C:\Windows\Sysnative\msrating.dll
2014-07-27 10:00:31 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\Sysnative\ieuinit.inf
2014-07-27 10:00:31 F00AE7B953ABEF1B53FBBA187DFC8238 243200 ----a-w- C:\Windows\Sysnative\webcheck.dll
2014-07-27 10:00:31 E70D4270C43CE6C46841B684315B9EFF 62464 ----a-w- C:\Windows\Sysnative\pngfilt.dll
2014-07-27 10:00:31 E4A6577D74B2439974C8018AB5F1BFEA 13312 ----a-w- C:\Windows\Sysnative\msfeedssync.exe
2014-07-27 10:00:31 DA5BAC4C5BDB22BBC6771534EA95AD33 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2014-07-27 10:00:31 D8E6706AECD7AA50764E126CE3F36555 631808 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2014-07-27 10:00:31 D31AE751B6DACAFD0D7CC99EAE9606C2 131072 ----a-w- C:\Windows\Sysnative\IEAdvpack.dll
2014-07-27 10:00:31 CE8831D2DCB5803A4CBC8EDCCBBC2A05 77312 ----a-w- C:\Windows\Sysnative\tdc.ocx
2014-07-27 10:00:31 CD76B3D60D28634A67B0AD7CB2E45929 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2014-07-27 10:00:31 CA67F68CEC788C0C69AD47C5125DDD8E 608768 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2014-07-27 10:00:31 C92173481A58935BE15172079CF122B8 235520 ----a-w- C:\Windows\Sysnative\url.dll
2014-07-27 10:00:31 C2F62DF01E3552DB0571FEF4D514675B 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2014-07-27 10:00:31 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\Sysnative\ieapfltr.dat
2014-07-27 10:00:31 C0F9F52C36E584C0339406ABF6DA1FBA 266424 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2014-07-27 10:00:31 BDD4A74421B023C81DA63168BD10C01B 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2014-07-27 10:00:31 BB6DEAFAC5F0AAEC37FEAF3F3AA48347 774144 ----a-w- C:\Windows\Sysnative\jscript.dll
2014-07-27 10:00:31 ADA5C3D49A12CED9F07913DC00E547A8 48128 ----a-w- C:\Windows\Sysnative\imgutil.dll
2014-07-27 10:00:31 A21C6231459F4CAC212676A9367A1A68 2768384 ----a-w- C:\Windows\Sysnative\iertutil.dll
2014-07-27 10:00:31 9675B272086CF5D22B83B541FAA8D4EA 30208 ----a-w- C:\Windows\Sysnative\licmgr10.dll
2014-07-27 10:00:31 95828D670CFD3B16EE188168E083C3C5 13824 ----a-w- C:\Windows\Sysnative\mshta.exe
2014-07-27 10:00:31 945FA19B388FCF0FEA6124B5FD71C72F 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll
2014-07-27 10:00:31 8F7FBD0177F79727CF945ABDA657A0AC 235008 ----a-w- C:\Windows\Sysnative\elshyph.dll
2014-07-27 10:00:31 8B2ADE09864BF3F7AA6D395DAFEC41B5 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2014-07-27 10:00:31 89A53CDE0DA5680AF48A181D82C752CA 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll
2014-07-27 10:00:31 854C5F171F5CEE272232AC0286F3B3B9 598016 ----a-w- C:\Windows\Sysnative\ieui.dll
2014-07-27 10:00:31 7469D4E046BD7D155CAC2697BD28B58B 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll
2014-07-27 10:00:31 73C7D1FCF6F58F3BF077FB42B0214BC0 1393664 ----a-w- C:\Windows\Sysnative\urlmon.dll
2014-07-27 10:00:31 7176CB0FFAAC3E54ABB2014E821120F9 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
2014-07-27 10:00:31 6F1AF8E1206E92256459E3012C20472A 942592 ----a-w- C:\Windows\Sysnative\jsIntl.dll
2014-07-27 10:00:31 5E646AD50848A409291418B5759595B9 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-07-27 10:00:31 5BBDBE5EBB49EA7C76A2EE7490A45D68 101376 ----a-w- C:\Windows\Sysnative\inseng.dll
2014-07-27 10:00:31 5141B67F14E2B6CBB6ADF851ABE364A5 90112 ----a-w- C:\Windows\Sysnative\SetIEInstalledDate.exe
2014-07-27 10:00:31 50FF2DD806CC6CF3B3F98F9A1A711603 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2014-07-27 10:00:31 4EC7738394D2BC7BCB5F7A3657F57252 5721088 ----a-w- C:\Windows\Sysnative\jscript9.dll
2014-07-27 10:00:31 46FD16F9B1924A2EA8CD5C6716CC654F 167424 ----a-w- C:\Windows\Sysnative\iexpress.exe
2014-07-27 10:00:31 4399857346DD183683332921500046B1 86016 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe
2014-07-27 10:00:31 415DF2B045167D6D85223CFFF00FCFC7 292864 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2014-07-27 10:00:31 3A4FD19F13F8809BA08E9F76C0E38832 413696 ----a-w- C:\Windows\Sysnative\html.iec
2014-07-27 10:00:31 391D68668CFC061F26BE593A61F745E0 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2014-07-27 10:00:31 366FA6D38406DC8BED62825C196144D1 13527040 ----a-w- C:\Windows\Sysnative\ieframe.dll
2014-07-27 10:00:31 2EE102DF0EDD8A1EDD3D1E9B99A91BEC 2266112 ----a-w- C:\Windows\Sysnative\wininet.dll
2014-07-27 10:00:31 2EBD0C5B090125AECF017C57344C45AB 247808 ----a-w- C:\Windows\Sysnative\msls31.dll
2014-07-27 10:00:31 2E40D5E11BCC597352EE0314AF629A0F 452608 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2014-07-27 10:00:31 2405D24AA28CCC4CC7E0CC0AE008746F 48640 ----a-w- C:\Windows\Sysnative\mshtmler.dll
2014-07-27 10:00:31 1FD6C2F6AC489C271565730F6E9E1A05 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2014-07-27 10:00:31 1FCBE949A67939ADEAE7279E423AA684 135680 ----a-w- C:\Windows\Sysnative\iepeers.dll
2014-07-27 10:00:31 1EA6500C25A80E8BDB65099C509AF993 143872 ----a-w- C:\Windows\Sysnative\wextract.exe
2014-07-27 10:00:31 1685AA234852657C4A6D253CCBBE84E0 2040832 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2014-07-27 10:00:31 0FBEBD36FEFFEE5AF25FDAEE5E35EE99 105984 ----a-w- C:\Windows\Sysnative\iesysprep.dll
2014-07-27 10:00:31 0A9D5716CB1F3AFA73703F39647BB8C2 81408 ----a-w- C:\Windows\Sysnative\icardie.dll
2014-07-27 10:00:31 038ABC9BCC86DFF9E181D44E43E2CEBA 52224 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll
2014-07-27 10:00:31 00401347C3BC466E5F2516387EBBCA7D 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll
2014-07-27 09:26:55 D4CCE15190269486A5E6D4D4E597F798 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll
2014-07-27 09:26:54 C072064F95579C0D6D86AF5B3DC53192 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll
2014-07-27 09:26:54 8098627D0AA1706D69C5AF3F74332ABB 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll
2014-07-27 09:26:54 39312B37C5FE5138F99680A49ACD3AEA 28160 ----a-w- C:\Windows\Sysnative\secur32.dll
2014-07-27 09:26:54 204F3F58212B3E422C90BD9691A2DF28 31232 ----a-w- C:\Windows\Sysnative\lsass.exe
2014-07-27 09:26:48 8563BA40DF4F1E93A61B70E2C8B60CF8 190464 ----a-w- C:\Windows\Sysnative\SmartcardCredentialProvider.dll
2014-07-27 09:26:48 4403D5ECE7D8323CAF1207D1AA38FA01 197120 ----a-w- C:\Windows\Sysnative\credui.dll
2014-07-27 09:26:48 34152997FB906895290E0199AC94B85F 1930752 ----a-w- C:\Windows\Sysnative\authui.dll
2014-07-27 09:26:16 89EF1CE0CE43AB8F55247D746739A321 722944 ----a-w- C:\Windows\Sysnative\objsel.dll
2014-07-27 09:26:15 6B47CF5C27865DDF6680E4D834FBE34F 5550016 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe
2014-07-27 09:26:14 851BB346CD59D9B3BC8854384C7DD5C3 424960 ----a-w- C:\Windows\Sysnative\KernelBase.dll
2014-07-27 09:26:13 CF13522172342AD8196B329C15D68E23 44544 ----a-w- C:\Windows\Sysnative\dimsroam.dll
2014-07-27 09:26:13 BDA8B14AFE99A0C52BFEA64C5AC62171 52736 ----a-w- C:\Windows\Sysnative\dpapiprovider.dll
2014-07-27 09:26:13 9D942180B5B6CE1C882B9CC54EA1F275 57344 ----a-w- C:\Windows\Sysnative\cngprovider.dll
2014-07-27 09:26:13 692E9886B2A475684F7E3294BF66E97D 56832 ----a-w- C:\Windows\Sysnative\adprovider.dll
2014-07-27 09:26:13 4959DE74643CBC4B83E5BC99486A4FC9 53760 ----a-w- C:\Windows\Sysnative\capiprovider.dll
2014-07-27 09:26:12 9A3C6D8593F29A9F66744A3D4E6309B2 39936 ----a-w- C:\Windows\Sysnative\wincredprovider.dll
2014-07-27 09:25:34 5FD67F205773EC80674DBBD609DB5315 2048 ----a-w- C:\Windows\Sysnative\tzres.dll
2014-07-27 09:25:19 1E3E97D2C0E630F11EDDD03056B12ED1 1112064 ----a-w- C:\Windows\Sysnative\rdpcorets.dll
2014-07-27 09:24:57 E8710B5DDA963E6BA198DF5FB209E72A 2565120 ----a-w- C:\Windows\Sysnative\d3d10warp.dll
2014-07-27 09:24:56 C676E5EA388AF7C4C031F56F9B42E362 3928064 ----a-w- C:\Windows\Sysnative\d2d1.dll
2014-07-27 09:24:46 297926B15AE5390409F1007EB28A8EFB 552960 ----a-w- C:\Windows\Sysnative\RMActivate_ssp_isv.exe
2014-07-27 09:24:46 1B3741488AA7E237961A29D1E7A44C0A 626176 ----a-w- C:\Windows\Sysnative\RMActivate.exe
2014-07-27 09:24:46 17CF3B3F68272BD40C878D4DBAB0EBC9 658432 ----a-w- C:\Windows\Sysnative\RMActivate_isv.exe
2014-07-27 09:24:46 03F8F411F118CFDA508E77C747BB05EA 553984 ----a-w- C:\Windows\Sysnative\RMActivate_ssp.exe
2014-07-27 09:24:45 DC6DD779F35BB42E2E76FDFEC565C251 123392 ----a-w- C:\Windows\Sysnative\secproc_ssp_isv.dll
2014-07-27 09:24:45 C6AC2C91541D24F9E236A670C0CA793D 528384 ----a-w- C:\Windows\Sysnative\msdrm.dll
2014-07-27 09:24:45 B41B1FEDEBBD955B4E25676B42087885 123392 ----a-w- C:\Windows\Sysnative\secproc_ssp.dll
2014-07-27 09:24:45 5693212AB2EBCACBBE05EC3A642113E2 485888 ----a-w- C:\Windows\Sysnative\secproc_isv.dll
2014-07-27 09:24:45 399FC1B75790EE606A6FD9F2FB4C891C 488448 ----a-w- C:\Windows\Sysnative\secproc.dll
2014-07-27 09:24:20 ECA6AC33BD9E441F7B47D173D715D268 1882112 ----a-w- C:\Windows\Sysnative\msxml3.dll
2014-07-27 09:24:19 3408DD8081DC22858AE2E6ABD2594C02 2048 ----a-w- C:\Windows\Sysnative\msxml6r.dll
2014-07-27 09:24:19 0E3A7EC2B9590EA7767BBB1823630DEA 2002432 ----a-w- C:\Windows\Sysnative\msxml6.dll
2014-07-27 09:24:19 0465A8CFDDB4FFDB569802A70B9443D5 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll
2014-07-27 09:24:13 E8E98B3B7A6E1250F4AA7AF8FA17D5BB 340992 ----a-w- C:\Windows\Sysnative\schannel.dll
2014-07-27 09:24:13 A805B5E68262302D1A60BE3DED5846C9 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll
2014-07-27 09:24:13 7D1017ED11B7C3B162628069742B5E58 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll
2014-07-27 09:24:12 E23BA7A7BD97FC6B8AB5EA32A46D05CD 307200 ----a-w- C:\Windows\Sysnative\ncrypt.dll
2014-07-27 09:24:12 BFC98590EAB40C785D6134B1FA818A62 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll
2014-07-27 09:24:12 79EE13A5A406E4603874686B8005DA72 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll
2014-07-27 09:24:10 C9DD5C0D5AF2D7A54BA32E8FBD3B67F1 22016 ----a-w- C:\Windows\Sysnative\credssp.dll
2014-07-27 09:24:01 F1726E14C8F7B40CD828345890AAF764 3157504 ----a-w- C:\Windows\Sysnative\win32k.sys
2014-07-27 09:23:59 A064A1D9CBD7F6959AAEAEAFF96DB2E9 692736 ----a-w- C:\Windows\Sysnative\osk.exe
2014-07-27 09:23:57 EA093130471090037BB70A4AF86FAD1B 420008 ----a-w- C:\Windows\Sysnative\locale.nls
2014-07-27 09:23:56 4EDF8812713291DBBFDA67CE6215F236 465920 ----a-w- C:\Windows\Sysnative\WMPhoto.dll
2014-07-27 09:23:55 D6AFBAA93169E6772565A1BC896D666B 624128 ----a-w- C:\Windows\Sysnative\qedit.dll
2014-07-27 09:23:50 780F6ECC4F55D76C9730E6B6C9B31913 1474048 ----a-w- C:\Windows\Sysnative\crypt32.dll
2014-07-27 09:23:44 427015D56DF17241F634611557146C57 14175744 ----a-w- C:\Windows\Sysnative\shell32.dll
2014-07-27 09:23:40 B4F29F65AD3114051F01E9403346047F 81408 ----a-w- C:\Windows\Sysnative\imagehlp.dll
2014-07-27 09:23:38 1075AB2C077B415760C0E948856B5126 484864 ----a-w- C:\Windows\Sysnative\wer.dll
2014-07-27 09:23:32 D07EB640618F96490DB88C3CE58DB608 324096 ----a-w- C:\Windows\Sysnative\FWPUCLNT.DLL
2014-07-27 09:23:32 344789398EC3EE5A4E00C52B31847946 859648 ----a-w- C:\Windows\Sysnative\IKEEXT.DLL
2014-07-27 09:23:31 660C06F663F27760F565FD567B57625C 830464 ----a-w- C:\Windows\Sysnative\nshwfp.dll
2014-07-27 09:23:27 AC38EC8D0C1B4C783CA6A24D239A71B7 335360 ----a-w- C:\Windows\Sysnative\msieftp.dll
2014-07-27 09:23:25 088CF6AFCD5CDD44E40C0ACDE3C1A5E0 801280 ----a-w- C:\Windows\Sysnative\usp10.dll
2014-07-27 09:23:24 04F82965C09CBDF646B487E145060301 228864 ----a-w- C:\Windows\Sysnative\wwansvc.dll
2014-07-27 09:22:59 D2A513EE880D71BDE7F0257F38B9D019 1163264 ----a-w- C:\Windows\Sysnative\kernel32.dll
2014-07-27 09:22:59 2A107B611C91CD256466C58C0D776E9D 243712 ----a-w- C:\Windows\Sysnative\wow64.dll
2014-07-27 09:22:58 74959C718FF4594369645F35B7DF19C4 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll
2014-07-27 09:22:58 7434E01FBCA3CB86539C39412A31D5E1 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll
2014-07-27 09:22:58 0F090A77E664CB0F70AB8D3B230B760C 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll
2014-07-27 09:15:00 56325BB1FF19F2A5AC8713756AC41140 404480 ----a-w- C:\Windows\Sysnative\gdi32.dll
2014-07-27 09:14:44 ECB021CA3370582F0C7244B0CF06732C 156160 ----a-w- C:\Windows\Sysnative\cscript.exe
2014-07-27 09:14:44 05D80FF3483BD8F268B01703C859198A 150016 ----a-w- C:\Windows\Sysnative\wshom.ocx
2014-07-27 09:14:43 731131A477F69476F2D739B0DB6A9281 202752 ----a-w- C:\Windows\Sysnative\scrrun.dll
2014-07-27 09:14:43 045451FA238A75305CC26AC982472367 168960 ----a-w- C:\Windows\Sysnative\wscript.exe
2014-07-27 09:12:58 AFCA5C1ECEAF948FC815178BC077680E 1424384 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll
====== C:\Windows\Sysnative\drivers =====
2014-07-27 09:26:55 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys
2014-07-27 09:26:54 353009DEDF918B2A51414F330CF72DEC 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
2014-07-27 09:26:54 1C2D8E18AA8FD50CD04C15CC27F7F5AB 155072 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2014-07-27 09:24:53 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys
2014-07-27 09:24:53 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys
2014-07-27 09:24:53 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\Sysnative\drivers\msiscsi.sys
2014-07-27 09:23:47 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys
2014-07-27 09:23:47 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2014-07-27 09:23:47 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2014-07-27 09:23:39 FA886682CFC5D36718D3E436AACF10B9 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys
2014-07-27 09:23:38 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\Sysnative\drivers\drmk.sys
2014-07-27 09:23:38 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys
2014-07-27 09:23:36 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys
2014-07-27 09:23:35 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys
2014-07-27 09:23:35 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys
2014-07-27 09:23:35 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys
2014-07-27 09:23:34 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys
2014-07-27 09:23:34 DD253AFC3BC6CBA412342DE60C3647F3 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys
2014-07-27 09:23:34 765A92D428A8DB88B960DA5A8D6089DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys
2014-07-27 09:14:57 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys
====== C:\Windows\Tasks ======
2014-07-26 05:26:21 A78AEFB6BE1F9DCECC71AD64A583836D 3768 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater
2014-07-26 05:26:21 2E9558B3446B6095DAA9BC4EA68D25C7 830 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-08-02 14:29:09 -------- d-----w- C:\Program Files\DxO Labs
======= C:\PROGRA~2 =====
2014-08-02 15:56:45 -------- d-----w- C:\PROGRA~2\HD Tune
2014-07-21 05:06:41 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\AvD.AtArB\AppData\Roaming ======
2014-07-27 12:37:19 -------- d-sh--w- C:\Users\AVD~1.ATA\AppData\Local\EmieUserList
2014-07-27 12:37:19 -------- d-sh--w- C:\Users\AVD~1.ATA\AppData\Local\EmieSiteList
2014-07-27 12:37:19 -------- d-sh--w- C:\Users\AvD.AtArB\AppData\Local\EmieUserList
2014-07-27 12:37:19 -------- d-sh--w- C:\Users\AvD.AtArB\AppData\Local\EmieSiteList
2014-07-27 09:05:15 -------- d-----w- C:\Users\AVD~1.ATA\AppData\Local\NVIDIA
2014-07-27 09:05:15 -------- d-----w- C:\Users\AvD.AtArB\AppData\Local\NVIDIA
2014-07-27 09:01:41 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\NVIDIA
2014-07-05 07:33:23 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\AVD~1.ATA\AppData\Local\{4D3236BE-6266-4108-B8A0-F754DB2F7C16}
2014-07-05 07:33:23 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\AvD.AtArB\AppData\Local\{4D3236BE-6266-4108-B8A0-F754DB2F7C16}
2014-07-05 07:20:44 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\AVD~1.ATA\AppData\Local\{617F17EA-DFAD-4663-B245-4515C673F1A2}
2014-07-05 07:20:44 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\AvD.AtArB\AppData\Local\{617F17EA-DFAD-4663-B245-4515C673F1A2}
2014-07-05 07:17:46 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\AVD~1.ATA\AppData\Local\{24C334F6-6CB4-44DA-B97F-BF774B638C2A}
2014-07-05 07:17:46 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\AvD.AtArB\AppData\Local\{24C334F6-6CB4-44DA-B97F-BF774B638C2A}
====== C:\Users\AvD.AtArB ======
2014-08-03 16:40:23 83C0AF64AC7B777A61C13E608D9B4CC6 2094080 ----a-w- C:\Users\AVD~1.ATA\Desktop\FRST64.exe
2014-08-03 16:40:23 83C0AF64AC7B777A61C13E608D9B4CC6 2094080 ----a-w- C:\Users\AvD.AtArB\Desktop\FRST64.exe
2014-08-02 15:56:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2014-08-02 14:29:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO FilmPack 3
2014-08-02 14:29:38 -------- d-----w- C:\ProgramData\DxO Labs
2014-07-29 16:25:49 -------- d-----r- C:\Users\AVD~1.ATA\Creative Cloud Files
2014-07-29 16:25:49 -------- d-----r- C:\Users\AvD.AtArB\Creative Cloud Files
2014-07-27 08:59:22 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2014-07-21 05:06:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==
2014-08-03 19:43:24 1BD9D27ABB0E0D0554326C0758F31277 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1675243283-1723671596-2523844302-1000\$IPS8TRN.exe
2014-08-03 19:16:02 1F6B4EDD07361FC35EA33F97A196B8BF 1189695 ----a-w- C:\$Recycle.Bin\S-1-5-21-1675243283-1723671596-2523844302-1000\$RPS8TRN.exe
2014-08-03 16:40:23 83C0AF64AC7B777A61C13E608D9B4CC6 2094080 ----a-w- C:\Users\AvD.AtArB\Desktop\FRST64.exe
2014-08-02 15:56:45 F8FC2D14DF813CC920A39B3CB7E59CBC 401408 ----a-w- C:\Program Files (x86)\HD Tune\HDTune.exe
2014-08-02 15:56:45 CEFC20D14D9940D53505E9B9769139E7 682266 ----a-w- C:\Program Files (x86)\HD Tune\unins000.exe
2014-07-29 16:19:53 D01D2D06A9D03F2558C81516540A6EA3 2809224 ----a-w- C:\Users\AvD.AtArB\AppData\Local\Temp\CreativeCloudSet-Up.exe
=== C: other files ==
2014-07-30 22:09:31 D9CA109A03DFBF83388AC19817968C25 244921 ----a-w- C:\Users\AvD.AtArB\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LZDFFOGO\config_fb_en[1].zip
2014-07-29 16:39:16 5825F783992076A1A04C5C2F519900E5 70855363 ----a-w- C:\Program Files\Adobe\Adobe\AdobePatchFiles\{D6DB45EE-A9A6-49E1-BF31-686E2FA4AF9F}.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1675243283-1723671596-2523844302-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"MCShield Monitor"="C:\Program Files (x86)\MCShield\mcshieldrtm.exe"
"Viber"="C:\Users\AvD.AtArB\AppData\Local\Viber\Viber.exe StartMinimized"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true"
"mobilegeni daemon"="C:\Program Files (x86)\Mobogenie\DaemonProcess.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"MCShield Monitor"="C:\Program Files (x86)\MCShield\mcshieldrtm.exe"
"Viber"="C:\Users\AvD.AtArB\AppData\Local\Viber\Viber.exe StartMinimized"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Creative Cloud]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Creative Cloud"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Adobe\\Adobe Creative Cloud\\ACC\\Creative Cloud.exe\" --showwindow=false --onOSstartup=true"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeAAMUpdater-1.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5ServiceManager]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeCS5ServiceManager"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS5ServiceManager\\CS5ServiceManager.exe\" -launchedbylogin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BitTorrent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BitTorrent"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\BitTorrent\\BitTorrent.exe\" /MINIMIZED"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DAEMON Tools Lite"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\eM Client]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="eM Client"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\eM Client\\MailClient.exe\" /startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\AvD.AtArB\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HTC Sync Loader]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HTC Sync Loader"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\HTC\\HTC Sync 3.0\\htcUPCTLoader.exe\" -startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msnmsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OM2_Monitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="OM2_Monitor"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\OLYMPUS\\OLYMPUS Master 2\\MMonitor.exe\" -NoStart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SwitchBoard"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^AvD.AtArB^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"path"="C:\\Users\\AvD.AtArB\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"
"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\AVD~1.ATA\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup"
"item"="Dropbox"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^AvD.AtArB^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Picture Motion Browser Media Check Tool.lnk]
"path"="C:\\Users\\AvD.AtArB\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Picture Motion Browser Media Check Tool.lnk"
"backup"="C:\\Windows\\pss\\Picture Motion Browser Media Check Tool.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~2\\Sony\\SONYPI~1\\PMBCore\\SPUVOL~1.EXE /noballoononstart"
"item"="Picture Motion Browser Media Check Tool"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DefaultTabSearch]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DefaultTabUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IDriverT]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MozillaMaintenance]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NitroReaderDriverReadSpool3]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\nlsX86cc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\nvsvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Stereo Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SwitchBoard]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Transbase TECDOC CD 1_2011 Service]


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [07/26/2014 07:22]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [06/29/2013 21:59]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [06/29/2013 21:59]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\DTReg" [C:\Users\AvD.AtArB\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Launch HTC Sync Loader" [C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\YourFile DownloaderUpdate" [C:\Program Files (x86)\YourFileDownloader Updater\YourFileUpdater.exe]
"C:\Windows\SysNative\tasks\{179E1B88-9D4E-4B56-B40D-3E0CDCAD1C4E}" [D:\TECDOC_CD\1_2011\pb\tof.exe]
"C:\Windows\SysNative\tasks\{27D892CE-40CE-4A34-8BDA-C301FB0FE57C}" [C:\Program Files (x86)\City Car Driving\bin\win32\Starter.exe]
"C:\Windows\SysNative\tasks\{37FA150A-555C-434B-AC77-3141BF0A95F2}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{3F59A8F3-0CAA-4F44-A1BC-24F3C3ECA9E0}" [C:\Program Files (x86)\City Car Driving\bin\win32\Starter.exe]
"C:\Windows\SysNative\tasks\{3F89E64E-509D-471C-83EA-EA4977D9E734}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{4197262D-92DB-4C0E-B65F-603305F1C737}" [C:\Program Files (x86)\City Car Driving\bin\win32\Starter.exe]
"C:\Windows\SysNative\tasks\{42799635-5C19-4D44-B005-C619692E72C1}" [C:\Program Files (x86)\RailSimulator.com\Railworks 3 Train Simulator 2012 Deluxe\RailWorks.exe]
"C:\Windows\SysNative\tasks\{4396420D-3FDC-4D43-BBCA-981EE9B813FF}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{61F08F11-95EA-4126-8CB2-288C080EA0D7}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{6793BEE8-F29F-4918-99EF-4B55852F3FA0}" [C:\Program Files (x86)\Skype\Phone\Skype.exe]
"C:\Windows\SysNative\tasks\{6A7EECB5-DF98-4D5A-9C7E-1B7D74F24BD1}" [C:\Program Files (x86)\RailSimulator.com\Railworks 3 Train Simulator 2012 Deluxe\RailWorks.exe]
"C:\Windows\SysNative\tasks\{73C227D0-D156-489E-9C5F-4061EE227706}" [D:\TECDOC_CD\1_2011\pb\tof.exe]
"C:\Windows\SysNative\tasks\{89FD173C-5BE2-4E6D-B1EA-4B99C19BB2D8}" [msiexec.exe]
"C:\Windows\SysNative\tasks\{D44794E8-CAEE-4DC8-BF25-ED42B3DA68ED}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{E70A6C42-719D-4E9E-A627-052073F4F58C}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{F839807B-F5D3-4C14-95D7-41D90627D041}" [C:\Program Files (x86)\Skype\Phone\Skype.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06/15/2014 19:27]

==== Firefox Extensions ======================

ProfilePath: C:\Users\AVD~1.ATA\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default
- Undetermined - C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com
- anonymoX - %ProfilePath%\extensions\client@anonymox.net.xpi
- Exif Viewer - %ProfilePath%\extensions\exif_viewer@mozilla.doslash.org.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default
4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash
1919A4E982A86647F79ADD23B9AC3E11 - C:\Users\AvD.AtArB\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
1BFD18699636B8F1AA26675BA43D2F8F - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll - Shockwave for Director / Shockwave for Director


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dknkjnkhedbanphkkpbpcgoblmkbfhlf - C:\Users\AvD.AtArB\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx[09/09/2012 21:33]
jbolfgndggfhhpbnkgnpjkfhinclbigj - No path found[]
kheelobnibmchifldedamogdmhemfjio - C:\Users\AvD.AtArB\AppData\Local\CRE\kheelobnibmchifldedamogdmhemfjio.crx[06/26/2013 12:37]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
dknkjnkhedbanphkkpbpcgoblmkbfhlf - C:\Users\AvD.AtArB\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx[09/09/2012 21:33]
kheelobnibmchifldedamogdmhemfjio - C:\Users\AvD.AtArB\AppData\Local\CRE\kheelobnibmchifldedamogdmhemfjio.crx[06/26/2013 12:37]

Google Drive - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Last updated at time on date - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Image Histogram - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgefpfienchbbehcjnmbmogdigoedhaj
Quick access to EXIF data of any image you view - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbhfeiddhndihdjeganjggkmjapkffm
EXIF Viewer - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafpfdcmppffipmhcpkbplhkoiekndck
EXIF Reader - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchnjcdahncnilbicljpnbfobpnljnki
Google Wallet - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Exponator - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdclakkbcpndnjlnajapdlbdncpijdg
Gmail - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Drive - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Last updated at time on date - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Image Histogram - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgefpfienchbbehcjnmbmogdigoedhaj
Quick access to EXIF data of any image you view - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbhfeiddhndihdjeganjggkmjapkffm
EXIF Viewer - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafpfdcmppffipmhcpkbplhkoiekndck
EXIF Reader - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchnjcdahncnilbicljpnbfobpnljnki
Google Wallet - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Exponator - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdclakkbcpndnjlnajapdlbdncpijdg
Gmail - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
DefaultTab - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

==== Chrome Fix ======================

C:\Users\AvD.AtArB\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx deleted successfully
C:\Users\AvD.AtArB\AppData\Local\CRE\kheelobnibmchifldedamogdmhemfjio.crx deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.buenosearch.com/?babsrc=HP_ss&mntrId=3C0F8C89A55561E5&affID=128403&tsp=5264"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Bueno Search Url="http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=3C0F8C89A55561E5&affID=128403&tsp=5264"
{8FD0F4AD-ED6D-4831-871C-7749284FE41D} Search Here Url="http://www.mysearchresults.com/search?c=8004&t=11&q={searchTerms}"

==== Reset Google Chrome ======================

C:\Users\AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Uninstall List x64 ======================

Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{47FA2C44-D148-4DBC-AF60-B91934AA4842}]
Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe AIR]
Adobe Bridge CC (64 Bit) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{359F8007-6486-429C-A8C5-D67F6897C88C}]
Adobe Community Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}]
Adobe Community Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1]
Adobe Creative Cloud [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Creative Cloud]
Adobe Flash Player 14 ActiveX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX]
Adobe Flash Player 14 Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin]
Adobe Media Player [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}]
Adobe Media Player [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1]
Adobe Photoshop CC [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}]
Adobe Photoshop Lightroom 5.4 64-bit [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{558B5965-CC1B-4AF1-BA07-5D6832404050}]
Adobe Reader X (10.1.4) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-AA1000000001}]
Adobe Shockwave Player 11.6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Shockwave Player]
Adobe SVG Viewer 3.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe SVG Viewer]
avast Free Antivirus [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\avast]
BitTorrent [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrent]
Canon Utilities Digital Photo Professional [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Digital Photo Professional]
Canon Utilities EOS Utility [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\EOS Utility]
CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner]
Color Efex Pro 4 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Color Efex Pro 4]
Composite 2012 64-bit [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EA234BC3-39FE-4734-B72F-076086889F6D}]
CPUID HWMonitor 1.24 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CPUID HWMonitor_is1]
CrystalDiskInfo 3.10.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\CrystalDiskInfo_is1]
D3DX10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}]
Dropbox [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dropbox]
DxO FilmPack 3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6E98BFB0-55E3-4D3C-8C10-B44F6063535E}]
EOSInfo [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CC23FF9A-989C-4DEB-8970-50E6E4862315}]
EOSMSG [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C68EB8C6-FFCC-42A8-B509-18B331E220F7}]
GOM Player [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\GOM Player]
Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]
Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]
HD Tune 2.55 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HD Tune_is1]
Image Resizer for Windows (64 bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1B1D3C64-EEBC-4807-93FF-DB71719E77F7}]
Image Resizer for Windows [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9dfff2f7-5cd7-4fd4-9b75-7d53b042d94b}]
Imagenomic Portraiture 2.3 Plug-in (build 2308) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ImagenomicPortraiturePlugin]
Java 7 Update 65 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217055FF}]
Junk Mail filter update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}]
LightWave 11.0 64-bit [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LightWave 11.0 64-bit 11.0]
MCShield ::Anti-Malware Tool:: [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MCShield]
Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}]
Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033]
Microsoft Office Professional Edition 2003 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90110409-6000-11D3-8CFE-0150048383C9}]
Microsoft Pro Photo Tools [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A05CF147-BEED-4880-BF9B-4EAF22C77FFD}]
Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}]
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7299052b-02a4-4627-81f2-1818da5d550d}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}]
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}]
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}]
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}]
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3C28BFD4-90C7-3138-87EF-418DC16E9598}]
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}]
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B175520C-86A2-35A7-8619-86DC379688B9}]
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}]
Microsoft_VC80_ATL_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}]
Microsoft_VC80_ATL_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{925D058B-564A-443A-B4B2-7E90C6432E55}]
Microsoft_VC80_CRT_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}]
Microsoft_VC80_CRT_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}]
Microsoft_VC80_MFC_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D1A19B02-817E-4296-A45B-07853FD74D57}]
Microsoft_VC80_MFC_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}]
Microsoft_VC80_MFCLOC_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}]
Microsoft_VC80_MFCLOC_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1E9FC118-651D-4934-97BE-E53CAE5C7D45}]
Microsoft_VC90_ATL_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}]
Microsoft_VC90_ATL_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8557397C-A42D-486F-97B3-A2CBC2372593}]
Microsoft_VC90_CRT_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{08D2E121-7F6A-43EB-97FD-629B44903403}]
Microsoft_VC90_CRT_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}]
Microsoft_VC90_MFC_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}]
Microsoft_VC90_MFC_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}]
MiniTool Partition Wizard Home Edition 7.6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1]
Mozilla Firefox 30.0 (x86 en-US) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 30.0 (x86 en-US)]
MSVCRT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}]
MSVCRT Redists [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A528BDDE-9C9F-11E2-9F0C-F04DA23A5C58}]
MSVCRT Redists [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C2B8CBDE-5232-11E3-B494-F04DA23A5C58}]
MSVCRT Redists [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B8D84F70-0296-11E2-8DF5-F04DA23A5C58}]
MSVCRT_amd64 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D0B44725-3666-492D-BEF6-587A14BD9BD9}]
MSVCRT110 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}]
MSVCRT110_amd64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E9FA781F-3E80-4399-825A-AD3E11C28C77}]
MSXML 4.0 SP2 Parser and SDK [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{716E0306-8318-4364-8B8F-0CC4E9376BAC}]
MSXML 4.0 SP3 Parser (KB2758694) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}]
MSXML 4.0 SP3 Parser [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{196467F1-C11F-4F76-858B-5812ADC83B94}]
Nitro Reader 3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3C1F302A-CC25-488D-9C24-A76B95BC916F}]
NRadioBox [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1AEAA6CC-98C2-4650-A217-EF5F92C3E602}]
NVIDIA 3D Vision Driver 335.23 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision]
NVIDIA Control Panel 335.23 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel]
NVIDIA Display Control Panel [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIA Display Control Panel]
NVIDIA Graphics Driver 335.23 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver]
NVIDIA HD Audio Driver 1.3.30.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver]
NVIDIA Install Application [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer]
NVIDIA PhysX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}]
NVIDIA Stereoscopic 3D Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIAStereo]
NVIDIA Update 10.4.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update]
NVIDIA Update Core [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core]
OpenAL [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\OpenAL]
Opera 11.64 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Opera 11.64.1403]
PDF Settings CC [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}]
Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CAA0F57A-BA8C-4AD8-AA03-F32B0E4F5623}]
photoFXlab [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\photoFXlab]
PhotoScape [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PhotoScape]
QuickTime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}]
Sentinel 2.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Sentinel_is1]
Silver Efex Pro 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Silver Efex Pro 2]
SkypeT 6.16 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}]
Speccy [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Speccy]
swMSM [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{612C34C7-5E90-47D8-9B5C-0F717DD82726}]
Topaz Adjust 5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Topaz Adjust 5]
Topaz B&W Effects [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Topaz BW Effects 2]
Topaz Clarity [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Topaz Clarity]
Topaz Clean 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Topaz Clean 3]
Topaz DeJpeg 4 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Topaz DeJpeg 4]
Topaz DeNoise 5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Topaz DeNoise 5]
Topaz Detail 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Topaz Detail 3]
Topaz Fusion Express 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Topaz Fusion Express 2]
Topaz InFocus [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Topaz InFocus]
Topaz Lens Effects [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Topaz Lens Effects]
Topaz ReMask 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Topaz ReMask 3]
Topaz ReStyle [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Topaz ReStyle]
Topaz Simplify 4 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Topaz Simplify 4]
Topaz Star Effects [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Topaz Star Effects]
Unity Web Player [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer]
Vegas Pro 12.0 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BD422D00-5232-11E3-A6F3-F04DA23A5C58}]
Viber [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Viber]
VLC media player 2.1.3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player]
Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}]
Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{66B5819D-DE70-42BE-B40F-978FBA12452E}]
Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite]
Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CE52672C-A0E9-4450-8875-88A221D5CD50}]
Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{659CB81C-B54E-4DF1-B618-F35777393A54}]
Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B775C26B-EAA8-4A11-ACBF-76E52DF6B805}]
Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BAD27F0E-5165-49A5-BE66-AF5BF73F2FEE}]
Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{25058321-C33E-496B-8915-6FD64D362CAF}]
Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}]
Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}]
Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}]
Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D1893000-EA77-493C-8DDD-E262436E959B}]
Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}]
Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6522F5F9-411B-4513-A75B-CEA00395F032}]
Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{714E162E-CD4F-4F1B-8302-7F5179409C25}]
Windows Live Writer Resources [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0F974770-76EB-4C38-986E-E7BDD9C0DFC4}]
WinZip 17.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}]

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kheelobnibmchifldedamogdmhemfjio deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\kheelobnibmchifldedamogdmhemfjio deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\AvD.AtArB\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\AVD~1.ATA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\AvD.AtArB\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\40HF7ZD5 will be deleted at reboot
C:\Users\AvD.AtArB\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HRSTU0I9 will be deleted at reboot
C:\Users\AvD.AtArB\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LZDFFOGO will be deleted at reboot
C:\Users\AvD.AtArB\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PDUS4N1O will be deleted at reboot
C:\Users\AvD.AtArB\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S0Y7UJTJ will be deleted at reboot
C:\Users\AVD~1.ATA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\40HF7ZD5 will be deleted at reboot
C:\Users\AVD~1.ATA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HRSTU0I9 will be deleted at reboot
C:\Users\AVD~1.ATA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LZDFFOGO will be deleted at reboot
C:\Users\AVD~1.ATA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PDUS4N1O will be deleted at reboot
C:\Users\AVD~1.ATA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S0Y7UJTJ will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\AvD.AtArB\AppData\Local\Mozilla\Firefox\Profiles\6c8twxzn.default\Cache emptied successfully
C:\Users\AVD~1.ATA\AppData\Local\Mozilla\Firefox\Profiles\6c8twxzn.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=133 folders=19 5816457 bytes)

==== Empty Temp Folders ======================

C:\Users\AvD.AtArB\AppData\Local\Temp will be emptied at reboot
C:\Users\AVD~1~ATA\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\AVD~1.ATA\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\AVD~1.ATA\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\AvD.AtArB\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\40HF7ZD5" not found
"C:\Users\AvD.AtArB\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HRSTU0I9" not found
"C:\Users\AvD.AtArB\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LZDFFOGO" not found
"C:\Users\AvD.AtArB\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PDUS4N1O" not found
"C:\Users\AvD.AtArB\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S0Y7UJTJ" not found
"C:\Users\AVD~1.ATA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\40HF7ZD5" not found
"C:\Users\AVD~1.ATA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HRSTU0I9" not found
"C:\Users\AVD~1.ATA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LZDFFOGO" not found
"C:\Users\AVD~1.ATA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PDUS4N1O" not found
"C:\Users\AVD~1.ATA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S0Y7UJTJ" not found

==== EOF on Sun 08/03/2014 at 21:05:38.25 ======================

Dopuna: 03 Avg 2014 21:19

PS.
Sada vidim da su mi obrisani svi dodatci iz google chroma, adblock+, exif viewer i još neki. To tako i treba sada?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Vezano za dodatke, logovi mi govore da su prisutni, ja ih nisam dirao. Ali svasta mi sad nesto radimo... Kada zavrsimo ciscenje, ti ces ih lako dodati/instalirati nazad. To nije problem





Ponovo pokreni zoek na isti nacin kao i malopre sto si ali ovaj put koristi sledeci script;




TorpigCheck;
D:\TECDOC_CD\1_2011\pb\tof.exe;i
msiexec.exe;z
EmptyFoldersCheck;Delete
ResetIEProxy;
IEDefaults;http://www.bing.com
Services-List;
C:\Users\AVD~1.ATA\AppData\Local\{4D3236BE-6266-4108-B8A0-F754DB2F7C16};f
C:\Users\AvD.AtArB\AppData\Local\{4D3236BE-6266-4108-B8A0-F754DB2F7C16};f
C:\Users\AVD~1.ATA\AppData\Local\{617F17EA-DFAD-4663-B245-4515C673F1A2};f
C:\Users\AvD.AtArB\AppData\Local\{617F17EA-DFAD-4663-B245-4515C673F1A2};f
C:\Users\AVD~1.ATA\AppData\Local\{24C334F6-6CB4-44DA-B97F-BF774B638C2A};f
C:\Users\AvD.AtArB\AppData\Local\{24C334F6-6CB4-44DA-B97F-BF774B638C2A};f
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r
"mobilegeni daemon"=-;r
C:\Program Files (x86)\Mobogenie;fs
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DefaultTabSearch];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DefaultTabUpdate];r
C:\Windows\SysNative\tasks\DTReg;f
C:\Windows\SysNative\tasks\YourFile DownloaderUpdate;f
C:\Users\AvD.AtArB\AppData\Roaming\DefaultTab;f
C:\Program Files (x86)\YourFileDownloader Updater;f
C:\Windows\SysNative\tasks\{89FD173C-5BE2-4E6D-B1EA-4B99C19BB2D8};f
C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com;f
jbolfgndggfhhpbnkgnpjkfhinclbigj;chr
SkipStartPage-FFDefaults;
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes];r
"{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Bueno Search Url"=-;r
"{8FD0F4AD-ED6D-4831-871C-7749284FE41D} Search Here Url"=-;r
ShortcutFix;
MSConfigCheck;
EmptyAllTemp;



Po restartu sistema iskopiraj mi sadrzaj svezeg zoek loga.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zoek.exe v5.0.0.0 Updated 03-August-2014
Tool run by AvD.AtArB on Sun 08/03/2014 at 21:56:25.67.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\AvD.AtArB\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-08-03-200538.log 113754 bytes

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll


==== Empty Folders Check ======================

C:\PROGRA~2\dumps deleted successfully
C:\PROGRA~2\Freemake deleted successfully
C:\PROGRA~2\GUM3FED.tmp deleted successfully
C:\PROGRA~2\Nikon deleted successfully
C:\PROGRA~2\OLYMPUS deleted successfully
C:\PROGRA~2\Opanda deleted successfully
C:\PROGRA~2\surf and kaeep deleted successfully
C:\PROGRA~2\YoutubeAdblocker deleted successfully
C:\PROGRA~3\Freemake deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\PhotoStitch deleted successfully
C:\PROGRA~3\surf and kaeep deleted successfully
C:\PROGRA~3\TECDOC_CD deleted successfully
C:\PROGRA~3\YoutubeAdblocker deleted successfully
C:\Users\AvD.AtArB\AppData\Roaming\Apple Computer deleted successfully
C:\Users\AvD.AtArB\AppData\Roaming\Publish Providers deleted successfully
C:\Users\AvD.AtArB\AppData\Roaming\SkypePM deleted successfully
C:\Users\AvD.AtArB\AppData\Roaming\SkypePM-BackupBySkypePortable deleted successfully
C:\Users\AvD.AtArB\AppData\Roaming\YourFileDownloader deleted successfully
C:\Users\AvD.AtArB\AppData\Roaming\ZoomBrowser EX deleted successfully
C:\Users\AvD.AtArB\AppData\Local\CRE deleted successfully
C:\Users\AvD.AtArB\AppData\Local\genienext deleted successfully
C:\Users\AvD.AtArB\AppData\Local\MigWiz deleted successfully
C:\Users\AvD.AtArB\AppData\Local\My Games deleted successfully
C:\Users\AvD.AtArB\AppData\Local\PackageAware deleted successfully

==== File Information Results ======================


==== Services (whitelist) ======================
Powered by E Dev

R2 - [UserAccess7] - SecuROM User Access Service (V7) - C:\Windows\system32\UAService7.exe
R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - "C:\Program Files\Windows Media Player\wmpnetwk.exe"
R2 - [WSearch] - Windows Search - C:\Windows\system32\SearchIndexer.exe /Embedding
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
S3 - [ALG] - Application Layer Gateway Service - C:\Windows\System32\alg.exe
S3 - [aspnet_state] - ASP.NET State Service - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
S3 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
S3 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
S3 - [COMSysApp] - COM+ System Application - C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S3 - [ehRecvr] - Windows Media Center Receiver Service - C:\Windows\ehome\ehRecvr.exe
S3 - [ehSched] - Windows Media Center Scheduler Service - C:\Windows\ehome\ehsched.exe
S3 - [Fax] - Fax - C:\Windows\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - C:\Windows\system32\IEEtwCollector.exe /V
S3 - [MSDTC] - Distributed Transaction Coordinator - C:\Windows\System32\msdtc.exe
S3 - [msiserver] - Windows Installer - C:\Windows\system32\msiexec.exe /V
S3 - [ose] - Office Source Engine - "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
S3 - [PerfHost] - Performance Counter DLL Host - C:\Windows\SysWow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - C:\Windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - C:\Windows\System32\snmptrap.exe
S3 - [sppsvc] - Software Protection - C:\Windows\system32\sppsvc.exe
S3 - [TrustedInstaller] - Windows Modules Installer - C:\Windows\servicing\TrustedInstaller.exe
S3 - [vds] - Virtual Disk - C:\Windows\System32\vds.exe
S3 - [VSS] - Volume Shadow Copy - C:\Windows\system32\vssvc.exe
S3 - [WatAdminSvc] - Windows Activation Technologies Service - C:\Windows\system32\Wat\WatAdminSvc.exe
S3 - [wbengine] - Block Level Backup Engine Service - "C:\Windows\system32\wbengine.exe"
S3 - [wmiApSrv] - WMI Performance Adapter - C:\Windows\system32\wbem\WmiApSrv.exe
S4 - [AdobeARMservice] - Adobe Acrobat Update Service - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
S4 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
S4 - [gupdate] - Google Update Service (gupdate) - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
S4 - [gupdatem] - Google Update Service (gupdatem) - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc
S4 - [IDriverT] - InstallDriver Table Manager - "C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
S4 - [nlsX86cc] - Nalpeiron Licensing Service - C:\Windows\SysWOW64\nlssrv32.exe
S4 - [nvsvc] - NVIDIA Display Driver Service - "C:\Windows\system32\nvvsvc.exe"
S4 - [SkypeUpdate] - Skype Updater - "C:\Program Files (x86)\Skype\Updater\Updater.exe"
S4 - [Stereo Service] - NVIDIA Stereoscopic 3D Driver Service - "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"

==== FireFox Fix ======================

Deleted from C:\Users\AVD~1.ATA\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\prefs.js:

Added to C:\Users\AVD~1.ATA\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mobilegeni daemon"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DefaultTabSearch]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DefaultTabUpdate]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Bueno Search Url"=-
"{8FD0F4AD-ED6D-4831-871C-7749284FE41D} Search Here Url"=-

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Mobogenie not found
"C:\Users\AvD.AtArB\AppData\Roaming\DefaultTab" not found
"C:\Program Files (x86)\YourFileDownloader Updater" not found
"C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com" not found
"C:\Users\AVD~1.ATA\AppData\Local\{4D3236BE-6266-4108-B8A0-F754DB2F7C16}" deleted
"C:\Users\AvD.AtArB\AppData\Local\{4D3236BE-6266-4108-B8A0-F754DB2F7C16}" deleted
"C:\Users\AVD~1.ATA\AppData\Local\{617F17EA-DFAD-4663-B245-4515C673F1A2}" deleted
"C:\Users\AvD.AtArB\AppData\Local\{617F17EA-DFAD-4663-B245-4515C673F1A2}" deleted
"C:\Users\AVD~1.ATA\AppData\Local\{24C334F6-6CB4-44DA-B97F-BF774B638C2A}" deleted
"C:\Users\AvD.AtArB\AppData\Local\{24C334F6-6CB4-44DA-B97F-BF774B638C2A}" deleted
"C:\Windows\SysNative\tasks\DTReg" deleted
"C:\Windows\SysNative\tasks\YourFile DownloaderUpdate" deleted
"C:\Windows\SysNative\tasks\{89FD173C-5BE2-4E6D-B1EA-4B99C19BB2D8}" deleted

==== Folders Found ======================


==== Files Found ======================


--- C:\Windows\Prefetch\MSIEXEC.EXE-B5AFA339.pf ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 41396
Created time: 2014-08-02 14:26:52
Modified time: 2014-08-02 14:29:10
MD5: 8F7210C3935CC00ACA8DCB3FC9A30F83
SHA1: DECA457B8924CDAA0CE5A94F2F733F9622B493F6


--- C:\Windows\Prefetch\MSIEXEC.EXE-F3744DFD.pf ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 31148
Created time: 2014-08-02 14:27:22
Modified time: 2014-08-02 14:29:02
MD5: B29C7B046A83CF566421E7471C2D17B2
SHA1: 8414E72625FB77E432724B6A4952E5BC91E1CD06


--- C:\Windows\System32\msiexec.exe ---
Company: Microsoft Corporation
File Description: Windows® installer
File Version: 5.0.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Installer - Unicode
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: msiexec.exe.mui
File type: ----a-w-
File size: 73216
Created time: 2010-11-21 03:24:28
Modified time: 2010-11-21 03:24:28
MD5: EEE470F2A771FC0B543BDEEF74FCECA0
SHA1: BD9BBB448DEC04B1AAA8AE530E9814FDBCE0A3D5


--- C:\Windows\System32\en-US\msiexec.exe.mui ---
Company: Microsoft Corporation
File Description: Windows® installer
File Version: 5.0.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Installer - Unicode
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: msiexec.exe.mui
File type: ----a-w-
File size: 2048
Created time: 2010-11-21 07:06:17
Modified time: 2010-11-21 07:06:17
MD5: BDECC7CD820515393867BDA5AEEB77E0
SHA1: 163997DFBB8B257D2884AE4618FC4B39ACD4B84A


--- C:\Windows\SysWOW64\msiexec.exe ---
Company: Microsoft Corporation
File Description: Windows® installer
File Version: 5.0.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Installer - Unicode
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: msiexec.exe.mui
File type: ----a-w-
File size: 73216
Created time: 2010-11-21 03:24:28
Modified time: 2010-11-21 03:24:28
MD5: EEE470F2A771FC0B543BDEEF74FCECA0
SHA1: BD9BBB448DEC04B1AAA8AE530E9814FDBCE0A3D5


--- C:\Windows\SysWOW64\en-US\msiexec.exe.mui ---
Company: Microsoft Corporation
File Description: Windows® installer
File Version: 5.0.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Installer - Unicode
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: msiexec.exe.mui
File type: ----a-w-
File size: 2048
Created time: 2010-11-21 07:06:17
Modified time: 2010-11-21 07:06:17
MD5: BDECC7CD820515393867BDA5AEEB77E0
SHA1: 163997DFBB8B257D2884AE4618FC4B39ACD4B84A


--- C:\Windows\winsxs\amd64_microsoft-windows-i..xecutable.resources_31bf3856ad364e35_6.1.7600.16385_en-us_5495d2d619acea9d\msiexec.exe.mui ---
Company: Microsoft Corporation
File Description: Windows® installer
File Version: 5.0.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Installer - Unicode
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: msiexec.exe.mui
File type: ----a-w-
File size: 2048
Created time: 2010-11-21 07:06:14
Modified time: 2010-11-21 07:06:14
MD5: 0B0549AF6371A0CC9D7B65AEC779B912
SHA1: CBCB418E70EB7EE83DCFCE15023718FFF1C6EE2B


--- C:\Windows\winsxs\amd64_microsoft-windows-installer-executable_31bf3856ad364e35_6.1.7601.17514_none_a7a77a3b9cb96ce6\msiexec.exe ---
Company: Microsoft Corporation
File Description: Windows® installer
File Version: 5.0.7601.17514 (win7sp1_rtm.101119-1850)
Product Name: Windows Installer - Unicode
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: msiexec.exe
File type: ----a-w-
File size: 128000
Created time: 2010-11-21 03:24:15
Modified time: 2010-11-21 03:24:15
MD5: A190DA6546501CB4146BBCC0B6A3F48B
SHA1: 443AAC22D57EDD4EF893E2A245B356CBA5B2C2DD


--- C:\Windows\winsxs\x86_microsoft-windows-i..xecutable.resources_31bf3856ad364e35_6.1.7600.16385_en-us_f8773752614f7967\msiexec.exe.mui ---
Company: Microsoft Corporation
File Description: Windows® installer
File Version: 5.0.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Installer - Unicode
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: msiexec.exe.mui
File type: ----a-w-
File size: 2048
Created time: 2010-11-21 07:06:17
Modified time: 2010-11-21 07:06:17
MD5: BDECC7CD820515393867BDA5AEEB77E0
SHA1: 163997DFBB8B257D2884AE4618FC4B39ACD4B84A


--- C:\Windows\winsxs\x86_microsoft-windows-installer-executable_31bf3856ad364e35_6.1.7601.17514_none_4b88deb7e45bfbb0\msiexec.exe ---
Company: Microsoft Corporation
File Description: Windows® installer
File Version: 5.0.7601.17514 (win7sp1_rtm.101119-1850)
Product Name: Windows Installer - Unicode
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: msiexec.exe
File type: ----a-w-
File size: 73216
Created time: 2010-11-21 03:24:28
Modified time: 2010-11-21 03:24:28
MD5: EEE470F2A771FC0B543BDEEF74FCECA0
SHA1: BD9BBB448DEC04B1AAA8AE530E9814FDBCE0A3D5


==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2014-07-27 08:59:22 -------- d-----w- C:\PROGRA~3\NVIDIA Corporation
2014-08-02 14:29:38 -------- d-----w- C:\PROGRA~3\DxO Labs

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06/15/2014 19:27]

==== Firefox Extensions ======================

ProfilePath: C:\Users\AVD~1.ATA\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default
- Undetermined - C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com
- anonymoX - %ProfilePath%\extensions\client@anonymox.net.xpi
- Exif Viewer - %ProfilePath%\extensions\exif_viewer@mozilla.doslash.org.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default
4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash
1919A4E982A86647F79ADD23B9AC3E11 - C:\Users\AvD.AtArB\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
1BFD18699636B8F1AA26675BA43D2F8F - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll - Shockwave for Director / Shockwave for Director


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
jbolfgndggfhhpbnkgnpjkfhinclbigj - No path found[]

Google Docs - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Adblock Plus - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmpamlafghipdgdcfmoiekafmmaeghdb
Quick access to EXIF data of any image you view - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbhfeiddhndihdjeganjggkmjapkffm
EXIF Viewer - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafpfdcmppffipmhcpkbplhkoiekndck
Google Wallet - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Adblock Plus - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmpamlafghipdgdcfmoiekafmmaeghdb
Quick access to EXIF data of any image you view - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbhfeiddhndihdjeganjggkmjapkffm
EXIF Viewer - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafpfdcmppffipmhcpkbplhkoiekndck
Google Wallet - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
DefaultTab - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.bing.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Bueno Search Url="http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=3C0F8C89A55561E5&affID=128403&tsp=5264"
{8FD0F4AD-ED6D-4831-871C-7749284FE41D} Search Here Url="http://www.mysearchresults.com/search?c=8004&t=11&q={searchTerms}"

==== shortcuts on Users Desktops ======================

C:\Users\AvD.AtArB\Desktop\Lightroom 5.4 64-bit (2).lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 5.4\lightroom.exe
C:\Users\AvD.AtArB\Desktop\Photoshop.exe - Shortcut.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exe
C:\Users\AvD.AtArB\Desktop\PROGRAMI\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\AvD.AtArB\Desktop\PROGRAMI\CPUID HWMonitor.lnk - C:\Program Files (x86)\CPUID\HWMonitor\HWMonitor.exe
C:\Users\AvD.AtArB\Desktop\PROGRAMI\EOS Utility.lnk - C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
C:\Users\AvD.AtArB\Desktop\PROGRAMI\EOSInfo.exe - Shortcut.lnk - C:\Program Files (x86)\astrojargon.net\EOSInfo\EOSInfo.exe
C:\Users\AvD.AtArB\Desktop\PROGRAMI\EOSMSG.lnk - C:\Program Files (x86)\www.eosmsg.com\EOSMSG.exe
C:\Users\AvD.AtArB\Desktop\PROGRAMI\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
C:\Users\AvD.AtArB\Desktop\PROGRAMI\HD Tune.lnk - C:\Program Files (x86)\HD Tune\HDTune.exe
C:\Users\AvD.AtArB\Desktop\PROGRAMI\Lightroom 5.4 64-bit.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 5.4\lightroom.exe
C:\Users\AvD.AtArB\Desktop\PROGRAMI\Perfect Effects 8.lnk - C:\Program Files (x86)\onOne Software\Perfect Effects 8\Perfect Effects 8.exe
C:\Users\AvD.AtArB\Desktop\PROGRAMI\Photomatix Pro 4.0.1 (64-bit).lnk - C:\Program Files (x86)\PhotomatixPro4\PhotomatixPro.exe
C:\Users\AvD.AtArB\Desktop\PROGRAMI\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\AvD.AtArB\Desktop\PROGRAMI\Photoshop.exe - Shortcut.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
C:\Users\AvD.AtArB\Desktop\PROGRAMI\Vegas Pro 12.0 (64-bit).lnk - C:\Program Files (x86)\Sony\Vegas Pro 12.0\vegas120.exe
C:\Users\AvD.AtArB\Desktop\PROGRAMI\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Users\AVD~1.ATA\Desktop\Lightroom 5.4 64-bit (2).lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 5.4\lightroom.exe
C:\Users\AVD~1.ATA\Desktop\Photoshop.exe - Shortcut.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exe
C:\Users\AVD~1.ATA\Desktop\PROGRAMI\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\AVD~1.ATA\Desktop\PROGRAMI\CPUID HWMonitor.lnk - C:\Program Files (x86)\CPUID\HWMonitor\HWMonitor.exe
C:\Users\AVD~1.ATA\Desktop\PROGRAMI\EOS Utility.lnk - C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
C:\Users\AVD~1.ATA\Desktop\PROGRAMI\EOSInfo.exe - Shortcut.lnk - C:\Program Files (x86)\astrojargon.net\EOSInfo\EOSInfo.exe
C:\Users\AVD~1.ATA\Desktop\PROGRAMI\EOSMSG.lnk - C:\Program Files (x86)\www.eosmsg.com\EOSMSG.exe
C:\Users\AVD~1.ATA\Desktop\PROGRAMI\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
C:\Users\AVD~1.ATA\Desktop\PROGRAMI\HD Tune.lnk - C:\Program Files (x86)\HD Tune\HDTune.exe
C:\Users\AVD~1.ATA\Desktop\PROGRAMI\Lightroom 5.4 64-bit.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 5.4\lightroom.exe
C:\Users\AVD~1.ATA\Desktop\PROGRAMI\Perfect Effects 8.lnk - C:\Program Files (x86)\onOne Software\Perfect Effects 8\Perfect Effects 8.exe
C:\Users\AVD~1.ATA\Desktop\PROGRAMI\Photomatix Pro 4.0.1 (64-bit).lnk - C:\Program Files (x86)\PhotomatixPro4\PhotomatixPro.exe
C:\Users\AVD~1.ATA\Desktop\PROGRAMI\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\AVD~1.ATA\Desktop\PROGRAMI\Photoshop.exe - Shortcut.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
C:\Users\AVD~1.ATA\Desktop\PROGRAMI\Vegas Pro 12.0 (64-bit).lnk - C:\Program Files (x86)\Sony\Vegas Pro 12.0\vegas120.exe
C:\Users\AVD~1.ATA\Desktop\PROGRAMI\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Digital Photo Professional.lnk - C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe
C:\Users\Public\Desktop\DxO FilmPack 3.lnk - C:\Program Files (x86)\DxO Labs\DxO FilmPack 3\fppv3.exe
C:\Users\Public\Desktop\EOS Utility.lnk - C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
C:\Users\Public\Desktop\NRadioBox.exe.lnk - C:\Program Files (x86)\NRadioBox\NRadioBox\NRadioBox.exe

==== shortcuts in Users Start Menu ======================

C:\Users\AvD.AtArB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\AvD.AtArB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk - C:\Users\AvD.AtArB\AppData\Local\Viber\Viber.exe
C:\Users\AvD.AtArB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff
C:\Users\AVD~1.ATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\AVD~1.ATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk - C:\Users\AvD.AtArB\AppData\Local\Viber\Viber.exe
C:\Users\AVD~1.ATA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CC (64bit).lnk - C:\Program Files\Adobe\Adobe Bridge CC (64 Bit)\Bridge.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --appletID=HomePanel_BL --appletVersion=1.0
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO FilmPack 3\DxO FilmPack 3.lnk - C:\Windows\Installer\{6E98BFB0-55E3-4D3C-8C10-B44F6063535E}\fppv3.exe_64_53BB080DDFFE43C7BB3B8CB4C43B9B57.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO FilmPack 3\Uninstall DxO FilmPack 3.lnk - C:\Windows\SysWOW64\msiexec.exe /x {6E98BFB0-55E3-4D3C-8C10-B44F6063535E}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune Manual.lnk - C:\Program Files (x86)\HD Tune\hdtune.html
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune on the Web.lnk - C:\Program Files (x86)\HD Tune\HDTune.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune.lnk - C:\Program Files (x86)\HD Tune\HDTune.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\Uninstall HD Tune.lnk - C:\Program Files (x86)\HD Tune\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /show
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /disable
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /enable

==== shortcuts in Quick Launch ======================

C:\Users\AvD.AtArB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
C:\Users\AvD.AtArB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\AvD.AtArB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\AvD.AtArB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\AvD.AtArB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\AvD.AtArB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Viber.lnk - C:\Users\AvD.AtArB\AppData\Local\Viber\Viber.exe
C:\Users\AvD.AtArB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\AvD.AtArB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\AvD.AtArB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\AvD.AtArB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\AvD.AtArB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\AvD.AtArB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk - C:\Program Files (x86)\Opera\opera.exe
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\AVD~1.ATA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
C:\Users\AVD~1.ATA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\AVD~1.ATA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\AVD~1.ATA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\AVD~1.ATA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\AVD~1.ATA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Viber.lnk - C:\Users\AvD.AtArB\AppData\Local\Viber\Viber.exe
C:\Users\AVD~1.ATA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\AVD~1.ATA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\AVD~1.ATA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\AVD~1.ATA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\AVD~1.ATA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\AVD~1.ATA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk - C:\Program Files (x86)\Opera\opera.exe

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eM Client deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\AvD.AtArB\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\AvD.AtArB\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\AVD~1.ATA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\AVD~1.ATA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\AvD.AtArB\AppData\Local\Mozilla\Firefox\Profiles\6c8twxzn.default\Cache emptied successfully
C:\Users\AVD~1.ATA\AppData\Local\Mozilla\Firefox\Profiles\6c8twxzn.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=142 folders=19 5827794 bytes)

==== Empty Temp Folders ======================

C:\Users\AvD.AtArB\AppData\Local\Temp will be emptied at reboot
C:\Users\AVD~1~ATA\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\AVD~1.ATA\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\AVD~1.ATA\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Sun 08/03/2014 at 22:02:50.23 ======================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Hajde sada za kraj ponovo pokreni zoek, opet na isti nacin kao i malopre sto si uradio ali ovaj put kopiraj sledece:

AutoClean;

Kada alat zavrsi ciscenje, restartovace racunar. Po restartu mi postavi svez zoek izvestaj i reci mi da li ti racunar radi brze? Morao bi da radi dosta brze ...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Radi dosta brzo pokretanje računara, skoro duplo brže nego pre.
Je li to bio nki virus, neko čudo?
Kako da sprečim da mi se opet nešto slično ne desi i uspori mi kompjuter...dosta pazim šta skidam, odčekiram tulbarove i te peripetije što se nude, ali se izgleda opet nešto provuče.


Zoek.exe v5.0.0.0 Updated 03-August-2014
Tool run by AvD.AtArB on Mon 08/04/2014 at 1:43:32.97.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\AvD.AtArB\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-08-03-200538.log 113754 bytes
C:\zoek-results2014-08-03-210250.log 36022 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1675243283-1723671596-2523844302-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-1675243283-1723671596-2523844302-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8FD0F4AD-ED6D-4831-871C-7749284FE41D} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\AVD~1.ATA\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default

---- Lines buenosearch removed from user.js ----

user_pref("extensions.buenosearch.tlbrSrchUrl", "http://www.buenosearch.com/?q={searchTerms}&babsrc=TB_ss&mntrId=3C0F8C89A55561E5&affID=128403&tsp=5264");
user_pref("extensions.buenosearch.tb_url", "http://www.buenosearch.com/?q={searchTerms}&babsrc=TB_ss&mntrId=3C0F8C89A55561E5&affID=128403&tsp=5264");
user_pref("extensions.buenosearch.id", "3c0f6e040000000000008c89a55561e5");
user_pref("extensions.buenosearch.appId", "{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}");
user_pref("extensions.buenosearch.instlDay", "16221");
user_pref("extensions.buenosearch.vrsn", "1.8.28.7");
user_pref("extensions.buenosearch.vrsni", "1.8.28.7");
user_pref("extensions.buenosearch.vrsnTs", "1.8.28.714:30:42");
user_pref("extensions.buenosearch.prtnrId", "buenosearch");
user_pref("extensions.buenosearch.prdct", "buenosearch");
user_pref("extensions.buenosearch.aflt", "babsst");
user_pref("extensions.buenosearch.smplGrp", "none");
user_pref("extensions.buenosearch.tlbrId", "base");
user_pref("extensions.buenosearch.instlRef", "sst");
user_pref("extensions.buenosearch.dfltLng", "en");
user_pref("extensions.buenosearch.excTlbr", false);
user_pref("extensions.buenosearch.ffxUnstlRst", true);
user_pref("extensions.buenosearch.admin", false);
user_pref("extensions.buenosearch.autoRvrt", "false");
user_pref("extensions.buenosearch.rvrt", "false");
user_pref("extensions.buenosearch.newTab", false);

---- FireFox user.js and prefs.js backups ----

user_20140803_2048_.backup
user_20140803_2158_.backup
user_20140804_0153_.backup
prefs_20140803_2048_.backup
prefs_20140803_2158_.backup
prefs_20140804_0153_.backup

==== Deleting Files \ Folders ======================

C:\Users\AvD.AtArB\daemonprocess.txt deleted
C:\Users\AvD.AtArB\.android deleted
C:\PROGRA~2\GUT912A.tmp deleted
C:\PROGRA~2\GUM8B6F.tmp deleted
C:\PROGRA~2\globalUpdate deleted
C:\torrent.exe deleted
C:\Users\AvD.AtArB\AppData\Roaming\newnext.me deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\AvD.AtArB\AppData\Local\globalUpdate deleted
C:\Users\AvD.AtArB\AppData\Local\Software deleted
C:\Users\AvD.AtArB\AppData\Local\Mobogenie deleted
C:\Users\AvD.AtArB\AppData\Local\cache deleted
C:\Users\AvD.AtArB\Searches deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\BitTorrentControl_v12 deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Conduit deleted
C:\windows\SysNative\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys deleted
C:\Users\AvD.AtArB\Documents\Mobogenie deleted
C:\Users\AVD~1.ATA\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\Invalidprefs.js deleted
C:\Users\AVD~1.ATA\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\CT2998365 deleted
C:\Users\AVD~1.ATA\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\CT3225826 deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Abstract" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\Desktop Pictures" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\programs" deleted
"C:\Users\AvD.AtArB\AppData\Roaming\vhosts" deleted
"C:\ProgramData\Action" deleted
"C:\ProgramData\Action Clauses" deleted
"C:\ProgramData\Alerts" deleted
"C:\ProgramData\Dictionaries" deleted
"C:\PROGRA~3\4535b0b4a684880\{4820778D-AB0D-6D18-C316-52A6A0E1D507}" deleted
"C:\PROGRA~3\4535b0b4a684880\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.old" deleted
"C:\PROGRA~3\4535b0b4a684880\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}" deleted
"C:\PROGRA~3\4535b0b4a684880\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}.old" deleted
"C:\PROGRA~3\4535b0b4a684880" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06/15/2014 19:27]

==== Firefox Extensions ======================

ProfilePath: C:\Users\AVD~1.ATA\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default
- Undetermined - C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com
- anonymoX - %ProfilePath%\extensions\client@anonymox.net.xpi
- Exif Viewer - %ProfilePath%\extensions\exif_viewer@mozilla.doslash.org.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\AvD.AtArB\AppData\Roaming\Mozilla\Firefox\Profiles\6c8twxzn.default
4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash
1919A4E982A86647F79ADD23B9AC3E11 - C:\Users\AvD.AtArB\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
1BFD18699636B8F1AA26675BA43D2F8F - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll - Shockwave for Director / Shockwave for Director


==== Chrome Look ======================

AdBlock - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Adblock Plus - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmpamlafghipdgdcfmoiekafmmaeghdb
EXIF Viewer - AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafpfdcmppffipmhcpkbplhkoiekndck
AdBlock - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Adblock Plus - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmpamlafghipdgdcfmoiekafmmaeghdb
EXIF Viewer - AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafpfdcmppffipmhcpkbplhkoiekndck
DefaultTab - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

==== Chrome Fix ======================

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.bing.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.bing.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\AvD.AtArB\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\AvD.AtArB\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\AVD~1.ATA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\AVD~1.ATA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\AvD.AtArB\AppData\Local\Mozilla\Firefox\Profiles\6c8twxzn.default\Cache emptied successfully
C:\Users\AVD~1.ATA\AppData\Local\Mozilla\Firefox\Profiles\6c8twxzn.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\AvD.AtArB\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\AVD~1.ATA\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1112 folders=189 107164480 bytes)

==== Empty Temp Folders ======================

C:\Users\AvD.AtArB\AppData\Local\Temp will be emptied at reboot
C:\Users\AVD~1~ATA\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\AVD~1.ATA\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\AVD~1.ATA\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Mon 08/04/2014 at 1:59:58.00 ======================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

E da, ovo sad izgleda mnogo, mnogo bolje. U sustini, nista aktivno nije bilo, vec dosta podesavanja i zaostalih unosa koji su postavili ranije deinstalirani PUP programi, nagomian junk, cache & temp ...etc. Zoek je jednostavno odradio generalku sistema po tom pitanju.

Kako da sprecis? Za pocetak da nastavis to sto si i radio. Kontrola sta ce sve biti instalirano na sistemu.
Kao program koji ce ti dobro pomoci u tome je Unchecky

Mozes da koristis neki Temp cleaner, CCleaner kojeg vec imas ima dobar temp&cache cleaner za umerenom nivou. Pokreni njegovo ciscenje ~ jednom mesecno ili ranije po potrebi.






• Sledeća procedura će implementirati završno čišćenje.

Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore

Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.