Start Free Trial

asked on

My computer lags! Someone connected by remote admin??! Video!

I made video on my phone how my computer lags few days already.
Tell me whats the problem!!!
this t u can see on 59 second on vdeo and on 2.20 minute.
i have a lot more than theppning to my computer
i have only 1 antivirus kaspersky 2012 last update.
no vius!
i think maybe it is remote admin someone watching my pc?
http://www.youtube.com/watch?v=AG_FUmr7lZc&feature=youtu.be

Asides from the slowness, is there any other unusual system behaviors? Unexpected popups, error messages, new software?

Most likely it is malware or other virus not detected by your AV software.
I recommend downloading, installing and updating MalwareBytes AntiMalware, and then running a full system scan.
I also recommend SuperAntiSpyware. Again, download, install, update, and run a full scan.

Also, if you have done a lot of data creation/moving/deleting, you may want to defrag your hard drive.

No antivirus program catches everything. My usual attempt to catch most items on a computer is as follows --

(This is with a computer already running AV / Malware detection)

First run the ESET online scanner -- http://www.eset.com/us/online-scanner/

Then I really MalwareBytes as moonie42 suggested -- http://www.malwarebytes.org/

Another program I always run is combofix -- http://www.bleepingcomputer.com/download/anti-virus/combofix (Click on the link which says "Combofix download link" there is a lot of extraneous stuff on that page. Combofix is good at finding rootkits and other baddies.

Then post on how you are doing.

Looks more like video error than a hack attempt.

As already suggested, I would recommend a defrag on the hard drive, and looking to see if there is a video driver update.

If that isn't getting the results you like, look at the performance monitor (perfmon, not the task manager) and see if there are any glaring bottlenecks.

Russell_Venable

Follow these instructions and post the log here as a attachment.
Silentrunners

ASKER

nothing works

Russell_Venable

What are you talking about? Did you download the file listed above to your desktop and run as advised? I so post the logfile here, please.

ASKER CERTIFIED SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ASKER

Russell_Venable:
What are you talking about? Did you download the file listed above to your desktop and run as advised? I so post the logfile here, please.

this file doesnt open even.

ASKER

im running windows 7 ultimate

ASKER

i have brand new lenovo b570 essentials

intel core i3 2310 cpu 2100 mhz
video card intel hd 3000
8 gb ram 1333mhz
500 hdd sata

i was also facing such problem as - computer slowing down while this errors coming up
and i couldnt even able to do anything so slow it is

and once even my mouse went to other part of the screen without me to do anything

so its strange stuff happening

and i want to know what to do...

ASKER

64 bit system

Russell_Venable

Looks like the problems are more severe, if you can't run normal operations. Try running FixNCR.reg and then running OTL and then post those logs here if you can.

Russell_Venable

You will need to run these as a administrator as well.

If it is new I recommend using the Lenovo "One Key Recovery" option.

Here is the user guide - http://www.lenovo.com/shop/americas/content/user_guides/v470_v570_b470_b570_ug_en.pdf

The one key recovery starts on page 33. Remember to save your documents / pictures / music first.

If that fails then call Lenovo and start a ticket and they should be sending it out for repair / replacement.

(Link to their phone number support page)
http://support.lenovo.com/en_US/detail.page?LegacyDocID=migr-4hwse3

Russell_Venable

If it is malware. I can sit through this with you to resolve the issue. Did you have any kind of fake alerts, fake antivirus/firewall messages, random popups or anything else other then slowness and unvolunatary movement of the mouse?

If it is a pest or intrusion, Russell is the man.

ASKER

also you know whats happening?
video from youtube start to have pause stops every 20 seconds.
my PC and internet are very fast

maybe something with direct x or video drivers?
give me some solution plz!

ASKER

im running those OTL program that u post
it takes time to scan
i try to post it if it succeed

ASKER

if nothing helps then i may reinstall whole system

but it takes time to install everything again and again...

ASKER

i cant run lenovo one key recovery
bcz i dont know which start point is successful and which is not

also i dont want to repeat every change that i did since that time

coz i already recovered 10 times

and also my opera browser doint same stupid pause every 20 seconds
especially on this website - mouse stucks and screen becomes white for 1 second and tehn coming back and every 20-40 seconds this happening.

ASKER

OTL logfile created on: 11.01.2012 0:59:25 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Ubaydullah Rabbani\Downloads\Programs
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000419 | Country: ¿¿¿¿¿¿ | Language: RUS | Date Format: dd.MM.yyyy

7,92 Gb Total Physical Memory | 4,61 Gb Available Physical Memory | 58,25% Memory free
13,91 Gb Paging File | 10,50 Gb Available in Paging File | 75,46% Paging File free
Paging file location(s): C:\pagefile.sys 6142 6142 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 171,61 Gb Total Space | 130,20 Gb Free Space | 75,87% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 115,99 Gb Free Space | 39,59% Space Free | Partition Type: NTFS
Drive H: | 162,40 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: BERABBANI | User Name: Ubaydullah Rabbani | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012.01.11 00:59:05 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Ubaydullah Rabbani\Downloads\Programs\OTL.exe
PRC - [2012.01.07 18:20:00 | 001,726,552 | ---- | M] () -- C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe
PRC - [2012.01.06 01:35:37 | 000,735,608 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2011.12.28 12:37:21 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2011.12.24 06:46:52 | 001,842,688 | ---- | M] (GlobalSCAPE, Inc.) -- D:\Downloads\CuteFTP 8 Professional PORTABLE\ftpte.exe
PRC - [2011.12.24 06:46:51 | 002,830,336 | ---- | M] (GlobalSCAPE, Inc.) -- D:\Downloads\CuteFTP 8 Professional PORTABLE\cuteftppro.exe
PRC - [2011.12.21 10:06:16 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.12.19 14:43:32 | 000,262,144 | ---- | M] (Sophisticated LLC) -- C:\Program Files (x86)\oCommunitySuite-3.2\oCommunitySuite-3.2.exe
PRC - [2011.11.17 23:02:32 | 001,975,296 | ---- | M] (Alexander Nikiforov) -- C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe
PRC - [2011.11.14 13:52:06 | 003,437,976 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2011.11.13 23:27:06 | 000,103,536 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
PRC - [2011.11.13 21:49:40 | 000,079,872 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
PRC - [2011.11.01 15:35:12 | 000,053,088 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\PowerSuite\powersuite.exe
PRC - [2011.10.31 16:47:40 | 000,053,616 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe
PRC - [2011.10.25 16:59:16 | 000,244,960 | ---- | M] () -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2011.10.19 16:27:50 | 000,056,168 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe
PRC - [2011.09.28 09:45:16 | 008,000,936 | ---- | M] (Ashampoo Development GmbH & Co. KG) -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 8\WO8.exe
PRC - [2011.07.10 18:17:02 | 000,075,776 | ---- | M] () -- C:\Fucking Great Adviser\adviser.exe
PRC - [2011.04.27 18:06:24 | 001,044,248 | ---- | M] (Cypherix Software (India) Pvt. Ltd.) -- C:\Windows\SysWOW64\cryptainersrv.exe
PRC - [2011.04.24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
PRC - [2010.12.13 23:59:28 | 000,703,856 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
PRC - [2010.12.13 23:58:32 | 000,650,096 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
PRC - [2010.12.13 23:58:20 | 000,383,344 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe
PRC - [2010.11.05 18:54:36 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010.11.05 18:54:24 | 000,202,096 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010.10.27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.10.05 15:08:46 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.10.05 15:08:42 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.09.13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.09.13 18:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.05.25 14:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010.01.15 13:38:46 | 000,536,576 | ---- | M] (Vimicro) -- C:\Program Files (x86)\USB Camera\VM331_STI.EXE
PRC - [2005.08.24 23:10:04 | 000,174,592 | -HS- | M] (Password Protect Software) -- C:\Windows\SysWOW64\ncfpsys.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012.01.08 04:56:41 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2012.01.08 04:56:21 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b41e38edbd6dfe20997f6ea7c080aceb\System.Web.ni.dll
MOD - [2012.01.08 04:56:14 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b559a471eef00081f0b5c2719d1d9623\System.Runtime.Remoting.ni.dll
MOD - [2012.01.08 04:56:14 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\ebfad289d9759034cd3a887802fadb5b\IAStorCommon.ni.dll
MOD - [2012.01.08 04:56:13 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2012.01.08 04:56:10 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\60c320dbe033e8ff4830cdc059933f2c\IAStorUtil.ni.dll
MOD - [2012.01.08 04:56:08 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2012.01.08 04:56:01 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2012.01.08 04:55:58 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2012.01.08 04:55:56 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2012.01.08 04:55:49 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2012.01.07 18:20:00 | 001,726,552 | ---- | M] () -- C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe
MOD - [2012.01.05 16:40:10 | 000,076,800 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\{b4efb02b-cd4a-44b9-b5d9-aa486cdffab6}\components\RadioWMPCoreGecko9.dll
MOD - [2011.12.28 12:37:23 | 000,783,360 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
MOD - [2011.12.28 12:37:23 | 000,316,928 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2011.12.28 12:37:23 | 000,275,968 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2011.12.28 12:37:23 | 000,168,448 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2011.12.28 12:37:23 | 000,099,840 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2011.12.28 12:37:23 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2011.12.28 12:37:23 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2011.12.28 12:37:23 | 000,078,336 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2011.12.28 12:37:23 | 000,076,800 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2011.12.28 12:37:23 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2011.12.28 12:37:23 | 000,064,000 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2011.12.28 12:37:23 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2011.12.28 12:37:23 | 000,045,568 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2011.12.24 06:46:53 | 000,548,864 | ---- | M] () -- D:\Downloads\CuteFTP 8 Professional PORTABLE\FileCryptIK.dll
MOD - [2011.12.21 10:06:16 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.11.01 15:35:12 | 000,131,584 | ---- | M] () -- C:\Program Files (x86)\Uniblue\PowerSuite\locale\ru\ru.dll
MOD - [2011.11.01 15:35:12 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Uniblue\PowerSuite\cache.dll
MOD - [2011.11.01 15:35:12 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\Uniblue\PowerSuite\cwebpage.dll
MOD - [2011.10.31 16:48:56 | 000,137,072 | ---- | M] () -- C:\Program Files (x86)\Uniblue\RegistryBooster\locale\ru\ru.dll
MOD - [2011.10.31 16:48:34 | 000,066,416 | ---- | M] () -- C:\Program Files (x86)\Uniblue\RegistryBooster\InstallerExtensions.dll
MOD - [2011.10.31 16:48:32 | 000,018,800 | ---- | M] () -- C:\Program Files (x86)\Uniblue\RegistryBooster\cwebpage.dll
MOD - [2011.10.17 16:16:44 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreelements.dll
MOD - [2011.07.10 18:17:02 | 000,075,776 | ---- | M] () -- C:\Fucking Great Adviser\adviser.exe
MOD - [2011.04.24 23:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll
MOD - [2011.04.24 23:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll
MOD - [2011.04.24 23:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll
MOD - [2011.04.24 23:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll
MOD - [2011.04.24 23:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll
MOD - [2011.04.24 23:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll
MOD - [2011.04.20 19:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
MOD - [2011.04.16 18:50:26 | 002,278,912 | ---- | M] () -- C:\Fucking Great Adviser\QtCore4.dll
MOD - [2010.11.21 14:28:06 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_ru_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 01:51:14 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_ru_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.09.10 18:12:26 | 000,194,560 | ---- | M] () -- C:\Fucking Great Adviser\phonon_backend\phonon_ds94.dll
MOD - [2010.09.10 15:34:36 | 000,266,752 | ---- | M] () -- C:\Fucking Great Adviser\phonon4.dll
MOD - [2010.09.10 15:20:48 | 008,151,040 | ---- | M] () -- C:\Fucking Great Adviser\QtGui4.dll
MOD - [2010.09.10 15:06:46 | 000,911,872 | ---- | M] () -- C:\Fucking Great Adviser\QtNetwork4.dll
MOD - [2010.08.20 05:08:20 | 000,659,456 | ---- | M] () -- C:\Windows\SysWOW64\vmprp331.ax
MOD - [2009.08.11 21:19:04 | 000,797,184 | ---- | M] () -- C:\Windows\SysWOW64\ac3filter.ax
MOD - [2009.07.18 07:21:00 | 003,883,424 | ---- | M] () -- C:\Program Files (x86)\Opera\program\plugins\NPSWF32.dll

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:64bit: - [2011.03.21 16:19:16 | 001,845,248 | ---- | M] (Locktime Software) [Auto | Running] -- C:\Program Files\NetLimiter 3\nlsvc.exe -- (nlsvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.01.07 18:20:00 | 001,726,552 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe -- (Guard.Mail.ru)
SRV - [2011.11.13 23:27:20 | 000,354,416 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Windows\SysWow64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2011.11.13 22:55:18 | 011,839,488 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd)
SRV - [2011.11.13 21:49:40 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2011.10.25 16:59:16 | 000,244,960 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2011.09.28 09:45:12 | 000,885,160 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe -- (WO_LiveService)
SRV - [2011.08.29 22:11:04 | 000,846,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2011.04.27 18:06:24 | 001,044,248 | ---- | M] (Cypherix Software (India) Pvt. Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\cryptainersrv.exe -- (ssoftservice)
SRV - [2011.04.24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP)
SRV - [2011.03.01 18:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010.12.13 23:59:28 | 000,703,856 | ---- | M] (Egis Technology Inc. ) [Auto | Running] -- C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe -- (EgisTec Service)
SRV - [2010.12.13 23:58:32 | 000,650,096 | ---- | M] (Egis Technology Inc. ) [Auto | Running] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010.10.05 15:08:46 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.10.05 15:08:42 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.09.13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.08.24 22:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS64.exe -- (DfSdkS)
SRV - [2009.07.14 03:16:20 | 000,010,752 | ---- | M] (¿¿¿¿¿¿¿¿¿¿ ¿¿¿¿¿¿¿¿¿¿) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:64bit: - [2011.12.28 12:57:05 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2011.12.28 12:57:05 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2011.12.28 12:57:05 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2011.12.28 11:36:16 | 000,615,728 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2011.11.13 23:28:16 | 000,063,088 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2011.11.13 23:26:30 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2011.11.13 21:33:56 | 000,045,680 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2011.11.13 21:33:56 | 000,020,080 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2011.08.29 22:11:04 | 000,039,024 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2011.08.29 22:01:10 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb)
DRV:64bit: - [2011.08.08 14:59:12 | 000,116,336 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2011.07.06 15:14:42 | 000,145,008 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2011.04.27 18:07:06 | 000,103,704 | ---- | M] (Cypherix Software (India) Pvt. Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ssoftnt4.sys -- (ssoftnt4)
DRV:64bit: - [2011.03.21 16:44:30 | 000,033,416 | ---- | M] (Locktime Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nlndis.sys -- (NLNdisPT)
DRV:64bit: - [2011.03.21 16:44:30 | 000,033,416 | ---- | M] (Locktime Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nlndis.sys -- (NLNdisMP)
DRV:64bit: - [2011.03.21 16:44:28 | 000,088,200 | ---- | M] (Locktime Software) [Kernel | System | Running] -- C:\Program Files\NetLimiter 3\nltdi.sys -- (nltdi)
DRV:64bit: - [2011.03.10 18:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2011.03.04 13:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2011.03.04 13:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2010.12.16 11:39:08 | 012,256,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010.11.21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.12 03:59:22 | 001,400,368 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.10.31 10:36:56 | 000,035,952 | ---- | M] (Egis Technology Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\FPSensor.sys -- (FPSensor) EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys)
DRV:64bit: - [2010.10.28 10:16:24 | 004,716,608 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.10.21 12:05:22 | 000,228,224 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm331avs.sys -- (vm331avs)
DRV:64bit: - [2010.10.14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) ¿¿¿¿¿ Intel(R)
DRV:64bit: - [2010.09.21 03:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.09.13 18:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.08.16 11:28:50 | 000,008,320 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmuvcflt.sys -- (vmuvcflt)
DRV:64bit: - [2010.08.03 12:43:14 | 000,290,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010.05.31 05:46:50 | 000,333,928 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.02.11 10:01:20 | 000,026,776 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\xfiltx64.sys -- (xfiltx64)
DRV:64bit: - [2010.02.11 10:00:22 | 000,015,000 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\videX64.sys -- (videX64)
DRV:64bit: - [2009.12.30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009.11.02 20:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009.07.21 14:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009.07.16 09:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV - [2011.03.08 06:01:06 | 000,012,824 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerProcessMonitor64.sys -- (LiveTunerPM)
DRV - [2010.01.29 10:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\URLSearchHook: {b901a6dc-b37c-4963-a6e9-aaa0ff88d981} - C:\Program Files (x86)\Ashampoo_RU\prxtbAsha.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yandex.ru/?clid=930634
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://search.conduit.com?SearchSource=10&ctid=CT2481034
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "resource:///readme.html"

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Program Files (x86)\Opera\program\plugins\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files (x86)\Opera\program\plugins\nprhapengine.dll (RealNetworks, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2011.12.28 11:57:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2011.12.28 11:57:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2011.12.28 11:57:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}: C:\Program Files (x86)\EgisTec BioExcess\FFExt [2011.12.28 12:56:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\K-Meleon\Extensions\\Plugins: C:\Program Files (x86)\K-Meleon\Plugins [2012.01.07 12:30:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\K-Meleon\Extensions\\Components: C:\Program Files (x86)\K-Meleon\Components [2012.01.07 12:30:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.06 04:03:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Ubaydullah Rabbani\AppData\Roaming\IDM\idmmzcc5 [2011.12.29 10:27:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Ubaydullah Rabbani\AppData\Roaming\IDM\idmmzcc5 [2011.12.29 10:27:41 | 000,000,000 | ---D | M]

[2012.01.06 04:03:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\mozilla\Extensions
[2012.01.10 21:22:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\mozilla\Firefox\Profiles\nahd6ha2.default\extensions
[2012.01.07 12:41:08 | 000,000,000 | ---D | M] (¿¿¿¿¿¿¿‚¿¿¿¿¿¿ @Mail.Ru) -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\mozilla\Firefox\Profiles\nahd6ha2.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}
[2012.01.07 12:35:39 | 000,000,000 | ---D | M] (Radio W Community Toolbar) -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\mozilla\Firefox\Profiles\nahd6ha2.default\extensions\{b4efb02b-cd4a-44b9-b5d9-aa486cdffab6}
[2012.01.06 04:03:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.12.21 10:06:17 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.12.21 07:19:19 | 000,002,549 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mailru.xml
[2011.12.21 07:19:19 | 000,005,568 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\ozonru.xml
[2011.12.21 07:19:19 | 000,001,133 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\priceru.xml
[2011.12.21 07:19:19 | 000,001,304 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-ru.xml
[2011.12.21 07:19:19 | 000,001,548 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yandex-slovari.xml
[2011.12.21 07:19:19 | 000,001,719 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yandex.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\EgisTec BioExcess\x64\EgisPBIE.dll (Egis Technology Inc.)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\EgisTec BioExcess\EgisPBIE.dll (Egis Technology Inc.)
O2 - BHO: (no name) - {8984B388-A5BB-4DF7-B274-77B879E179DB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Ashampoo RU Toolbar) - {b901a6dc-b37c-4963-a6e9-aaa0ff88d981} - C:\Program Files (x86)\Ashampoo_RU\prxtbAsha.dll (Conduit Ltd.)
O2 - BHO: (¿¿¿¿¿¿¿¿¿¿ ¿¿¿¿¿¿¿¿) - {C93F72A2-2162-4BBA-A07A-F13663C297A6} - C:\Program Files (x86)\Yandex\YandexBarIE\fastdial.dll ()
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (¿¿¿¿¿¿.¿¿¿) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll ()
O3 - HKLM\..\Toolbar: (Ashampoo RU Toolbar) - {b901a6dc-b37c-4963-a6e9-aaa0ff88d981} - C:\Program Files (x86)\Ashampoo_RU\prxtbAsha.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (¿¿¿¿¿¿.¿¿¿) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE (Vimicro)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Guard.Mail.ru.gui] C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Password Protect USB 3.6.1] C:\Windows\SysWOW64\ncfpsys.exe (Password Protect Software)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VitaKeyTSR] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe (Egis Technology Inc. )
O4 - HKLM..\Run: [vmware-tray] C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [MP3 Skype Recorder] C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe (Alexander Nikiforov)
O4 - HKCU..\Run: [NetLimiter] C:\Program Files\NetLimiter 3\NLClientApp.exe (Locktime Software)
O4 - HKCU..\Run: [PowerSuite] C:\Program Files (x86)\Uniblue\PowerSuite\Launcher.exe (Uniblue Systems Limited)
O4 - Startup: C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fucking Great Adviser.lnk = C:\Fucking Great Adviser\adviser.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 1
O8:64bit: - Extra context menu item: ¿¿¿¿¿¿¿¿ ¿ ¿¿¿¿-¿¿¿¿¿¿ - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8:64bit: - Extra context menu item: ¿¿¿¿¿¿¿ ¿¿¿ ¿¿¿¿¿¿ ¿ ¿¿¿¿¿¿¿ IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: ¿¿¿¿¿¿¿ ¿ ¿¿¿¿¿¿¿ IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: ¿¿¿¿¿¿¿¿ ¿ ¿¿¿¿-¿¿¿¿¿¿ - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: ¿¿¿¿¿¿¿ ¿¿¿ ¿¿¿¿¿¿ ¿ ¿¿¿¿¿¿¿ IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: ¿¿¿¿¿¿¿ ¿ ¿¿¿¿¿¿¿ IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9:64bit: - Extra Button: &¿¿¿¿¿¿¿¿¿¿¿ ¿¿¿¿¿¿¿¿¿¿ - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: ¿¿¿¿¿¿¿¿ ¿¿¿&¿¿¿ - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &¿¿¿¿¿¿¿¿¿¿¿ ¿¿¿¿¿¿¿¿¿¿ - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ¿¿¿¿¿¿¿¿ ¿¿¿&¿¿¿ - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{791DCDAF-83C5-4F7D-AE73-3D2F0B7102D8}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB923941-BF0C-4B68-BD39-C521CD0926FE}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB923941-BF0C-4B68-BD39-C521CD0926FE}: NameServer = 8.26.56.26,156.154.70.22
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012.01.10 21:12:13 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\Documents\NetLimiter_Pro_v3.0.0.11_x86_x64
[2012.01.10 21:07:16 | 000,000,000 | R--D | C] -- C:\Users\Ubaydullah Rabbani\Downloads
[2012.01.10 20:58:20 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\Desktop\TcpView
[2012.01.10 19:23:05 | 000,000,000 | ---D | C] -- C:\Directory058710
[2012.01.10 19:23:05 | 000,000,000 | ---D | C] -- C:\Directory050215
[2012.01.10 18:14:27 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\MP3SkypeRecorder
[2012.01.10 18:14:14 | 000,000,000 | ---D | C] -- C:\Directory000060
[2012.01.09 19:55:59 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\Locktime
[2012.01.09 19:53:57 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetLimiter 3
[2012.01.09 19:50:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Locktime
[2012.01.09 19:50:42 | 000,000,000 | ---D | C] -- C:\Program Files\NetLimiter 3
[2012.01.09 18:27:45 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\K-Meleon
[2012.01.09 03:51:50 | 000,000,000 | R--D | C] -- C:\Users\Ubaydullah Rabbani\Videos
[2012.01.09 03:51:50 | 000,000,000 | R--D | C] -- C:\Users\Ubaydullah Rabbani\Pictures
[2012.01.08 20:10:42 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\Documents\WebCam Media
[2012.01.08 13:15:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watermark Master
[2012.01.07 19:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Splitter Joiner Pro
[2012.01.07 19:23:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HooTech MP3 Splitter Joiner Pro
[2012.01.07 18:24:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Futuremark
[2012.01.07 18:20:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mp3DirectCut
[2012.01.07 18:15:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012.01.07 18:04:16 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3 Splitter & Joiner
[2012.01.07 18:04:16 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\EZSoftMagic
[2012.01.07 18:02:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy MP3 Cutter
[2012.01.07 18:02:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Easy MP3 Cutter
[2012.01.07 17:17:39 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\IsolatedStorage
[2012.01.07 17:17:10 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\Futuremark_Corporation
[2012.01.07 17:16:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark
[2012.01.07 17:12:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
[2012.01.07 17:12:23 | 000,000,000 | ---D | C] -- C:\Program Files\Futuremark
[2012.01.07 14:30:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fucking Great Adviser
[2012.01.07 14:30:46 | 000,000,000 | ---D | C] -- C:\Fucking Great Adviser
[2012.01.07 12:55:11 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Installer
[2012.01.07 12:42:34 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Ticno
[2012.01.07 12:42:30 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\Breakpad
[2012.01.07 12:42:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Ticno
[2012.01.07 12:42:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ticno
[2012.01.07 12:41:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mail.Ru
[2012.01.07 12:40:22 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\TicnoTemp
[2012.01.07 12:30:40 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\K-Meleon
[2012.01.07 12:30:35 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\K-Meleon
[2012.01.07 12:30:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Meleon
[2012.01.07 12:30:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Meleon
[2012.01.06 04:03:24 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\Mozilla
[2012.01.06 04:03:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.01.06 02:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ObviousIdea
[2012.01.06 02:29:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ObviousIdea
[2012.01.06 01:35:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2012.01.06 00:11:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.01.05 23:04:17 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA
[2012.01.05 22:52:23 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012.01.05 12:12:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2012.01.05 12:11:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2012.01.04 19:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 5.1
[2012.01.04 19:54:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2012.01.04 19:36:28 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.01.04 19:25:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Abdio
[2012.01.04 15:13:34 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011.12.30 20:41:40 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Moyea
[2011.12.30 20:41:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moyea
[2011.12.30 20:41:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Moyea
[2011.12.30 20:21:10 | 003,150,120 | ---- | C] (CyberLink) -- C:\Users\Ubaydullah Rabbani\Desktop\OneKey Recovery.exe
[2011.12.30 20:16:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2011.12.30 20:01:05 | 000,148,992 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll
[2011.12.30 20:01:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack x64
[2011.12.30 20:01:02 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack x64
[2011.12.30 18:53:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yandex
[2011.12.30 18:53:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Yandex
[2011.12.30 18:53:37 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Yandex
[2011.12.30 18:53:37 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\Yandex
[2011.12.30 18:53:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yandex
[2011.12.30 18:53:37 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Mozilla
[2011.12.30 18:50:23 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FoxTab FLV Player
[2011.12.30 18:50:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FoxTabFLVPlayer
[2011.12.30 18:43:17 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\DivX
[2011.12.30 18:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codec
[2011.12.30 18:42:57 | 000,999,424 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\divxdec.ax
[2011.12.30 18:42:57 | 000,696,320 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\divx.dll
[2011.12.30 18:42:57 | 000,532,480 | ---- | C] (DivX Inc.) -- C:\Windows\SysWow64\DivXsm.exe
[2011.12.30 18:42:57 | 000,306,688 | ---- | C] (CoreCodec) -- C:\Windows\SysNative\coreavcdecoder64.ax
[2011.12.30 18:42:57 | 000,271,872 | ---- | C] (CoreCodec) -- C:\Windows\SysWow64\coreavcdecoder.ax
[2011.12.30 18:42:57 | 000,271,872 | ---- | C] (CoreCodec) -- C:\Windows\SysNative\coreavcdecoder.ax
[2011.12.30 18:42:57 | 000,090,112 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\dpl100.dll
[2011.12.30 18:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\Codec
[2011.12.30 10:36:50 | 000,174,592 | -HS- | C] (Password Protect Software) -- C:\Windows\SysWow64\ncfpsys.exe
[2011.12.30 10:36:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uninstall Password Protect USB
[2011.12.30 10:36:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Password Protect USB
[2011.12.30 10:31:36 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\¿¿¿¿¿¿¿¿¿¿¿ Password Protect USB
[2011.12.30 10:30:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Password Protect USB
[2011.12.30 10:20:01 | 001,044,248 | ---- | C] (Cypherix Software (India) Pvt. Ltd.) -- C:\Windows\SysWow64\cryptainersrv.exe
[2011.12.30 10:20:01 | 000,103,704 | ---- | C] (Cypherix Software (India) Pvt. Ltd.) -- C:\Windows\SysNative\drivers\ssoftnt4.sys
[2011.12.30 10:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cryptainer
[2011.12.30 10:20:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cryptainer LE
[2011.12.30 08:19:01 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Key Metric Software
[2011.12.30 08:19:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Key Metric Software
[2011.12.30 08:19:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Key Metric Software
[2011.12.30 08:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate File Detective 3
[2011.12.30 08:18:48 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\PackageAware
[2011.12.30 07:24:19 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DupKiller
[2011.12.30 07:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DupKiller
[2011.12.30 07:24:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DupKiller
[2011.12.30 07:13:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Essential Data Tools
[2011.12.30 07:13:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Essential Data Tools
[2011.12.29 10:54:50 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Softplicity
[2011.12.29 10:54:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Audio Converter
[2011.12.29 10:54:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TotalAudioConverter
[2011.12.29 10:43:13 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\ElevatedDiagnostics
[2011.12.29 10:39:31 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\Documents\Bigasoft Total Video Converter
[2011.12.29 10:33:50 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Media Player Classic
[2011.12.29 10:32:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StartNow Toolbar
[2011.12.29 10:28:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2011.12.29 10:27:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2011.12.29 10:26:18 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\IDM
[2011.12.29 10:26:17 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\DMCache
[2011.12.29 10:26:05 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Uniblue
[2011.12.29 10:26:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2011.12.29 10:26:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2011.12.29 10:25:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2011.12.29 10:25:10 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Winamp
[2011.12.29 10:25:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2011.12.29 10:25:10 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\OpenCandy
[2011.12.29 10:23:32 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2011.12.29 10:23:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2011.12.29 10:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2011.12.29 05:46:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011.12.29 05:46:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011.12.29 05:46:18 | 000,000,000 | ---D | C] -- C:\Windows\SHELLNEW
[2011.12.29 05:46:17 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.12.29 05:46:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011.12.29 05:46:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011.12.29 05:39:05 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\ChemTable Software
[2011.12.29 05:30:49 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\ChemTable Software
[2011.12.29 05:30:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reg Organizer
[2011.12.29 05:30:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reg Organizer
[2011.12.29 04:58:01 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\CrashDumps
[2011.12.29 04:44:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011.12.29 04:44:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011.12.29 04:33:54 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\dll-files.com
[2011.12.29 04:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files.com Fixer
[2011.12.29 04:33:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dll-Files.com Fixer
[2011.12.29 04:29:53 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2011.12.29 04:29:53 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2011.12.29 04:29:53 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2011.12.29 04:29:53 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2011.12.29 04:29:52 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2011.12.29 04:29:52 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2011.12.29 04:29:50 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2011.12.29 04:29:50 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2011.12.29 04:29:48 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2011.12.29 04:29:48 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2011.12.29 04:29:45 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2011.12.29 04:29:45 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2011.12.29 04:29:44 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2011.12.29 04:29:44 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2011.12.29 04:29:41 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2011.12.29 04:29:41 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2011.12.29 04:29:40 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2011.12.29 04:29:40 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2011.12.29 04:29:40 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2011.12.29 04:29:40 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2011.12.29 04:29:39 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2011.12.29 04:29:39 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2011.12.29 04:29:37 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2011.12.29 04:29:37 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2011.12.29 04:29:37 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2011.12.29 04:29:37 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2011.12.29 04:29:36 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2011.12.29 04:29:36 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2011.12.29 04:29:34 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2011.12.29 04:29:34 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2011.12.29 04:29:31 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2011.12.29 04:29:31 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2011.12.29 04:29:31 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2011.12.29 04:29:31 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2011.12.29 04:29:30 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2011.12.29 04:29:30 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2011.12.29 04:29:29 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2011.12.29 04:29:29 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2011.12.29 04:29:27 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2011.12.29 04:29:27 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2011.12.29 04:29:27 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2011.12.29 04:29:27 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2011.12.29 04:29:25 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2011.12.29 04:29:25 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2011.12.29 04:29:23 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2011.12.29 04:29:23 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2011.12.29 04:29:23 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2011.12.29 04:29:23 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2011.12.29 04:29:20 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2011.12.29 04:29:20 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2011.12.29 04:29:18 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2011.12.29 04:29:18 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2011.12.29 04:29:17 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2011.12.29 04:29:17 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2011.12.29 04:29:17 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2011.12.29 04:29:17 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2011.12.29 04:29:14 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2011.12.29 04:29:12 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2011.12.29 04:29:12 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2011.12.29 04:29:12 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2011.12.29 04:29:12 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2011.12.29 04:29:11 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2011.12.29 04:29:11 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2011.12.29 04:29:10 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2011.12.29 04:29:10 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2011.12.29 04:29:08 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2011.12.29 04:29:08 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2011.12.29 04:29:08 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2011.12.29 04:29:08 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2011.12.29 04:29:06 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2011.12.29 04:29:06 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2011.12.29 04:29:04 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2011.12.29 04:29:04 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2011.12.29 04:29:04 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2011.12.29 04:29:04 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2011.12.29 04:29:01 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2011.12.29 04:29:01 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2011.12.29 04:28:58 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2011.12.29 04:28:58 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2011.12.29 04:28:58 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2011.12.29 04:28:58 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2011.12.29 04:28:57 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2011.12.29 04:28:57 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2011.12.29 04:28:55 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2011.12.29 04:28:55 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2011.12.29 04:28:53 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2011.12.29 04:28:53 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2011.12.29 04:28:53 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2011.12.29 04:28:53 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2011.12.29 04:28:51 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2011.12.29 04:28:51 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2011.12.29 04:28:50 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2011.12.29 04:28:50 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2011.12.29 04:28:49 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2011.12.29 04:28:49 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2011.12.29 04:28:48 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2011.12.29 04:28:48 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2011.12.29 04:28:47 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2011.12.29 04:28:47 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2011.12.29 04:28:47 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2011.12.29 04:28:47 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2011.12.29 04:28:44 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2011.12.29 04:28:43 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2011.12.29 04:28:41 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2011.12.29 04:28:41 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2011.12.29 04:28:40 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2011.12.29 04:28:40 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2011.12.29 04:28:40 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2011.12.29 04:28:40 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2011.12.29 04:28:37 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2011.12.29 04:28:37 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2011.12.29 04:28:35 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2011.12.29 04:28:35 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2011.12.29 04:28:33 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2011.12.29 04:28:33 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2011.12.29 04:28:33 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2011.12.29 04:28:33 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2011.12.29 04:28:31 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2011.12.29 04:28:31 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2011.12.29 04:28:30 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2011.12.29 04:28:30 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2011.12.29 04:28:30 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2011.12.29 04:28:30 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2011.12.29 04:28:28 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2011.12.29 04:28:28 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2011.12.29 04:28:28 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2011.12.29 04:28:28 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2011.12.29 04:28:27 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2011.12.29 04:28:27 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2011.12.29 04:28:26 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2011.12.29 04:28:26 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2011.12.29 04:28:24 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2011.12.29 04:28:24 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2011.12.29 04:28:23 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2011.12.29 04:28:23 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2011.12.29 04:28:23 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2011.12.29 04:28:23 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2011.12.29 04:28:21 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2011.12.29 04:28:21 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2011.12.29 04:28:20 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2011.12.29 04:28:20 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2011.12.29 04:28:19 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2011.12.29 04:28:19 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2011.12.29 04:28:16 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2011.12.29 04:28:16 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2011.12.29 04:28:15 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2011.12.29 04:28:15 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2011.12.29 04:28:14 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2011.12.29 04:28:14 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2011.12.29 04:28:14 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2011.12.29 04:28:14 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2011.12.29 04:28:11 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2011.12.29 04:28:11 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2011.12.29 04:28:11 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2011.12.29 04:28:11 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2011.12.29 04:28:09 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2011.12.29 04:28:09 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2011.12.29 04:28:08 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2011.12.29 04:28:08 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2011.12.29 04:28:07 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2011.12.29 04:28:07 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2011.12.29 04:28:06 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2011.12.29 04:28:06 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2011.12.29 04:27:57 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2011.12.29 04:27:57 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2011.12.29 04:27:55 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2011.12.29 04:27:55 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2011.12.29 04:27:55 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2011.12.29 04:27:55 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2011.12.29 04:27:53 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2011.12.29 04:27:53 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2011.12.29 04:27:50 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2011.12.29 04:27:50 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2011.12.29 04:27:49 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2011.12.29 04:27:49 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2011.12.29 04:27:47 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2011.12.29 04:27:47 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2011.12.29 04:27:46 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2011.12.29 04:27:46 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2011.12.29 04:27:43 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2011.12.29 04:27:43 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2011.12.29 00:24:24 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\.ocommunity-suite
[2011.12.28 23:20:09 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools 2011
[2011.12.28 23:20:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\jv16 PowerTools 2011
[2011.12.28 22:29:39 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\Documents\Virtual Machines
[2011.12.28 21:29:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Community Suite
[2011.12.28 21:29:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\oCommunitySuite-3.2
[2011.12.28 21:13:18 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\VMware
[2011.12.28 21:13:16 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\VMware
[2011.12.28 20:48:03 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2011.12.28 20:35:53 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Kristanix Software
[2011.12.28 20:35:53 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Renamer Turbo
[2011.12.28 20:35:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\File Renamer Turbo
[2011.12.28 20:26:22 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\GlobalSCAPE
[2011.12.28 20:26:22 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\GlobalSCAPE
[2011.12.28 20:26:22 | 000,000,000 | ---D | C] -- C:\ProgramData\GlobalSCAPE
[2011.12.28 19:28:46 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\EgisTec IPS
[2011.12.28 19:28:22 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
[2011.12.28 19:24:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\IME
[2011.12.28 19:24:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\IME
[2011.12.28 19:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XviD
[2011.12.28 19:05:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XviD
[2011.12.28 19:05:30 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
[2011.12.28 19:05:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
[2011.12.28 19:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2011.12.28 19:05:17 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VobSub
[2011.12.28 19:05:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub
[2011.12.28 19:05:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gabest
[2011.12.28 19:05:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoGK
[2011.12.28 19:05:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoGK
[2011.12.28 19:04:19 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\Alexander_Nikiforov
[2011.12.28 19:04:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MP3 Skype Recorder
[2011.12.28 19:03:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.12.28 19:03:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.12.28 19:03:32 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011.12.28 19:03:32 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.12.28 19:03:32 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.12.28 19:03:32 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.12.28 19:03:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011.12.28 18:44:33 | 000,063,088 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmx86.sys
[2011.12.28 18:44:05 | 000,354,416 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnetdhcp.exe
[2011.12.28 18:44:01 | 000,433,264 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnat.exe
[2011.12.28 18:44:01 | 000,030,320 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetuserif.sys
[2011.12.28 18:43:58 | 000,942,192 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vnetlib64.dll
[2011.12.28 18:43:51 | 000,039,024 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\hcmon.sys
[2011.12.28 18:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
[2011.12.28 18:43:17 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2011.12.28 18:43:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VMware
[2011.12.28 18:43:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware
[2011.12.28 18:43:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2011.12.28 18:37:13 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\VS Revo Group
[2011.12.28 18:37:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2011.12.28 18:37:09 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2011.12.28 18:37:08 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2011.12.28 18:36:32 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Thinstall
[2011.12.28 18:36:32 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\Thinstall
[2011.12.28 18:32:15 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bigasoft
[2011.12.28 18:32:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bigasoft
[2011.12.28 18:31:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boilsoft Video Joiner
[2011.12.28 18:31:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Boilsoft Video Joiner
[2011.12.28 18:30:56 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Boilsoft
[2011.12.28 18:30:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boilsoft
[2011.12.28 18:30:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Boilsoft
[2011.12.28 17:39:49 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2011.12.28 17:36:38 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.28 17:36:38 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.28 17:36:37 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.28 17:36:37 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.28 17:36:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.28 17:36:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.28 17:36:36 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.12.28 17:36:36 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.12.28 17:36:36 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.12.28 17:36:35 | 000,818,688 | ---- | C] (¿¿¿¿¿¿¿¿¿¿ ¿¿¿¿¿¿¿¿¿¿) -- C:\Windows\SysNative\jscript.dll
[2011.12.28 17:36:35 | 000,716,800 | ---- | C] (¿¿¿¿¿¿¿¿¿¿ ¿¿¿¿¿¿¿¿¿¿) -- C:\Windows\SysWow64\jscript.dll
[2011.12.28 17:08:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Movavi Video Editor 7 SE
[2011.12.28 17:05:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Editor 7 SE
[2011.12.28 17:05:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movavi Video Editor 7 SE
[2011.12.28 16:46:28 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\MOVAVI
[2011.12.28 16:46:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi ¿¿¿¿¿ ¿¿¿¿¿¿¿¿¿ 10
[2011.12.28 16:46:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movavi ¿¿¿¿¿ ¿¿¿¿¿¿¿¿¿ 10
[2011.12.28 16:20:47 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011.12.28 16:20:47 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011.12.28 16:20:47 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011.12.28 16:20:47 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011.12.28 16:20:33 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011.12.28 16:20:33 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011.12.28 16:20:33 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011.12.28 16:20:33 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011.12.28 16:20:33 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011.12.28 16:20:33 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.12.28 16:20:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011.12.28 16:20:33 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011.12.28 16:20:33 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011.12.28 16:20:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011.12.28 16:20:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011.12.28 16:20:33 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011.12.28 16:20:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011.12.28 16:20:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011.12.28 16:20:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011.12.28 16:20:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.12.28 16:20:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.12.28 16:20:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011.12.28 16:20:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.12.28 16:20:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.12.28 16:20:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.12.28 16:20:32 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011.12.28 16:20:32 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011.12.28 16:20:32 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011.12.28 16:20:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011.12.28 16:20:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011.12.28 16:20:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011.12.28 16:20:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011.12.28 16:20:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011.12.28 16:20:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011.12.28 16:20:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011.12.28 16:20:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011.12.28 16:20:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011.12.28 16:20:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011.12.28 16:20:29 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011.12.28 16:20:28 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011.12.28 16:20:28 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011.12.28 16:20:28 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011.12.28 16:20:28 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011.12.28 16:20:28 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011.12.28 16:20:26 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011.12.28 16:20:26 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011.12.28 16:20:26 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011.12.28 16:20:26 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011.12.28 16:20:25 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011.12.28 16:20:25 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011.12.28 16:20:22 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2011.12.28 16:20:22 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2011.12.28 16:20:22 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2011.12.28 16:20:22 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011.12.28 16:20:22 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011.12.28 16:20:22 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2011.12.28 16:20:22 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2011.12.28 16:20:22 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2011.12.28 16:20:22 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2011.12.28 16:20:18 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.12.28 16:20:18 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.12.28 16:20:18 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2011.12.28 16:20:18 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2011.12.28 16:20:18 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.12.28 16:20:18 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.12.28 16:20:10 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011.12.28 16:20:10 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011.12.28 16:20:10 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011.12.28 16:20:09 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011.12.28 16:20:09 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011.12.28 16:20:09 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011.12.28 16:20:08 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011.12.28 16:20:08 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011.12.28 16:20:08 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011.12.28 16:20:08 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011.12.28 16:20:07 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011.12.28 16:20:06 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.12.28 16:20:06 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.12.28 16:20:00 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011.12.28 16:19:45 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011.12.28 16:19:45 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011.12.28 16:19:44 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.12.28 16:19:44 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.12.28 16:19:43 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.12.28 16:19:42 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2011.12.28 16:19:42 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2011.12.28 16:17:37 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Watermark Master
[2011.12.28 16:15:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\quicktime
[2011.12.28 16:15:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Videocharge Software
[2011.12.28 15:51:17 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\ArcSoft
[2011.12.28 15:50:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect
[2011.12.28 15:48:12 | 000,000,000 | -H-D | C] -- C:\ProgramData\ArcSoft
[2011.12.28 15:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft WebCam Companion 4
[2011.12.28 15:47:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcSoft
[2011.12.28 15:47:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft
[2011.12.28 15:47:48 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\ArcSoft
[2011.12.28 15:19:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2011.12.28 15:19:52 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\Conduit
[2011.12.28 15:19:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo_RU
[2011.12.28 15:19:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2011.12.28 15:19:23 | 000,034,304 | ---- | C] (mst software GmbH, Germany) -- C:\Windows\SysNative\DfSdkBt.exe
[2011.12.28 15:19:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2011.12.28 14:31:53 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Skype
[2011.12.28 14:31:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.12.28 14:31:44 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.12.28 14:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.12.28 14:28:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2011.12.28 13:36:15 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\Documents\Symantec
[2011.12.28 13:35:39 | 000,034,288 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011.12.28 13:35:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011.12.28 13:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011.12.28 13:34:59 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011.12.28 12:58:34 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\EgisTec
[2011.12.28 12:58:25 | 000,000,000 | ---D | C] -- C:\ProgramData\OneKey Recovery
[2011.12.28 12:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\Lenovo
[2011.12.28 12:57:12 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\BioExcess
[2011.12.28 12:57:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
[2011.12.28 12:57:07 | 000,000,000 | ---D | C] -- C:\ProgramData\EgisTec
[2011.12.28 12:57:05 | 000,062,584 | ---- | C] (Egis Technology Inc.) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys
[2011.12.28 12:57:05 | 000,022,912 | ---- | C] (Egis Technology Inc.) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys
[2011.12.28 12:57:05 | 000,020,328 | ---- | C] (Egis Technology Inc.) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys
[2011.12.28 12:56:47 | 000,000,000 | ---D | C] -- C:\ProgramData\EgisTec IPS
[2011.12.28 12:56:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EgisTec IPS
[2011.12.28 12:56:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\EgisTec
[2011.12.28 12:56:28 | 000,000,000 | ---D | C] -- C:\Program Files\EgisTec IPS
[2011.12.28 12:56:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EgisTec BioExcess
[2011.12.28 12:56:25 | 000,721,520 | ---- | C] (Egis Technology Inc.) -- C:\Windows\SysNative\NBMatS1SDK.dll
[2011.12.28 12:56:25 | 000,603,248 | ---- | C] (Egis Technology Inc.) -- C:\Windows\SysWow64\NBMatS1SDK.dll
[2011.12.28 12:55:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\USB Camera
[2011.12.28 12:55:47 | 000,310,784 | ---- | C] (Vimicro Corporation) -- C:\Windows\SysNative\VmCoinst.dll
[2011.12.28 12:55:47 | 000,228,224 | ---- | C] (Vimicro Corporation) -- C:\Windows\SysNative\drivers\vm331avs.sys
[2011.12.28 12:55:47 | 000,008,320 | ---- | C] (Vimicro Corporation) -- C:\Windows\SysNative\drivers\vmuvcflt.sys
[2011.12.28 12:55:46 | 000,208,896 | ---- | C] (Vimicro) -- C:\Windows\SysWow64\Reg331Unstal.dll
[2011.12.28 12:55:46 | 000,208,896 | ---- | C] (Vimicro) -- C:\Windows\Reg331Unstal.dll
[2011.12.28 12:55:45 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\Downloaded Installations
[2011.12.28 12:55:02 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2011.12.28 12:54:28 | 000,095,544 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmwlcoi.dll
[2011.12.28 12:54:27 | 004,716,608 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\BCMWL664.SYS
[2011.12.28 12:54:26 | 003,566,080 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvui64.dll
[2011.12.28 12:54:25 | 003,900,416 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvsrv64.dll
[2011.12.28 12:54:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lenovo
[2011.12.28 12:51:21 | 007,367,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RtsUVStoricon.dll
[2011.12.28 12:33:52 | 000,290,920 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\rtsuvstor.sys
[2011.12.28 12:33:52 | 000,015,464 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\diskperf64.sys
[2011.12.28 12:29:28 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Intel Corporation
[2011.12.28 12:12:25 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\WinRAR
[2011.12.28 11:59:08 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll
[2011.12.28 11:59:02 | 000,216,360 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPAPI.dll
[2011.12.28 11:59:02 | 000,148,776 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPCo4.dll
[2011.12.28 11:59:02 | 000,107,816 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPCOM.dll
[2011.12.28 11:59:01 | 001,400,368 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys
[2011.12.28 11:58:59 | 000,273,704 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCtrl.dll
[2011.12.28 11:58:59 | 000,218,408 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCtrl.dll
[2011.12.28 11:58:57 | 000,173,352 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCOM.dll
[2011.12.28 11:58:56 | 000,404,776 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCOM.dll
[2011.12.28 11:44:36 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\uTorrent
[2011.12.28 11:44:36 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\uTorrent
[2011.12.28 11:37:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2012
[2011.12.28 11:36:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011.12.28 11:36:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2011.12.28 11:36:16 | 000,615,728 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2011.12.28 11:34:59 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Macromedia
[2011.12.28 11:34:59 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Adobe
[2011.12.28 11:32:59 | 000,333,928 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2011.12.28 11:32:21 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011.12.28 11:32:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011.12.28 11:32:08 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2011.12.28 11:32:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011.12.28 11:31:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2011.12.28 11:31:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2011.12.28 11:26:06 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2011.12.28 11:25:46 | 000,437,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2011.12.28 11:25:45 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011.12.28 11:25:45 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\InstallShield
[2011.12.28 11:25:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2011.12.28 11:24:22 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2011.12.28 11:24:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2011.12.28 11:24:19 | 000,317,440 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2011.12.28 11:24:18 | 000,014,848 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\IntcDAuC.dll
[2011.12.28 11:24:02 | 000,092,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2266.dll
[2011.12.28 11:24:01 | 000,368,640 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll
[2011.12.28 11:24:01 | 000,364,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll
[2011.12.28 11:24:01 | 000,095,744 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll
[2011.12.28 11:24:01 | 000,086,528 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll
[2011.12.28 11:24:00 | 000,509,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2011.12.28 11:24:00 | 000,380,928 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2011.12.28 11:24:00 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2011.12.28 11:24:00 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2011.12.28 11:24:00 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2011.12.28 11:24:00 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2011.12.28 11:24:00 | 000,167,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2011.12.28 11:24:00 | 000,062,464 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2011.12.28 11:23:59 | 000,287,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2011.12.28 11:23:59 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2011.12.28 11:23:59 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2011.12.28 11:23:59 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc
[2011.12.28 11:23:59 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2011.12.28 11:23:59 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2011.12.28 11:23:59 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2011.12.28 11:23:59 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2011.12.28 11:23:59 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc
[2011.12.28 11:23:59 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2011.12.28 11:23:59 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2011.12.28 11:23:59 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2011.12.28 11:23:59 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2011.12.28 11:23:59 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2011.12.28 11:23:59 | 000,283,648 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2011.12.28 11:23:59 | 000,283,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2011.12.28 11:23:57 | 009,014,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2011.12.28 11:23:57 | 000,287,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2011.12.28 11:23:57 | 000,287,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2011.12.28 11:23:57 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2011.12.28 11:23:56 | 000,418,328 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2011.12.28 11:23:56 | 000,334,848 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2011.12.28 11:23:56 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2011.12.28 11:23:56 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2011.12.28 11:23:56 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2011.12.28 11:23:56 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2011.12.28 11:23:56 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2011.12.28 11:23:56 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2011.12.28 11:23:56 | 000,239,128 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2011.12.28 11:23:56 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2011.12.28 11:23:56 | 000,024,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2011.12.28 11:23:55 | 000,384,000 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2011.12.28 11:23:55 | 000,288,256 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2011.12.28 11:23:55 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2011.12.28 11:23:55 | 000,132,096 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2011.12.28 11:23:55 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2011.12.28 11:23:55 | 000,106,496 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2011.12.28 11:23:55 | 000,004,096 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2011.12.28 11:23:54 | 000,574,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumdx32.dll
[2011.12.28 11:23:53 | 007,434,240 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2011.12.28 11:23:52 | 005,662,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2011.12.28 11:23:49 | 012,256,512 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2011.12.28 11:23:47 | 007,371,776 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
[2011.12.28 11:23:46 | 006,054,912 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2011.12.28 11:23:41 | 019,575,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll
[2011.12.28 11:23:38 | 014,278,656 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll
[2011.12.28 11:23:38 | 000,391,704 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2011.12.28 11:23:38 | 000,109,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2011.12.28 11:23:37 | 004,366,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2011.12.28 11:23:37 | 000,144,896 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2011.12.28 11:23:21 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2011.12.28 11:19:32 | 000,000,000 | ---D | C] -- C:\Intel
[2011.12.28 11:19:18 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Opera
[2011.12.28 11:19:18 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\Opera
[2011.12.28 11:15:36 | 000,000,000 | R--D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.12.28 11:15:36 | 000,000,000 | R--D | C] -- C:\Users\Ubaydullah Rabbani\Searches
[2011.12.28 11:15:36 | 000,000,000 | R--D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.12.28 11:15:36 | 000,000,000 | -H-D | C] -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011.12.28 11:15:27 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Identities
[2011.12.28 11:15:16 | 000,000,000 | -HSD | C] -- C:\Users\Ubaydullah Rabbani\¿¿¿¿¿¿¿
[2011.12.28 11:15:16 | 000,000,000 | -HSD | C] -- C:\Users\Ubaydullah Rabbani\Documents\¿¿¿ ¿¿¿¿¿¿
[2011.12.28 11:15:16 | 000,000,000 | -HSD | C] -- C:\Users\Ubaydullah Rabbani\Documents\¿¿¿ ¿¿¿¿¿¿¿
[2011.12.28 11:15:16 | 000,000,000 | -HSD | C] -- C:\Users\Ubaydullah Rabbani\Documents\¿¿¿ ¿¿¿¿¿¿¿¿¿¿¿
[2011.12.28 11:15:16 | 000,000,000 | -HSD | C] -- C:\Users\Ubaydullah Rabbani\¿¿¿¿¿¿¿ ¿¿¿¿
[2011.12.28 11:15:16 | 000,000,000 | -HSD | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\Temporary Internet Files
[2011.12.28 11:15:16 | 000,000,000 | -HSD | C] -- C:\Users\Ubaydullah Rabbani\SendTo
[2011.12.28 11:15:16 | 000,000,000 | -HSD | C] -- C:\Users\Ubaydullah Rabbani\Recent
[2011.12.28 11:15:16 | 000,000,000 | -HSD | C] -- C:\Users\Ubaydullah Rabbani\PrintHood
[2011.12.28 11:15:16 | 000,000,000 | -HSD | C] -- C:\Users\Ubaydullah Rabbani\NetHood
[2011.12.28 11:15:16 | 000,000,000 | -HSD | C] -- C:\Users\Ubaydullah Rabbani\Local Settings
[2011.12.28 11:15:16 | 000,000,000 | -HSD | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\History
[2011.12.28 11:15:16 | 000,000,000 | -HSD | C] -- C:\Users\Ubaydullah Rabbani\Cookies
[2011.12.28 11:15:16 | 000,000,000 | -HSD | C] -- C:\Users\Ubaydullah Rabbani\Application Data
[2011.12.28 11:15:16 | 000,000,000 | -HSD | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\Application Data
[2011.12.28 11:15:15 | 000,000,000 | --SD | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft
[2011.12.28 11:15:15 | 000,000,000 | R--D | C] -- C:\Users\Ubaydullah Rabbani\Videos-Unlocked
[2011.12.28 11:15:15 | 000,000,000 | R--D | C] -- C:\Users\Ubaydullah Rabbani\Saved Games
[2011.12.28 11:15:15 | 000,000,000 | R--D | C] -- C:\Users\Ubaydullah Rabbani\Music
[2011.12.28 11:15:15 | 000,000,000 | R--D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.12.28 11:15:15 | 000,000,000 | R--D | C] -- C:\Users\Ubaydullah Rabbani\Links
[2011.12.28 11:15:15 | 000,000,000 | R--D | C] -- C:\Users\Ubaydullah Rabbani\Favorites
[2011.12.28 11:15:15 | 000,000,000 | R--D | C] -- C:\Users\Ubaydullah Rabbani\Documents
[2011.12.28 11:15:15 | 000,000,000 | R--D | C] -- C:\Users\Ubaydullah Rabbani\Desktop
[2011.12.28 11:15:15 | 000,000,000 | R--D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.12.28 11:15:15 | 000,000,000 | -H-D | C] -- C:\Users\Ubaydullah Rabbani\AppData
[2011.12.28 11:15:15 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\Temp
[2011.12.28 11:15:15 | 000,000,000 | ---D | C] -- C:\Users\Ubaydullah Rabbani\AppData\Local\Microsoft
[2011.12.28 11:15:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\¿¿¿¿¿¿¿
[2011.12.28 11:15:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\¿¿¿¿¿¿¿ ¿¿¿¿
[2011.12.28 11:15:08 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\¿¿¿ ¿¿¿¿¿¿
[2011.12.28 11:15:08 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\¿¿¿ ¿¿¿¿¿¿¿
[2011.12.28 11:15:08 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\¿¿¿ ¿¿¿¿¿¿¿¿¿¿¿
[2011.12.28 11:15:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\¿¿¿¿¿¿¿¿¿
[2011.12.28 11:15:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\¿¿¿¿¿¿¿¿¿
[2011.12.28 11:15:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\¿¿¿¿¿¿¿ ¿¿¿¿
[2011.12.28 11:15:06 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012.01.11 00:37:55 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.11 00:37:55 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.10 23:55:43 | 000,175,946 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\1297480228_80.jpg
[2012.01.10 21:04:06 | 000,000,000 | -HS- | M] () -- C:\Windows\SysWow64\+
[2012.01.10 21:03:32 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2012.01.10 21:00:18 | 000,328,208 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.jpg
[2012.01.10 20:58:08 | 000,291,606 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\TcpView.zip
[2012.01.10 10:26:47 | 171,083,507 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\2010-07-13_Oh_my_servants_make_my_remembrance.mp4
[2012.01.10 01:50:39 | 001,541,786 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.10 01:50:39 | 000,686,828 | ---- | M] () -- C:\Windows\SysNative\perfh019.dat
[2012.01.10 01:50:39 | 000,618,692 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.10 01:50:39 | 000,133,890 | ---- | M] () -- C:\Windows\SysNative\perfc019.dat
[2012.01.10 01:50:39 | 000,107,598 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.09 23:32:10 | 007,471,348 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\10012012554.mp4
[2012.01.09 19:44:46 | 009,283,632 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Documents\NetLimiter_Pro_v3.0.0.11_x86_x64.rar
[2012.01.09 16:41:53 | 000,317,400 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\4.avi
[2012.01.09 05:21:16 | 508,096,514 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\ArcSoft_¿¿¿¿¿3(00h00m00s-00h05m38s)_all_01.wmv
[2012.01.09 04:33:49 | 249,220,813 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\ArcSoft_¿¿¿¿¿3(00h00m00s-00h05m38s)_all.wmv
[2012.01.09 01:09:04 | 000,037,888 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.08 13:28:06 | 000,017,870 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Documents\shnzm1.gif
[2012.01.08 13:18:43 | 000,008,476 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Documents\[rutracker.org].t1866142.torrent
[2012.01.08 13:15:30 | 000,001,365 | ---- | M] () -- C:\Users\Public\Desktop\Watermark Master.lnk
[2012.01.07 19:23:26 | 000,001,247 | ---- | M] () -- C:\Users\Public\Desktop\MP3 Splitter Joiner Pro.lnk
[2012.01.07 18:41:44 | 000,233,116 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Documents\1.3dr
[2012.01.07 18:20:46 | 000,001,067 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\mp3DirectCut.lnk
[2012.01.07 18:19:53 | 000,000,192 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\¿¿¿¿¿¿ ¿ ¿¿¿¿¿¿¿¿¿.url
[2012.01.07 18:14:02 | 000,002,103 | ---- | M] () -- C:\Users\Public\Desktop\3DMark Vantage.lnk
[2012.01.07 18:04:16 | 000,001,348 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\MP3 Splitter & Joiner.lnk
[2012.01.07 18:04:16 | 000,001,346 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\MP3 Splitter & Joiner.lnk
[2012.01.07 18:02:15 | 000,001,024 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Easy MP3 Cutter.lnk
[2012.01.07 18:02:15 | 000,001,000 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\Easy MP3 Cutter.lnk
[2012.01.07 17:12:33 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\3DMark 11.lnk
[2012.01.07 14:30:47 | 000,000,738 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fucking Great Adviser.lnk
[2012.01.07 12:42:31 | 000,001,127 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Tabs.lnk
[2012.01.07 12:30:35 | 000,001,035 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\K-Meleon.lnk
[2012.01.07 12:30:35 | 000,001,011 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\K-Meleon.lnk
[2012.01.07 02:36:39 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.01.06 04:03:15 | 000,001,059 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.01.06 02:29:18 | 000,001,232 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Light Image Resizer 4.lnk
[2012.01.06 02:29:17 | 000,001,208 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\Light Image Resizer 4.lnk
[2012.01.06 01:35:37 | 000,000,971 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012.01.04 19:55:05 | 000,001,168 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader 5.1.lnk
[2012.01.04 19:55:04 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader 5.1.lnk
[2012.01.04 19:17:28 | 004,665,070 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\MicroAdobeReader.exe
[2012.01.04 19:14:06 | 002,510,149 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Documents\ws80-using (1) (1) (1).pdf
[2011.12.30 20:41:31 | 000,001,089 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Moyea FLV Player.lnk
[2011.12.30 20:41:31 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\Moyea FLV Player.lnk
[2011.12.30 20:16:51 | 000,020,831 | ---- | M] () -- C:\Windows\is-L7ITS.msg
[2011.12.30 20:16:51 | 000,001,748 | ---- | M] () -- C:\Windows\is-L7ITS.lst
[2011.12.30 19:10:45 | 000,002,816 | ---- | M] () -- C:\{2726C1ED-A945-466D-87EB-6C8624BFF55B}
[2011.12.30 18:50:22 | 000,001,073 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\FoxTab FLV Player.lnk
[2011.12.30 18:15:16 | 035,875,583 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Documents\¿¿¿¿¿¿¿¿¿¿.wma
[2011.12.30 18:15:16 | 035,875,583 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Documents\¿¿¿¿¿¿¿¿¿¿ - ¿¿¿¿¿.wma
[2011.12.30 10:36:50 | 000,001,309 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Password Protect USB.lnk
[2011.12.30 10:23:39 | 104,857,600 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Documents\cxl1705
[2011.12.30 08:19:02 | 000,001,188 | ---- | M] () -- C:\Users\Public\Desktop\Duplicate File Detective 3.lnk
[2011.12.30 07:13:03 | 000,002,242 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\Duplicate File Remover.lnk
[2011.12.30 07:02:53 | 000,000,169 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\¿¿¿¿¿¿¿ ¿¿¿¿_Settings.ini
[2011.12.30 07:00:14 | 000,280,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.12.30 06:13:43 | 000,136,404 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Documents\cc_20111230_061325.reg
[2011.12.30 06:02:57 | 000,000,073 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\¿¿¿¿¿¿¿ ¿¿¿¿_Counters.ini
[2011.12.29 20:00:00 | 000,092,160 | ---- | M] () -- C:\Windows\SysNative\ff_vfw.dll
[2011.12.29 10:54:43 | 000,001,048 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\Total Audio Converter.lnk
[2011.12.29 10:47:44 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\PowerSuite.lnk
[2011.12.29 10:47:43 | 000,001,173 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\PowerSuite.lnk
[2011.12.29 10:25:20 | 000,001,007 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2011.12.29 10:25:20 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2011.12.29 05:47:02 | 000,000,382 | ---- | M] () -- C:\Windows\ODBC.INI
[2011.12.29 05:30:43 | 000,001,074 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\Reg Organizer.lnk
[2011.12.29 05:18:57 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job
[2011.12.29 04:34:02 | 000,002,022 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\DLL-Files.com FIXER.lnk
[2011.12.29 01:02:41 | 000,026,989 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\my friends accs.ocsul
[2011.12.28 23:20:17 | 000,000,022 | -HS- | M] () -- C:\Windows\System5537 Data.Repository
[2011.12.28 23:20:17 | 000,000,022 | -HS- | M] () -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Sys2662.Config.Repository.bin
[2011.12.28 23:20:09 | 000,001,893 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\PowerTools 2011.lnk
[2011.12.28 21:29:10 | 000,002,079 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\oCommunity.lnk
[2011.12.28 20:36:01 | 000,000,002 | ---- | M] () -- C:\Windows\SysNative\krx260.dat
[2011.12.28 20:35:53 | 000,001,131 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\File Renamer Turbo.lnk
[2011.12.28 20:10:45 | 000,000,064 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\System Uptime Full Plus_Settings.ini
[2011.12.28 19:07:20 | 000,001,139 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Bigasoft FLV Converter.lnk
[2011.12.28 19:05:10 | 000,001,001 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\AutoGK.lnk
[2011.12.28 19:03:25 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011.12.28 19:03:25 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.12.28 19:03:25 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.12.28 19:03:25 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.12.28 18:44:38 | 000,001,028 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Workstation.lnk
[2011.12.28 18:43:45 | 000,001,024 | ---- | M] () -- C:\.rnd
[2011.12.28 18:43:41 | 001,534,158 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.28 18:43:38 | 000,002,135 | ---- | M] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2011.12.28 18:37:10 | 000,001,101 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2011.12.28 18:37:10 | 000,001,095 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\Revo Uninstaller.lnk
[2011.12.28 18:35:07 | 000,001,197 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\Total Video Converter.lnk
[2011.12.28 18:35:07 | 000,001,179 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Bigasoft Total Video Converter.lnk
[2011.12.28 18:32:15 | 000,001,139 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Bigasoft MP4 Converter.lnk
[2011.12.28 18:31:07 | 000,001,005 | ---- | M] () -- C:\Users\Public\Desktop\Boilsoft Video Joiner.lnk
[2011.12.28 18:30:56 | 000,001,160 | ---- | M] () -- C:\Users\Public\Desktop\Boilsoft Video Splitter.lnk
[2011.12.28 18:27:45 | 000,001,242 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\CuteFTP.lnk
[2011.12.28 17:08:09 | 000,005,036 | ---- | M] () -- C:\ProgramData\cyzlxojr.ycm
[2011.12.28 17:05:21 | 000,001,138 | ---- | M] () -- C:\Users\Public\Desktop\Movavi Editor.lnk
[2011.12.28 16:46:30 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2011.12.28 16:46:30 | 000,001,409 | ---- | M] () -- C:\Windows\QTFont.for
[2011.12.28 16:46:28 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\QuickTime.qtp
[2011.12.28 16:46:27 | 000,004,104 | ---- | M] () -- C:\ProgramData\ojobkspa.ako
[2011.12.28 16:46:18 | 000,002,833 | ---- | M] () -- C:\Users\Public\Desktop\Movavi ¿¿¿¿¿¿¿¿¿.lnk
[2011.12.28 15:48:12 | 000,002,052 | ---- | M] () -- C:\Users\Public\Desktop\WebCam.lnk
[2011.12.28 15:19:26 | 000,001,216 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo 8.lnk
[2011.12.28 14:31:45 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.12.28 13:50:37 | 000,141,404 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Documents\cc_20111228_135033.reg
[2011.12.28 12:57:05 | 000,062,584 | ---- | M] (Egis Technology Inc.) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys
[2011.12.28 12:57:05 | 000,022,912 | ---- | M] (Egis Technology Inc.) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys
[2011.12.28 12:57:05 | 000,020,328 | ---- | M] (Egis Technology Inc.) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys
[2011.12.28 12:55:48 | 000,603,248 | ---- | M] (Egis Technology Inc.) -- C:\Windows\SysWow64\NBMatS1SDK.dll
[2011.12.28 12:55:04 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2011.12.28 12:54:43 | 000,749,118 | ---- | M] () -- C:\Windows\SysNative\oem33.inf
[2011.12.28 11:38:29 | 000,017,408 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\AppData\Local\WebpageIcons.db
[2011.12.28 11:37:09 | 000,152,233 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2011.12.28 11:37:08 | 000,107,177 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2011.12.28 11:36:44 | 000,001,130 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Desktop\Kaspersky Security 2012.lnk
[2011.12.28 11:36:23 | 000,015,742 | ---- | M] () -- C:\Windows\SysWow64\results.xml
[2011.12.28 11:36:16 | 000,615,728 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2011.12.28 11:16:51 | 000,001,425 | ---- | M] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011.12.28 10:10:26 | 000,167,951 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.12.28 10:10:26 | 000,167,951 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012.01.10 23:55:43 | 000,175,946 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\1297480228_80.jpg
[2012.01.10 21:00:17 | 000,328,208 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.jpg
[2012.01.10 20:58:14 | 000,291,606 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\TcpView.zip
[2012.01.10 10:08:19 | 171,083,507 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\2010-07-13_Oh_my_servants_make_my_remembrance.mp4
[2012.01.10 01:48:07 | 007,471,348 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\10012012554.mp4
[2012.01.09 19:41:01 | 009,283,632 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Documents\NetLimiter_Pro_v3.0.0.11_x86_x64.rar
[2012.01.09 16:41:52 | 000,317,400 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\4.avi
[2012.01.09 04:47:19 | 508,096,514 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\ArcSoft_¿¿¿¿¿3(00h00m00s-00h05m38s)_all_01.wmv
[2012.01.09 04:37:37 | 249,220,813 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\ArcSoft_¿¿¿¿¿3(00h00m00s-00h05m38s)_all.wmv
[2012.01.08 13:28:06 | 000,017,870 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Documents\shnzm1.gif
[2012.01.08 13:18:49 | 000,008,476 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Documents\[rutracker.org].t1866142.torrent
[2012.01.07 19:23:26 | 000,001,247 | ---- | C] () -- C:\Users\Public\Desktop\MP3 Splitter Joiner Pro.lnk
[2012.01.07 18:41:43 | 000,233,116 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Documents\1.3dr
[2012.01.07 18:20:46 | 000,001,067 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\mp3DirectCut.lnk
[2012.01.07 18:14:02 | 000,002,103 | ---- | C] () -- C:\Users\Public\Desktop\3DMark Vantage.lnk
[2012.01.07 18:04:16 | 000,001,348 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\MP3 Splitter & Joiner.lnk
[2012.01.07 18:04:16 | 000,001,346 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\MP3 Splitter & Joiner.lnk
[2012.01.07 18:03:17 | 035,875,583 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Documents\¿¿¿¿¿¿¿¿¿¿ - ¿¿¿¿¿.wma
[2012.01.07 18:02:15 | 000,001,024 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Easy MP3 Cutter.lnk
[2012.01.07 18:02:15 | 000,001,000 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\Easy MP3 Cutter.lnk
[2012.01.07 17:12:33 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\3DMark 11.lnk
[2012.01.07 14:30:47 | 000,000,738 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fucking Great Adviser.lnk
[2012.01.07 12:42:31 | 000,001,127 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Tabs.lnk
[2012.01.07 12:41:09 | 000,000,192 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\¿¿¿¿¿¿ ¿ ¿¿¿¿¿¿¿¿¿.url
[2012.01.07 12:30:35 | 000,001,035 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\K-Meleon.lnk
[2012.01.07 12:30:35 | 000,001,011 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\K-Meleon.lnk
[2012.01.07 02:36:39 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.01.06 04:03:15 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.01.06 04:03:15 | 000,001,059 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.01.06 02:29:18 | 000,001,232 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Light Image Resizer 4.lnk
[2012.01.06 02:29:17 | 000,001,208 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\Light Image Resizer 4.lnk
[2012.01.06 01:35:10 | 000,000,971 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012.01.04 19:55:04 | 000,001,168 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader 5.1.lnk
[2012.01.04 19:55:04 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader 5.1.lnk
[2012.01.04 19:25:55 | 002,097,664 | ---- | C] () -- C:\Windows\SysWow64\VSPDFViewerX.ocx
[2012.01.04 19:16:58 | 004,665,070 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\MicroAdobeReader.exe
[2012.01.04 19:14:06 | 002,510,149 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Documents\ws80-using (1) (1) (1).pdf
[2011.12.30 20:41:31 | 000,001,089 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Moyea FLV Player.lnk
[2011.12.30 20:41:31 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\Moyea FLV Player.lnk
[2011.12.30 20:16:51 | 000,020,831 | ---- | C] () -- C:\Windows\is-L7ITS.msg
[2011.12.30 20:16:51 | 000,001,748 | ---- | C] () -- C:\Windows\is-L7ITS.lst
[2011.12.30 20:02:04 | 000,037,888 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.30 20:01:05 | 000,203,264 | ---- | C] () -- C:\Windows\SysNative\unrar.dll
[2011.12.30 20:01:04 | 000,092,160 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll
[2011.12.30 19:10:44 | 000,002,816 | ---- | C] () -- C:\{2726C1ED-A945-466D-87EB-6C8624BFF55B}
[2011.12.30 18:50:22 | 000,001,073 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\FoxTab FLV Player.lnk
[2011.12.30 18:42:58 | 000,958,976 | ---- | C] () -- C:\Windows\SysNative\ac3filter64.ax
[2011.12.30 18:42:58 | 000,930,832 | ---- | C] () -- C:\Windows\SysNative\xvidcore.dll
[2011.12.30 18:42:58 | 000,797,184 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.ax
[2011.12.30 18:42:58 | 000,580,096 | ---- | C] () -- C:\Windows\SysNative\ac3filter64.acm
[2011.12.30 18:42:58 | 000,497,664 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.acm
[2011.12.30 18:42:58 | 000,245,794 | ---- | C] () -- C:\Windows\SysNative\xvidvfw.dll
[2011.12.30 18:42:58 | 000,162,304 | ---- | C] () -- C:\Windows\SysNative\xvid.ax
[2011.12.30 18:42:57 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2011.12.30 18:42:57 | 000,004,816 | ---- | C] () -- C:\Windows\SysWow64\divxsm.tlb
[2011.12.30 18:15:16 | 035,875,583 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Documents\¿¿¿¿¿¿¿¿¿¿.wma
[2011.12.30 10:36:52 | 000,000,000 | -HS- | C] () -- C:\Windows\SysWow64\+
[2011.12.30 10:36:50 | 000,001,309 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Password Protect USB.lnk
[2011.12.30 10:21:58 | 104,857,600 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Documents\cxl1705
[2011.12.30 08:19:02 | 000,001,188 | ---- | C] () -- C:\Users\Public\Desktop\Duplicate File Detective 3.lnk
[2011.12.30 07:13:03 | 000,002,242 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\Duplicate File Remover.lnk
[2011.12.30 07:11:24 | 000,001,095 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\Revo Uninstaller.lnk
[2011.12.30 06:13:29 | 000,136,404 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Documents\cc_20111230_061325.reg
[2011.12.29 10:54:43 | 000,001,048 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\Total Audio Converter.lnk
[2011.12.29 10:47:43 | 000,001,173 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\PowerSuite.lnk
[2011.12.29 10:47:43 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\PowerSuite.lnk
[2011.12.29 10:27:52 | 000,000,414 | ---- | C] () -- C:\Windows\SysWow64\lame_acm.xml
[2011.12.29 10:25:20 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2011.12.29 10:25:19 | 000,001,007 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2011.12.29 05:47:02 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.12.29 05:30:43 | 000,001,074 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\Reg Organizer.lnk
[2011.12.29 04:49:58 | 000,001,130 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\Kaspersky Security 2012.lnk
[2011.12.29 04:34:03 | 000,000,318 | ---- | C] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job
[2011.12.29 04:33:40 | 000,002,022 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\DLL-Files.com FIXER.lnk
[2011.12.29 02:21:41 | 000,000,073 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\¿¿¿¿¿¿¿ ¿¿¿¿_Counters.ini
[2011.12.29 02:21:14 | 000,000,169 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\¿¿¿¿¿¿¿ ¿¿¿¿_Settings.ini
[2011.12.29 01:02:41 | 000,026,989 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\my friends accs.ocsul
[2011.12.28 23:20:17 | 000,000,022 | -HS- | C] () -- C:\Windows\System5537 Data.Repository
[2011.12.28 23:20:17 | 000,000,022 | -HS- | C] () -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Sys2662.Config.Repository.bin
[2011.12.28 23:20:09 | 000,001,893 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\PowerTools 2011.lnk
[2011.12.28 21:29:37 | 000,002,079 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\oCommunity.lnk
[2011.12.28 20:36:01 | 000,000,002 | ---- | C] () -- C:\Windows\SysNative\krx260.dat
[2011.12.28 20:35:53 | 000,001,131 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\File Renamer Turbo.lnk
[2011.12.28 20:10:22 | 000,000,064 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\System Uptime Full Plus_Settings.ini
[2011.12.28 19:23:43 | 000,001,197 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\Total Video Converter.lnk
[2011.12.28 19:21:54 | 000,001,001 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\AutoGK.lnk
[2011.12.28 19:07:20 | 000,001,139 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Bigasoft FLV Converter.lnk
[2011.12.28 19:04:11 | 000,003,061 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3 Skype Recorder.lnk
[2011.12.28 18:44:38 | 000,001,028 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Workstation.lnk
[2011.12.28 18:43:45 | 000,001,024 | ---- | C] () -- C:\.rnd
[2011.12.28 18:43:41 | 001,534,158 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.28 18:43:37 | 000,002,135 | ---- | C] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2011.12.28 18:37:10 | 000,001,101 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2011.12.28 18:35:07 | 000,001,179 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Bigasoft Total Video Converter.lnk
[2011.12.28 18:32:15 | 000,001,139 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Bigasoft MP4 Converter.lnk
[2011.12.28 18:31:07 | 000,001,005 | ---- | C] () -- C:\Users\Public\Desktop\Boilsoft Video Joiner.lnk
[2011.12.28 18:30:56 | 000,001,160 | ---- | C] () -- C:\Users\Public\Desktop\Boilsoft Video Splitter.lnk
[2011.12.28 18:27:45 | 000,001,242 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Desktop\CuteFTP.lnk
[2011.12.28 17:08:09 | 000,005,036 | ---- | C] () -- C:\ProgramData\cyzlxojr.ycm
[2011.12.28 17:05:21 | 000,001,138 | ---- | C] () -- C:\Users\Public\Desktop\Movavi Editor.lnk
[2011.12.28 16:46:30 | 000,054,156 | -H-- | C] () -- C:\Windows\QTFont.qfn
[2011.12.28 16:46:30 | 000,001,409 | ---- | C] () -- C:\Windows\QTFont.for
[2011.12.28 16:46:28 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\QuickTime.qtp
[2011.12.28 16:46:27 | 000,004,104 | ---- | C] () -- C:\ProgramData\ojobkspa.ako
[2011.12.28 16:46:18 | 000,002,833 | ---- | C] () -- C:\Users\Public\Desktop\Movavi ¿¿¿¿¿¿¿¿¿.lnk
[2011.12.28 16:15:30 | 000,001,365 | ---- | C] () -- C:\Users\Public\Desktop\Watermark Master.lnk
[2011.12.28 15:48:12 | 000,002,052 | ---- | C] () -- C:\Users\Public\Desktop\WebCam.lnk
[2011.12.28 15:19:26 | 000,001,216 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo 8.lnk
[2011.12.28 14:31:45 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.12.28 13:50:35 | 000,141,404 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Documents\cc_20111228_135033.reg
[2011.12.28 12:55:47 | 001,068,032 | ---- | C] () -- C:\Windows\SysNative\vmprp331x64.ax
[2011.12.28 12:55:47 | 000,659,456 | ---- | C] () -- C:\Windows\SysWow64\vmprp331.ax
[2011.12.28 12:55:47 | 000,001,652 | ---- | C] () -- C:\Windows\vm331Rmv.ini
[2011.12.28 12:55:47 | 000,001,652 | ---- | C] () -- C:\Windows\SysWow64\vm331Rmv.ini
[2011.12.28 12:55:47 | 000,000,356 | ---- | C] () -- C:\Windows\System\vm331avs.rsf
[2011.12.28 12:55:04 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2011.12.28 12:54:47 | 000,749,118 | ---- | C] () -- C:\Windows\SysNative\oem33.inf
[2011.12.28 11:59:04 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.12.28 11:38:28 | 000,017,408 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\AppData\Local\WebpageIcons.db
[2011.12.28 11:37:09 | 000,152,233 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2011.12.28 11:37:08 | 000,107,177 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2011.12.28 11:36:23 | 000,015,742 | ---- | C] () -- C:\Windows\SysWow64\results.xml
[2011.12.28 11:32:59 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2011.12.28 11:25:12 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.12.28 11:25:12 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2011.12.28 11:24:02 | 000,060,254 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2011.12.28 11:24:02 | 000,060,226 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2011.12.28 11:24:02 | 000,060,015 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2011.12.28 11:24:02 | 000,013,516 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2011.12.28 11:24:02 | 000,001,090 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp
[2011.12.28 11:24:01 | 001,991,936 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2011.12.28 11:24:01 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.12.28 11:24:01 | 000,960,940 | ---- | C] () -- C:\Windows\SysNative\igkrng600.bin
[2011.12.28 11:23:55 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.12.28 11:23:55 | 000,207,376 | ---- | C] () -- C:\Windows\SysNative\igfcg600m.bin
[2011.12.28 11:23:46 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.12.28 11:23:46 | 000,145,804 | ---- | C] () -- C:\Windows\SysNative\igcompkrng600.bin
[2011.12.28 11:23:38 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2011.12.28 11:23:38 | 000,000,151 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2011.12.28 11:23:37 | 000,208,335 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2011.12.28 11:23:37 | 000,133,868 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2011.12.28 11:23:37 | 000,132,422 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2011.12.28 11:23:37 | 000,127,599 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2011.12.28 11:23:37 | 000,116,413 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2011.12.28 11:23:37 | 000,115,195 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2011.12.28 11:23:36 | 000,195,681 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2011.12.28 11:23:36 | 000,180,246 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2011.12.28 11:23:36 | 000,179,736 | ---- | C] () -- C:\Windows\SysNative\difx64.exe
[2011.12.28 11:23:36 | 000,154,366 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2011.12.28 11:23:36 | 000,151,350 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2011.12.28 11:23:36 | 000,147,392 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2011.12.28 11:23:36 | 000,138,635 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2011.12.28 11:23:36 | 000,137,000 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2011.12.28 11:23:36 | 000,136,226 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2011.12.28 11:23:36 | 000,136,172 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2011.12.28 11:23:36 | 000,135,119 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2011.12.28 11:23:36 | 000,134,081 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2011.12.28 11:23:36 | 000,133,321 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2011.12.28 11:23:36 | 000,132,876 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2011.12.28 11:23:36 | 000,132,861 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2011.12.28 11:23:36 | 000,132,299 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2011.12.28 11:23:36 | 000,131,897 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2011.12.28 11:23:36 | 000,131,711 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2011.12.28 11:23:36 | 000,131,456 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2011.12.28 11:23:36 | 000,131,290 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2011.12.28 11:23:36 | 000,130,414 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2011.12.28 11:23:36 | 000,127,367 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2011.12.28 11:23:36 | 000,127,109 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2011.12.28 11:23:36 | 000,122,646 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2011.12.28 11:16:51 | 000,001,425 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011.12.28 11:15:41 | 000,001,397 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.12.28 11:15:38 | 000,001,431 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.12.28 11:15:15 | 000,000,290 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011.12.28 11:15:15 | 000,000,272 | ---- | C] () -- C:\Users\Ubaydullah Rabbani\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011.10.03 16:25:52 | 000,237,872 | ---- | C] () -- C:\Windows\SysWow64\VBoxD3D9wddm-x86.dll
[2011.10.03 16:25:22 | 000,876,848 | ---- | C] () -- C:\Windows\SysWow64\wined3dwddm-x86.dll
[2009.07.14 07:38:36 | 000,067,584 | ---- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2003.04.10 13:43:32 | 000,005,412 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
[2002.10.16 00:54:04 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:07BF512B

< End of report >

ASKER

OTL Extras logfile created on: 11.01.2012 0:59:25 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Ubaydullah Rabbani\Downloads\Programs
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000419 | Country: ¿¿¿¿¿¿ | Language: RUS | Date Format: dd.MM.yyyy

7,92 Gb Total Physical Memory | 4,61 Gb Available Physical Memory | 58,25% Memory free
13,91 Gb Paging File | 10,50 Gb Available in Paging File | 75,46% Paging File free
Paging file location(s): C:\pagefile.sys 6142 6142 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 171,61 Gb Total Space | 130,20 Gb Free Space | 75,87% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 115,99 Gb Free Space | 39,59% Space Free | Partition Type: NTFS
Drive H: | 162,40 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: BERABBANI | User Name: Ubaydullah Rabbani | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = K-Meleon.HTML] -- C:\Program Files (x86)\K-Meleon\K-Meleon.exe (http://kmeleon.sf.net/)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = K-Meleon.HTML] -- C:\Program Files (x86)\K-Meleon\K-Meleon.exe (http://kmeleon.sf.net/)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\K-Meleon\K-Meleon.exe" "%1" (http://kmeleon.sf.net/)
https [open] -- "C:\Program Files (x86)\K-Meleon\K-Meleon.exe" "%1" (http://kmeleon.sf.net/)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [LightImageResizer] -- "C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe" "%1" (ObviousIdea SARL)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Directory [Search with Duplicate File Detective] -- "C:\Program Files (x86)\Key Metric Software\Duplicate File Detective 3\DFD.exe" "%L" (Key Metric Software, LLC.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\K-Meleon\K-Meleon.exe" "%1" (http://kmeleon.sf.net/)
https [open] -- "C:\Program Files (x86)\K-Meleon\K-Meleon.exe" "%1" (http://kmeleon.sf.net/)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [LightImageResizer] -- "C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe" "%1" (ObviousIdea SARL)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Directory [Search with Duplicate File Detective] -- "C:\Program Files (x86)\Key Metric Software\Duplicate File Detective 3\DFD.exe" "%L" (Key Metric Software, LLC.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Opera\Opera.exe" = C:\Program Files (x86)\Opera\Opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files (x86)\Opera\Opera.exe" = C:\Program Files (x86)\Opera\Opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema v1.5.2.3456 x64
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = OneKey Recovery
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.7
"{8DF73A13-F54C-4CB3-B4AD-4375A2E8F4F8}" = VmciSockets
"{913923AB-3AAB-4870-8910-627C4CD82789}" = NetLimiter 3
"{A000F75A-A246-44A7-8079-9E9E7F9054B2}" = BioExcess
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX & Plugin 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Codec_is1" = Codec 8.4b
"KLiteCodecPack64_is1" = K-Lite Codec Pack 5.6.0 (64-bit)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Unlocker" = Unlocker 1.9.1-x64
"WinRAR archiver" = WinRAR 4.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{0D94F75A-0EA6-4951-B3AF-B145FA9E05C6}" = VMware Workstation
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24549038-9956-4EE5-976D-4419AAEA7DD5}_is1" = Boilsoft Video Splitter 6.33
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{28ABE740-47F3-441B-9437-852F6A64EFF8}" = Lenovo_Wireless_Driver
"{3235F742-C4C5-4E7C-9FD7-AC8221470E83}" = 3DMark Vantage
"{3754f888-4d62-49df-bca9-acd90a955a9c}_is1" = Bigasoft MP4 Converter 1.7.2.3597
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{46cad8c0-2367-494d-8b8d-abad2247bcc1}_is1" = Bigasoft FLV Converter 2.4.4.3911
"{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A3DE597-B7BD-484D-91A3-963C5D5CE180}" = Movavi ¿¿¿¿¿ ¿¿¿¿¿¿¿¿¿ 10
"{5AFA81C6-6DE9-49b0-B2C1-D53763632D59}_is1" = Duplicate File Remover
"{6136C65B-318C-4093-AF2D-DCE7ECCCDB72}" = Internet Explorer için Yandex.Bar 6.0
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{793A260C-CDBF-499C-ABBA-B51E8E076867}_is1" = Uniblue PowerSuite
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{90110419-6000-11D3-8CFE-0150048383C9}" = Microsoft Office - ¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿ ¿¿¿¿¿¿ ¿¿¿¿¿¿ 2003
"{a72ce741-1f32-4d79-bffb-a714375c678d}_is1" = Bigasoft Total Video Converter 1.7.2.3597
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AC5253C5-E282-4017-9740-DDA6ECF5C203}" = ArcSoft WebCam Companion 4
"{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}" = Lenovo EasyCamera
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{AE4167B0-F589-4D2A-BF05-E181D543C49F}" = ES603 WDM Driver
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner
"{CB606F47-7D0E-40DF-95BB-0E5413A1295F}" = MP3 Skype Recorder
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{E43A0FE4-DAA4-45BB-B9FD-3AB9A7E565BB}_is1" = Fucking Great Adviser, ¿¿¿¿¿¿ 2.0
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{E6CB67CC-71D2-46b9-8D43-A4641A9EECB2}" = BioExcess
"{E74BE63D-D9FB-4ABB-BCD9-6077F8AE5933}" = Duplicate File Detective 3
"{EBE030DD-D404-4D92-85E9-8C3624820808}_is1" = Light Image Resizer 4.1.1.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F88C04C9-9CDC-4830-A533-CC5E3D69F2A1}_is1" = MP3 Splitter Joiner Pro v4.1 build 2568
"{FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1" = Boilsoft Video Joiner 6.29
"{FE4270D7-A642-49C1-9A40-854DA3F13FB2}_is1" = Moyea FLV Player version: 2.0.2.96
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"7742-7563-6331-5288" = Online Community Suite 3.2
"Ashampoo WinOptimizer 8_is1" = Ashampoo WinOptimizer 8 v.8.13
"Ashampoo_RU Toolbar" = Ashampoo RU Toolbar
"AutoGK" = Auto Gordian Knot 2.55
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner 3.11.1550
"Dll-Files.com Fixer_is1" = Dll-Files.com Fixer
"Duplicate File Detective 3" = Duplicate File Detective 3
"Easy MP3 Cutter_is1" = Easy MP3 Cutter 3.0
"Foxit Reader_is1" = Foxit Reader 5.1
"Guard.Mail.ru" = Guard.Mail.ru
"InstallShield_{AE4167B0-F589-4D2A-BF05-E181D543C49F}" = EgisTec ES603 WDM Driver
"InstallShield_{E6CB67CC-71D2-46b9-8D43-A4641A9EECB2}" = BioExcess
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"Internet Download Manager" = Internet Download Manager
"jv16 PowerTools 2011" = jv16 PowerTools 2011
"K-Meleon" = K-Meleon 1.5.4 en-US (remove only)
"Movavi Video Editor 7 SE" = Movavi Video Editor 7 SE
"Mozilla Firefox 9.0.1 (x86 ru)" = Mozilla Firefox 9.0.1 (x86 ru)
"MP3 Splitter & Joiner_is1" = MP3 Splitter & Joiner 3.41
"Opera" = Opera 11.52
"Password Protect USB 3.6.1_is1" = Password Protect USB 3.6.1
"Plugin for Opera_is1" = Plugins for Opera
"Reg Organizer RePack for tfile.ru_is1" = Reg Organizer 5.15 RePack by vovansi
"sscrLE_is1" = Cryptainer LE
"StartNow Toolbar" = StartNow Toolbar
"Total Audio Converter_is1" = TotalAudioConverter
"UltraISO_is1" = UltraISO Premium V9.5
"uTorrent" = µTorrent
"VMware_Workstation" = VMware Workstation
"VobSub" = VobSub v2.23 (Remove Only)
"Winamp" = Winamp
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"File Renamer Turbo" = File Renamer Turbo
"FoxTab FLV Player" = FoxTab FLV Player
"WatermarkMaster" = Watermark Master (remove only)

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 10.01.2012 19:06:01 | Computer Name = BeRabbani | Source = vmauthd | ID = 1000
Description =

Error - 10.01.2012 19:06:01 | Computer Name = BeRabbani | Source = vmauthd | ID = 1000
Description =

Error - 10.01.2012 19:06:01 | Computer Name = BeRabbani | Source = vmauthd | ID = 1000
Description =

Error - 10.01.2012 19:06:01 | Computer Name = BeRabbani | Source = vmauthd | ID = 1000
Description =

Error - 10.01.2012 19:06:06 | Computer Name = BeRabbani | Source = vmauthd | ID = 1000
Description =

Error - 10.01.2012 19:06:06 | Computer Name = BeRabbani | Source = vmauthd | ID = 1000
Description =

Error - 10.01.2012 19:06:06 | Computer Name = BeRabbani | Source = vmauthd | ID = 1000
Description =

Error - 10.01.2012 19:06:06 | Computer Name = BeRabbani | Source = vmauthd | ID = 1000
Description =

Error - 10.01.2012 19:06:06 | Computer Name = BeRabbani | Source = vmauthd | ID = 1000
Description =

Error - 10.01.2012 19:06:06 | Computer Name = BeRabbani | Source = vmauthd | ID = 1000
Description =

[ NetLimiter 3 Events ]
Error - 09.01.2012 13:56:32 | Computer Name = BeRabbani | Source = NetLimiter 3 Service | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>2010</err-code> <module>NetLimiter.Main.82</module>
<desc>Failed
to initialize NetLimiter service.</desc> </nl-error> <nl-error> <err-code>0</err-code>
<hresult
code='80070002'>¿¿ ¿¿¿¿¿¿¿ ¿¿¿¿¿ ¿¿¿¿¿¿¿¿¿ ¿¿¿¿.</hresult> <module>NetLimiter.Main.128</module>
<param
name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error>

</nl-error-list>

Error - 09.01.2012 13:56:32 | Computer Name = BeRabbani | Source = NetLimiter 3 Service | ID = 1000
Description = The service failed to start

Error - 09.01.2012 13:56:55 | Computer Name = BeRabbani | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>1</err-code> <hresult code='80080005'>¿¿¿¿¿¿
¿¿¿ ¿¿¿¿¿¿¿¿¿¿ ¿¿¿¿¿¿¿¿¿¿-¿¿¿¿¿¿¿</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>

Error - 09.01.2012 13:56:55 | Computer Name = BeRabbani | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>5000</err-code> <module>NetLimiter.NLBaseClient.1147</module>
<desc>Failed
to connect to NetLimiter service.</desc> <param name='host-name' value=''/> </nl-error>

<nl-error>
<err-code>1</err-code>
<hresult
code='80080005'>¿¿¿¿¿¿ ¿¿¿ ¿¿¿¿¿¿¿¿¿¿ ¿¿¿¿¿¿¿¿¿¿-¿¿¿¿¿¿¿</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>

</nl-error-list>

Error - 09.01.2012 13:57:16 | Computer Name = BeRabbani | Source = NetLimiter 3 Service | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>0</err-code> <hresult code='80070002'>¿¿
¿¿¿¿¿¿¿ ¿¿¿¿¿ ¿¿¿¿¿¿¿¿¿ ¿¿¿¿.</hresult> <module>NetLimiter.Main.128</module> <param
name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error>
</nl-error-list>

Error - 09.01.2012 13:57:16 | Computer Name = BeRabbani | Source = NetLimiter 3 Service | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>2050</err-code> <module>NetLimiter.Main.650</module>
<desc>Failed
to call driver.</desc> <param name='last-error' value='0'/> <param name='fun-name'
value='DeviceIoControl'/> <param name='ioctl' value='2286249'/> </nl-error> </nl-error-list>

Error - 09.01.2012 13:57:16 | Computer Name = BeRabbani | Source = NetLimiter 3 Service | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>2010</err-code> <module>NetLimiter.Main.82</module>
<desc>Failed
to initialize NetLimiter service.</desc> </nl-error> <nl-error> <err-code>0</err-code>
<hresult
code='80070002'>¿¿ ¿¿¿¿¿¿¿ ¿¿¿¿¿ ¿¿¿¿¿¿¿¿¿ ¿¿¿¿.</hresult> <module>NetLimiter.Main.128</module>
<param
name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error>

</nl-error-list>

Error - 09.01.2012 13:57:16 | Computer Name = BeRabbani | Source = NetLimiter 3 Service | ID = 1000
Description = The service failed to start

Error - 09.01.2012 13:57:46 | Computer Name = BeRabbani | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>1</err-code> <hresult code='80080005'>¿¿¿¿¿¿
¿¿¿ ¿¿¿¿¿¿¿¿¿¿ ¿¿¿¿¿¿¿¿¿¿-¿¿¿¿¿¿¿</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>

Error - 09.01.2012 13:57:46 | Computer Name = BeRabbani | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>5000</err-code> <module>NetLimiter.NLBaseClient.1147</module>
<desc>Failed
to connect to NetLimiter service.</desc> <param name='host-name' value=''/> </nl-error>

<nl-error>
<err-code>1</err-code>
<hresult
code='80080005'>¿¿¿¿¿¿ ¿¿¿ ¿¿¿¿¿¿¿¿¿¿ ¿¿¿¿¿¿¿¿¿¿-¿¿¿¿¿¿¿</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>

</nl-error-list>

[ System Events ]
Error - 09.01.2012 9:11:16 | Computer Name = BeRabbani | Source = Service Control Manager | ID = 7000
Description = ¿¿¿¿ ¿¿¿ ¿¿¿¿¿¿¿ ¿¿¿¿¿¿ "VMware Authorization Service" ¿¿-¿¿ ¿¿¿¿¿¿
%%1053

Error - 09.01.2012 9:11:16 | Computer Name = BeRabbani | Source = Service Control Manager | ID = 7000
Description = ¿¿¿¿ ¿¿¿ ¿¿¿¿¿¿¿ ¿¿¿¿¿¿ "VMware DHCP Service" ¿¿-¿¿ ¿¿¿¿¿¿ %%3

Error - 09.01.2012 9:12:42 | Computer Name = BeRabbani | Source = Service Control Manager | ID = 7022
Description = ¿¿¿¿¿¿ "TicnoSearch" ¿¿¿¿¿¿¿ ¿¿¿ ¿¿¿¿¿¿¿.

Error - 09.01.2012 13:56:32 | Computer Name = BeRabbani | Source = Service Control Manager | ID = 7023
Description = ¿¿¿¿¿¿ "NetLimiter 3 Service" ¿¿¿¿¿¿¿¿¿ ¿¿-¿¿ ¿¿¿¿¿¿ %%-2147467259

Error - 09.01.2012 13:56:55 | Computer Name = BeRabbani | Source = DCOM | ID = 10010
Description =

Error - 09.01.2012 13:57:16 | Computer Name = BeRabbani | Source = Service Control Manager | ID = 7023
Description = ¿¿¿¿¿¿ "NetLimiter 3 Service" ¿¿¿¿¿¿¿¿¿ ¿¿-¿¿ ¿¿¿¿¿¿ %%-2147467259

Error - 10.01.2012 15:03:33 | Computer Name = BeRabbani | Source = EventLog | ID = 6008
Description = ¿¿¿¿¿¿¿¿¿¿ ¿¿¿¿¿¿¿¿¿¿ ¿¿¿¿¿¿ ¿¿¿¿¿¿¿ ¿ 21:02:20 ¿¿ ?10.?01.?2012 ¿¿¿¿
¿¿¿¿¿¿¿¿¿¿¿.

Error - 10.01.2012 15:03:45 | Computer Name = BeRabbani | Source = Service Control Manager | ID = 7000
Description = ¿¿¿¿ ¿¿¿ ¿¿¿¿¿¿¿ ¿¿¿¿¿¿ "VMware NAT Service" ¿¿-¿¿ ¿¿¿¿¿¿ %%3

Error - 10.01.2012 15:03:55 | Computer Name = BeRabbani | Source = Service Control Manager | ID = 7000
Description = ¿¿¿¿ ¿¿¿ ¿¿¿¿¿¿¿ ¿¿¿¿¿¿ "VMware DHCP Service" ¿¿-¿¿ ¿¿¿¿¿¿ %%3

Error - 10.01.2012 15:05:22 | Computer Name = BeRabbani | Source = Service Control Manager | ID = 7022
Description = ¿¿¿¿¿¿ "TicnoSearch" ¿¿¿¿¿¿¿ ¿¿¿ ¿¿¿¿¿¿¿.

< End of report >

Could be memory. did you check to see how much is in use? Was it always like this? Try loading in safe mode and see of the same thing happens.

@gymbo: The memory is 57% of 4gb, I don't think it's bottlenecking there.

This looks out of place: C:\ProgramData\cyzlxojr.ycm (perhaps worth a look)

Also, there seems to be a lot of toolbars and browser helper objects.

Russell_Venable

Malchik3.
Thanks for posting the logs. It appears you have a few ADS streams running on your computer.

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:07BF512B and C:\ProgramData\cyzlxojr.ycm are not good signs at all.

Download Roguekiller and TDSSKiller. Run RogueKiller first, then TDSSKiller. Post results of both, if you can please attach the log and not copy&paste. You have been rootkit'd. From the looks of the software installed and past history, I would say it come from a uTorrent or one of the uTorrent download sites.

ASKER

log file from rogue killer programm attached.
RKreport-2-.txt

ASKER

the other one showed that no danger.

ASKER

seems like the problem has gone so far because i deleted 3d mark 11 and 3d mark vintage from system and restarted.

so i dont have those lags and stuff now seems like.

but still my text is going with pauses when im typing - the CPU kind of making stops every 10-20 seconds that makes all process stop and the mouse cursor is in waiting mode.

ASKER

THIS ADVICE ABOUT DIRECTX pushed me to delete 3dmark program and it worked! thanks man

Russell_Venable

How old is graphics card?