Jump to content

comofix’s won’t run normally "Access is denied"

Gt-truth

By Gt-truth
in Resolved Malware Removal Logs

 Share

Recommended Posts

  • Replies 59
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Posted Images

Gt-truth

Gt-truth

Posted
  • Author
Posted

Hi :)

Any particular reason why you have tried to run ComboFix?

What is your OS?

hi there :)

 

Yes, because of that my system gets unexpectedly shut down ! I know that there is no anti-virus can detect 100% so combofix help to find more malware that antivirus didn't

 

and my OS is windows 7 ultimate 32 bit

Link to post
Share on other sites
Naathim

Naathim

Posted
Posted

Hi :)

Running ComboFix because you suspect that you may have something malicious is not the best idea. It is not made to be used without expert supervision, because it makes strong alterations to your system each time it is fired. It's like a scalpel - trained surgeon will know what to target and how to behave in certain situations during the surgery, but imagine someone another holding it over the sick man?

I went to the thread you have linked previously, but there is so much useless info, to be honest, that I'd like you to describe your issues once more. Remember to always go to reliable sites for help when it comes to malware, not to try self-fixes, cause they may do more harm.

What Windows version do you run?

When exactly the aforementioned messages appear?

What tools you have already deployed?

What symptoms are you facing?

Please answer my questions and we will go from there.

Cheers,

Naat :)

Link to post
Share on other sites
Gt-truth

Gt-truth

Posted
  • Author
Posted

hi there :)

 

Thanks for the advice, I really appreciate this.

My system is windows 7 ultimate 32 bit

 

and i got this error of combofix & combofix It takes a lot of time to done the scanning more then 30 min almost? and run combofix today and won’t finish the scan it hung at the end of scan with Access is denied and that take more 50 min for today ?

/wow section - STAGE 6Access is denied..	/wow section - STAGE 38Access is denied.

and sure i have all malware cleanup tools on my system but i don’t use any of them Except combofix & RogueKiller & adwcleaner & junkware removal tool

 

Symptoms that I face is that my system is unstable and always get unexpected shut down Windows and very slow when starting my system! :unsure:

Link to post
Share on other sites
Naathim

Naathim

Posted
Posted

Fine. From now on please don't apply any tolls or scripts other than adviced by me. Let me include to you my introduction, policies and couple of first scans. I should be here later to check how it went :)


My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)

Before we start please note the following:

  • Analysis and research take some time, also sometimes real life gets in the way, please be patient.
  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Paste the logs in your posts, attachments make my work harder and more complicated.
  • Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.

I can't foresee everything, so if anything unexpected happens, please stop and inform me!
There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight! :)


warning.gif Rules and policies

We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.





51a612a8b27e2-Zoek.png Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;process;services-list;systemspecs;startupall;skipfix-iedefaults;firefoxlook;chromelook;filesrcm;installedprogs;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Please include its content in your next reply.
Don't forget to re-enable your switched-off protection software!


gmericon.png Scan with Gmer

This type of scan often produces false positives. At any point do not take any action for any suspicious entries you may see there. Instead post the log to be analyzed.

Please download GMER by Gmer and save the file to your desktop.
It will come as a randomly named file (like a6ge38b4.exe) - that's absolutely normal.

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
If you are a user of CD emulation software (like Daemon Tools or Alcohol) also disable it for the cleaning process - instructions here.

  • Right-click on randomly named gmericon.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • It is very important that you do not use your computer while Gmer is running!
  • Gmer will open to the Rootkit/Malware tab and perform an automatic quick scan.
  • If you receive a warning about rootkit activity and are asked to fully scan your system click NO!

When the pre-scan is completed, please do the following:

  • Please check in the Quick scan box.
  • Please uncheck the IAT/EAT and Show All.
  • Click Scan.
  • If you see a rootkit warning window click OK.
  • When the scan is finished, Save the results to your desktop as gmer.log.

Please include the content of this file in your next reply.
Don't forget to re-enable previously switched-off protection software!

icon_idea.gif If you encounter any problems, try running GMER in Safe Mode.
icon_idea.gif If GMER crashes or keeps resulting in a Blue Screen of Death, uncheck Devices on the right side before scanning.

Link to post
Share on other sites
Naathim

Naathim

Posted
Posted

Hi :)

There is next round of scans to be done. I've got some suspicions, but we need to dig a little deeper.

Also please post the logfiles in your posts as a plain text. Attachments make my work harder.

JRTbythisisu.png Fix with Junkware Removal Tool

Please download JRT by Thisisu and save the file to your desktop.

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on JRTbythisisu.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.
Please include the contents of that file in your reply.

Do not forget to re-enable your previously switched off protection software!

Please also manually reboot your machine after this procedure.

adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[s*].txt) will open.
Please include the contents of that file in your reply.

FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    > XP users click run after receipt of Windows Security Warning - Open File.

    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.

  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content in your next reply.
Link to post
Share on other sites
Gt-truth

Gt-truth

Posted
  • Author
Posted

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-10-2014 01
Ran by b (administrator) on B-PC on 11-10-2014 14:02:06
Running from C:\Users\b\Desktop\Tweaking.com - Windows Repair
Loaded Profile: b (Available profiles: b)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: الإنجليزية (الولايات المتحدة)‏
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ArcSoft, Inc.) C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
(www.mediachance.com) C:\Program Files\UltraSnapPRO\UsnapPRO.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-514264213-2229734732-364638501-1000\...\Run: [spyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [2483512 2014-08-07] (NETGATE Technologies s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraSnap PRO.lnk
ShortcutTarget: UltraSnap PRO.lnk -> C:\Program Files\UltraSnapPRO\UsnapPRO.exe (www.mediachance.com)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ar-sa
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - {34A42B4D-D4A1-401B-B980-822F4AB2E513} URL = https://search.yahoo.com/search?ei=utf-8&fr=chr-greentree_ie&type=242154&ilc=12&p={searchTerms}
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\b\AppData\Roaming\Mozilla\Firefox\Profiles\nk9e5b5w.default-1412780404279
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin: @real.com/nppl3260;version=17.0.13.2 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.13 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=17.0.13.2 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF SearchPlugin: C:\Users\b\AppData\Roaming\Mozilla\Firefox\Profiles\uqjpyv9s.q\searchplugins\yahoo_ff.xml
FF Extension: Bitdefender QuickScan - C:\Users\b\AppData\Roaming\Mozilla\Firefox\Profiles\nk9e5b5w.default-1412780404279\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-10-10]
FF Extension: Adblock Plus - C:\Users\b\AppData\Roaming\Mozilla\Firefox\Profiles\nk9e5b5w.default-1412780404279\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-08]
FF Extension: Tab Mix Plus - C:\Users\b\AppData\Roaming\Mozilla\Firefox\Profiles\nk9e5b5w.default-1412780404279\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-10-08]
FF HKLM\...\Firefox\Extensions: [{9D2AA73B-6049-4799-B8AC-925723370070}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-09-01]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdwteff

Chrome:
=======
CHR HomePage: Default -> B36366D6CF832E24BCEDF870A9FB4918DAABCFE0CD354F11BE2A381A05AF71E4
CHR Profile: C:\Users\b\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-01]
CHR Extension: (Google Docs) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-01]
CHR Extension: (Google Drive) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-01]
CHR Extension: (YouTube) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-01]
CHR Extension: (Google Search) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-01]
CHR Extension: (Google Sheets) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-01]
CHR Extension: (Google Wallet) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-01]
CHR Extension: (Gmail) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-01]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ADExchange; C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [44736 2013-10-24] (ArcSoft, Inc.)
S4 MobogenieService; C:\Program Files\Mobogenie3\MobogenieService.exe [113344 2014-09-23] (Mobogenie.com)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [786256 2014-07-15] (Nero AG)
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-09-22] (IBM Corp.)
S4 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-07-30] ()
S4 RealPlayer Cloud Service; C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-09-01] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-07-30] () [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [253776 2014-04-01] (CyberLink)
R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [2438896 2013-03-11] (NETGATE Technologies s.r.o.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 A2DDA; D:\GALLERY 1\RUN\a2ddax86.sys [22056 2014-01-01] (Emsisoft GmbH)
S3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [47456 2014-03-11] (Baidu, Inc.)
S3 cleanhlp; D:\GALLERY 1\RUN\cleanhlp32.sys [50200 2014-01-01] (Emsisoft GmbH)
R1 RapportCerberus_80055; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_80055.sys [430264 2014-10-10] ()
R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [251288 2014-09-22] (IBM Corp.)
R0 RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [208888 2014-09-22] (IBM Corp.)
R1 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [332696 2014-09-22] (IBM Corp.)
R1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [14168 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [20056 2011-04-21] (NETGATE Technologies s.r.o.)
R3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [16216 2011-04-21] (NETGATE Technologies s.r.o.)
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 tapSF0901; system32\DRIVERS\tapSF0901.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-11 13:16 - 2014-10-11 14:02 - 00000000 ____D () C:\FRST
2014-10-11 12:18 - 2014-10-11 12:50 - 00000000 ___SD () C:\ComboFix
2014-10-11 04:01 - 2014-10-11 04:01 - 00003544 _____ () C:\bootsqm.dat
2014-10-10 23:14 - 2014-10-10 23:14 - 00000000 ____D () C:\Program Files\ESET
2014-10-10 23:05 - 2014-10-10 23:05 - 19874272 _____ (SUPERAntiSpyware) C:\Users\b\Downloads\SUPERAntiSpyware.exe
2014-10-10 23:04 - 2014-10-10 23:04 - 00101832 _____ (SUPERAntiSpyware.com) C:\Users\b\Downloads\SASUNINST.EXE
2014-10-10 22:52 - 2014-10-10 22:52 - 02347384 _____ (ESET) C:\Users\b\Downloads\esetsmartinstaller_enu.exe
2014-10-10 22:51 - 2014-10-10 22:51 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-10-10 22:49 - 2014-10-10 22:49 - 00096080 _____ (Kaspersky Lab ZAO) C:\Users\b\Downloads\cleanautorun.exe
2014-10-10 22:45 - 2014-10-10 22:48 - 160701640 _____ () C:\Users\b\Downloads\setup_11.0.3.7.x01_2014_10_10_22_27.exe
2014-10-10 21:12 - 2014-10-11 13:56 - 00000560 _____ () C:\Windows\setupact.log
2014-10-10 21:12 - 2014-10-10 21:12 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-10 21:04 - 2014-10-10 21:11 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\b\Downloads\mbam-setup-consumer-2.0.3.1025.exe
2014-10-10 21:02 - 2014-10-10 21:02 - 00321848 _____ (Malwarebytes Corporation) C:\Users\b\Downloads\mbam-clean-2.1.1.1001.exe
2014-10-10 20:56 - 2014-10-10 20:56 - 00012445 _____ () C:\Users\b\Desktop\Gmer.log
2014-10-10 20:18 - 2014-10-10 20:18 - 00051852 _____ () C:\Users\b\Desktop\zoek-results.txt
2014-10-10 20:03 - 2014-10-10 20:13 - 00051852 _____ () C:\zoek-results.log
2014-10-10 19:59 - 2014-10-10 19:59 - 00000000 ____D () C:\zoek_backup
2014-10-10 16:38 - 2014-10-10 16:38 - 00000746 _____ () C:\Users\b\Desktop\JRT.txt
2014-10-10 16:32 - 2014-10-10 16:32 - 01705755 _____ (Thisisu) C:\Users\b\Desktop\JRT.exe
2014-10-10 16:16 - 2014-10-10 16:27 - 00000528 _____ () C:\Windows\Tasks\System Restore Checkpoint by System Restore Point Creator.job
2014-10-10 14:41 - 2014-10-10 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UVK - Ultra Virus Killer
2014-10-09 14:47 - 2014-10-09 14:48 - 04094154 _____ () C:\Users\b\Documents\BeatStars & A3C Festival Remix Contest - Epistra Beats Entry_(360p).mp4
2014-10-09 10:13 - 2014-10-09 10:13 - 06293144 _____ () C:\Users\b\Documents\HipHop Zombie Dance - Very Funny_(360p).mp4
2014-10-09 10:09 - 2014-10-09 10:10 - 21110673 _____ () C:\Users\b\Documents\Zombie Hip Hop Music Video by Agent 23 Shambles_(360p).mp4
2014-10-09 10:03 - 2014-10-09 10:04 - 06560153 _____ () C:\Users\b\Documents\Jahlil Beats_Cardiak Type beat- Fruity Loops [Prod. Desire Beatz]_(360p).mp4
2014-10-09 09:16 - 2014-10-09 09:17 - 14723557 _____ () C:\Users\b\Documents\Epic Film Trailer Music Instrumental Sign Of The Beast - Anno Domini Beats_(360p).mp4
2014-10-09 01:13 - 2014-10-09 01:13 - 09474984 _____ () C:\Users\b\Documents\Goretex feat Necro - Dopesick_(360p).mp4
2014-10-09 01:07 - 2014-10-09 01:07 - 05347608 _____ () C:\Users\b\Documents\Necro feat Non Phixion - Black Helicopter_(360p).mp4
2014-10-09 00:57 - 2014-10-09 00:57 - 05896318 _____ () C:\Users\b\Documents\Modern WarFare rap instrumental - prod. by Mitenberg_(360p).mp4
2014-10-09 00:55 - 2014-10-09 00:56 - 07189388 _____ () C:\Users\b\Documents\Dark Horror Scary Beat _ Instrumental_(360p).mp4
2014-10-09 00:43 - 2014-10-09 00:44 - 14028912 _____ () C:\Users\b\Documents\Best Horror Beat Ever Made with FL Studio 9_(360p).mp4
2014-10-09 00:39 - 2014-10-09 00:40 - 06636445 _____ () C:\Users\b\Documents\South Horror Hip Hop Instrumental {rap}_(360p).mp4
2014-10-09 00:29 - 2014-10-09 00:30 - 05017198 _____ () C:\Users\b\Documents\Horrorcore Beats to Rap - The Dark Hours - FREE Download_(360p).mp4
2014-10-09 00:09 - 2014-10-09 00:09 - 12374511 _____ () C:\Users\b\Documents\Gong Beatz & Q Bass.Natural Balance.Instrumental hip hop beat_(360p).mp4
2014-10-09 00:06 - 2014-10-09 00:06 - 08413595 _____ () C:\Users\b\Documents\[Prod. By J.C. Skilla] Free Dope Banger Instrumentals {Free Sick Amazing Beats}_(360p).mp4
2014-10-09 00:01 - 2014-10-09 00:01 - 11206764 _____ () C:\Users\b\Documents\Mano Burraz - Serás tu a minha Julieta_ (MM Prod)_(360p).mp4
2014-10-08 23:59 - 2014-10-08 23:59 - 05229208 _____ () C:\Users\b\Documents\All Of Me '' Kizomba_(360p).mp4
2014-10-08 21:18 - 2014-10-08 21:18 - 00000000 ____D () C:\Users\Default\AppData\Local\Trusteer
2014-10-08 21:18 - 2014-10-08 21:18 - 00000000 ____D () C:\Users\Default User\AppData\Local\Trusteer
2014-10-08 14:46 - 2014-10-10 16:43 - 15677528 _____ () C:\Users\b\Desktop\RogueKiller.exe
2014-10-07 21:42 - 2014-10-11 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-10-07 21:42 - 2014-10-07 21:42 - 00002138 _____ () C:\Users\Public\Desktop\Free Video Editor.lnk
2014-10-07 21:42 - 2014-10-07 21:42 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-10-07 21:42 - 2014-10-07 21:42 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-10-07 21:40 - 2014-10-07 21:43 - 00000000 ____D () C:\Users\b\AppData\Roaming\DVDVideoSoft
2014-10-07 15:33 - 2014-10-07 15:34 - 10627074 _____ () C:\Users\b\Documents\Scary RAP Instrumental [Hard Trap Beat] _ On the Blade _ Prod. Alexkout Beats & Fare-M Productions_(360p).mp4
2014-10-07 14:54 - 2014-10-07 14:55 - 29133015 _____ () C:\Users\b\Documents\O.M.H FT. SoLo Hear Me Now OFFICIAL VIDEO_(360p).mp4
2014-10-07 14:39 - 2014-10-07 14:40 - 11526126 _____ () C:\Users\b\Documents\Shotty Horroh - Winners Anthem_(360p).mp4
2014-10-07 14:34 - 2014-10-07 14:35 - 20192082 _____ () C:\Users\b\Documents\Charron - Go In (ft. Swisha-T and Bender)_(360p).mp4
2014-10-07 14:25 - 2014-10-07 14:25 - 08805903 _____ () C:\Users\b\Documents\Yak Ballz - Homework_(360p).mp4
2014-10-07 14:22 - 2014-10-07 14:22 - 05245272 _____ () C:\Users\b\Documents\Hip Hop Instrumental Beat 2012 + Mp3 Download_(360p).mp4
2014-10-07 14:18 - 2014-10-07 14:18 - 06102604 _____ () C:\Users\b\Documents\Bloody Oil - Hard Dope Underground {Hip-Hop} Rap Instrumental [Collab Jacekdupa]_(360p).mp4
2014-10-07 14:15 - 2014-10-07 14:15 - 05422227 _____ () C:\Users\b\Documents\Fl Studio Epic Rap Beat - Never Surrender (Prod. by Ware)_(360p).mp4
2014-10-07 13:56 - 2014-10-07 13:56 - 05581581 _____ () C:\Users\b\Documents\Breathe - SkizoFrenik (Old School Hip Hop Beat)_(360p).mp4
2014-10-07 12:25 - 2014-10-07 12:25 - 04481758 _____ () C:\Users\b\Documents\Cage - See You In Hell ( New 2012 )_(360p).mp4
2014-10-06 18:24 - 2014-10-06 18:24 - 04059251 _____ () C:\Users\b\Documents\cage - Leak Bros. - Weatherproof_(360p).mp4
2014-10-06 16:20 - 2014-10-11 00:10 - 00000000 ____D () C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2014-10-06 16:20 - 2014-10-06 16:44 - 00000000 ____D () C:\Program Files\Everything
2014-10-06 15:50 - 2014-10-06 15:50 - 00001358 _____ () C:\Users\Public\Desktop\BB FlashBack Pro 5 Recorder.lnk
2014-10-06 15:50 - 2014-10-06 15:50 - 00001348 _____ () C:\Users\Public\Desktop\BB FlashBack Pro 5 Player.lnk
2014-10-06 15:48 - 2014-10-06 15:48 - 00000000 ____D () C:\Users\b\Documents\BB FlashBack Pro 5 Updates
2014-10-06 15:33 - 2014-10-06 15:33 - 06063046 _____ () C:\Users\b\Documents\cage - Underground Rapstar - Weatherproof_(360p).mp4
2014-10-06 15:24 - 2014-10-06 15:25 - 16185705 _____ () C:\Users\b\Documents\Atmosphere - Trying To Find A Balance_(360p).mp4
2014-10-06 15:21 - 2014-10-06 15:21 - 07846249 _____ () C:\Users\b\Documents\Once upon a time in America (old school rap instrumental)_(360p).mp4
2014-10-06 15:17 - 2014-10-06 15:17 - 17349354 _____ () C:\Users\b\Documents\Heiruspecs - Get Up_(360p).mp4
2014-10-06 15:12 - 2014-10-06 15:13 - 05844062 _____ () C:\Users\b\Documents\Heiruspecs- Get Down_(360p).mp4
2014-10-06 15:04 - 2014-10-06 15:04 - 03363478 _____ () C:\Users\b\Documents\Yak Ballz - Spy on You_(360p).mp4
2014-10-06 14:19 - 2014-10-06 14:19 - 04860971 _____ () C:\Users\b\Documents\Luniz-I got five on it_(360p).mp4
2014-10-06 14:17 - 2014-10-06 14:18 - 26082219 _____ () C:\Users\b\Documents\E-40 feat Juicy J & Ty Dolla $ign Chitty Bang_(360p).mp4
2014-10-06 14:14 - 2014-10-06 14:15 - 25384318 _____ () C:\Users\b\Documents\E-40 - That Candy Paint Ft. Slim Thug & Bun B (Video) (Prod. By Shape Shifta)_(360p).mp4
2014-10-06 14:12 - 2014-10-06 14:13 - 11927102 _____ () C:\Users\b\Documents\Commercial Break (SMP, Belly & Charron)_(360p).mp4
2014-10-06 13:27 - 2014-10-06 13:27 - 00000892 _____ () C:\avenger.txt
2014-10-06 13:27 - 2014-10-06 13:27 - 00000000 ____D () C:\Avenger
2014-10-06 13:19 - 2014-10-06 13:19 - 00002506 _____ () C:\Users\b\Desktop\FixIEDef.log
2014-10-06 13:18 - 2014-10-06 13:18 - 00000000 ____D () C:\ERDNT
2014-10-06 13:17 - 2014-10-06 13:17 - 00000000 ____D () C:\!FixIEDef
2014-10-06 13:12 - 2014-10-06 13:12 - 00019286 _____ () C:\cleanup.exe
2014-10-06 13:12 - 2014-10-06 13:12 - 00000574 _____ () C:\cleanup.bat
2014-10-06 11:17 - 2014-10-11 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraSnap PRO
2014-10-06 11:17 - 2014-10-06 11:17 - 00000000 ____D () C:\Program Files\UltraSnapPRO
2014-10-06 01:40 - 2014-10-06 01:40 - 00001245 _____ () C:\Users\b\Desktop\Continue Full Version Installer 1.0.0.1.lnk
2014-10-06 01:10 - 2014-10-06 01:11 - 15129305 _____ () C:\Users\b\Documents\Micka Mex _ Don't Say Too Much_(360p).mp4
2014-10-06 01:06 - 2014-10-06 01:07 - 16409989 _____ () C:\Users\b\Documents\Sentral Soldiers - Funk Volume_ Don't Funk Up Our Beats 5_(360p).mp4
2014-10-06 01:03 - 2014-10-06 01:03 - 15539820 _____ () C:\Users\b\Documents\DFUOB 6 - Don't Funk Up Our Beats 6 - Mr. Black feat SMOKE - Lesser of 2 Evils_(360p).mp4
2014-10-06 00:57 - 2014-10-06 00:58 - 16585332 _____ () C:\Users\b\Documents\DFUOB#6 - J.Terrible - Official Contest Entry_(360p).mp4
2014-10-06 00:34 - 2014-10-06 00:35 - 18877596 _____ () C:\Users\b\Documents\Joe Dub ft. Liquid Assassin Get Back (Official Video)_(360p).mp4
2014-10-05 18:18 - 2014-10-05 18:18 - 00070314 _____ () C:\Users\b\Documents\gm.m3d
2014-10-05 14:38 - 2014-10-05 14:38 - 14640056 _____ () C:\Users\b\Documents\HEY KID   (response to kid diss) BROOKLYN_(360p).mp4
2014-10-05 14:33 - 2014-10-05 14:34 - 23887552 _____ () C:\Users\b\Documents\HHVtv - Brass Tackz - 'Can't You See'  - HIP HOP VANCOUVER_(360p).mp4
2014-10-05 14:20 - 2014-10-05 14:21 - 18079167 _____ () C:\Users\b\Documents\Snak the Ripper ft. Evil Ebenezer - Crush Brews_(360p).mp4
2014-10-05 13:56 - 2014-10-05 13:56 - 07938375 _____ () C:\Users\b\Documents\Trap Anthem Style Instrumental Beat  Certified  by SaruBeatz (xMaxMillionBeatz) ᴴᴰ_(360p).mp4
2014-10-05 13:39 - 2014-10-05 13:39 - 16466439 _____ () C:\Users\b\Documents\Double Edge - (Underground) Street Hip Hop Instrumental {2014} Mister KA Beats_(360p).mp4
2014-10-05 13:28 - 2014-10-05 13:28 - 16070970 _____ () C:\Users\b\Documents\One Shot (Beat w_ Hook) Anthem Hip Hop Instrumental {2014} Mister KA Beats_(360p).mp4
2014-10-05 12:35 - 2014-10-05 12:35 - 06462156 _____ () C:\Users\b\Documents\Twiztid - A New Nightmare - 06 Screaming Out ft. Dominic & Irv Da Phenom_(360p).mp4
2014-10-05 12:18 - 2014-10-05 12:19 - 10770392 _____ () C:\Users\b\Documents\Liquid Assassin - Down to Ride_(360p).mp4
2014-10-05 12:15 - 2014-10-05 12:16 - 05171731 _____ () C:\Users\b\Documents\Liquid Assassin - From the Bottom (ft. Celph Titled)_(360p).mp4
2014-10-05 03:45 - 2014-10-05 03:45 - 00055071 _____ () C:\Users\b\Documents\qw.m3d
2014-10-05 03:34 - 2014-10-05 03:35 - 24296959 _____ () C:\Users\b\Documents\M.O.P. - Ante Up Remix ft. Busta Rhymes, Teflon, Remy Martin_(360p).mp4
2014-10-05 03:28 - 2014-10-05 03:29 - 11742359 _____ () C:\Users\b\Documents\FREE DL__ 2013 LOURDE TRAP 2CHAINZ BEAT INSTRUMENTAL - Black Night_(360p).mp4
2014-10-05 03:22 - 2014-10-05 03:22 - 06566841 _____ () C:\Users\b\Documents\WEED PARTY - Rap_Hip-Hop_Trap_New School Instrumental (Prod. by Vicente) HD_(360p).mp4
2014-10-05 03:21 - 2014-10-05 03:21 - 02018163 _____ () C:\Users\b\Documents\Weed Smoking Underground Hip Hop Instrumental Street Rap Beat - Beast Inside Beats_(360p).mp4
2014-10-05 03:11 - 2014-10-05 03:14 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-05 02:35 - 2014-10-05 02:36 - 07389410 _____ () C:\Users\b\Documents\No Tomorrow-Hard Deep Rap Beat{Hip Hop Instrumental 2014}_(360p).mp4
2014-10-05 02:27 - 2014-10-05 02:27 - 09245579 _____ () C:\Users\b\Documents\Hip-Hop _ HARD RAP Instrumental Beat 2014 (Aggressive) Damas Beats_(360p).mp4
2014-10-05 01:32 - 2014-10-05 01:32 - 03884506 _____ () C:\Users\b\Documents\Epic Trap Hip Hop Instrumental {Rap Beat} 2014 (prod. by SP Anonymous)_(360p).mp4
2014-10-05 01:30 - 2014-10-05 01:30 - 08346855 _____ () C:\Users\b\Documents\Epic Hip Hop Instrumental {Rap Beat} 2014 (prod. by PusherProductions)_(360p).mp4
2014-10-05 01:28 - 2014-10-05 01:29 - 21013711 _____ () C:\Users\b\Documents\Jeremih - Don't Tell Em Ft. YG _ Choreography by_ Ricky Cole_(360p).mp4
2014-10-05 01:22 - 2014-10-05 01:22 - 12901576 _____ () C:\Users\b\Documents\Hard Gangsta Hip Hop Instrumental - Ready for War_(360p).mp4
2014-10-05 01:21 - 2014-10-05 01:21 - 05658636 _____ () C:\Users\b\Documents\Epic Hip Hop Instrumental - Surreal 2 Music_(360p).mp4
2014-10-05 01:04 - 2014-10-05 01:05 - 18795128 _____ () C:\Users\b\Documents\Chris Brown Loyal Remix by Domo (Female Version)_(360p).mp4
2014-10-05 00:53 - 2014-10-05 00:54 - 11189444 _____ () C:\Users\b\Documents\TGM - SICKEST ORCHESTRAL PUMP UP INSTRUMENTAL CONQUEROR_(360p).mp4
2014-10-05 00:48 - 2014-10-05 00:48 - 09124612 _____ () C:\Users\b\Documents\Inspirational Rap HipHop Beat _ Prod. by Mubz Beats _ _HARD__(360p).mp4
2014-10-05 00:38 - 2014-10-05 00:38 - 06433019 _____ () C:\Users\b\Documents\Mubz Beatz - Crazy Soulful Sampled Hip Hop instrumental_Rap Beat - Open Your Eyes_(360p).mp4
2014-10-05 00:11 - 2014-10-05 00:12 - 07896829 _____ () C:\Users\b\Documents\Hard Aggressive Motivational Hip-Hop {Rap} Beat ''Wake up'' 2014 Instrumental by ShonzY BeatZ_(360p).mp4
2014-10-04 23:57 - 2014-10-04 23:58 - 17915878 _____ () C:\Users\b\Documents\2014 HARD {DARK THOUGHTS} HIP-HOP BEAT {RAP} INSTRUMENTAL_(360p).mp4
2014-10-04 23:53 - 2014-10-04 23:53 - 05263373 _____ () C:\Users\b\Documents\Tonight We Fade - King (Unreleased)_(360p).mp4
2014-10-04 23:34 - 2014-10-11 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD
2014-10-04 23:34 - 2014-10-04 23:34 - 00001111 _____ () C:\Users\b\Desktop\Youtube Downloader HD.lnk
2014-10-04 20:26 - 2014-10-04 20:30 - 00000000 ____D () C:\Users\b\AppData\Roaming\Runscanner.net
2014-10-04 20:22 - 2014-10-04 20:24 - 00002104 _____ () C:\Users\b\Desktop\Rkill.txt
2014-10-04 19:18 - 2014-10-04 19:18 - 00245524 _____ () C:\Users\b\Documents\qw.swf
2014-10-04 18:56 - 2014-10-04 18:57 - 153094886 _____ () C:\Users\b\Desktop\qq1.swf
2014-10-04 18:21 - 2014-10-04 18:21 - 00001178 _____ () C:\Users\Public\Desktop\Sothink SWF Editor.lnk
2014-10-04 18:19 - 2014-10-04 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SourceTec
2014-10-04 18:19 - 2014-10-04 18:21 - 00000000 ____D () C:\Program Files\SourceTec
2014-10-04 18:19 - 2014-10-04 18:19 - 00001226 _____ () C:\Users\Public\Desktop\Sothink SWF Decompiler.lnk
2014-10-04 18:19 - 2014-10-04 18:19 - 00001190 _____ () C:\Users\Public\Desktop\Sothink SWF Catcher.lnk
2014-10-04 18:19 - 2014-10-04 18:19 - 00000000 ____D () C:\Program Files\Common Files\SourceTec
2014-10-04 18:02 - 2014-10-11 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KNCTR
2014-10-04 18:02 - 2014-10-04 18:02 - 00001028 _____ () C:\Users\Public\Desktop\KNCTR.lnk
2014-10-04 18:02 - 2014-10-04 18:02 - 00000000 ____D () C:\Users\b\AppData\Roaming\Itibiti
2014-10-04 18:02 - 2014-10-04 18:02 - 00000000 ____D () C:\Program Files\Itibiti Soft Phone
2014-10-04 13:31 - 2014-10-04 13:31 - 00000000 ____D () C:\Users\b\AppData\Roaming\RecoolTec
2014-10-04 12:44 - 2014-10-04 12:44 - 00000000 ____D () C:\Users\b\AppData\Roaming\ThunderSoft
2014-10-04 12:43 - 2014-10-04 12:43 - 00001244 _____ () C:\Users\Public\Desktop\ThunderSoft Flash to HTML5 Converter.lnk
2014-10-04 12:43 - 2014-10-04 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ThunderSoft
2014-10-04 12:43 - 2014-10-04 12:43 - 00000000 ____D () C:\Program Files\ThunderSoft
2014-10-04 12:34 - 2014-10-04 12:34 - 00000000 ____D () C:\Users\b\Documents\SWF to HTML5 Converter
2014-10-04 12:33 - 2014-10-04 12:33 - 00001132 _____ () C:\Users\Public\Desktop\Recool SWF to HTML5 Converter.lnk
2014-10-04 12:33 - 2014-10-04 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RecoolTec
2014-10-04 12:33 - 2014-10-04 12:33 - 00000000 ____D () C:\Program Files\Recool SWF to HTML5 Converter
2014-10-04 12:33 - 2014-10-04 12:33 - 00000000 ____D () C:\Program Files\AviSynth 2.5
2014-10-04 12:33 - 2011-04-12 21:43 - 00219136 _____ (SWF Converter) C:\Windows\system32\frvSource.ax
2014-10-03 13:31 - 2014-10-03 13:31 - 00004544 _____ () C:\Users\b\Desktop\مستند دفتر يومية جديد ‫(2)‬.jnt
2014-10-02 19:01 - 2014-10-02 19:01 - 193865307 _____ () C:\Users\b\Documents\qqqq1.swf
2014-10-02 18:50 - 2014-10-02 18:50 - 00049522 _____ () C:\Users\b\Documents\gf.m3d
2014-10-01 07:48 - 2014-10-01 07:48 - 00000000 ____D () C:\ProgramData\Doctor Web
2014-10-01 07:46 - 2014-10-01 08:14 - 00000000 ____D () C:\Users\b\Doctor Web
2014-10-01 06:49 - 2014-10-01 06:49 - 01375089 _____ () C:\Users\b\Desktop\adwcleaner_3.311.exe
2014-09-30 16:59 - 2014-09-30 16:59 - 00001000 _____ () C:\Users\Public\Desktop\Mobogenie3.lnk
2014-09-30 16:59 - 2014-09-30 16:59 - 00000000 ____D () C:\Users\b\AppData\Roaming\WinnerMediaPlayer
2014-09-30 16:59 - 2014-09-30 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobogenie3
2014-09-30 16:59 - 2014-09-30 16:59 - 00000000 ____D () C:\Program Files\Mobogenie3
2014-09-30 16:58 - 2014-10-11 02:04 - 00000000 ____D () C:\Program Files\Winner Media Player
2014-09-30 16:57 - 2014-09-30 16:57 - 00000000 ____D () C:\Users\b\AppData\Roaming\Dorrible
2014-09-30 16:20 - 2014-10-10 19:56 - 00000000 ____D () C:\Users\b\AppData\Roaming\uTorrent
2014-09-30 15:35 - 2014-10-05 11:49 - 00000700 ___SH () C:\Users\b\AppData\Local\systemFL7.dat
2014-09-30 14:44 - 2014-09-30 14:44 - 06337892 _____ () C:\Users\b\Documents\SubNoize Souljaz - Pull The Pin_(360p).mp4
2014-09-30 07:59 - 2014-09-30 07:59 - 05376558 _____ () C:\Users\b\Documents\FONG FONG - BLUE_(360p).mp4
2014-09-30 07:52 - 2014-09-30 07:52 - 24913071 _____ () C:\Users\b\Documents\DJ FLY - DMC WORLD CHAMPION 2013_(360p).mp4
2014-09-30 07:48 - 2014-09-30 07:48 - 05517114 _____ () C:\Users\b\Documents\Vekked - Guard yo Grill (Freestyle Scratch)_(360p).mp4
2014-09-30 07:43 - 2014-09-30 07:44 - 24865776 _____ () C:\Users\b\Documents\The Smokey & Skratchy Show - Episode 6_(360p).mp4
2014-09-30 07:39 - 2014-09-30 07:39 - 21242634 _____ () C:\Users\b\Documents\The Smokey & Skratchy Show Ep 04_(360p).mp4
2014-09-30 07:27 - 2014-09-30 07:30 - 113525828 _____ () C:\Users\b\Documents\Serial Killers - Serial Killers Vol 1 (2013) (Full Mixtape) (+download) (New)_(360p).mp4
2014-09-30 07:24 - 2014-09-30 07:24 - 14274645 _____ () C:\Users\b\Documents\Redman - Dunfiato_(360p).mp4
2014-09-30 07:22 - 2014-09-30 07:23 - 21256231 _____ () C:\Users\b\Documents\Xzibit, B-Real, Demrick (Serial Killers) - No Comin' Back (Official Video)_(360p).mp4
2014-09-30 07:15 - 2014-09-30 07:16 - 20217560 _____ () C:\Users\b\Documents\Merkules - L.A.S.H. feat. Snak The Ripper_(360p).mp4
2014-09-30 07:09 - 2014-09-30 07:10 - 00033768 _____ () C:\Users\b\Documents\Snak The Ripper - Done  - feat. Young Sin , Juho - SDK #339 - EPHIN APPAREL - Malaga Spain_(360p).mp4
2014-09-30 07:08 - 2014-09-30 07:09 - 46134756 _____ () C:\Users\b\Documents\Snak The Ripper ft. Young Sin Rap Biz - GRAFFITI SKI MASK CAPITAL Q_(360p).mp4
2014-09-30 06:57 - 2014-09-30 06:57 - 08014913 _____ () C:\Users\b\Documents\Big B - Its All Good (Feat) The DirtBall_(360p).mp4
2014-09-29 17:01 - 2014-09-29 17:01 - 00004142 _____ () C:\ProgramData\uxxadbmu.rlu
2014-09-29 17:01 - 2014-09-29 17:01 - 00000000 ____D () C:\Users\b\AppData\Roaming\MOVAVI
2014-09-29 17:01 - 2014-09-29 17:01 - 00000000 ____D () C:\Users\b\AppData\Local\Movavi
2014-09-29 17:00 - 2014-09-29 17:00 - 00001071 _____ () C:\Users\Public\Desktop\Movavi Video Editor 9.lnk
2014-09-29 17:00 - 2014-09-29 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Editor 9
2014-09-29 17:00 - 2014-09-29 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect
2014-09-29 16:59 - 2014-09-29 17:00 - 00000000 ____D () C:\Program Files\Movavi Video Editor 9
2014-09-29 16:59 - 2014-09-29 16:59 - 00000000 ____D () C:\Users\b\AppData\Roaming\ArcSoft
2014-09-29 16:59 - 2014-09-29 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoImpression 6
2014-09-29 16:59 - 2007-06-06 03:39 - 00072448 _____ (ArcSoft Inc.) C:\Windows\system32\PhotoImpression Slideshow.scr
2014-09-29 16:59 - 2006-11-10 15:05 - 00018688 _____ (Arcsoft, Inc.) C:\Windows\system32\Drivers\afc.sys
2014-09-29 16:59 - 1995-08-01 04:44 - 00212480 _____ (Eastman Kodak) C:\Windows\PCDLIB32.DLL
2014-09-29 16:58 - 2014-09-29 16:59 - 00000000 ____D () C:\Windows\system32\PhotoImpression Slideshow
2014-09-29 16:58 - 2005-04-27 16:36 - 00245408 _____ (Microsoft Corporation) C:\Windows\system32\unicows.dll
2014-09-29 16:56 - 2014-09-29 16:57 - 00000000 ____D () C:\Program Files\Photolightning
2014-09-29 16:56 - 2014-09-29 16:56 - 00001883 _____ () C:\Users\Public\Desktop\Photolightning.lnk
2014-09-29 16:56 - 2014-09-29 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photolightning
2014-09-29 16:56 - 2006-02-06 20:41 - 00065536 _____ (Photolightning) C:\Windows\Photolightning.SCR
2014-09-29 16:53 - 2014-09-29 17:01 - 00000000 ____D () C:\Users\b\AppData\Local\ArcSoft
2014-09-29 16:53 - 2014-09-29 16:58 - 00000000 ____D () C:\Program Files\ArcSoft
2014-09-29 16:53 - 2014-09-29 16:53 - 00001957 _____ () C:\Users\Public\Desktop\PhotoStudio 6.lnk
2014-09-29 16:53 - 2014-09-29 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoStudio 6
2014-09-29 16:53 - 2014-09-29 16:53 - 00000000 ____D () C:\ProgramData\ArcSoft
2014-09-29 16:52 - 2014-09-29 17:00 - 00000000 ____D () C:\Program Files\Common Files\ArcSoft
2014-09-29 16:51 - 2014-09-29 16:51 - 00001980 _____ () C:\Users\Public\Desktop\PhotoImpact X3.lnk
2014-09-29 16:50 - 2014-09-29 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoImpact X3
2014-09-29 16:50 - 2014-09-29 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel
2014-09-29 16:39 - 2014-09-29 16:39 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-09-29 16:27 - 2014-09-29 16:29 - 00000000 ____D () C:\Users\b\AppData\Local\PhotoEditor
2014-09-29 16:27 - 2014-09-29 16:27 - 00000000 ____D () C:\Users\b\AppData\Local\Anthropics
2014-09-29 16:24 - 2014-09-29 16:24 - 00001178 _____ () C:\Users\b\Desktop\Smart Photo Editor Trial.lnk
2014-09-29 16:24 - 2014-09-29 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Photo Editor Trial
2014-09-29 16:24 - 2014-09-29 16:24 - 00000000 ____D () C:\Program Files\Smart Photo Editor Trial
2014-09-29 16:14 - 2014-09-29 16:14 - 00000000 ____D () C:\Users\b\AppData\Roaming\Engelmann Media
2014-09-29 16:13 - 2014-09-29 16:13 - 00001171 _____ () C:\Users\Public\Desktop\Photomizer Retro.lnk
2014-09-29 16:13 - 2014-09-29 16:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Engelmann Media
2014-09-29 16:13 - 2014-09-29 16:13 - 00000000 ____D () C:\Program Files\Engelmann Media
2014-09-29 16:13 - 2014-09-29 16:13 - 00000000 ____D () C:\Program Files\Common Files\HDX4
2014-09-29 16:09 - 2014-09-29 16:09 - 00002038 _____ () C:\Users\Public\Desktop\NCH Suite.lnk
2014-09-29 16:09 - 2014-09-29 16:09 - 00001116 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoPad Image Editor.lnk
2014-09-29 16:09 - 2014-09-29 16:09 - 00001104 _____ () C:\Users\Public\Desktop\PhotoPad Image Editor.lnk
2014-09-29 16:09 - 2014-09-29 16:09 - 00000000 ____D () C:\Users\b\AppData\Roaming\NCH Software
2014-09-29 16:09 - 2014-09-29 16:09 - 00000000 ____D () C:\ProgramData\NCH Software
2014-09-29 16:09 - 2014-09-29 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-09-29 16:09 - 2014-09-29 16:09 - 00000000 ____D () C:\Program Files\NCH Software
2014-09-29 13:54 - 2014-09-29 13:54 - 00002262 _____ () C:\Users\Public\Desktop\ACDSee Photo Editor 6.lnk
2014-09-29 13:54 - 2014-09-29 13:54 - 00000000 ____D () C:\Users\b\Documents\ACDSee Photo Editor
2014-09-29 13:40 - 2014-09-29 13:40 - 00002174 _____ () C:\Users\Public\Desktop\ACDSee 18.lnk
2014-09-29 09:19 - 2014-09-29 09:19 - 00001188 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2014-09-29 09:19 - 2014-09-29 09:19 - 00001176 _____ () C:\Users\Public\Desktop\paint.net.lnk
2014-09-29 09:19 - 2014-09-29 09:19 - 00000000 ____D () C:\Program Files\paint.net
2014-09-29 09:18 - 2014-09-29 09:21 - 00000000 ____D () C:\Users\b\AppData\Local\paint.net
2014-09-28 16:17 - 2014-09-28 16:17 - 00000000 ____D () C:\Users\b\AppData\Local\QupZilla
2014-09-28 16:16 - 2014-09-28 16:16 - 00000965 _____ () C:\Users\Public\Desktop\QupZilla.lnk
2014-09-28 16:16 - 2014-09-28 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QupZilla
2014-09-28 16:16 - 2014-09-28 16:16 - 00000000 ____D () C:\Program Files\QupZilla
2014-09-28 13:45 - 2014-09-28 13:46 - 15491222 _____ () C:\Users\b\Documents\GT GARZA - MAVERICK MUSIC_(360p).mp4
2014-09-28 12:41 - 2014-10-06 13:18 - 00000000 ____D () C:\Windows\ERUNT
2014-09-28 12:20 - 2014-10-06 19:51 - 00000821 _____ () C:\Windows\system32\Drivers\etc\hosts.ccebak
2014-09-27 10:56 - 2014-09-27 10:56 - 00000000 ____D () C:\Program Files\Common Files\Corel
2014-09-27 10:53 - 2014-09-27 10:53 - 00001995 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Painter 2015.lnk
2014-09-27 10:14 - 2014-09-27 10:15 - 25948690 _____ () C:\Users\b\Documents\Subnoize Souljaz Droppin Bombs 8_29_06_(360p).mp4
2014-09-27 09:41 - 2014-09-27 09:41 - 08820701 _____ () C:\Users\b\Documents\Kottonmouth Kings - Down 4 tha Crown_(360p).mp4
2014-09-27 09:40 - 2014-09-27 09:40 - 06017963 _____ () C:\Users\b\Documents\D-Loc - Take A Ride Feat. Judge D_(360p).mp4
2014-09-27 09:31 - 2014-09-27 09:32 - 08962388 _____ () C:\Users\b\Documents\Potluck - Wake N Bake_(360p).mp4
2014-09-27 09:25 - 2014-09-27 09:25 - 16066685 _____ () C:\Users\b\Documents\Potluck - Hit Em Hard_(360p).mp4
2014-09-27 09:22 - 2014-09-27 09:23 - 07257057 _____ () C:\Users\b\Documents\Potluck - Be Easy_(360p).mp4
2014-09-27 09:20 - 2014-09-28 04:14 - 10864954 _____ () C:\Users\b\Documents\We Bad Subnoize Souljas_(360p).mp4
2014-09-27 09:15 - 2014-09-27 09:16 - 34623357 _____ () C:\Users\b\Documents\CHAPTER 6 Satan, Aleister Crowley and the Beatles part a_(360p).mp4
2014-09-27 07:04 - 2014-09-27 07:04 - 00001173 _____ () C:\Users\Public\Desktop\Sound Forge Audio Studio.lnk
2014-09-27 06:20 - 2014-09-27 06:22 - 00000000 ____D () C:\Users\b\AppData\Roaming\muvee Technologies
2014-09-27 06:20 - 2014-09-27 06:20 - 00002037 _____ () C:\Users\Public\Desktop\moviEZ HD.lnk
2014-09-27 06:20 - 2014-09-27 06:20 - 00001089 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\moviEZ HD.lnk
2014-09-27 06:19 - 2014-09-27 06:19 - 00000000 ____D () C:\Program Files\Common Files\muvee Technologies
2014-09-27 06:15 - 2014-09-27 06:21 - 00000000 ____D () C:\ProgramData\muvee Technologies
2014-09-27 06:13 - 2014-09-27 06:15 - 39792025 _____ () C:\Users\b\Documents\Satanist Aleister Crowley and the Beatles_(360p).mp4
2014-09-27 06:10 - 2014-09-27 06:17 - 156214024 _____ (Sony Creative Software Inc.) C:\Users\b\Desktop\audiostudio10.0.252.exe
2014-09-27 06:09 - 2014-09-27 06:15 - 101132656 _____ (Sony Creative Software Inc.) C:\Users\b\Desktop\moviezhd1.0.2911.exe
2014-09-27 05:12 - 2014-09-27 05:12 - 00000000 ____D () C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-27 05:12 - 2014-09-27 05:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-27 04:54 - 2014-09-27 04:54 - 00001160 _____ () C:\Users\Public\Desktop\Wondershare Video Editor.lnk
2014-09-27 04:54 - 2014-07-15 17:24 - 02140712 _____ (MainConcept GmbH) C:\Windows\system32\mcmpgvout.004
2014-09-27 04:54 - 2014-07-15 17:24 - 00531496 _____ (MainConcept GmbH) C:\Windows\system32\mcmpeg2mux.ax
2014-09-27 04:54 - 2014-07-15 17:24 - 00375848 _____ (MainConcept GmbH) C:\Windows\system32\mcm2ve.ax
2014-09-27 04:54 - 2014-07-15 17:24 - 00257064 _____ (MainConcept GmbH) C:\Windows\system32\mcl2ae.ax
2014-09-27 04:54 - 2014-07-15 17:24 - 00244776 _____ (MainConcept GmbH) C:\Windows\system32\mcmpgaout.dll
2014-09-27 04:54 - 2014-07-15 17:24 - 00020520 _____ (MainConcept GmbH) C:\Windows\system32\mcmpgvout.dll
2014-09-27 02:30 - 2014-09-27 02:30 - 01135397 _____ () C:\Users\b\Documents\سرقة نكات cut_(360p).mp4
2014-09-26 13:45 - 2014-09-26 13:45 - 12170441 _____ () C:\Users\b\Documents\The Dirtball - Lifestyles_(360p).mp4
2014-09-26 13:41 - 2014-09-26 13:41 - 08529373 _____ () C:\Users\b\Documents\Tech N9ne - Worldwide Choppers ( Busta Rhymes,  Yelawolf, Twista..)_(360p).mp4
2014-09-26 13:40 - 2014-09-26 13:40 - 08459432 _____ () C:\Users\b\Documents\Tech N9ne - Demons (feat. Three 6 Mafia)_(360p).mp4
2014-09-26 13:33 - 2014-09-26 13:34 - 21533962 _____ () C:\Users\b\Documents\TeamBackPack _ PotLuck & Liquid Assassin _ Prod. by KATO_(360p).mp4
2014-09-26 13:31 - 2014-09-26 13:32 - 28892881 _____ () C:\Users\b\Documents\TeamBackpack _ Miny, Onyx, Collins _ Prod. by Cool FD_(360p).mp4
2014-09-26 13:29 - 2014-09-26 13:29 - 09907958 _____ () C:\Users\b\Documents\Sadistik-Snow White(Lyrics on Screen)_(360p).mp4
2014-09-26 13:26 - 2014-09-26 13:26 - 12428050 _____ () C:\Users\b\Documents\Madchild - Blood Beast - Official Music Video_(360p).mp4
2014-09-26 13:21 - 2014-09-26 13:21 - 05326908 _____ () C:\Users\b\Documents\Atmosphere - Free or Dead_(360p).mp4
2014-09-26 13:11 - 2014-09-26 13:11 - 13062135 _____ () C:\Users\b\Documents\LOWKEY - OBAMA NATION (OFFICIAL VIDEO) - BANNED FROM TV_(360p).mp4
2014-09-26 13:09 - 2014-09-26 13:09 - 09286604 _____ () C:\Users\b\Documents\No Mercy - Immortal Technique [With Lyrics]_(360p).mp4
2014-09-26 13:06 - 2014-09-26 13:07 - 06518776 _____ () C:\Users\b\Documents\Atmosphere- They Lied_(360p).mp4
2014-09-26 13:01 - 2014-09-26 13:01 - 05654629 _____ () C:\Users\b\Documents\Grieves - Lock Down_(360p).mp4
2014-09-26 12:57 - 2014-09-26 12:58 - 15881904 _____ () C:\Users\b\Documents\Grieves - Lazt Kall (feat Type, Rik Rude & P Smoov)_(360p).mp4
2014-09-26 12:56 - 2014-09-26 12:57 - 03455822 _____ () C:\Users\b\Documents\Grieves, Budo & K.Flay - Lost In The Sun_(360p).mp4
2014-09-26 12:51 - 2014-09-26 12:52 - 15256327 _____ () C:\Users\b\Documents\Lil Kim feat. 2Pac & Phil Collins - Starin' (In The Air Tonight) Remix_(360p).mp4
2014-09-26 12:46 - 2014-09-26 12:47 - 25940583 _____ () C:\Users\b\Documents\Grieves - Kidding Me - Audiotree Live_(360p).mp4
2014-09-26 12:45 - 2014-09-26 12:46 - 18330588 _____ () C:\Users\b\Documents\Atmosphere - Bitter (Official Video)_(360p).mp4
2014-09-26 11:18 - 2014-09-26 11:18 - 08447140 _____ () C:\Users\b\Documents\MARCO POLO - Get Busy feat. Copywrite_(360p).mp4
2014-09-26 11:16 - 2014-09-26 11:17 - 13477555 _____ () C:\Users\b\Documents\Copywrite- Shotgun Official Video_(360p).mp4
2014-09-26 11:01 - 2014-09-26 11:02 - 15769109 _____ () C:\Users\b\Documents\Supastition - Yada Yada (Produced by Marco Polo)_(360p).mp4
2014-09-26 10:53 - 2014-09-26 10:54 - 06225955 _____ () C:\Users\b\Documents\Supastition - Worst Enemy (Prod. Marco Polo)_(360p).mp4
2014-09-26 10:49 - 2014-09-26 10:50 - 16248537 _____ () C:\Users\b\Documents\Playdough & DJ Sean P Real Like It (Official Music Video) Gold Tips_(360p).mp4
2014-09-26 09:03 - 2014-09-26 09:04 - 19008830 _____ () C:\Users\b\Documents\Double A.B. - Maxine_(360p).mp4
2014-09-26 08:58 - 2014-09-26 08:58 - 17081032 _____ () C:\Users\b\Documents\Tame One Feat  Copywrite, J Zone, Cage, Mr  Eon & Skillz   EC All Stars '95 Remix_(360p).mp4
2014-09-26 08:24 - 2014-09-26 08:24 - 00000095 _____ () C:\Windows\MovieHunter.INI
2014-09-26 08:23 - 2014-10-04 21:14 - 00000000 ____D () C:\Users\b\Documents\Corel DVD MovieFactory
2014-09-26 08:16 - 2014-09-26 08:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2014-09-26 08:16 - 2014-09-26 08:16 - 00000000 ____D () C:\Program Files\Common Files\NewBlue
2014-09-26 08:15 - 2014-09-26 08:15 - 00002173 _____ () C:\Users\Public\Desktop\CyberLink PowerDirector 13.lnk
2014-09-26 08:15 - 2014-09-26 08:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 13
2014-09-26 08:15 - 2014-09-26 08:15 - 00000000 ____D () C:\Program Files\NewBlue
2014-09-26 08:02 - 2014-09-26 08:17 - 00000000 ____D () C:\ProgramData\SUPPORTDIR
2014-09-26 08:02 - 2014-09-26 08:02 - 13095227 _____ () C:\Users\b\Documents\Psych Ward EXOSKELETONS Feat. Apathy & Celph Titled REEL WOLF RECORDS 2013_(360p).mp4
2014-09-26 07:54 - 2014-09-26 07:55 - 20656810 _____ () C:\Users\b\Documents\D.I.T.C ENT. CYPHER W_ DJ PREMIER 2013_(360p).mp4
2014-09-26 07:42 - 2014-09-26 07:53 - 482873392 _____ () C:\Users\b\Documents\PowerDirector_2104_GM2_Trial_Trial_VDE140804-02.exe
2014-09-26 07:41 - 2014-09-26 07:41 - 01299304 _____ (CyberLink) C:\Users\b\Desktop\CyberLink_PowerDirector_Downloader.exe
2014-09-26 06:26 - 2014-09-26 06:26 - 00001226 _____ () C:\Users\b\Desktop\Wondershare DVD Slideshow Builder Deluxe.lnk
2014-09-26 06:12 - 2014-09-26 06:12 - 00012180 _____ () C:\Users\b\Desktop\ضش.m3d
2014-09-26 06:12 - 2014-09-26 06:12 - 00000000 ____D () C:\Users\b\Documents\Aurora3D
2014-09-25 18:41 - 2014-09-25 18:41 - 00001080 _____ () C:\Users\Public\Desktop\Aurora 3D Text & Logo Maker.lnk
2014-09-25 18:41 - 2014-09-25 18:41 - 00000000 ____D () C:\Users\b\AppData\Local\Maker3D
2014-09-25 18:41 - 2014-09-25 18:41 - 00000000 ____D () C:\Users\b\AppData\Local\Configure
2014-09-25 18:41 - 2014-09-25 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aurora 3D Text & Logo Maker
2014-09-25 18:40 - 2014-09-25 18:40 - 00000000 ____D () C:\Program Files\Aurora3D
2014-09-25 18:40 - 2011-09-13 17:58 - 00581632 _____ (Optima SC Inc.) C:\Windows\system32\vp8vfw.dll
2014-09-25 18:18 - 2014-09-25 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FontTwister
2014-09-25 18:18 - 2014-09-25 18:18 - 00000000 ____D () C:\Program Files\FontTwister
2014-09-25 13:50 - 2014-09-25 13:50 - 00000000 ____D () C:\Users\b\AppData\Local\Nero_AG
2014-09-25 13:36 - 2014-09-25 13:36 - 00000000 ____D () C:\ProgramData\Atheros
2014-09-25 13:36 - 2014-09-25 13:36 - 00000000 ____D () C:\Program Files\Atheros
2014-09-25 13:36 - 2010-05-11 18:11 - 01803112 _____ (Atheros Communications, Inc.) C:\Windows\system32\athr.sys
2014-09-25 13:36 - 2010-05-08 15:05 - 00054468 _____ () C:\Windows\system32\athrext.cat
2014-09-25 12:50 - 2014-09-25 12:50 - 00000000 ____D () C:\Users\b\AppData\Local\Xara
2014-09-25 12:50 - 2014-09-25 12:50 - 00000000 ____D () C:\ProgramData\MAGIX
2014-09-25 12:47 - 2014-09-25 12:47 - 00001012 _____ () C:\Users\Public\Desktop\Xara 3D Maker 7.lnk
2014-09-25 12:47 - 2014-09-25 12:47 - 00000000 ____D () C:\ProgramData\Xara
2014-09-25 12:47 - 2014-09-25 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xara
2014-09-25 12:47 - 2014-09-25 12:47 - 00000000 ____D () C:\Program Files\Xara
2014-09-25 12:47 - 2014-09-25 12:47 - 00000000 ____D () C:\Program Files\Common Files\Xara Services
2014-09-25 10:38 - 2014-09-25 10:38 - 00000024 _____ () C:\Windows\system32\DKRNL.JAX
2014-09-25 10:38 - 2014-09-25 10:38 - 00000000 ____D () C:\Users\b\Documents\Corel MotionStudio 3D
2014-09-25 10:33 - 2014-09-25 10:33 - 00001015 _____ () C:\Users\Public\Desktop\Corel Motion Studio 3D.lnk
2014-09-25 10:33 - 2014-09-25 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel MotionStudio 3D
2014-09-25 10:31 - 2014-09-29 13:40 - 00154176 _____ () C:\Windows\DirectX.log
2014-09-25 10:28 - 2014-09-25 10:34 - 00000000 ____D () C:\Windows\msdownld.tmp
2014-09-25 10:28 - 2014-09-25 10:28 - 00002409 _____ () C:\Users\Public\Desktop\Corel DVD MovieFactory 7 Launcher.lnk
2014-09-25 10:28 - 2014-09-25 10:28 - 00000000 ____D () C:\Windows\RegisteredPackages
2014-09-25 10:28 - 2014-09-25 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
2014-09-25 10:28 - 2014-09-25 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel DVD MovieFactory 7
2014-09-25 10:28 - 2014-09-25 10:28 - 00000000 ____D () C:\ProgramData\InterVideo
2014-09-25 10:28 - 2008-05-05 17:00 - 00209040 _____ () C:\Windows\system32\IVIresizeW7.dll
2014-09-25 10:28 - 2008-05-05 17:00 - 00204944 _____ () C:\Windows\system32\IVIresizeA6.dll
2014-09-25 10:28 - 2008-05-05 17:00 - 00196752 _____ () C:\Windows\system32\IVIresizeP6.dll
2014-09-25 10:28 - 2008-05-05 17:00 - 00196752 _____ () C:\Windows\system32\IVIresizeM6.dll
2014-09-25 10:28 - 2008-05-05 17:00 - 00192656 _____ () C:\Windows\system32\IVIresizePX.dll
2014-09-25 10:28 - 2008-05-05 17:00 - 00024720 _____ () C:\Windows\system32\IVIresize.dll
2014-09-25 10:26 - 2014-09-29 16:49 - 00000000 ____D () C:\ProgramData\Ulead Systems
2014-09-25 10:26 - 2014-09-29 16:49 - 00000000 ____D () C:\Program Files\Common Files\Ulead Systems
2014-09-25 08:33 - 2014-09-25 08:36 - 86456696 _____ (WonderShare Software ) C:\Users\b\Desktop\dsb_resources.exe
2014-09-25 08:33 - 2014-09-25 08:34 - 41411064 _____ (Wondershare ) C:\Users\b\Desktop\dvd-creator_full619.exe
2014-09-25 08:32 - 2014-09-25 08:32 - 00745248 _____ (Wondershare) C:\Users\b\Desktop\dsb_deluxe_setup_full18.exe
2014-09-25 07:00 - 2014-09-25 07:00 - 00002181 _____ () C:\Users\b\Desktop\Tweaking.com - Registry Backup.lnk
2014-09-25 07:00 - 2014-09-25 07:00 - 00000000 ____D () C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-09-25 07:00 - 2014-09-25 07:00 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-09-25 03:54 - 2014-10-10 19:36 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-24 17:28 - 2014-10-10 19:14 - 00000000 ____D () C:\Windows\Minidump
2014-09-24 15:40 - 2014-09-24 15:40 - 00000000 ____D () C:\Users\b\SimpleJavaYoutubeUploader
2014-09-24 11:06 - 2014-09-24 11:06 - 07333766 _____ () C:\Users\b\Documents\دعس تركي على يد ازعر غزة_(360p).mp4
2014-09-24 07:42 - 2014-09-24 09:37 - 00025680 _____ () C:\Users\b\Desktop\Untitled.vf
2014-09-24 07:42 - 2014-09-24 07:42 - 00025440 _____ () C:\Users\b\Desktop\Untitled.vf.bak
2014-09-24 06:23 - 2014-09-24 06:23 - 04777761 _____ () C:\Users\b\Documents\Min Lama Re7ti - راب لبناني - من لمّا رحتي_(360p).mp4
2014-09-24 06:14 - 2014-09-24 06:14 - 07090602 _____ () C:\Users\b\Documents\راب سوري رائع جداً_(360p).mp4
2014-09-24 06:07 - 2014-09-24 06:07 - 09543063 _____ () C:\Users\b\Documents\راب اجنبي نار_(360p).mp4
2014-09-24 06:06 - 2014-09-24 06:06 - 20005374 _____ () C:\Users\b\Documents\NIMA   PSY   =======   من افضل اغاني الراب العربي_(360p).mp4
2014-09-24 05:54 - 2014-09-24 05:55 - 13282932 _____ () C:\Users\b\Documents\رداً على كل مخلوق يشتم سوريا __ مطلوب راسك __ اسماعيل تمر 2013_(new)_(360p).mp4
2014-09-24 05:46 - 2014-09-24 05:46 - 19935692 _____ () C:\Users\b\Documents\MC Amin, Sphinx - Gamed Fash5, جامد فشخ_(360p).mp4
2014-09-24 05:39 - 2014-09-24 05:40 - 04390668 _____ () C:\Users\b\Documents\Basbous - King of Rap Lebanese rap_(360p).mp4
2014-09-24 05:08 - 2014-09-24 05:08 - 08543177 _____ () C:\Users\b\Documents\راب ايجى سكول اسمع_(360p).mp4
2014-09-24 04:42 - 2014-09-24 04:42 - 09315753 _____ () C:\Users\b\Documents\راب رعب غناء همام وعمر العراقي وتصميم مستر سوات_(360p).mp4
2014-09-24 04:30 - 2014-09-24 04:30 - 08805044 _____ () C:\Users\b\Documents\عيال الجحيم خرفان العيد_(360p).mp4
2014-09-24 02:56 - 2014-09-10 00:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 17:42 - 2010-02-11 10:10 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-09-23 10:52 - 2014-09-23 10:53 - 08834912 _____ () C:\Users\b\Documents\Legacy 9 feat. Celph Titled - Hitmen_(360p).mp4
2014-09-23 10:48 - 2014-09-23 10:48 - 19423709 _____ () C:\Users\b\Documents\BIg Tymers Oh Yeah_(360p).mp4
2014-09-23 10:36 - 2014-09-23 10:36 - 03843807 _____ () C:\Users\b\Documents\Bekay- I Am (Prod. The Alchemist)_(360p).mp4
2014-09-22 22:04 - 2014-09-22 22:04 - 00208888 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKELL.sys
2014-09-21 17:04 - 2014-09-21 17:04 - 07922659 _____ () C:\Users\b\Documents\Bekay - Skemers (feat. Wordsworth)_(360p).mp4
2014-09-21 17:00 - 2014-09-21 17:00 - 10373087 _____ () C:\Users\b\Documents\Apathy - Public Execution [Demigodz Mix] (feat. Celph Titled & Esoteric) Demigodz Mix_(360p).mp4
2014-09-21 16:58 - 2014-09-21 16:58 - 03290111 _____ () C:\Users\b\Documents\Apathy & Celph Titled - Breeze Block Freestyle_(360p).mp4
2014-09-21 16:50 - 2014-09-21 16:51 - 13340699 _____ () C:\Users\b\Documents\Goondox (PMD, Sean Strange & Snowgoons) - Welcome To The Goondox_(360p).mp4
2014-09-21 16:42 - 2014-09-21 16:42 - 19967639 _____ () C:\Users\b\Documents\NECRO x DMC - MURDA YALL ft. Emilush & Caustic - OFFICIAL VIDEO (Kool G Rap cameo)_(360p).mp4
2014-09-21 16:38 - 2014-09-21 16:38 - 13813955 _____ () C:\Users\b\Documents\NECRO - THE KINK PANTHER OFFICIAL VIDEO (DIE! album)_(360p).mp4
2014-09-21 16:37 - 2014-09-21 16:37 - 02987157 _____ () C:\Users\b\Documents\Necro - Murder your Life_(360p).mp4
2014-09-21 16:34 - 2014-09-21 16:35 - 09908580 _____ () C:\Users\b\Documents\Necro - bang bang_(360p).mp4
2014-09-21 16:30 - 2014-09-21 16:30 - 16658482 _____ () C:\Users\b\Documents\Akir ft. Immortal Technique - Treason (Explicit) [HD]_(360p).mp4
2014-09-21 16:21 - 2014-09-21 16:21 - 10277514 _____ () C:\Users\b\Documents\Idle No More - Warriors by Blu ft. Knowledge & Da Okema (2013)_(360p).mp4
2014-09-21 14:30 - 2014-09-21 14:30 - 00005020 _____ () C:\ProgramData\hvcatrnw.tht
2014-09-21 14:30 - 2014-09-21 14:30 - 00000000 ____D () C:\Users\b\AppData\Roaming\Leawo
2014-09-21 14:28 - 2014-09-21 14:28 - 00002689 _____ () C:\Users\Public\Desktop\Leawo Video Editor.lnk
2014-09-21 14:25 - 2014-09-21 14:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leawo
2014-09-21 14:25 - 2014-09-21 14:25 - 00000000 ____D () C:\Program Files\Leawo
2014-09-21 14:11 - 2014-09-21 14:12 - 19404677 _____ () C:\Users\b\Documents\STRAIGHT G - JAY NORTHSIDE FT PRADA WEST & KRYPLE_(360p).mp4
2014-09-21 14:08 - 2014-09-21 14:10 - 21985494 _____ () C:\Users\b\Documents\Hustle All Day H-Town ft S.I.D Prod. by Darkone Beats (OFFICIAL VIDEO)_(360p).mp4
2014-09-21 13:57 - 2014-09-21 13:57 - 09851255 _____ () C:\Users\b\Documents\PRADA WEST - Cold World - (OFFICIAL VIDEO) - 2012_(360p).mp4
2014-09-20 13:27 - 2014-09-20 13:32 - 96404695 _____ () C:\Users\b\Documents\Swamp Thing - Creature Feature_(360p).mp4
2014-09-19 07:53 - 2014-09-19 07:53 - 00003584 _____ () C:\Users\b\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-19 07:53 - 2014-09-19 07:53 - 00000000 ____D () C:\Users\b\Documents\Any Video Editor
2014-09-19 07:53 - 2014-09-19 07:53 - 00000000 ____D () C:\Users\b\AppData\Roaming\Any Video Editor
2014-09-19 07:12 - 2014-09-19 07:57 - 00000000 ____D () C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnvSoft
2014-09-19 07:12 - 2014-09-19 07:12 - 00000000 ____D () C:\Program Files\AnvSoft
2014-09-19 03:56 - 2014-09-19 03:59 - 04337206 _____ () C:\kavremvr 2014-09-19 03-56-53 (pid 6548).log
2014-09-19 03:56 - 2014-09-19 03:56 - 07203008 _____ (Kaspersky Lab ZAO) C:\kavremover.exe
2014-09-18 16:00 - 2014-09-18 16:00 - 00262148 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-09-18 10:01 - 2014-09-18 10:01 - 05587199 _____ () C:\Users\b\Documents\Sabac - Speak Militant Ft. DJ Eclipse_(360p).mp4
2014-09-18 09:09 - 2014-09-18 09:10 - 14187795 _____ () C:\Users\b\Documents\East Coast Avengers _ Kill Bill O'Reilly [OFFICIAL MUSIC VIDEO]_(360p).mp4
2014-09-18 09:05 - 2014-09-18 09:05 - 09280639 _____ () C:\Users\b\Documents\East Coast Avengers-Shadow Of A Man_(360p).mp4
2014-09-18 07:24 - 2014-09-18 07:24 - 00000000 ____D () C:\Users\b\AppData\Local\TechSmith
2014-09-18 07:17 - 2014-09-18 07:17 - 00000000 ____D () C:\Users\b\AppData\Roaming\TechSmith
2014-09-18 07:16 - 2014-09-18 07:16 - 00000000 ____D () C:\Users\b\Documents\Camtasia Studio
2014-09-18 07:15 - 2014-09-18 07:15 - 00001126 _____ () C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2014-09-18 07:15 - 2014-09-18 07:15 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2014-09-18 07:15 - 2014-09-18 07:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2014-09-18 07:15 - 2014-09-18 07:15 - 00000000 ____D () C:\Program Files\Common Files\TechSmith Shared
2014-09-18 07:14 - 2014-09-18 07:14 - 00000000 ____D () C:\ProgramData\TechSmith
2014-09-18 07:14 - 2014-09-18 07:14 - 00000000 ____D () C:\Program Files\TechSmith
2014-09-18 07:11 - 2014-09-25 13:50 - 00000000 ____D () C:\Users\b\AppData\Local\Nero
2014-09-18 07:10 - 2014-09-18 07:10 - 00000000 ____D () C:\Users\b\Documents\NeroVideo
2014-09-17 16:57 - 2014-09-18 07:11 - 00000000 ____D () C:\Users\b\AppData\Roaming\Nero
2014-09-17 16:53 - 2014-09-17 16:53 - 00002889 _____ () C:\Users\Public\Desktop\Nero 2014.lnk
2014-09-17 16:47 - 2014-10-11 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-09-17 16:47 - 2014-10-02 17:22 - 00000000 ____D () C:\Program Files\Common Files\Nero
2014-09-17 16:47 - 2014-09-25 08:04 - 00000000 ____D () C:\Program Files\Nero
2014-09-17 16:46 - 2014-09-18 07:10 - 00000000 ____D () C:\ProgramData\Nero
2014-09-17 15:30 - 2014-09-17 15:30 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-09-17 12:57 - 2014-09-17 12:57 - 00000000 ____D () C:\Users\b\AppData\Local\Avg2014
2014-09-17 12:55 - 2014-10-11 01:51 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-09-17 12:55 - 2014-09-17 12:55 - 00000000 ____D () C:\Users\b\AppData\Roaming\TuneUp Software
2014-09-17 12:55 - 2014-09-17 12:55 - 00000000 ____D () C:\Users\b\AppData\Local\TuneUp Software
2014-09-17 12:53 - 2014-09-18 08:07 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-17 12:53 - 2014-09-17 12:56 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-09-17 11:48 - 2012-12-06 22:11 - 00163719 _____ () C:\Users\b\Desktop\Lz0.rar
2014-09-17 11:48 - 2012-12-06 22:11 - 00000000 ____D () C:\Users\b\Desktop\Lz0
2014-09-17 11:45 - 2014-09-17 11:45 - 00000000 ____D () C:\Users\b\AppData\Local\DDMSettings
2014-09-17 11:40 - 2014-09-17 11:40 - 00001543 _____ () C:\Users\b\Desktop\DivX Movies.lnk
2014-09-17 11:40 - 2014-09-17 11:40 - 00001032 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2014-09-17 11:39 - 2014-09-17 11:56 - 00000000 ____D () C:\Users\b\AppData\Roaming\DivX
2014-09-17 11:39 - 2014-09-17 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-09-17 11:39 - 2014-09-17 11:39 - 00001097 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-09-17 11:38 - 2014-09-17 11:40 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-09-17 11:36 - 2014-09-17 11:40 - 00000000 ____D () C:\Program Files\DivX
2014-09-17 11:34 - 2014-09-17 11:40 - 00000000 ____D () C:\ProgramData\DivX
2014-09-17 02:30 - 2014-09-17 02:30 - 00003065 _____ () C:\Users\b\Desktop\Connectivity Fixer.lnk
2014-09-17 02:30 - 2014-09-17 02:30 - 00000000 ____D () C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Badosoft
2014-09-17 02:30 - 2014-09-17 02:30 - 00000000 ____D () C:\Program Files\Badosoft
2014-09-16 16:14 - 2014-09-16 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alarm Clock Pro
2014-09-16 16:14 - 2014-09-16 16:14 - 00000000 ____D () C:\Program Files\Koingo Software, Inc
2014-09-16 12:45 - 2014-09-16 12:45 - 00000000 ____D () C:\Users\b\AppData\Local\Restore_Point_Creator
2014-09-16 12:44 - 2014-10-06 01:52 - 00000000 ____D () C:\Program Files\Restore Point Creator
2014-09-16 12:44 - 2014-09-16 12:44 - 00001121 _____ () C:\Users\Public\Desktop\Restore Point Creator.lnk
2014-09-16 12:44 - 2014-09-16 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restore Point Creator
2014-09-16 11:37 - 2014-09-16 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-16 11:37 - 2014-09-16 11:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-16 09:26 - 2014-09-16 09:26 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-09-16 09:26 - 2014-09-16 09:26 - 00000385 _____ () C:\Users\b\AppData\Roaminguser_gensett.xml
2014-09-16 06:01 - 2014-09-16 06:01 - 00000000 ____D () C:\ProgramData\BDLogging
2014-09-16 06:01 - 2014-09-16 06:01 - 00000000 _____ () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-09-16 06:01 - 2013-11-04 15:47 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll
2014-09-16 06:01 - 2013-11-04 15:46 - 00027168 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll
2014-09-16 06:01 - 2009-07-14 23:27 - 01461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-09-16 06:01 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2014-09-16 05:52 - 2014-09-29 08:51 - 00000000 ____D () C:\Program Files\Bitdefender
2014-09-16 05:51 - 2014-10-10 23:49 - 00000000 ____D () C:\Users\b\AppData\Roaming\QuickScan
2014-09-16 05:50 - 2014-09-29 08:41 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-09-15 09:10 - 2014-10-10 18:57 - 00000000 ____D () C:\Users\b\Desktop\Old Firefox Data
2014-09-14 04:44 - 2014-10-10 16:47 - 00000768 _____ () C:\Windows\system32\Drivers\etc\hosts.bak
2014-09-14 04:08 - 2014-09-14 04:08 - 03060320 _____ (Symantec Corporation) C:\Users\b\Desktop\NPE.exe
2014-09-14 04:06 - 2014-09-14 04:06 - 00014304 _____ () C:\ProgramData\Duplicaterecord.js
2014-09-14 04:04 - 2014-09-14 04:04 - 00000000 ____D () C:\SUPERDelete
2014-09-14 04:01 - 2014-09-14 04:10 - 00000000 ____D () C:\CCE_Quarantine
2014-09-13 05:59 - 2014-09-13 05:59 - 00000000 ____D () C:\Users\b\Desktop\Corel Auto-Preserve
2014-09-13 05:21 - 2014-09-13 05:21 - 00000921 _____ () C:\Users\b\Desktop\PhoXo.lnk
2014-09-13 05:21 - 2014-09-13 05:21 - 00000000 ____D () C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhoXo
2014-09-13 05:20 - 2014-10-04 23:35 - 00000000 ____D () C:\Users\b\AppData\Roaming\PhoXo
2014-09-13 05:13 - 2014-09-13 05:13 - 04797297 _____ () C:\Users\b\Desktop\phoxo.zip
2014-09-12 01:19 - 2014-09-12 01:19 - 00000000 ____D () C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-09-12 01:18 - 2014-09-12 01:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-09-12 01:18 - 2014-09-12 01:18 - 00001159 _____ () C:\Users\b\Desktop\AVS Video Editor.lnk
2014-09-12 00:04 - 2014-09-12 00:31 - 108325135 _____ (Online Media Technologies Ltd. ) C:\Users\b\Desktop\AVSVideoEditor.exe.qstgu2r.partial
2014-09-11 22:49 - 2014-09-11 22:49 - 00001279 _____ () C:\Users\Public\Desktop\ACDSee Video Studio.lnk
2014-09-11 05:38 - 2014-09-11 05:38 - 00000000 ____D () C:\مجلد جديد ‫‬
2014-09-11 00:11 - 2014-09-13 05:03 - 00000000 ____D () C:\Users\b\Desktop\مجلد جديد

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-11 14:02 - 2014-09-01 14:37 - 00000000 ____D () C:\Users\b\Desktop\Tweaking.com - Windows Repair
2014-10-11 14:00 - 2014-09-06 08:18 - 00644430 _____ () C:\Windows\system32\perfh01F.dat
2014-10-11 14:00 - 2014-09-06 08:18 - 00135812 _____ () C:\Windows\system32\perfc01F.dat
2014-10-11 14:00 - 2010-11-21 00:01 - 02941380 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-11 13:57 - 2014-09-01 00:34 - 01527027 _____ () C:\Windows\WindowsUpdate.log
2014-10-11 13:56 - 2014-09-01 04:25 - 00000872 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-11 13:56 - 2009-07-14 07:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-11 13:55 - 2011-04-12 05:24 - 00000000 ____D () C:\Windows\CSC
2014-10-11 13:55 - 2010-11-21 00:48 - 00373680 _____ () C:\Windows\PFRO.log
2014-10-11 13:55 - 2009-07-14 07:34 - 00040768 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-11 13:55 - 2009-07-14 07:34 - 00040768 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-11 13:43 - 2014-09-01 00:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-11 13:34 - 2009-07-14 05:04 - 00000768 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_423
2014-10-11 13:30 - 2014-09-01 04:25 - 00000876 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-11 13:23 - 2014-09-08 13:35 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-10-11 13:22 - 2014-09-01 20:15 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-11 13:22 - 2014-09-01 01:35 - 00000000 ____D () C:\ProgramData\spotflux
2014-10-11 13:22 - 2014-09-01 01:35 - 00000000 ____D () C:\Program Files\Spotflux
2014-10-11 13:06 - 2014-09-01 00:43 - 00122696 _____ () C:\Users\b\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-11 12:18 - 2009-07-14 07:53 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-11 12:12 - 2009-07-14 07:33 - 00419840 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-11 10:53 - 2014-09-01 03:20 - 00000000 ____D () C:\Users\b\Documents\BB FlashBack Movies
2014-10-11 02:46 - 2014-09-01 01:39 - 00000000 ____D () C:\Users\b\Documents\CaptureWiz
2014-10-11 02:00 - 2014-09-08 00:54 - 00000000 ____D () C:\Users\b\AppData\Local\Adobe
2014-10-11 01:07 - 2014-09-01 00:36 - 00000000 ____D () C:\Users\b
2014-10-11 00:10 - 2014-09-03 16:36 - 00000000 ____D () C:\Users\b\AppData\Roaming\Youtube Downloader HD
2014-10-11 00:10 - 2014-09-01 20:17 - 00000000 ____D () C:\Program Files\UVK - Ultra Virus Killer
2014-10-11 00:10 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-10-11 00:09 - 2014-09-01 01:42 - 00000000 ____D () C:\ProgramData\Real
2014-10-11 00:09 - 2011-04-12 05:24 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-10-11 00:09 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\registration
2014-10-10 22:47 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-10-10 17:20 - 2014-09-05 20:10 - 00000000 ____D () C:\Users\b\AppData\Roaming\Sony
2014-10-10 17:20 - 2014-09-03 00:03 - 00000000 ____D () C:\Users\b\AppData\Local\Downloaded Installations
2014-10-10 17:06 - 2014-09-06 02:52 - 00000000 ____D () C:\Qoobox
2014-10-10 16:58 - 2014-09-01 02:10 - 00000000 ____D () C:\Users\b\AppData\Roaming\Spy Emergency
2014-10-10 16:26 - 2014-09-08 14:14 - 00000000 ____D () C:\AdwCleaner
2014-10-10 16:19 - 2014-09-06 10:46 - 00000000 ____D () C:\Users\b\AppData\Local\NPE
2014-10-10 14:54 - 2014-09-01 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2014-10-10 14:51 - 2014-09-06 10:48 - 00000000 ____D () C:\NPE
2014-10-10 14:41 - 2014-09-01 20:17 - 00001973 _____ () C:\Users\Public\Desktop\UVK - Ultra Virus Killer.lnk
2014-10-09 17:05 - 2014-09-01 03:20 - 00000000 ____D () C:\Users\b\AppData\Roaming\Blueberry
2014-10-08 14:45 - 2014-09-01 04:26 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-06 19:45 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-06 15:50 - 2014-09-01 03:20 - 00000000 ____D () C:\Program Files\Common Files\Blueberry Software
2014-10-06 13:18 - 2014-09-06 02:52 - 00000000 ____D () C:\Windows\erdnt
2014-10-06 10:46 - 2014-09-07 00:44 - 00011781 ___SH () C:\Users\b\AppData\Local\win_flfiles_sys.dat
2014-10-06 10:46 - 2014-09-07 00:44 - 00003465 ___SH () C:\Users\b\AppData\Local\win_stlthdb_sys.dat
2014-10-06 01:52 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-04 23:34 - 2014-09-03 16:36 - 00000000 ____D () C:\Program Files\Youtube Downloader HD
2014-10-04 20:33 - 2014-09-01 01:53 - 00000000 ____D () C:\Users\b\AppData\Local\CrashDumps
2014-10-04 16:20 - 2009-07-14 05:04 - 00000215 _____ () C:\Windows\system.ini
2014-10-03 19:37 - 2014-09-05 20:15 - 00000000 ____D () C:\Users\b\Documents\Movie Studio Platinum 13.0 Projects
2014-10-01 16:01 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\rescache
2014-10-01 06:31 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\Speech
2014-09-30 17:08 - 2014-09-09 04:57 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-09-30 17:08 - 2014-09-09 04:53 - 00000000 ____D () C:\Program Files\Baidu Security
2014-09-29 16:58 - 2014-09-01 00:40 - 00000000 ____D () C:\Program Files\InstallShield Installation Information
2014-09-29 16:51 - 2009-07-14 05:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-29 16:49 - 2014-09-01 01:00 - 00000000 ____D () C:\Program Files\Corel
2014-09-29 15:59 - 2014-09-05 20:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-09-29 15:59 - 2014-09-05 20:12 - 00000000 ____D () C:\Program Files\Sony
2014-09-29 13:54 - 2014-09-03 00:08 - 00000000 ____D () C:\Users\b\AppData\Roaming\ACD Systems
2014-09-29 13:54 - 2014-09-03 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2014-09-29 13:53 - 2014-09-03 00:04 - 00000000 ____D () C:\Program Files\ACD Systems
2014-09-29 13:44 - 2014-09-03 00:08 - 00000000 ____D () C:\Users\b\AppData\Local\ACD Systems
2014-09-29 13:40 - 2014-09-03 00:04 - 00000000 ____D () C:\Program Files\Common Files\ACD Systems
2014-09-27 11:00 - 2014-09-01 01:02 - 00000000 ____D () C:\ProgramData\Protexis
2014-09-27 10:58 - 2014-09-01 01:02 - 00000000 ____D () C:\Users\b\AppData\Roaming\Corel
2014-09-27 10:55 - 2014-09-01 01:00 - 00000000 ____D () C:\ProgramData\Corel
2014-09-27 09:05 - 2014-09-01 01:10 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-27 07:14 - 2014-09-05 20:12 - 00000000 ____D () C:\Users\b\AppData\Local\Sony
2014-09-27 07:04 - 2014-09-05 20:12 - 00000000 ____D () C:\ProgramData\Sony
2014-09-27 04:54 - 2014-09-01 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-09-26 08:23 - 2014-09-01 01:02 - 00000000 ____D () C:\Users\b\AppData\Roaming\Ulead Systems
2014-09-26 08:17 - 2014-09-06 02:11 - 00000000 ____D () C:\Users\b\AppData\Local\Cyberlink
2014-09-26 08:03 - 2014-09-06 00:16 - 00000000 ____D () C:\Program Files\CyberLink
2014-09-26 08:02 - 2014-09-06 00:15 - 00000000 ____D () C:\ProgramData\install_clap
2014-09-26 06:26 - 2014-09-01 20:00 - 00000000 ____D () C:\Users\Public\Documents\Wondershare
2014-09-25 14:15 - 2014-09-01 00:39 - 00000000 ____D () C:\Program Files\Broadcom
2014-09-25 13:40 - 2014-09-01 00:41 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-09-25 13:39 - 2014-09-01 00:41 - 00000000 ____D () C:\Program Files\Intel
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\th-TH
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\it-IT
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\he-IL
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\et-EE
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-09-25 13:37 - 2014-09-01 00:39 - 00006656 _____ () C:\Windows\system32\bcmwlrc.dll
2014-09-25 12:50 - 2014-09-05 22:34 - 00000000 ____D () C:\Users\b\AppData\Roaming\MAGIX
2014-09-25 10:28 - 2014-09-01 00:40 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-09-25 08:27 - 2014-09-01 01:16 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack
2014-09-24 16:32 - 2014-09-01 19:59 - 00000000 ____D () C:\Users\b\Documents\Wondershare DVD Slideshow Builder Deluxe
2014-09-24 03:43 - 2014-09-01 00:57 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-24 03:43 - 2014-09-01 00:57 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-20 10:04 - 2009-07-14 05:03 - 50855936 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-09-20 10:04 - 2009-07-14 05:03 - 17563648 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-09-20 10:04 - 2009-07-14 05:03 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-09-20 10:04 - 2009-07-14 05:03 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-09-20 10:04 - 2009-07-14 05:03 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-09-18 08:06 - 2014-09-01 01:35 - 00000000 ____D () C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-17 16:55 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\Cursors
2014-09-17 07:37 - 2014-09-01 03:26 - 00000000 ____D () C:\ProgramData\Blueberry
2014-09-17 07:31 - 2014-09-01 03:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blueberry Software
2014-09-17 07:31 - 2014-09-01 03:20 - 00000000 ____D () C:\Program Files\Blueberry Software
2014-09-17 07:31 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\Help
2014-09-15 09:06 - 2014-09-01 01:05 - 00231568 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-14 04:10 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\IME
2014-09-14 04:06 - 2014-09-09 04:58 - 00000000 ____D () C:\Users\b\AppData\Roaming\Baidu Security
2014-09-14 04:06 - 2014-09-09 04:53 - 00000000 ____D () C:\ProgramData\Baidu Security
2014-09-14 03:36 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Public
2014-09-13 10:51 - 2014-09-04 18:16 - 00000000 ____D () C:\Program Files\PhoXo
2014-09-12 01:19 - 2014-09-09 04:40 - 00000000 ____D () C:\Program Files\Common Files\AVSMedia
2014-09-12 01:19 - 2014-09-09 04:40 - 00000000 ____D () C:\Program Files\AVS4YOU
2014-09-11 20:34 - 2014-09-09 04:58 - 00000000 ____D () C:\Users\b\AppData\Local\29001

Files to move or delete:
====================
C:\ProgramData\Duplicaterecord.js
C:\ProgramData\whlb32g.dll
C:\ProgramData\whlpusp32.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-08 23:32

==================== End Of Log ============================

Link to post
Share on other sites
Gt-truth

Gt-truth

Posted
  • Author
Posted

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-10-2014 01
Ran by b at 2014-10-11 14:03:40
Running from C:\Users\b\Desktop\Tweaking.com - Windows Repair
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Leawo Video Editor version  2.6.0.0 (HKLM\...\{29312768-5795-483C-805A-7D01B8FC7C0E}_is1) (Version:  - )
ACDSee 17 (HKLM\...\{A47900DC-2011-46C8-8E07-5BDD9D83DE47}) (Version: 17.1.68 - ACD Systems International Inc.)
ACDSee 18 (HKLM\...\{6D0F6DF4-553E-43CD-AA95-69AB3644A8FF}) (Version: 18.0.0.225 - ACD Systems International Inc.)
ACDSee Photo Editor 6 (HKLM\...\ACDSee Photo Editor 6) (Version: 6.0.359 - ACD Systems of America Inc)
ACDSee Video Studio (HKLM\...\ACDSee_acdVStudio) (Version: 1.0.0.54 - ACD Systems International Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Alarm Clock Pro (HKLM\...\{F8240277-FBC4-487C-91D2-2ADB92AB4136}) (Version: 9.6 - Koingo Software, Inc.)
AMS Photo Effects 3.15 (HKLM\...\AMS Photo Effects_is1) (Version:  - AMS Software)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoImpression 6 (HKLM\...\{8DE40268-220A-4AF6-90EC-09966CBE8772}) (Version:  - ArcSoft)
ArcSoft PhotoStudio 6 (HKLM\...\{F95BCC10-FDA6-45BC-9AEC-C4CCCB385844}) (Version: 6.0.5.182 - ArcSoft)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Aurora 3D Text & Logo Maker version 14.09.11 (HKLM\...\{4F6B6582-B9F6-42B2-AAFC-48E097D07837}_is1) (Version: 14.09.11 - Aurora3D Software)
AviSynth 2.5 (HKLM\...\AviSynth) (Version:  - )
AVS Video Editor 6.5 (HKLM\...\AVS Video Editor_is1) (Version: 6.5.1.246 - Online Media Technologies Ltd.)
BB FlashBack Pro 4 (HKLM\...\BB FlashBack Pro 4) (Version: 4.1.11.3266 - Blueberry)
BB FlashBack Pro 5 (HKLM\...\BB FlashBack Pro 5) (Version: 5.1.0.3354 - Blueberry)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.249.2 - Broadcom Corporation)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.2.4.2 - Broadcom Corporation)
C3D (Version: 1.0.0.252 - Corel Corporation) Hidden
C3DHelp (Version: 1.0.0.252 - Corel Corporation) Hidden
Camtasia Studio 8 (HKLM\...\{765AD29A-7EF5-4456-8F6F-83467E52AB52}) (Version: 8.4.3.1792 - TechSmith Corporation)
CaptureWizPro 5.40 (HKLM\...\CaptureWiz) (Version:  - )
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Clean Space 2014.00 (HKLM\...\Clean Space 2014) (Version:  - )
Connectivity Fixer (HKLM\...\{F053A091-E262-41C2-A36A-39352E1F8E8B}) (Version: 1.2.0 - Badosoft)
Contents (Version: 17.0.0.249 - Corel Corporation) Hidden
Corel DVD MovieFactory 7 (Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory 7 TBYB (HKLM\...\InstallShield_{218D2E7E-37A9-4B5D-B4A1-13FD6B8B9D17}) (Version: 7.0.0 - Corel Corporation)
Corel KPT Collection (HKLM\...\_{B16DC136-9583-4C54-BE27-F001BBC546B1}) (Version: 1.0.0.109 - Corel Corporation)
Corel KPT Collection (Version: 1.0.0.109 - Corel Corporation) Hidden
Corel MotionStudio 3D 1.0 (HKLM\...\_{CC9512A6-8BF7-4FD5-BCCF-05F6FCD19961}) (Version: 1.0.0.252 - Corel Corporation)
Corel Painter 2015 - IPM (Version: 14.0 - Corel Corporation) Hidden
Corel Painter 2015 - IPM Content (Version: 14.0 - Corel Corporation) Hidden
Corel Painter 2015 (HKLM\...\_{C4A2AABC-6E81-47DD-9AF4-14C9020F667F}) (Version: 14.0.0.728 - Corel Corporation)
Corel PaintShop Pro X7  (HKLM\...\_{176F50D6-6857-49CE-B731-65F757EE3F0D}) (Version: 17.0.0.199 - Corel Corporation)
Corel PaintShop Pro X7 (Version: 17.0.0.199 - Corel Corporation) Hidden
Corel VideoStudio Pro X7 (HKLM\...\_{77B3BEA9-835C-4DDF-BCE7-1510271E4E37}) (Version: 17.1.0.22 - Corel Corporation)
Creative Content (Version: 1.0.0.114 - Corel Corporation) Hidden
CyberLink AudioDirector 4 (Version: 4.0.3522.0 - CyberLink Corp.) Hidden
CyberLink ColorDirector 2 (Version: 2.0.2315.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2930.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2930.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 13 (HKLM\...\{BA385AFC-00B1-417C-8C20-74B996EF3AF0}) (Version: 13.0.2104.0 - CyberLink Corp.)
CyberLink PowerDirector Ultimate Suite 2 (HKLM\...\InstallShield_{4203EA37-6F40-424F-BDBE-52DA526CF44C}) (Version: 2.0 - CyberLink Corp.)
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version:  - Lars Hederer)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Everything 1.2.1.371 (HKLM\...\Everything) (Version:  - )
Folder Lock (HKLM\...\Folder Lock) (Version:  - New Softwares.net)
FontTwister 1.4 (HKLM\...\FontTwister) (Version: 1.4 - Neuber GmbH)
Free Video Editor version 1.4.5.923 (HKLM\...\Free Video Editor_is1) (Version: 1.4.5.923 - DVDVideoSoft Ltd.)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc‎.‎)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
ICA (Version: 1.0.0.252 - Corel Corporation) Hidden
ICA (Version: 17.0.0.199 - Corel Corporation) Hidden
ICA (Version: 17.0.0.249 - Corel Corporation) Hidden
IconHandler 32 bit (Version: 2.0 - Corel Corporation) Hidden
Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
IPM_C3D (Version: 1.0.0.252 - Corel Corporation) Hidden
IPM_PSP_COM (Version: 17.0.0.199 - Corel Corporation) Hidden
IPM_VS_Pro (Version: 17.0 - Corel Corporation) Hidden
Itibiti RTC (Version: 0.0.1 - Itibiti Inc) Hidden
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
KNCTR (HKLM\...\Itibiti_is1) (Version:  - Itibiti Inc.)
Leawo Video Editor (HKLM\...\{BED0B2F1-BEBF-433F-B224-652C29ABE7EF}) (Version: 6.00.000 - Leawo)
mediAvatar Video Editor  (HKCU\...\mediAvatar Video Editor ) (Version: 2.2.0.20120901 - mediAvatar)
Microsoft .NET Framework 4.5.1 (ARA) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (TRK) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Türkçe) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1055) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ Run Time  Lib Setup (HKLM\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Mobogenie3 (HKLM\...\Mobogenie3) (Version: 3.1.0.68115 - Mobogenie.com) <==== ATTENTION
Moo0 منظف القرص 1.23 (HKLM\...\Moo0 DiskCleaner) (Version:  - )
Movavi Video Editor (HKLM\...\Movavi Video Editor 9) (Version: 9.6.2 - Movavi)
Movie Studio Platinum 13.0 (HKLM\...\{C18DEAA1-CBFB-11E3-AE05-F04DA23A5C58}) (Version: 13.0.931 - Sony)
moviEZ HD (HKLM\...\{C9A19BDE-1B32-0EC3-4A30-3CA66B01ECDC}) (Version: 8.0.1.26438 - Sony Creative Software Inc.)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 2014 (HKLM\...\{B7D4C429-9CAB-4B97-A879-AFD1F922DD27}) (Version: 15.0.06800 - Nero AG)
Nero 2014 Content Pack (HKLM\...\{204A26F0-01B8-4656-8607-5CCEDE820BC2}) (Version: 15.0.00200 - Nero AG)
Nero Abstract Themes (Version: 16.0.10002 - Nero AG) Hidden
Nero Audio Pack 1 (Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero Blu-ray Player (Version: 12.1.20081 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (Version: 15.0.00015 - Nero AG) Hidden
Nero Burning Core (Version: 15.0.25001 - Nero AG) Hidden
Nero Burning ROM (Version: 15.0.25001 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (Version: 15.0.00021 - Nero AG) Hidden
Nero Cliparts (Version: 16.0.10002 - Nero AG) Hidden
Nero ControlCenter (Version: 11.2.0008 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (Version: 15.0.00015 - Nero AG) Hidden
Nero Core Components (Version: 11.4.0013 - Nero AG) Hidden
Nero Device Updates (Version: 15.0.1002 - Nero AG) Hidden
Nero Disc Menus 1 (Version: 16.0.10002 - Nero AG) Hidden
Nero Disc Menus 2 (Version: 16.0.10002 - Nero AG) Hidden
Nero Disc Menus 3 (Version: 16.0.10002 - Nero AG) Hidden
Nero Disc Menus Basic (Version: 16.0.10002 - Nero AG) Hidden
Nero Disc to Device (Version: 16.0.1007 - Nero AG) Hidden
Nero Effects Basic (Version: 16.0.10002 - Nero AG) Hidden
Nero Express (Version: 15.0.25001 - Nero AG) Hidden
Nero Express Help (CHM) (Version: 15.0.00021 - Nero AG) Hidden
Nero Family and Events Themes (Version: 16.0.10002 - Nero AG) Hidden
Nero Football (Soccer) Themes (Version: 16.0.10002 - Nero AG) Hidden
Nero Holiday and Sports Themes (Version: 16.0.10002 - Nero AG) Hidden
Nero Image Samples (Version: 16.0.10002 - Nero AG) Hidden
Nero Info (HKLM\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
Nero Kwik Themes Basic (Version: 16.0.10002 - Nero AG) Hidden
Nero Launcher (Version: 15.0.12000 - Nero AG) Hidden
Nero MediaHome (Version: 1.26.7400 - Nero AG) Hidden
Nero MediaHome Help (CHM) (Version: 15.0.00021 - Nero AG) Hidden
Nero PiP Effects 1 (Version: 16.0.10002 - Nero AG) Hidden
Nero PiP Effects Basic (Version: 16.0.10002 - Nero AG) Hidden
Nero Platinum Effects 12 (Version: 16.0.10002 - Nero AG) Hidden
Nero Prerequisite Installer 3.0 (HKLM\...\{E9ED7BE7-B6E6-46FA-AE9E-81E9FD1E0152}) (Version: 15.0.00400 - Nero AG)
Nero Recode (Version: 15.0.27001 - Nero AG) Hidden
Nero Recode Help (CHM) (Version: 15.0.00021 - Nero AG) Hidden
Nero RescueAgent (Version: 15.0.2000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (Version: 15.0.00015 - Nero AG) Hidden
Nero Retro Film Themes (Version: 16.0.10002 - Nero AG) Hidden
Nero SharedVideoCodecs (Version: 1.0.16006 - Nero AG) Hidden
Nero Update (Version: 11.0.13600.45.0 - Nero AG) Hidden
Nero Video (Version: 15.0.27001 - Nero AG) Hidden
Nero Video Help (CHM) (Version: 15.0.00021 - Nero AG) Hidden
Nero Video Samples (Version: 16.0.10002 - Nero AG) Hidden
Nero Video Transitions 1 (Version: 16.0.10002 - Nero AG) Hidden
NewBlue Video Essentials for PowerDirector (HKLM\...\NewBlue Video Essentials for Cyberlink) (Version: 3.0 - NewBlue)
NewBlue Video Essentials for Windows (HKLM\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF4819}) (Version: 4.0.3 - dotPDN LLC)
Painter 2015 - Content (Version: 14.0 - Corel Corporation) Hidden
Painter 2015 - Core (Version: 14 - Corel Corporation) Hidden
Painter 2015 - CT (Version: 14.0 - Corel Corporation) Hidden
Painter 2015 - DE (Version: 14.0 - Corel Corporation) Hidden
Painter 2015 - EN (Version: 14.0 - Corel Corporation) Hidden
Painter 2015 - FR (Version: 14.0 - Corel Corporation) Hidden
Painter 2015 - Painter (Version: 14.0 - Corel Corporation) Hidden
Painter 2015 - Setup Files (Version: 14.0 - Corel Corporation) Hidden
Photo-Brush 5.30 (HKLM\...\Photo-Brush_is1) (Version: Photo-Brush 5.30 - Mediachance Corp.)
PhotoImpact X3 (HKLM\...\InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}) (Version: 13.0 - Corel)
PhotoImpact X3 (Version: 13.0 - Corel) Hidden
Photolightning (HKLM\...\Photolightning) (Version: 5.51 - Photolightning)
Photomizer Retro (HKLM\...\{41B5224D-7853-4EA5-0001-C8949A33B608}) (Version: 2.0.14.106 - Engelmann Media GmbH)
PhotoPad Image Editor (HKLM\...\PhotoPad) (Version: 2.58 - NCH Software)
PhoXo (HKLM\...\PhoXo) (Version: 8.2.0.0 - PhoXo)
PIXresizer (HKLM\...\PIXresizer_is1) (Version: 2.0.7 - Bluefive software)
Prerequisite installer (Version: 15.0.0007 - Nero AG) Hidden
Privacy Eraser (HKLM\...\{CB5AC03C-B8AD-980F-998E-51969A6DFC9F}_is1) (Version: 2.10.0.756 - Cybertron Software Co., Ltd.)
PSPPContent (Version: 17.0.0.199 - Corel Corporation) Hidden
PSPPHelp (Version: 17.0.0.199 - Corel Corporation) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QupZilla 1.8.0 (HKLM\...\QupZilla) (Version: 1.8.0 - QupZilla Team)
Rapport (Version: 3.5.1404.17 - Trusteer) Hidden
RealDownloader (Version: 17.0.13 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM\...\RealPlayer 17.0) (Version: 17.0.13 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6156 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recool SWF to HTML5 Converter (HKLM\...\{22327931-4B09-4D21-8D25-620B6B476095}_is1) (Version:  - Recool Software Co., LTD)
Restore Point Creator version 2.4 (HKLM\...\{CC48DE1C-8EC2-43BC-9201-29701CD9AE13}_is1) (Version: 2.4 - )
Ribble (HKCU\...\Ribble) (Version: 1.2.1.0 - Dorrible)
SanityCheck 3.00 (HKLM\...\SanityCheck_is1) (Version:  - Resplendence Software Projects Sp.)
Setup (Version: 1.0.0.252 - Corel Corporation) Hidden
Setup (Version: 17.0.0.199 - Corel Corporation) Hidden
Setup (Version: 17.0.0.249 - Corel Corporation) Hidden
Share (Version: 17.0.0.249 - Corel Corporation) Hidden
simplitec simplicheck (HKLM\...\{1F52F36E-895D-4E01-B4D4-E23C4FA4193B}) (Version: 1.3.10.0 - simplitec GmbH)
Smart Photo Editor Trial (HKLM\...\SmartPhotoEditor1Trial_is1) (Version: 1.20 - Anthropics Technology Ltd.)
Sony Photo Go 1.0 (HKLM\...\{E3BE5DF1-0D65-4774-904E-0192ABF29AF9}) (Version: 1.0.123 - Sony)
Sothink Flash Downloader for Browser (HKLM\...\{888DEFB8-CFCE-43FE-A7C8-9B18C4450719}_is1) (Version:  - SourceTec Software Co., LTD)
Sothink SWF Catcher (HKLM\...\{49273419-5179-4866-9F71-5CF346F302CF}_is1) (Version: 2.6 - SourceTec Software Co., LTD)
Sothink SWF Decompiler (HKLM\...\{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1) (Version: 7.4 - SourceTec Software Co., LTD)
Sothink SWF Editor (HKLM\...\{0BF1DE3D-31B9-417F-A915-4BCC5AAEE3CD}_is1) (Version: 1.3 - SourceTec Software Co., LTD)
Sound Forge Audio Studio 10.0 (HKLM\...\{BC208D90-4643-11E3-987B-F04DA23A5C58}) (Version: 10.0.252 - Sony)
Spy Emergency (HKLM\...\Spy Emergency_is1) (Version:  - NETGATE Technologies s.r.o.)
ThunderSoft Flash to HTML5 Converter (2.3.2.0) (HKLM\...\ThunderSoft Flash to HTML5 Converter_is1) (Version: 2.3.2.0 - ThunderSoft)
Trusteer Endpoint Protection (HKLM\...\Rapport_msi) (Version: 3.5.1404.17 - Trusteer)
Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 1.10.0 - Tweaking.com)
UltraSnap PRO 3.3 (HKLM\...\UltraSnap PRO_is1) (Version:  - Mediachance)
UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden
UVK - Ultra Virus Killer (HKLM\...\UVK - Ultra virus killer) (Version: 6.8.1.1 - Carifred)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VSClassic (Version: 17.0.0.249 - Corel Corporation) Hidden
VSPro (Version: 17.0.0.249 - Corel Corporation) Hidden
WhoCrashed 5.02 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (Version: 9.00.2980 - Microsoft Corporation) Hidden
WinRAR 5.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wondershare DVD Slideshow Builder Deluxe(Build 6.2.0.0) (HKLM\...\Wondershare DVD Slideshow Builder Deluxe_is1) (Version: 6.2.0.0 - Wondershare Software Co.,Ltd.)
Wondershare Video Editor(Build 4.7.0) (HKLM\...\Wondershare Video Editor_is1) (Version:  - Wondershare Software)
Xara 3D Maker 7 (HKLM\...\MAGIX_{19B9DAD6-5E6E-4B80-8EFE-314B5638D6D4}) (Version: 7.0.0.442 - Xara Group Ltd)
Xara 3D Maker 7 (Version: 7.0.0.442 - Xara Group Ltd) Hidden
Your Uninstaller! 7 (HKLM\...\YU2010_is1) (Version: 7.5.2013.2 - URSoft, Inc.)
Youtube Downloader HD v. 2.9.9.15 (HKLM\...\Youtube Downloader HD_is1) (Version:  - YoutubeDownloaderHD.com)
دعم تطبيق Apple (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

04-10-2014 11:28:36 ComboFix created restore point
06-10-2014 08:31:08 Windows Defender Checkpoint
06-10-2014 10:17:20 Created By FixIEDef
08-10-2014 18:17:49 Installed Rapport
10-10-2014 10:32:55 Before uninstalling Ashampoo Anti-Virus v.1.1.1
10-10-2014 11:44:43 Before uninstalling Hotspot Shield 3.42
10-10-2014 11:53:14 Installed Rapport
10-10-2014 16:55:37 Before uninstalling µTorrent
10-10-2014 17:03:42 zoek.exe restore point
10-10-2014 18:04:40 Before uninstalling Malwarebytes Anti-Malware version 2.0.3.1025
10-10-2014 20:06:55 Before uninstalling SUPERAntiSpyware
10-10-2014 22:48:59 Before uninstalling TuneUp Utilities 2014
10-10-2014 22:50:55 ‏‏تم إزالة TuneUp Utilities 2014
10-10-2014 22:51:55 Removed TuneUp Utilities 2014 (en-US)
10-10-2014 23:03:02 Before uninstalling Winner Media Player 1.4.3.6084
11-10-2014 10:18:32 Before uninstalling Hotspot Shield 3.42
11-10-2014 10:21:26 Before uninstalling Spotflux

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:04 - 2014-10-11 13:38 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {21834A82-2EA8-4A1C-8A35-267785EFD175} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Create Restore Point) (For User b) => C:\Program Files\Restore Point Creator\Restore Point Creator.exe [2014-10-06] ()
Task: {2D99B3B2-EF74-4352-AE98-2A0E88E4017F} - System32\Tasks\AdobeAAMUpdater-1.0-b-PC-b => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {461D9868-FAAE-4973-BE89-0AD3A57BE688} - System32\Tasks\DivX online update program => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2014-01-10] ()
Task: {5CAB1BEC-E2B4-4C7C-8EF3-58B099AE4763} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6883BEC8-43CA-4F89-A89C-C0C910A62D90} - System32\Tasks\Nero\Nero Info => C:\Program Files\Common Files\Nero\Nero Info\NeroInfo.exe [2014-09-25] (Nero AG)
Task: {80683910-4695-44CD-A0AF-5B85C657BFE6} - System32\Tasks\System Restore Checkpoint by System Restore Point Creator => C:\Program Files\Restore Point Creator\Restore Point Creator.exe [2014-10-06] ()
Task: {9B4BEE34-39FC-4042-98E8-4270EF074A8C} - \060184C3-9766-46a0-B258-F4518A0B2633 No Task File <==== ATTENTION
Task: {9C73A3C2-EBA8-4EB6-A7D0-B23F728761BB} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-514264213-2229734732-364638501-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {A3A9C896-9864-494B-9775-EC399AB5A19E} - System32\Tasks\Real Player online update program => C:\Program Files\Real\RealPlayer\update\realsched.exe [2014-09-01] (RealNetworks, Inc.)
Task: {AEFD0250-7475-4CD5-B094-0E7B530ED57D} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-514264213-2229734732-364638501-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {B165E252-E297-4081-B5EE-2A1D4344C202} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {CFA0D591-EB82-4405-B3ED-10DC43639F77} - System32\Tasks\Cybertron\Privacy Eraser\SkipUAC => C:\Program Files\Cybertron\Privacy Eraser\PrivacyEraser.exe [2014-09-30] (Cybertron Software, Co., Ltd.)
Task: {D617ED3D-8ED7-46D6-A48C-9E0312F1DE8A} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (For User b) => C:\Program Files\Restore Point Creator\Restore Point Creator.exe [2014-10-06] ()
Task: {E9629D81-345D-455C-A523-9FB9A37CFC41} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Create Custom Restore Point) (For User b) => C:\Program Files\Restore Point Creator\Restore Point Creator.exe [2014-10-06] ()
Task: {F0561263-A402-4F9F-A4E5-32A67440A616} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-09-01] (Google Inc.)
Task: {FBCC9D71-D9F5-4F40-AE9F-ADCD27AEC9C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-09-01] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\System Restore Checkpoint by System Restore Point Creator.job => C:\Program Files\Restore Point Creator\Restore Point Creator.exe

==================== Loaded Modules (whitelisted) =============

2014-07-30 05:04 - 2014-07-30 05:04 - 00023552 _____ () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
2014-09-01 02:10 - 2007-02-02 11:16 - 00163840 _____ () C:\Program Files\NETGATE\Spy Emergency\unrar.dll
2014-07-16 11:05 - 2014-07-16 11:05 - 00710304 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
2014-09-25 13:40 - 2014-09-25 13:40 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\03d9e855a8969bf00dd1bfeafa5d055e\IsdiInterop.ni.dll
2014-09-01 00:41 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-09-25 03:54 - 2014-09-25 03:54 - 03715184 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-514264213-2229734732-364638501-500 - Administrator - Disabled)
b (S-1-5-21-514264213-2229734732-364638501-1000 - Administrator - Enabled) => C:\Users\b
Guest (S-1-5-21-514264213-2229734732-364638501-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: محول الاتصال النفقي لـ Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: محول شبكة الاتصال Broadcom 802.11n
Description: محول شبكة الاتصال Broadcom 802.11n
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 1.3M HD WebCam
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/11/2014 01:56:22 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (10/11/2014 01:38:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: ‏‏فشل إنشاء سياق التنشيط  لـ "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
تعذر العثور على التجميع Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.

Error: (10/11/2014 01:38:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: ‏‏فشل إنشاء سياق التنشيط  لـ "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
تعذر العثور على التجميع Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.

Error: (10/11/2014 01:17:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ‏‏توقف البرنامج FRST.exe الإصدار 8.10.2014.1 عن التفاعل مع Windows وتم إغلاقه. لمعرفة ما إذا كان يتوفر مزيد من المعلومات حول المشكلة، قم بالاطلاع على محفوظات المشكلة في "مركز الصيانة" من لوحة التحكم.

معرّف العملية: 880

وقت بدء التشغيل: 01cfe53c61f7f180

وقت الإنهاء: 0

مسار التطبيق: C:\Users\b\Desktop\Tweaking.com - Windows Repair\FRST.exe

معرف التقرير:

Error: (10/11/2014 01:02:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏اسم ‏‏التطبيق الذي يحتوي على أخطاء: runscanner.exe، الإصدار: 2.0.0.60، الطابع الزمني: 0x4e428601
اسم الوحدة النمطية التي تحتوي على أخطاء: KERNELBASE.dll، الإصدار: 6.1.7601.18409، الطابع الزمني: 0x531599f6
رمز الاستثناء: 0x0eedfade
إزاحة الخطأ: 0x0000812f
معرّف العملية التي تحتوي على خطأ: 0xdf0
وقت بدء تشغيل التطبيق الذي يحتوي على خطأ: 0xrunscanner.exe0
مسار التطبيق الذي يحتوي على خطأ: runscanner.exe1
 مسار الوحدة النمطية التي تحتوي على خطأ: runscanner.exe2
معرف التقرير: runscanner.exe3

Error: (10/11/2014 00:56:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: ‏‏فشل إنشاء سياق التنشيط  لـ "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
تعذر العثور على التجميع Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.

Error: (10/11/2014 00:56:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: ‏‏فشل إنشاء سياق التنشيط  لـ "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
تعذر العثور على التجميع Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.

Error: (10/11/2014 00:52:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: ‏‏فشل إنشاء سياق التنشيط  لـ "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
تعذر العثور على التجميع Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.

Error: (10/11/2014 00:52:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: ‏‏فشل إنشاء سياق التنشيط  لـ "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
تعذر العثور على التجميع Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.

Error: (10/11/2014 00:08:44 PM) (Source: WinMgmt) (EventID: 4) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\TR-TR\AACLIENT.MFL


System errors:
=============
Error: (10/11/2014 01:45:02 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (10/11/2014 01:19:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: ‏‏تم إنهاء الخدمة Hotspot Shield Monitoring Service بشكل غير متوقع. حدث ذلك 1 مرة.

Error: (10/11/2014 01:04:24 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: ‏‏لم يتم بدء تشغيل الخدمة 'WMPNetworkSvc' بشكلٍ صحيح لأن CoCreateInstance(CLSID_UPnPDeviceFinder)‎ واجه الخطأ '0x80004005'. تحقق من تشغيل خدمة UPnPHost ومن تثبيت مكون UPnPHost لـ Windows بشكلٍ صحيح.

Error: (10/11/2014 00:35:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: ‏‏تم تعيين الخدمة PEVSystemStart كخدمة تفاعلية على الرغم من عدم سماح تكوين النظام بحيث يسمح بالخدمات التفاعلية. قد لا تعمل هذه الخدمة بشكل صحيح.

Error: (10/11/2014 00:22:23 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: ‏‏تم تعيين الخدمة PEVSystemStart كخدمة تفاعلية على الرغم من عدم سماح تكوين النظام بحيث يسمح بالخدمات التفاعلية. قد لا تعمل هذه الخدمة بشكل صحيح.

Error: (10/11/2014 00:22:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: ‏‏تم إنهاء الخدمة RealPlayer Update Service بشكل غير متوقع. حدث ذلك 1 مرة.

Error: (10/11/2014 07:48:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: ‏‏تم إنهاء الخدمة Hotspot Shield Monitoring Service بشكل غير متوقع. حدث ذلك 1 مرة.

Error: (10/11/2014 07:48:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: ‏‏تم إنهاء الخدمة Hotspot Shield Service بشكل غير متوقع. حدث هذا 1 مرة. سيتم اتخاذ الإجراء التصحيحي التالي في غضون 0 مللي ثانية: Restart the service.

Error: (10/11/2014 07:43:02 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: ‏‏لم يتم بدء تشغيل الخدمة 'WMPNetworkSvc' بشكلٍ صحيح لأن CoCreateInstance(CLSID_UPnPDeviceFinder)‎ واجه الخطأ '0x80004005'. تحقق من تشغيل خدمة UPnPHost ومن تثبيت مكون UPnPHost لـ Windows بشكلٍ صحيح.

Error: (10/11/2014 07:27:04 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: ‏‏تم تعيين الخدمة PEVSystemStart كخدمة تفاعلية على الرغم من عدم سماح تكوين النظام بحيث يسمح بالخدمات التفاعلية. قد لا تعمل هذه الخدمة بشكل صحيح.


Microsoft Office Sessions:
=========================
Error: (10/11/2014 01:56:22 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (10/11/2014 01:38:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ACD Systems\ACDSee Video Studio\ACDSeeVideoStudio.exe

Error: (10/11/2014 01:38:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ACD Systems\ACDSee Video Studio\ACDSeeVideoStudio.exe

Error: (10/11/2014 01:17:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST.exe8.10.2014.188001cfe53c61f7f1800C:\Users\b\Desktop\Tweaking.com - Windows Repair\FRST.exe

Error: (10/11/2014 01:02:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: runscanner.exe2.0.0.604e428601KERNELBASE.dll6.1.7601.18409531599f60eedfade0000812fdf001cfe53991bd6da7C:\Users\b\Desktop\Tweaking.com - Windows Repair\runscanner.exeC:\Windows\system32\KERNELBASE.dllc44dea18-512d-11e4-afcf-60eb69d80f07

Error: (10/11/2014 00:56:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ACD Systems\ACDSee Video Studio\ACDSeeVideoStudio.exe

Error: (10/11/2014 00:56:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ACD Systems\ACDSee Video Studio\ACDSeeVideoStudio.exe

Error: (10/11/2014 00:52:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ACD Systems\ACDSee Video Studio\ACDSeeVideoStudio.exe

Error: (10/11/2014 00:52:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ACD Systems\ACDSee Video Studio\ACDSeeVideoStudio.exe

Error: (10/11/2014 00:08:44 PM) (Source: WinMgmt) (EventID: 4) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\TR-TR\AACLIENT.MFL


CodeIntegrity Errors:
===================================
  Date: 2014-09-12 20:38:50.289
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-12 20:38:50.289
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-12 20:38:50.279
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-12 20:38:50.269
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-12 20:38:50.269
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-12 20:38:50.269
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-12 20:38:50.239
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-12 20:38:50.229
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-12 20:38:50.229
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-12 20:38:50.209
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core i5 CPU M 480 @ 2.67GHz
Percentage of memory in use: 44%
Total physical RAM: 2806.81 MB
Available physical RAM: 1548.13 MB
Total Pagefile: 5611.91 MB
Available Pagefile: 4219.4 MB
Total Virtual: 2047.88 MB
Available Virtual: 1928.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:117.09 GB) (Free:31.14 GB) NTFS
Drive d: () (Fixed) (Total:180.9 GB) (Free:18.48 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 1116A09C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=117.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=180.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites
Naathim

Naathim

Posted
Posted

I believe that you really should stop doing anything on your own. Either you will let me guide you and it means that you will listen to my advice WITHOUT running tools on your own, either we may end up with totally borked machine. So please, refrain from any actions on your own from now on.

Link to post
Share on other sites
Gt-truth

Gt-truth

Posted
  • Author
Posted

I believe that you really should stop doing anything on your own. Either you will let me guide you and it means that you will listen to my advice WITHOUT running tools on your own, either we may end up with totally borked machine. So please, refrain from any actions on your own from now on.

ok , no problem :)should we continue now? ;)

Link to post
Share on other sites
Gt-truth

Gt-truth

Posted
  • Author
Posted

ok :P

 

# AdwCleaner v3.311 - Report created 10/10/2014 at 16:26:14
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : b - B-PC
# Running from : C:\Users\b\Desktop\adwcleaner_3.311.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

[x] Not Deleted : C:\ProgramData\NCH Software
[x] Not Deleted : C:\Program Files\NCH Software
Folder Deleted : C:\Windows\system32\hotspot shield
Folder Deleted : C:\Users\b\AppData\Local\Temp\hotspot shield
[x] Not Deleted : C:\Users\b\AppData\Roaming\NCH Software
File Deleted : C:\Users\b\AppData\Roaming\Mozilla\Firefox\Profiles\nk9e5b5w.default-1412780404279\invalidprefs.js

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.3 (x86 en-US)

[ File : C:\Users\b\AppData\Roaming\Mozilla\Firefox\Profiles\nk9e5b5w.default-1412780404279\prefs.js ]


[ File : C:\Users\b\AppData\Roaming\Mozilla\Firefox\Profiles\uqjpyv9s.q\prefs.js ]


-\\ Google Chrome v38.0.2125.101

[ File : C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1594 octets] - [08/09/2014 14:14:18]
AdwCleaner[R10].txt - [2385 octets] - [10/10/2014 16:23:05]
AdwCleaner[R1].txt - [2389 octets] - [14/09/2014 03:43:33]
AdwCleaner[R2].txt - [1784 octets] - [25/09/2014 08:43:44]
AdwCleaner[R3].txt - [2722 octets] - [28/09/2014 12:29:21]
AdwCleaner[R4].txt - [2877 octets] - [28/09/2014 14:28:26]
AdwCleaner[R5].txt - [1385 octets] - [29/09/2014 12:00:49]
AdwCleaner[R6].txt - [2384 octets] - [01/10/2014 06:49:58]
AdwCleaner[R7].txt - [3014 octets] - [04/10/2014 20:13:10]
AdwCleaner[R8].txt - [2550 octets] - [06/10/2014 19:30:34]
AdwCleaner[R9].txt - [2588 octets] - [08/10/2014 18:43:12]
AdwCleaner[s0].txt - [2974 octets] - [28/09/2014 14:31:03]
AdwCleaner[s1].txt - [2508 octets] - [01/10/2014 06:55:15]
AdwCleaner[s2].txt - [3141 octets] - [04/10/2014 20:17:10]
AdwCleaner[s3].txt - [2667 octets] - [06/10/2014 19:33:51]
AdwCleaner[s4].txt - [2324 octets] - [10/10/2014 16:26:14]

########## EOF - C:\AdwCleaner\AdwCleaner[s4].txt - [2384 octets] ##########
 

 

 

 

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.2 (10.09.2014:1)
OS: Windows 7 Ultimate x86
Ran by b on Fri 10/10/2014 at 16:33:14.48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\b\AppData\Roaming\mozilla\firefox\profiles\uqjpyv9s.q\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 10/10/2014 at 16:38:40.55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Link to post
Share on other sites
Naathim

Naathim

Posted
Posted

Let's remove the remnants of security programs that I see (which aren't even registered in the Security Center) and see what will come up next.

remove%20outdated.jpg Uninstall some programs

We need to uninstall some programs.

  • Press the WindowsKey.png + R on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search there for each entry mentioned below, right-click the entry and click Uninstall one at a time

The list of programs to uninstall:

  • Mobogenie
  • UVK - Ultra Virus Killer
  • Spy Emergency

After completing uninstalls, please manually reboot your machine!



FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > XP users click run after receipt of Windows Security Warning - Open File.
    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content in your next reply.

Link to post
Share on other sites
Gt-truth

Gt-truth

Posted
  • Author
Posted

done and here you go the 2 logs files

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-10-2014 01
Ran by b at 2014-10-11 20:04:26
Running from C:\Users\b\Desktop\Tweaking.com - Windows Repair
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Leawo Video Editor version  2.6.0.0 (HKLM\...\{29312768-5795-483C-805A-7D01B8FC7C0E}_is1) (Version:  - )
ACDSee 17 (HKLM\...\{A47900DC-2011-46C8-8E07-5BDD9D83DE47}) (Version: 17.1.68 - ACD Systems International Inc.)
ACDSee 18 (HKLM\...\{6D0F6DF4-553E-43CD-AA95-69AB3644A8FF}) (Version: 18.0.0.225 - ACD Systems International Inc.)
ACDSee Photo Editor 6 (HKLM\...\ACDSee Photo Editor 6) (Version: 6.0.359 - ACD Systems of America Inc)
ACDSee Video Studio (HKLM\...\ACDSee_acdVStudio) (Version: 1.0.0.54 - ACD Systems International Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Alarm Clock Pro (HKLM\...\{F8240277-FBC4-487C-91D2-2ADB92AB4136}) (Version: 9.6 - Koingo Software, Inc.)
AMS Photo Effects 3.15 (HKLM\...\AMS Photo Effects_is1) (Version:  - AMS Software)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoImpression 6 (HKLM\...\{8DE40268-220A-4AF6-90EC-09966CBE8772}) (Version:  - ArcSoft)
ArcSoft PhotoStudio 6 (HKLM\...\{F95BCC10-FDA6-45BC-9AEC-C4CCCB385844}) (Version: 6.0.5.182 - ArcSoft)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Aurora 3D Text & Logo Maker version 14.09.11 (HKLM\...\{4F6B6582-B9F6-42B2-AAFC-48E097D07837}_is1) (Version: 14.09.11 - Aurora3D Software)
AviSynth 2.5 (HKLM\...\AviSynth) (Version:  - )
AVS Video Editor 6.5 (HKLM\...\AVS Video Editor_is1) (Version: 6.5.1.246 - Online Media Technologies Ltd.)
BB FlashBack Pro 4 (HKLM\...\BB FlashBack Pro 4) (Version: 4.1.11.3266 - Blueberry)
BB FlashBack Pro 5 (HKLM\...\BB FlashBack Pro 5) (Version: 5.1.0.3354 - Blueberry)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.249.2 - Broadcom Corporation)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.2.4.2 - Broadcom Corporation)
C3D (Version: 1.0.0.252 - Corel Corporation) Hidden
C3DHelp (Version: 1.0.0.252 - Corel Corporation) Hidden
Camtasia Studio 8 (HKLM\...\{765AD29A-7EF5-4456-8F6F-83467E52AB52}) (Version: 8.4.3.1792 - TechSmith Corporation)
CaptureWizPro 5.40 (HKLM\...\CaptureWiz) (Version:  - )
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Clean Space 2014.00 (HKLM\...\Clean Space 2014) (Version:  - )
Connectivity Fixer (HKLM\...\{F053A091-E262-41C2-A36A-39352E1F8E8B}) (Version: 1.2.0 - Badosoft)
Contents (Version: 17.0.0.249 - Corel Corporation) Hidden
Corel DVD MovieFactory 7 (Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory 7 TBYB (HKLM\...\InstallShield_{218D2E7E-37A9-4B5D-B4A1-13FD6B8B9D17}) (Version: 7.0.0 - Corel Corporation)
Corel KPT Collection (HKLM\...\_{B16DC136-9583-4C54-BE27-F001BBC546B1}) (Version: 1.0.0.109 - Corel Corporation)
Corel KPT Collection (Version: 1.0.0.109 - Corel Corporation) Hidden
Corel MotionStudio 3D 1.0 (HKLM\...\_{CC9512A6-8BF7-4FD5-BCCF-05F6FCD19961}) (Version: 1.0.0.252 - Corel Corporation)
Corel Painter 2015 - IPM (Version: 14.0 - Corel Corporation) Hidden
Corel Painter 2015 - IPM Content (Version: 14.0 - Corel Corporation) Hidden
Corel Painter 2015 (HKLM\...\_{C4A2AABC-6E81-47DD-9AF4-14C9020F667F}) (Version: 14.0.0.728 - Corel Corporation)
Corel PaintShop Pro X7  (HKLM\...\_{176F50D6-6857-49CE-B731-65F757EE3F0D}) (Version: 17.0.0.199 - Corel Corporation)
Corel PaintShop Pro X7 (Version: 17.0.0.199 - Corel Corporation) Hidden
Corel VideoStudio Pro X7 (HKLM\...\_{77B3BEA9-835C-4DDF-BCE7-1510271E4E37}) (Version: 17.1.0.22 - Corel Corporation)
Creative Content (Version: 1.0.0.114 - Corel Corporation) Hidden
CyberLink AudioDirector 4 (Version: 4.0.3522.0 - CyberLink Corp.) Hidden
CyberLink ColorDirector 2 (Version: 2.0.2315.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2930.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2930.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 13 (HKLM\...\{BA385AFC-00B1-417C-8C20-74B996EF3AF0}) (Version: 13.0.2104.0 - CyberLink Corp.)
CyberLink PowerDirector Ultimate Suite 2 (HKLM\...\InstallShield_{4203EA37-6F40-424F-BDBE-52DA526CF44C}) (Version: 2.0 - CyberLink Corp.)
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version:  - Lars Hederer)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Everything 1.2.1.371 (HKLM\...\Everything) (Version:  - )
Folder Lock (HKLM\...\Folder Lock) (Version:  - New Softwares.net)
FontTwister 1.4 (HKLM\...\FontTwister) (Version: 1.4 - Neuber GmbH)
Free Video Editor version 1.4.5.923 (HKLM\...\Free Video Editor_is1) (Version: 1.4.5.923 - DVDVideoSoft Ltd.)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc‎.‎)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
ICA (Version: 1.0.0.252 - Corel Corporation) Hidden
ICA (Version: 17.0.0.199 - Corel Corporation) Hidden
ICA (Version: 17.0.0.249 - Corel Corporation) Hidden
IconHandler 32 bit (Version: 2.0 - Corel Corporation) Hidden
Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
IPM_C3D (Version: 1.0.0.252 - Corel Corporation) Hidden
IPM_PSP_COM (Version: 17.0.0.199 - Corel Corporation) Hidden
IPM_VS_Pro (Version: 17.0 - Corel Corporation) Hidden
Itibiti RTC (Version: 0.0.1 - Itibiti Inc) Hidden
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
KNCTR (HKLM\...\Itibiti_is1) (Version:  - Itibiti Inc.)
LameACM (HKLM\...\LameACM) (Version:  - )
Leawo Video Editor (HKLM\...\{BED0B2F1-BEBF-433F-B224-652C29ABE7EF}) (Version: 6.00.000 - Leawo)
mediAvatar Video Editor  (HKCU\...\mediAvatar Video Editor ) (Version: 2.2.0.20120901 - mediAvatar)
Microsoft .NET Framework 4.5.1 (ARA) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (TRK) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Türkçe) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1055) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ Run Time  Lib Setup (HKLM\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Moo0 منظف القرص 1.23 (HKLM\...\Moo0 DiskCleaner) (Version:  - )
Movavi Video Editor (HKLM\...\Movavi Video Editor 9) (Version: 9.6.2 - Movavi)
Movie Studio Platinum 13.0 (HKLM\...\{C18DEAA1-CBFB-11E3-AE05-F04DA23A5C58}) (Version: 13.0.931 - Sony)
moviEZ HD (HKLM\...\{C9A19BDE-1B32-0EC3-4A30-3CA66B01ECDC}) (Version: 8.0.1.26438 - Sony Creative Software Inc.)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 2014 (HKLM\...\{B7D4C429-9CAB-4B97-A879-AFD1F922DD27}) (Version: 15.0.06800 - Nero AG)
Nero 2014 Content Pack (HKLM\...\{204A26F0-01B8-4656-8607-5CCEDE820BC2}) (Version: 15.0.00200 - Nero AG)
Nero Abstract Themes (Version: 16.0.10002 - Nero AG) Hidden
Nero Audio Pack 1 (Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero Blu-ray Player (Version: 12.1.20081 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (Version: 15.0.00015 - Nero AG) Hidden
Nero Burning Core (Version: 15.0.25001 - Nero AG) Hidden
Nero Burning ROM (Version: 15.0.25001 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (Version: 15.0.00021 - Nero AG) Hidden
Nero Cliparts (Version: 16.0.10002 - Nero AG) Hidden
Nero ControlCenter (Version: 11.2.0008 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (Version: 15.0.00015 - Nero AG) Hidden
Nero Core Components (Version: 11.4.0013 - Nero AG) Hidden
Nero Device Updates (Version: 15.0.1002 - Nero AG) Hidden
Nero Disc Menus 1 (Version: 16.0.10002 - Nero AG) Hidden
Nero Disc Menus 2 (Version: 16.0.10002 - Nero AG) Hidden
Nero Disc Menus 3 (Version: 16.0.10002 - Nero AG) Hidden
Nero Disc Menus Basic (Version: 16.0.10002 - Nero AG) Hidden
Nero Disc to Device (Version: 16.0.1007 - Nero AG) Hidden
Nero Effects Basic (Version: 16.0.10002 - Nero AG) Hidden
Nero Express (Version: 15.0.25001 - Nero AG) Hidden
Nero Express Help (CHM) (Version: 15.0.00021 - Nero AG) Hidden
Nero Family and Events Themes (Version: 16.0.10002 - Nero AG) Hidden
Nero Football (Soccer) Themes (Version: 16.0.10002 - Nero AG) Hidden
Nero Holiday and Sports Themes (Version: 16.0.10002 - Nero AG) Hidden
Nero Image Samples (Version: 16.0.10002 - Nero AG) Hidden
Nero Info (HKLM\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
Nero Kwik Themes Basic (Version: 16.0.10002 - Nero AG) Hidden
Nero Launcher (Version: 15.0.12000 - Nero AG) Hidden
Nero MediaHome (Version: 1.26.7400 - Nero AG) Hidden
Nero MediaHome Help (CHM) (Version: 15.0.00021 - Nero AG) Hidden
Nero PiP Effects 1 (Version: 16.0.10002 - Nero AG) Hidden
Nero PiP Effects Basic (Version: 16.0.10002 - Nero AG) Hidden
Nero Platinum Effects 12 (Version: 16.0.10002 - Nero AG) Hidden
Nero Prerequisite Installer 3.0 (HKLM\...\{E9ED7BE7-B6E6-46FA-AE9E-81E9FD1E0152}) (Version: 15.0.00400 - Nero AG)
Nero Recode (Version: 15.0.27001 - Nero AG) Hidden
Nero Recode Help (CHM) (Version: 15.0.00021 - Nero AG) Hidden
Nero RescueAgent (Version: 15.0.2000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (Version: 15.0.00015 - Nero AG) Hidden
Nero Retro Film Themes (Version: 16.0.10002 - Nero AG) Hidden
Nero SharedVideoCodecs (Version: 1.0.16006 - Nero AG) Hidden
Nero Update (Version: 11.0.13600.45.0 - Nero AG) Hidden
Nero Video (Version: 15.0.27001 - Nero AG) Hidden
Nero Video Help (CHM) (Version: 15.0.00021 - Nero AG) Hidden
Nero Video Samples (Version: 16.0.10002 - Nero AG) Hidden
Nero Video Transitions 1 (Version: 16.0.10002 - Nero AG) Hidden
NewBlue Video Essentials for PowerDirector (HKLM\...\NewBlue Video Essentials for Cyberlink) (Version: 3.0 - NewBlue)
NewBlue Video Essentials for Windows (HKLM\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF4819}) (Version: 4.0.3 - dotPDN LLC)
Painter 2015 - Content (Version: 14.0 - Corel Corporation) Hidden
Painter 2015 - Core (Version: 14 - Corel Corporation) Hidden
Painter 2015 - CT (Version: 14.0 - Corel Corporation) Hidden
Painter 2015 - DE (Version: 14.0 - Corel Corporation) Hidden
Painter 2015 - EN (Version: 14.0 - Corel Corporation) Hidden
Painter 2015 - FR (Version: 14.0 - Corel Corporation) Hidden
Painter 2015 - Painter (Version: 14.0 - Corel Corporation) Hidden
Painter 2015 - Setup Files (Version: 14.0 - Corel Corporation) Hidden
Photo-Brush 5.30 (HKLM\...\Photo-Brush_is1) (Version: Photo-Brush 5.30 - Mediachance Corp.)
PhotoImpact X3 (HKLM\...\InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}) (Version: 13.0 - Corel)
PhotoImpact X3 (Version: 13.0 - Corel) Hidden
Photolightning (HKLM\...\Photolightning) (Version: 5.51 - Photolightning)
Photomizer Retro (HKLM\...\{41B5224D-7853-4EA5-0001-C8949A33B608}) (Version: 2.0.14.106 - Engelmann Media GmbH)
PhotoPad Image Editor (HKLM\...\PhotoPad) (Version: 2.58 - NCH Software)
PhoXo (HKLM\...\PhoXo) (Version: 8.2.0.0 - PhoXo)
PIXresizer (HKLM\...\PIXresizer_is1) (Version: 2.0.7 - Bluefive software)
Prerequisite installer (Version: 15.0.0007 - Nero AG) Hidden
Privacy Eraser (HKLM\...\{CB5AC03C-B8AD-980F-998E-51969A6DFC9F}_is1) (Version: 2.10.0.756 - Cybertron Software Co., Ltd.)
PSPPContent (Version: 17.0.0.199 - Corel Corporation) Hidden
PSPPHelp (Version: 17.0.0.199 - Corel Corporation) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QupZilla 1.8.0 (HKLM\...\QupZilla) (Version: 1.8.0 - QupZilla Team)
Rapport (Version: 3.5.1404.17 - Trusteer) Hidden
RealDownloader (Version: 17.0.13 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM\...\RealPlayer 17.0) (Version: 17.0.13 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6156 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recool SWF to HTML5 Converter (HKLM\...\{22327931-4B09-4D21-8D25-620B6B476095}_is1) (Version:  - Recool Software Co., LTD)
Restore Point Creator version 2.4 (HKLM\...\{CC48DE1C-8EC2-43BC-9201-29701CD9AE13}_is1) (Version: 2.4 - )
Ribble (HKCU\...\Ribble) (Version: 1.2.1.0 - Dorrible)
SanityCheck 3.00 (HKLM\...\SanityCheck_is1) (Version:  - Resplendence Software Projects Sp.)
Setup (Version: 1.0.0.252 - Corel Corporation) Hidden
Setup (Version: 17.0.0.199 - Corel Corporation) Hidden
Setup (Version: 17.0.0.249 - Corel Corporation) Hidden
Share (Version: 17.0.0.249 - Corel Corporation) Hidden
simplitec simplicheck (HKLM\...\{1F52F36E-895D-4E01-B4D4-E23C4FA4193B}) (Version: 1.3.10.0 - simplitec GmbH)
Smart Photo Editor Trial (HKLM\...\SmartPhotoEditor1Trial_is1) (Version: 1.20 - Anthropics Technology Ltd.)
Sony Photo Go 1.0 (HKLM\...\{E3BE5DF1-0D65-4774-904E-0192ABF29AF9}) (Version: 1.0.123 - Sony)
Sothink Flash Downloader for Browser (HKLM\...\{888DEFB8-CFCE-43FE-A7C8-9B18C4450719}_is1) (Version:  - SourceTec Software Co., LTD)
Sothink SWF Catcher (HKLM\...\{49273419-5179-4866-9F71-5CF346F302CF}_is1) (Version: 2.6 - SourceTec Software Co., LTD)
Sothink SWF Decompiler (HKLM\...\{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1) (Version: 7.4 - SourceTec Software Co., LTD)
Sothink SWF Editor (HKLM\...\{0BF1DE3D-31B9-417F-A915-4BCC5AAEE3CD}_is1) (Version: 1.3 - SourceTec Software Co., LTD)
Sound Forge Audio Studio 10.0 (HKLM\...\{BC208D90-4643-11E3-987B-F04DA23A5C58}) (Version: 10.0.252 - Sony)
SWiSH Max4 (HKLM\...\SWiSH Max4) (Version: 10.10.29.100 - SWiSHzone.com)
ThunderSoft Flash to HTML5 Converter (2.3.2.0) (HKLM\...\ThunderSoft Flash to HTML5 Converter_is1) (Version: 2.3.2.0 - ThunderSoft)
Trusteer Endpoint Protection (HKLM\...\Rapport_msi) (Version: 3.5.1404.17 - Trusteer)
Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 1.10.0 - Tweaking.com)
UltraSnap PRO 3.3 (HKLM\...\UltraSnap PRO_is1) (Version:  - Mediachance)
UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VSClassic (Version: 17.0.0.249 - Corel Corporation) Hidden
VSPro (Version: 17.0.0.249 - Corel Corporation) Hidden
WhoCrashed 5.02 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (Version: 9.00.2980 - Microsoft Corporation) Hidden
WinRAR 5.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wondershare DVD Slideshow Builder Deluxe(Build 6.2.0.0) (HKLM\...\Wondershare DVD Slideshow Builder Deluxe_is1) (Version: 6.2.0.0 - Wondershare Software Co.,Ltd.)
Wondershare Video Editor(Build 4.7.0) (HKLM\...\Wondershare Video Editor_is1) (Version:  - Wondershare Software)
Xara 3D Maker 7 (HKLM\...\MAGIX_{19B9DAD6-5E6E-4B80-8EFE-314B5638D6D4}) (Version: 7.0.0.442 - Xara Group Ltd)
Xara 3D Maker 7 (Version: 7.0.0.442 - Xara Group Ltd) Hidden
Your Uninstaller! 7 (HKLM\...\YU2010_is1) (Version: 7.5.2013.2 - URSoft, Inc.)
Youtube Downloader HD v. 2.9.9.15 (HKLM\...\Youtube Downloader HD_is1) (Version:  - YoutubeDownloaderHD.com)
دعم تطبيق Apple (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

04-10-2014 11:28:36 ComboFix created restore point
06-10-2014 08:31:08 Windows Defender Checkpoint
06-10-2014 10:17:20 Created By FixIEDef
08-10-2014 18:17:49 Installed Rapport
10-10-2014 10:32:55 Before uninstalling Ashampoo Anti-Virus v.1.1.1
10-10-2014 11:44:43 Before uninstalling Hotspot Shield 3.42
10-10-2014 11:53:14 Installed Rapport
10-10-2014 16:55:37 Before uninstalling µTorrent
10-10-2014 17:03:42 zoek.exe restore point
10-10-2014 18:04:40 Before uninstalling Malwarebytes Anti-Malware version 2.0.3.1025
10-10-2014 20:06:55 Before uninstalling SUPERAntiSpyware
10-10-2014 22:48:59 Before uninstalling TuneUp Utilities 2014
10-10-2014 22:50:55 ‏‏تم إزالة TuneUp Utilities 2014
10-10-2014 22:51:55 Removed TuneUp Utilities 2014 (en-US)
10-10-2014 23:03:02 Before uninstalling Winner Media Player 1.4.3.6084
11-10-2014 10:18:32 Before uninstalling Hotspot Shield 3.42
11-10-2014 10:21:26 Before uninstalling Spotflux
11-10-2014 12:51:20 System Checkpoint made by System Restore Point Creator
11-10-2014 16:42:49 Before uninstalling Mobogenie3
11-10-2014 16:46:29 Before uninstalling UVK - Ultra Virus Killer
11-10-2014 16:49:57 Before uninstalling Spy Emergency

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:04 - 2014-10-11 13:38 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {19E7BB18-BF31-4078-8C96-7803F69CD2BA} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-514264213-2229734732-364638501-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {1A590D83-0D5C-454F-988B-2FF4F3448632} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-514264213-2229734732-364638501-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {21834A82-2EA8-4A1C-8A35-267785EFD175} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Create Restore Point) (For User b) => C:\Program Files\Restore Point Creator\Restore Point Creator.exe [2014-10-06] ()
Task: {2D99B3B2-EF74-4352-AE98-2A0E88E4017F} - System32\Tasks\AdobeAAMUpdater-1.0-b-PC-b => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {461D9868-FAAE-4973-BE89-0AD3A57BE688} - System32\Tasks\DivX online update program => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2014-01-10] ()
Task: {5CAB1BEC-E2B4-4C7C-8EF3-58B099AE4763} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6883BEC8-43CA-4F89-A89C-C0C910A62D90} - System32\Tasks\Nero\Nero Info => C:\Program Files\Common Files\Nero\Nero Info\NeroInfo.exe [2014-09-25] (Nero AG)
Task: {80683910-4695-44CD-A0AF-5B85C657BFE6} - System32\Tasks\System Restore Checkpoint by System Restore Point Creator => C:\Program Files\Restore Point Creator\Restore Point Creator.exe [2014-10-06] ()
Task: {9B4BEE34-39FC-4042-98E8-4270EF074A8C} - \060184C3-9766-46a0-B258-F4518A0B2633 No Task File <==== ATTENTION
Task: {A3A9C896-9864-494B-9775-EC399AB5A19E} - System32\Tasks\Real Player online update program => C:\Program Files\Real\RealPlayer\update\realsched.exe [2014-09-01] (RealNetworks, Inc.)
Task: {B165E252-E297-4081-B5EE-2A1D4344C202} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {CFA0D591-EB82-4405-B3ED-10DC43639F77} - System32\Tasks\Cybertron\Privacy Eraser\SkipUAC => C:\Program Files\Cybertron\Privacy Eraser\PrivacyEraser.exe [2014-09-30] (Cybertron Software, Co., Ltd.)
Task: {D617ED3D-8ED7-46D6-A48C-9E0312F1DE8A} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (For User b) => C:\Program Files\Restore Point Creator\Restore Point Creator.exe [2014-10-06] ()
Task: {E9629D81-345D-455C-A523-9FB9A37CFC41} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Create Custom Restore Point) (For User b) => C:\Program Files\Restore Point Creator\Restore Point Creator.exe [2014-10-06] ()
Task: {F0561263-A402-4F9F-A4E5-32A67440A616} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-09-01] (Google Inc.)
Task: {FBCC9D71-D9F5-4F40-AE9F-ADCD27AEC9C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-09-01] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\System Restore Checkpoint by System Restore Point Creator.job => C:\Program Files\Restore Point Creator\Restore Point Creator.exe

==================== Loaded Modules (whitelisted) =============

2014-07-30 05:04 - 2014-07-30 05:04 - 00023552 _____ () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
2014-07-16 11:05 - 2014-07-16 11:05 - 00710304 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
2014-09-25 13:40 - 2014-09-25 13:40 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\03d9e855a8969bf00dd1bfeafa5d055e\IsdiInterop.ni.dll
2014-09-01 00:41 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-09-25 03:54 - 2014-09-25 03:54 - 03715184 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-514264213-2229734732-364638501-500 - Administrator - Disabled)
b (S-1-5-21-514264213-2229734732-364638501-1000 - Administrator - Enabled) => C:\Users\b
Guest (S-1-5-21-514264213-2229734732-364638501-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: محول الاتصال النفقي لـ Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: محول شبكة الاتصال Broadcom 802.11n
Description: محول شبكة الاتصال Broadcom 802.11n
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 1.3M HD WebCam
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/11/2014 07:44:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: ‏‏فشل إنشاء سياق التنشيط  لـ "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
تعذر العثور على التجميع Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.

Error: (10/11/2014 04:13:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: ‏‏فشل إنشاء سياق التنشيط  لـ "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
تعذر العثور على التجميع Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.

Error: (10/11/2014 04:13:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: ‏‏فشل إنشاء سياق التنشيط  لـ "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
تعذر العثور على التجميع Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.

Error: (10/11/2014 02:09:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: ‏‏فشل إنشاء سياق التنشيط  لـ "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
تعذر العثور على التجميع Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.

Error: (10/11/2014 02:09:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: ‏‏فشل إنشاء سياق التنشيط  لـ "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
تعذر العثور على التجميع Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.

Error: (10/11/2014 01:56:22 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (10/11/2014 01:38:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: ‏‏فشل إنشاء سياق التنشيط  لـ "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
تعذر العثور على التجميع Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.

Error: (10/11/2014 01:38:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: ‏‏فشل إنشاء سياق التنشيط  لـ "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
تعذر العثور على التجميع Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.

Error: (10/11/2014 01:17:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ‏‏توقف البرنامج FRST.exe الإصدار 8.10.2014.1 عن التفاعل مع Windows وتم إغلاقه. لمعرفة ما إذا كان يتوفر مزيد من المعلومات حول المشكلة، قم بالاطلاع على محفوظات المشكلة في "مركز الصيانة" من لوحة التحكم.

معرّف العملية: 880

وقت بدء التشغيل: 01cfe53c61f7f180

وقت الإنهاء: 0

مسار التطبيق: C:\Users\b\Desktop\Tweaking.com - Windows Repair\FRST.exe

معرف التقرير:

Error: (10/11/2014 01:02:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ‏‏اسم ‏‏التطبيق الذي يحتوي على أخطاء: runscanner.exe، الإصدار: 2.0.0.60، الطابع الزمني: 0x4e428601
اسم الوحدة النمطية التي تحتوي على أخطاء: KERNELBASE.dll، الإصدار: 6.1.7601.18409، الطابع الزمني: 0x531599f6
رمز الاستثناء: 0x0eedfade
إزاحة الخطأ: 0x0000812f
معرّف العملية التي تحتوي على خطأ: 0xdf0
وقت بدء تشغيل التطبيق الذي يحتوي على خطأ: 0xrunscanner.exe0
مسار التطبيق الذي يحتوي على خطأ: runscanner.exe1
 مسار الوحدة النمطية التي تحتوي على خطأ: runscanner.exe2
معرف التقرير: runscanner.exe3


System errors:
=============
Error: (10/11/2014 01:45:02 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (10/11/2014 01:19:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: ‏‏تم إنهاء الخدمة Hotspot Shield Monitoring Service بشكل غير متوقع. حدث ذلك 1 مرة.

Error: (10/11/2014 01:04:24 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: ‏‏لم يتم بدء تشغيل الخدمة 'WMPNetworkSvc' بشكلٍ صحيح لأن CoCreateInstance(CLSID_UPnPDeviceFinder)‎ واجه الخطأ '0x80004005'. تحقق من تشغيل خدمة UPnPHost ومن تثبيت مكون UPnPHost لـ Windows بشكلٍ صحيح.

Error: (10/11/2014 00:35:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: ‏‏تم تعيين الخدمة PEVSystemStart كخدمة تفاعلية على الرغم من عدم سماح تكوين النظام بحيث يسمح بالخدمات التفاعلية. قد لا تعمل هذه الخدمة بشكل صحيح.

Error: (10/11/2014 00:22:23 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: ‏‏تم تعيين الخدمة PEVSystemStart كخدمة تفاعلية على الرغم من عدم سماح تكوين النظام بحيث يسمح بالخدمات التفاعلية. قد لا تعمل هذه الخدمة بشكل صحيح.

Error: (10/11/2014 00:22:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: ‏‏تم إنهاء الخدمة RealPlayer Update Service بشكل غير متوقع. حدث ذلك 1 مرة.

Error: (10/11/2014 07:48:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: ‏‏تم إنهاء الخدمة Hotspot Shield Monitoring Service بشكل غير متوقع. حدث ذلك 1 مرة.

Error: (10/11/2014 07:48:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: ‏‏تم إنهاء الخدمة Hotspot Shield Service بشكل غير متوقع. حدث هذا 1 مرة. سيتم اتخاذ الإجراء التصحيحي التالي في غضون 0 مللي ثانية: Restart the service.

Error: (10/11/2014 07:43:02 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: ‏‏لم يتم بدء تشغيل الخدمة 'WMPNetworkSvc' بشكلٍ صحيح لأن CoCreateInstance(CLSID_UPnPDeviceFinder)‎ واجه الخطأ '0x80004005'. تحقق من تشغيل خدمة UPnPHost ومن تثبيت مكون UPnPHost لـ Windows بشكلٍ صحيح.

Error: (10/11/2014 07:27:04 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: ‏‏تم تعيين الخدمة PEVSystemStart كخدمة تفاعلية على الرغم من عدم سماح تكوين النظام بحيث يسمح بالخدمات التفاعلية. قد لا تعمل هذه الخدمة بشكل صحيح.


Microsoft Office Sessions:
=========================
Error: (10/11/2014 07:44:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ACD Systems\ACDSee Video Studio\ACDSeeVideoStudio.exe

Error: (10/11/2014 04:13:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ACD Systems\ACDSee Video Studio\ACDSeeVideoStudio.exe

Error: (10/11/2014 04:13:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ACD Systems\ACDSee Video Studio\ACDSeeVideoStudio.exe

Error: (10/11/2014 02:09:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ACD Systems\ACDSee Video Studio\ACDSeeVideoStudio.exe

Error: (10/11/2014 02:09:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ACD Systems\ACDSee Video Studio\ACDSeeVideoStudio.exe

Error: (10/11/2014 01:56:22 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (10/11/2014 01:38:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ACD Systems\ACDSee Video Studio\ACDSeeVideoStudio.exe

Error: (10/11/2014 01:38:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ACD Systems\ACDSee Video Studio\ACDSeeVideoStudio.exe

Error: (10/11/2014 01:17:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST.exe8.10.2014.188001cfe53c61f7f1800C:\Users\b\Desktop\Tweaking.com - Windows Repair\FRST.exe

Error: (10/11/2014 01:02:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: runscanner.exe2.0.0.604e428601KERNELBASE.dll6.1.7601.18409531599f60eedfade0000812fdf001cfe53991bd6da7C:\Users\b\Desktop\Tweaking.com - Windows Repair\runscanner.exeC:\Windows\system32\KERNELBASE.dllc44dea18-512d-11e4-afcf-60eb69d80f07


CodeIntegrity Errors:
===================================
  Date: 2014-09-12 20:38:50.289
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-12 20:38:50.289
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-12 20:38:50.279
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-12 20:38:50.269
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-12 20:38:50.269
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-12 20:38:50.269
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-12 20:38:50.239
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-12 20:38:50.229
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-12 20:38:50.229
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-12 20:38:50.209
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core i5 CPU M 480 @ 2.67GHz
Percentage of memory in use: 49%
Total physical RAM: 2806.81 MB
Available physical RAM: 1424.25 MB
Total Pagefile: 5611.91 MB
Available Pagefile: 3882.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1924.3 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:117.09 GB) (Free:28.68 GB) NTFS
Drive d: () (Fixed) (Total:180.9 GB) (Free:18.48 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 1116A09C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=117.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=180.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites
Gt-truth

Gt-truth

Posted
  • Author
Posted

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-10-2014 01
Ran by b (administrator) on B-PC on 11-10-2014 20:02:06
Running from C:\Users\b\Desktop\Tweaking.com - Windows Repair
Loaded Profile: b (Available profiles: b)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: الإنجليزية (الولايات المتحدة)‏
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ArcSoft, Inc.) C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
(www.mediachance.com) C:\Program Files\UltraSnapPRO\UsnapPRO.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-514264213-2229734732-364638501-1000\...\Run: [spyEmergency] => "C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraSnap PRO.lnk
ShortcutTarget: UltraSnap PRO.lnk -> C:\Program Files\UltraSnapPRO\UsnapPRO.exe (www.mediachance.com)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ar-sa
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - {34A42B4D-D4A1-401B-B980-822F4AB2E513} URL = https://search.yahoo.com/search?ei=utf-8&fr=chr-greentree_ie&type=242154&ilc=12&p={searchTerms}
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\b\AppData\Roaming\Mozilla\Firefox\Profiles\nk9e5b5w.default-1412780404279
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin: @real.com/nppl3260;version=17.0.13.2 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.13 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=17.0.13.2 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF SearchPlugin: C:\Users\b\AppData\Roaming\Mozilla\Firefox\Profiles\uqjpyv9s.q\searchplugins\yahoo_ff.xml
FF Extension: Bitdefender QuickScan - C:\Users\b\AppData\Roaming\Mozilla\Firefox\Profiles\nk9e5b5w.default-1412780404279\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-10-10]
FF Extension: Adblock Plus - C:\Users\b\AppData\Roaming\Mozilla\Firefox\Profiles\nk9e5b5w.default-1412780404279\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-08]
FF Extension: Tab Mix Plus - C:\Users\b\AppData\Roaming\Mozilla\Firefox\Profiles\nk9e5b5w.default-1412780404279\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-10-08]
FF HKLM\...\Firefox\Extensions: [{9D2AA73B-6049-4799-B8AC-925723370070}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-09-01]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdwteff

Chrome:
=======
CHR HomePage: Default -> B36366D6CF832E24BCEDF870A9FB4918DAABCFE0CD354F11BE2A381A05AF71E4
CHR Profile: C:\Users\b\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-01]
CHR Extension: (Google Docs) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-01]
CHR Extension: (Google Drive) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-01]
CHR Extension: (YouTube) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-01]
CHR Extension: (Google Search) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-01]
CHR Extension: (Google Sheets) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-01]
CHR Extension: (Google Wallet) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-01]
CHR Extension: (Gmail) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-01]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ADExchange; C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [44736 2013-10-24] (ArcSoft, Inc.)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [786256 2014-07-15] (Nero AG)
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-09-22] (IBM Corp.)
S4 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-07-30] ()
S4 RealPlayer Cloud Service; C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-09-01] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-07-30] () [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [253776 2014-04-01] (CyberLink)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 A2DDA; D:\GALLERY 1\RUN\a2ddax86.sys [22056 2014-01-01] (Emsisoft GmbH)
S3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [47456 2014-03-11] (Baidu, Inc.)
S3 cleanhlp; D:\GALLERY 1\RUN\cleanhlp32.sys [50200 2014-01-01] (Emsisoft GmbH)
R1 RapportCerberus_80055; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_80055.sys [430264 2014-10-10] ()
R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [251288 2014-09-22] (IBM Corp.)
R0 RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [208888 2014-09-22] (IBM Corp.)
R1 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [332696 2014-09-22] (IBM Corp.)
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 tapSF0901; system32\DRIVERS\tapSF0901.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-11 19:47 - 2014-10-11 19:47 - 00000000 ____D () C:\ProgramData\UVK
2014-10-11 19:43 - 2014-10-11 19:44 - 00000000 ____D () C:\Users\b\Documents\Mobogenie
2014-10-11 16:31 - 2014-10-11 16:31 - 00002483 _____ () C:\Users\b\Documents\gm1.html
2014-10-11 16:30 - 2014-10-11 16:31 - 00362443 _____ () C:\Users\b\Documents\gm1.swf
2014-10-11 16:11 - 2014-10-11 16:31 - 00000000 ____D () C:\Users\b\AppData\Roaming\SWiSH Max4
2014-10-11 15:58 - 2014-10-11 15:58 - 00000984 _____ () C:\Users\Public\Desktop\SWiSH Max4.lnk
2014-10-11 15:58 - 2014-10-11 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SWiSH Max4
2014-10-11 15:57 - 2014-10-11 16:11 - 00000000 ____D () C:\Program Files\SWiSH Max4
2014-10-11 15:57 - 2014-10-11 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LameACM
2014-10-11 15:57 - 2014-10-11 15:57 - 00000000 ____D () C:\Program Files\LameACM
2014-10-11 15:57 - 2014-10-11 15:57 - 00000000 ____D () C:\Program Files\Common Files\SWiSHzone.com
2014-10-11 15:54 - 2014-10-11 15:56 - 56654648 _____ (SWiSHzone.com) C:\Users\b\Downloads\SetupSwishmax4.exe
2014-10-11 15:41 - 2014-10-11 15:42 - 23782112 _____ () C:\Users\b\Downloads\setup_flash_slideshow_maker.exe
2014-10-11 14:34 - 2014-10-11 14:36 - 73430013 _____ (imElfin Software Co.,Ltd. ) C:\Users\b\Downloads\video-ultimate.exe
2014-10-11 14:32 - 2014-10-11 14:34 - 16212703 _____ () C:\Users\b\Downloads\MareewMediaRecoveryPro45.zip
2014-10-11 13:16 - 2014-10-11 20:02 - 00000000 ____D () C:\FRST
2014-10-11 12:18 - 2014-10-11 12:50 - 00000000 ___SD () C:\ComboFix
2014-10-11 04:01 - 2014-10-11 04:01 - 00003544 _____ () C:\bootsqm.dat
2014-10-10 23:14 - 2014-10-10 23:14 - 00000000 ____D () C:\Program Files\ESET
2014-10-10 23:05 - 2014-10-10 23:05 - 19874272 _____ (SUPERAntiSpyware) C:\Users\b\Downloads\SUPERAntiSpyware.exe
2014-10-10 23:04 - 2014-10-10 23:04 - 00101832 _____ (SUPERAntiSpyware.com) C:\Users\b\Downloads\SASUNINST.EXE
2014-10-10 22:52 - 2014-10-10 22:52 - 02347384 _____ (ESET) C:\Users\b\Downloads\esetsmartinstaller_enu.exe
2014-10-10 22:51 - 2014-10-10 22:51 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-10-10 22:49 - 2014-10-10 22:49 - 00096080 _____ (Kaspersky Lab ZAO) C:\Users\b\Downloads\cleanautorun.exe
2014-10-10 22:45 - 2014-10-10 22:48 - 160701640 _____ () C:\Users\b\Downloads\setup_11.0.3.7.x01_2014_10_10_22_27.exe
2014-10-10 21:12 - 2014-10-11 19:57 - 00000616 _____ () C:\Windows\setupact.log
2014-10-10 21:12 - 2014-10-10 21:12 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-10 21:04 - 2014-10-10 21:11 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\b\Downloads\mbam-setup-consumer-2.0.3.1025.exe
2014-10-10 21:02 - 2014-10-10 21:02 - 00321848 _____ (Malwarebytes Corporation) C:\Users\b\Downloads\mbam-clean-2.1.1.1001.exe
2014-10-10 20:56 - 2014-10-10 20:56 - 00012445 _____ () C:\Users\b\Desktop\Gmer.log
2014-10-10 20:18 - 2014-10-10 20:18 - 00051852 _____ () C:\Users\b\Desktop\zoek-results.txt
2014-10-10 20:03 - 2014-10-10 20:13 - 00051852 _____ () C:\zoek-results.log
2014-10-10 19:59 - 2014-10-10 19:59 - 00000000 ____D () C:\zoek_backup
2014-10-10 16:38 - 2014-10-10 16:38 - 00000746 _____ () C:\Users\b\Desktop\JRT.txt
2014-10-10 16:32 - 2014-10-10 16:32 - 01705755 _____ (Thisisu) C:\Users\b\Desktop\JRT.exe
2014-10-10 16:16 - 2014-10-11 15:52 - 00000528 _____ () C:\Windows\Tasks\System Restore Checkpoint by System Restore Point Creator.job
2014-10-09 14:47 - 2014-10-09 14:48 - 04094154 _____ () C:\Users\b\Documents\BeatStars & A3C Festival Remix Contest - Epistra Beats Entry_(360p).mp4
2014-10-09 10:13 - 2014-10-09 10:13 - 06293144 _____ () C:\Users\b\Documents\HipHop Zombie Dance - Very Funny_(360p).mp4
2014-10-09 10:09 - 2014-10-09 10:10 - 21110673 _____ () C:\Users\b\Documents\Zombie Hip Hop Music Video by Agent 23 Shambles_(360p).mp4
2014-10-09 10:03 - 2014-10-09 10:04 - 06560153 _____ () C:\Users\b\Documents\Jahlil Beats_Cardiak Type beat- Fruity Loops [Prod. Desire Beatz]_(360p).mp4
2014-10-09 09:16 - 2014-10-09 09:17 - 14723557 _____ () C:\Users\b\Documents\Epic Film Trailer Music Instrumental Sign Of The Beast - Anno Domini Beats_(360p).mp4
2014-10-09 01:13 - 2014-10-09 01:13 - 09474984 _____ () C:\Users\b\Documents\Goretex feat Necro - Dopesick_(360p).mp4
2014-10-09 01:07 - 2014-10-09 01:07 - 05347608 _____ () C:\Users\b\Documents\Necro feat Non Phixion - Black Helicopter_(360p).mp4
2014-10-09 00:57 - 2014-10-09 00:57 - 05896318 _____ () C:\Users\b\Documents\Modern WarFare rap instrumental - prod. by Mitenberg_(360p).mp4
2014-10-09 00:55 - 2014-10-09 00:56 - 07189388 _____ () C:\Users\b\Documents\Dark Horror Scary Beat _ Instrumental_(360p).mp4
2014-10-09 00:43 - 2014-10-09 00:44 - 14028912 _____ () C:\Users\b\Documents\Best Horror Beat Ever Made with FL Studio 9_(360p).mp4
2014-10-09 00:39 - 2014-10-09 00:40 - 06636445 _____ () C:\Users\b\Documents\South Horror Hip Hop Instrumental {rap}_(360p).mp4
2014-10-09 00:29 - 2014-10-09 00:30 - 05017198 _____ () C:\Users\b\Documents\Horrorcore Beats to Rap - The Dark Hours - FREE Download_(360p).mp4
2014-10-09 00:09 - 2014-10-09 00:09 - 12374511 _____ () C:\Users\b\Documents\Gong Beatz & Q Bass.Natural Balance.Instrumental hip hop beat_(360p).mp4
2014-10-09 00:06 - 2014-10-09 00:06 - 08413595 _____ () C:\Users\b\Documents\[Prod. By J.C. Skilla] Free Dope Banger Instrumentals {Free Sick Amazing Beats}_(360p).mp4
2014-10-09 00:01 - 2014-10-09 00:01 - 11206764 _____ () C:\Users\b\Documents\Mano Burraz - Serás tu a minha Julieta_ (MM Prod)_(360p).mp4
2014-10-08 23:59 - 2014-10-08 23:59 - 05229208 _____ () C:\Users\b\Documents\All Of Me '' Kizomba_(360p).mp4
2014-10-08 21:18 - 2014-10-08 21:18 - 00000000 ____D () C:\Users\Default\AppData\Local\Trusteer
2014-10-08 21:18 - 2014-10-08 21:18 - 00000000 ____D () C:\Users\Default User\AppData\Local\Trusteer
2014-10-08 14:46 - 2014-10-10 16:43 - 15677528 _____ () C:\Users\b\Desktop\RogueKiller.exe
2014-10-07 21:42 - 2014-10-11 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-10-07 21:42 - 2014-10-07 21:42 - 00002138 _____ () C:\Users\Public\Desktop\Free Video Editor.lnk
2014-10-07 21:42 - 2014-10-07 21:42 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-10-07 21:42 - 2014-10-07 21:42 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-10-07 21:40 - 2014-10-07 21:43 - 00000000 ____D () C:\Users\b\AppData\Roaming\DVDVideoSoft
2014-10-07 15:33 - 2014-10-07 15:34 - 10627074 _____ () C:\Users\b\Documents\Scary RAP Instrumental [Hard Trap Beat] _ On the Blade _ Prod. Alexkout Beats & Fare-M Productions_(360p).mp4
2014-10-07 14:54 - 2014-10-07 14:55 - 29133015 _____ () C:\Users\b\Documents\O.M.H FT. SoLo Hear Me Now OFFICIAL VIDEO_(360p).mp4
2014-10-07 14:39 - 2014-10-07 14:40 - 11526126 _____ () C:\Users\b\Documents\Shotty Horroh - Winners Anthem_(360p).mp4
2014-10-07 14:34 - 2014-10-07 14:35 - 20192082 _____ () C:\Users\b\Documents\Charron - Go In (ft. Swisha-T and Bender)_(360p).mp4
2014-10-07 14:25 - 2014-10-07 14:25 - 08805903 _____ () C:\Users\b\Documents\Yak Ballz - Homework_(360p).mp4
2014-10-07 14:22 - 2014-10-07 14:22 - 05245272 _____ () C:\Users\b\Documents\Hip Hop Instrumental Beat 2012 + Mp3 Download_(360p).mp4
2014-10-07 14:18 - 2014-10-07 14:18 - 06102604 _____ () C:\Users\b\Documents\Bloody Oil - Hard Dope Underground {Hip-Hop} Rap Instrumental [Collab Jacekdupa]_(360p).mp4
2014-10-07 14:15 - 2014-10-07 14:15 - 05422227 _____ () C:\Users\b\Documents\Fl Studio Epic Rap Beat - Never Surrender (Prod. by Ware)_(360p).mp4
2014-10-07 13:56 - 2014-10-07 13:56 - 05581581 _____ () C:\Users\b\Documents\Breathe - SkizoFrenik (Old School Hip Hop Beat)_(360p).mp4
2014-10-07 12:25 - 2014-10-07 12:25 - 04481758 _____ () C:\Users\b\Documents\Cage - See You In Hell ( New 2012 )_(360p).mp4
2014-10-06 18:24 - 2014-10-06 18:24 - 04059251 _____ () C:\Users\b\Documents\cage - Leak Bros. - Weatherproof_(360p).mp4
2014-10-06 16:20 - 2014-10-11 00:10 - 00000000 ____D () C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2014-10-06 16:20 - 2014-10-06 16:44 - 00000000 ____D () C:\Program Files\Everything
2014-10-06 15:50 - 2014-10-06 15:50 - 00001358 _____ () C:\Users\Public\Desktop\BB FlashBack Pro 5 Recorder.lnk
2014-10-06 15:50 - 2014-10-06 15:50 - 00001348 _____ () C:\Users\Public\Desktop\BB FlashBack Pro 5 Player.lnk
2014-10-06 15:48 - 2014-10-06 15:48 - 00000000 ____D () C:\Users\b\Documents\BB FlashBack Pro 5 Updates
2014-10-06 15:33 - 2014-10-06 15:33 - 06063046 _____ () C:\Users\b\Documents\cage - Underground Rapstar - Weatherproof_(360p).mp4
2014-10-06 15:24 - 2014-10-06 15:25 - 16185705 _____ () C:\Users\b\Documents\Atmosphere - Trying To Find A Balance_(360p).mp4
2014-10-06 15:21 - 2014-10-06 15:21 - 07846249 _____ () C:\Users\b\Documents\Once upon a time in America (old school rap instrumental)_(360p).mp4
2014-10-06 15:17 - 2014-10-06 15:17 - 17349354 _____ () C:\Users\b\Documents\Heiruspecs - Get Up_(360p).mp4
2014-10-06 15:12 - 2014-10-06 15:13 - 05844062 _____ () C:\Users\b\Documents\Heiruspecs- Get Down_(360p).mp4
2014-10-06 15:04 - 2014-10-06 15:04 - 03363478 _____ () C:\Users\b\Documents\Yak Ballz - Spy on You_(360p).mp4
2014-10-06 14:19 - 2014-10-06 14:19 - 04860971 _____ () C:\Users\b\Documents\Luniz-I got five on it_(360p).mp4
2014-10-06 14:17 - 2014-10-06 14:18 - 26082219 _____ () C:\Users\b\Documents\E-40 feat Juicy J & Ty Dolla $ign Chitty Bang_(360p).mp4
2014-10-06 14:14 - 2014-10-06 14:15 - 25384318 _____ () C:\Users\b\Documents\E-40 - That Candy Paint Ft. Slim Thug & Bun B (Video) (Prod. By Shape Shifta)_(360p).mp4
2014-10-06 14:12 - 2014-10-06 14:13 - 11927102 _____ () C:\Users\b\Documents\Commercial Break (SMP, Belly & Charron)_(360p).mp4
2014-10-06 13:27 - 2014-10-06 13:27 - 00000892 _____ () C:\avenger.txt
2014-10-06 13:27 - 2014-10-06 13:27 - 00000000 ____D () C:\Avenger
2014-10-06 13:19 - 2014-10-06 13:19 - 00002506 _____ () C:\Users\b\Desktop\FixIEDef.log
2014-10-06 13:18 - 2014-10-06 13:18 - 00000000 ____D () C:\ERDNT
2014-10-06 13:17 - 2014-10-06 13:17 - 00000000 ____D () C:\!FixIEDef
2014-10-06 13:12 - 2014-10-06 13:12 - 00019286 _____ () C:\cleanup.exe
2014-10-06 13:12 - 2014-10-06 13:12 - 00000574 _____ () C:\cleanup.bat
2014-10-06 11:17 - 2014-10-11 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraSnap PRO
2014-10-06 11:17 - 2014-10-06 11:17 - 00000000 ____D () C:\Program Files\UltraSnapPRO
2014-10-06 01:10 - 2014-10-06 01:11 - 15129305 _____ () C:\Users\b\Documents\Micka Mex _ Don't Say Too Much_(360p).mp4
2014-10-06 01:06 - 2014-10-06 01:07 - 16409989 _____ () C:\Users\b\Documents\Sentral Soldiers - Funk Volume_ Don't Funk Up Our Beats 5_(360p).mp4
2014-10-06 01:03 - 2014-10-06 01:03 - 15539820 _____ () C:\Users\b\Documents\DFUOB 6 - Don't Funk Up Our Beats 6 - Mr. Black feat SMOKE - Lesser of 2 Evils_(360p).mp4
2014-10-06 00:57 - 2014-10-06 00:58 - 16585332 _____ () C:\Users\b\Documents\DFUOB#6 - J.Terrible - Official Contest Entry_(360p).mp4
2014-10-06 00:34 - 2014-10-06 00:35 - 18877596 _____ () C:\Users\b\Documents\Joe Dub ft. Liquid Assassin Get Back (Official Video)_(360p).mp4
2014-10-05 18:18 - 2014-10-05 18:18 - 00070314 _____ () C:\Users\b\Documents\gm.m3d
2014-10-05 14:38 - 2014-10-05 14:38 - 14640056 _____ () C:\Users\b\Documents\HEY KID   (response to kid diss) BROOKLYN_(360p).mp4
2014-10-05 14:33 - 2014-10-05 14:34 - 23887552 _____ () C:\Users\b\Documents\HHVtv - Brass Tackz - 'Can't You See'  - HIP HOP VANCOUVER_(360p).mp4
2014-10-05 14:20 - 2014-10-05 14:21 - 18079167 _____ () C:\Users\b\Documents\Snak the Ripper ft. Evil Ebenezer - Crush Brews_(360p).mp4
2014-10-05 13:56 - 2014-10-05 13:56 - 07938375 _____ () C:\Users\b\Documents\Trap Anthem Style Instrumental Beat  Certified  by SaruBeatz (xMaxMillionBeatz) ᴴᴰ_(360p).mp4
2014-10-05 13:39 - 2014-10-05 13:39 - 16466439 _____ () C:\Users\b\Documents\Double Edge - (Underground) Street Hip Hop Instrumental {2014} Mister KA Beats_(360p).mp4
2014-10-05 13:28 - 2014-10-05 13:28 - 16070970 _____ () C:\Users\b\Documents\One Shot (Beat w_ Hook) Anthem Hip Hop Instrumental {2014} Mister KA Beats_(360p).mp4
2014-10-05 12:35 - 2014-10-05 12:35 - 06462156 _____ () C:\Users\b\Documents\Twiztid - A New Nightmare - 06 Screaming Out ft. Dominic & Irv Da Phenom_(360p).mp4
2014-10-05 12:18 - 2014-10-05 12:19 - 10770392 _____ () C:\Users\b\Documents\Liquid Assassin - Down to Ride_(360p).mp4
2014-10-05 12:15 - 2014-10-05 12:16 - 05171731 _____ () C:\Users\b\Documents\Liquid Assassin - From the Bottom (ft. Celph Titled)_(360p).mp4
2014-10-05 03:45 - 2014-10-05 03:45 - 00055071 _____ () C:\Users\b\Documents\qw.m3d
2014-10-05 03:34 - 2014-10-05 03:35 - 24296959 _____ () C:\Users\b\Documents\M.O.P. - Ante Up Remix ft. Busta Rhymes, Teflon, Remy Martin_(360p).mp4
2014-10-05 03:28 - 2014-10-05 03:29 - 11742359 _____ () C:\Users\b\Documents\FREE DL__ 2013 LOURDE TRAP 2CHAINZ BEAT INSTRUMENTAL - Black Night_(360p).mp4
2014-10-05 03:22 - 2014-10-05 03:22 - 06566841 _____ () C:\Users\b\Documents\WEED PARTY - Rap_Hip-Hop_Trap_New School Instrumental (Prod. by Vicente) HD_(360p).mp4
2014-10-05 03:21 - 2014-10-05 03:21 - 02018163 _____ () C:\Users\b\Documents\Weed Smoking Underground Hip Hop Instrumental Street Rap Beat - Beast Inside Beats_(360p).mp4
2014-10-05 03:11 - 2014-10-05 03:14 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-05 02:35 - 2014-10-05 02:36 - 07389410 _____ () C:\Users\b\Documents\No Tomorrow-Hard Deep Rap Beat{Hip Hop Instrumental 2014}_(360p).mp4
2014-10-05 02:27 - 2014-10-05 02:27 - 09245579 _____ () C:\Users\b\Documents\Hip-Hop _ HARD RAP Instrumental Beat 2014 (Aggressive) Damas Beats_(360p).mp4
2014-10-05 01:32 - 2014-10-05 01:32 - 03884506 _____ () C:\Users\b\Documents\Epic Trap Hip Hop Instrumental {Rap Beat} 2014 (prod. by SP Anonymous)_(360p).mp4
2014-10-05 01:30 - 2014-10-05 01:30 - 08346855 _____ () C:\Users\b\Documents\Epic Hip Hop Instrumental {Rap Beat} 2014 (prod. by PusherProductions)_(360p).mp4
2014-10-05 01:28 - 2014-10-05 01:29 - 21013711 _____ () C:\Users\b\Documents\Jeremih - Don't Tell Em Ft. YG _ Choreography by_ Ricky Cole_(360p).mp4
2014-10-05 01:22 - 2014-10-05 01:22 - 12901576 _____ () C:\Users\b\Documents\Hard Gangsta Hip Hop Instrumental - Ready for War_(360p).mp4
2014-10-05 01:21 - 2014-10-05 01:21 - 05658636 _____ () C:\Users\b\Documents\Epic Hip Hop Instrumental - Surreal 2 Music_(360p).mp4
2014-10-05 01:04 - 2014-10-05 01:05 - 18795128 _____ () C:\Users\b\Documents\Chris Brown Loyal Remix by Domo (Female Version)_(360p).mp4
2014-10-05 00:53 - 2014-10-05 00:54 - 11189444 _____ () C:\Users\b\Documents\TGM - SICKEST ORCHESTRAL PUMP UP INSTRUMENTAL CONQUEROR_(360p).mp4
2014-10-05 00:48 - 2014-10-05 00:48 - 09124612 _____ () C:\Users\b\Documents\Inspirational Rap HipHop Beat _ Prod. by Mubz Beats _ _HARD__(360p).mp4
2014-10-05 00:38 - 2014-10-05 00:38 - 06433019 _____ () C:\Users\b\Documents\Mubz Beatz - Crazy Soulful Sampled Hip Hop instrumental_Rap Beat - Open Your Eyes_(360p).mp4
2014-10-05 00:11 - 2014-10-05 00:12 - 07896829 _____ () C:\Users\b\Documents\Hard Aggressive Motivational Hip-Hop {Rap} Beat ''Wake up'' 2014 Instrumental by ShonzY BeatZ_(360p).mp4
2014-10-04 23:57 - 2014-10-04 23:58 - 17915878 _____ () C:\Users\b\Documents\2014 HARD {DARK THOUGHTS} HIP-HOP BEAT {RAP} INSTRUMENTAL_(360p).mp4
2014-10-04 23:53 - 2014-10-04 23:53 - 05263373 _____ () C:\Users\b\Documents\Tonight We Fade - King (Unreleased)_(360p).mp4
2014-10-04 23:34 - 2014-10-11 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD
2014-10-04 23:34 - 2014-10-04 23:34 - 00001111 _____ () C:\Users\b\Desktop\Youtube Downloader HD.lnk
2014-10-04 20:26 - 2014-10-04 20:30 - 00000000 ____D () C:\Users\b\AppData\Roaming\Runscanner.net
2014-10-04 20:22 - 2014-10-04 20:24 - 00002104 _____ () C:\Users\b\Desktop\Rkill.txt
2014-10-04 19:18 - 2014-10-04 19:18 - 00245524 _____ () C:\Users\b\Documents\qw.swf
2014-10-04 18:56 - 2014-10-04 18:57 - 153094886 _____ () C:\Users\b\Desktop\qq1.swf
2014-10-04 18:21 - 2014-10-04 18:21 - 00001178 _____ () C:\Users\Public\Desktop\Sothink SWF Editor.lnk
2014-10-04 18:19 - 2014-10-04 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SourceTec
2014-10-04 18:19 - 2014-10-04 18:21 - 00000000 ____D () C:\Program Files\SourceTec
2014-10-04 18:19 - 2014-10-04 18:19 - 00001226 _____ () C:\Users\Public\Desktop\Sothink SWF Decompiler.lnk
2014-10-04 18:19 - 2014-10-04 18:19 - 00001190 _____ () C:\Users\Public\Desktop\Sothink SWF Catcher.lnk
2014-10-04 18:19 - 2014-10-04 18:19 - 00000000 ____D () C:\Program Files\Common Files\SourceTec
2014-10-04 18:02 - 2014-10-11 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KNCTR
2014-10-04 18:02 - 2014-10-04 18:02 - 00001028 _____ () C:\Users\Public\Desktop\KNCTR.lnk
2014-10-04 18:02 - 2014-10-04 18:02 - 00000000 ____D () C:\Users\b\AppData\Roaming\Itibiti
2014-10-04 18:02 - 2014-10-04 18:02 - 00000000 ____D () C:\Program Files\Itibiti Soft Phone
2014-10-04 13:31 - 2014-10-04 13:31 - 00000000 ____D () C:\Users\b\AppData\Roaming\RecoolTec
2014-10-04 12:44 - 2014-10-04 12:44 - 00000000 ____D () C:\Users\b\AppData\Roaming\ThunderSoft
2014-10-04 12:43 - 2014-10-04 12:43 - 00001244 _____ () C:\Users\Public\Desktop\ThunderSoft Flash to HTML5 Converter.lnk
2014-10-04 12:43 - 2014-10-04 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ThunderSoft
2014-10-04 12:43 - 2014-10-04 12:43 - 00000000 ____D () C:\Program Files\ThunderSoft
2014-10-04 12:34 - 2014-10-04 12:34 - 00000000 ____D () C:\Users\b\Documents\SWF to HTML5 Converter
2014-10-04 12:33 - 2014-10-04 12:33 - 00001132 _____ () C:\Users\Public\Desktop\Recool SWF to HTML5 Converter.lnk
2014-10-04 12:33 - 2014-10-04 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RecoolTec
2014-10-04 12:33 - 2014-10-04 12:33 - 00000000 ____D () C:\Program Files\Recool SWF to HTML5 Converter
2014-10-04 12:33 - 2014-10-04 12:33 - 00000000 ____D () C:\Program Files\AviSynth 2.5
2014-10-04 12:33 - 2011-04-12 21:43 - 00219136 _____ (SWF Converter) C:\Windows\system32\frvSource.ax
2014-10-03 13:31 - 2014-10-03 13:31 - 00004544 _____ () C:\Users\b\Desktop\مستند دفتر يومية جديد ‫(2)‬.jnt
2014-10-02 19:01 - 2014-10-02 19:01 - 193865307 _____ () C:\Users\b\Documents\qqqq1.swf
2014-10-02 18:50 - 2014-10-02 18:50 - 00049522 _____ () C:\Users\b\Documents\gf.m3d
2014-10-01 07:48 - 2014-10-01 07:48 - 00000000 ____D () C:\ProgramData\Doctor Web
2014-10-01 07:46 - 2014-10-01 08:14 - 00000000 ____D () C:\Users\b\Doctor Web
2014-10-01 06:49 - 2014-10-01 06:49 - 01375089 _____ () C:\Users\b\Desktop\adwcleaner_3.311.exe
2014-09-30 16:59 - 2014-10-11 19:46 - 00000000 ____D () C:\Program Files\Mobogenie3
2014-09-30 16:59 - 2014-09-30 16:59 - 00000000 ____D () C:\Users\b\AppData\Roaming\WinnerMediaPlayer
2014-09-30 16:58 - 2014-10-11 02:04 - 00000000 ____D () C:\Program Files\Winner Media Player
2014-09-30 16:57 - 2014-09-30 16:57 - 00000000 ____D () C:\Users\b\AppData\Roaming\Dorrible
2014-09-30 16:20 - 2014-10-10 19:56 - 00000000 ____D () C:\Users\b\AppData\Roaming\uTorrent
2014-09-30 15:35 - 2014-10-05 11:49 - 00000700 ___SH () C:\Users\b\AppData\Local\systemFL7.dat
2014-09-30 14:44 - 2014-09-30 14:44 - 06337892 _____ () C:\Users\b\Documents\SubNoize Souljaz - Pull The Pin_(360p).mp4
2014-09-30 07:59 - 2014-09-30 07:59 - 05376558 _____ () C:\Users\b\Documents\FONG FONG - BLUE_(360p).mp4
2014-09-30 07:52 - 2014-09-30 07:52 - 24913071 _____ () C:\Users\b\Documents\DJ FLY - DMC WORLD CHAMPION 2013_(360p).mp4
2014-09-30 07:48 - 2014-09-30 07:48 - 05517114 _____ () C:\Users\b\Documents\Vekked - Guard yo Grill (Freestyle Scratch)_(360p).mp4
2014-09-30 07:43 - 2014-09-30 07:44 - 24865776 _____ () C:\Users\b\Documents\The Smokey & Skratchy Show - Episode 6_(360p).mp4
2014-09-30 07:39 - 2014-09-30 07:39 - 21242634 _____ () C:\Users\b\Documents\The Smokey & Skratchy Show Ep 04_(360p).mp4
2014-09-30 07:27 - 2014-09-30 07:30 - 113525828 _____ () C:\Users\b\Documents\Serial Killers - Serial Killers Vol 1 (2013) (Full Mixtape) (+download) (New)_(360p).mp4
2014-09-30 07:24 - 2014-09-30 07:24 - 14274645 _____ () C:\Users\b\Documents\Redman - Dunfiato_(360p).mp4
2014-09-30 07:22 - 2014-09-30 07:23 - 21256231 _____ () C:\Users\b\Documents\Xzibit, B-Real, Demrick (Serial Killers) - No Comin' Back (Official Video)_(360p).mp4
2014-09-30 07:15 - 2014-09-30 07:16 - 20217560 _____ () C:\Users\b\Documents\Merkules - L.A.S.H. feat. Snak The Ripper_(360p).mp4
2014-09-30 07:09 - 2014-09-30 07:10 - 00033768 _____ () C:\Users\b\Documents\Snak The Ripper - Done  - feat. Young Sin , Juho - SDK #339 - EPHIN APPAREL - Malaga Spain_(360p).mp4
2014-09-30 07:08 - 2014-09-30 07:09 - 46134756 _____ () C:\Users\b\Documents\Snak The Ripper ft. Young Sin Rap Biz - GRAFFITI SKI MASK CAPITAL Q_(360p).mp4
2014-09-30 06:57 - 2014-09-30 06:57 - 08014913 _____ () C:\Users\b\Documents\Big B - Its All Good (Feat) The DirtBall_(360p).mp4
2014-09-29 17:01 - 2014-09-29 17:01 - 00004142 _____ () C:\ProgramData\uxxadbmu.rlu
2014-09-29 17:01 - 2014-09-29 17:01 - 00000000 ____D () C:\Users\b\AppData\Roaming\MOVAVI
2014-09-29 17:01 - 2014-09-29 17:01 - 00000000 ____D () C:\Users\b\AppData\Local\Movavi
2014-09-29 17:00 - 2014-09-29 17:00 - 00001071 _____ () C:\Users\Public\Desktop\Movavi Video Editor 9.lnk
2014-09-29 17:00 - 2014-09-29 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Editor 9
2014-09-29 17:00 - 2014-09-29 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect
2014-09-29 16:59 - 2014-09-29 17:00 - 00000000 ____D () C:\Program Files\Movavi Video Editor 9
2014-09-29 16:59 - 2014-09-29 16:59 - 00000000 ____D () C:\Users\b\AppData\Roaming\ArcSoft
2014-09-29 16:59 - 2014-09-29 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoImpression 6
2014-09-29 16:59 - 2007-06-06 03:39 - 00072448 _____ (ArcSoft Inc.) C:\Windows\system32\PhotoImpression Slideshow.scr
2014-09-29 16:59 - 2006-11-10 15:05 - 00018688 _____ (Arcsoft, Inc.) C:\Windows\system32\Drivers\afc.sys
2014-09-29 16:59 - 1995-08-01 04:44 - 00212480 _____ (Eastman Kodak) C:\Windows\PCDLIB32.DLL
2014-09-29 16:58 - 2014-09-29 16:59 - 00000000 ____D () C:\Windows\system32\PhotoImpression Slideshow
2014-09-29 16:58 - 2005-04-27 16:36 - 00245408 _____ (Microsoft Corporation) C:\Windows\system32\unicows.dll
2014-09-29 16:56 - 2014-09-29 16:57 - 00000000 ____D () C:\Program Files\Photolightning
2014-09-29 16:56 - 2014-09-29 16:56 - 00001883 _____ () C:\Users\Public\Desktop\Photolightning.lnk
2014-09-29 16:56 - 2014-09-29 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photolightning
2014-09-29 16:56 - 2006-02-06 20:41 - 00065536 _____ (Photolightning) C:\Windows\Photolightning.SCR
2014-09-29 16:53 - 2014-09-29 17:01 - 00000000 ____D () C:\Users\b\AppData\Local\ArcSoft
2014-09-29 16:53 - 2014-09-29 16:58 - 00000000 ____D () C:\Program Files\ArcSoft
2014-09-29 16:53 - 2014-09-29 16:53 - 00001957 _____ () C:\Users\Public\Desktop\PhotoStudio 6.lnk
2014-09-29 16:53 - 2014-09-29 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoStudio 6
2014-09-29 16:53 - 2014-09-29 16:53 - 00000000 ____D () C:\ProgramData\ArcSoft
2014-09-29 16:52 - 2014-09-29 17:00 - 00000000 ____D () C:\Program Files\Common Files\ArcSoft
2014-09-29 16:51 - 2014-09-29 16:51 - 00001980 _____ () C:\Users\Public\Desktop\PhotoImpact X3.lnk
2014-09-29 16:50 - 2014-09-29 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoImpact X3
2014-09-29 16:50 - 2014-09-29 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel
2014-09-29 16:39 - 2014-09-29 16:39 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-09-29 16:27 - 2014-09-29 16:29 - 00000000 ____D () C:\Users\b\AppData\Local\PhotoEditor
2014-09-29 16:27 - 2014-09-29 16:27 - 00000000 ____D () C:\Users\b\AppData\Local\Anthropics
2014-09-29 16:24 - 2014-09-29 16:24 - 00001178 _____ () C:\Users\b\Desktop\Smart Photo Editor Trial.lnk
2014-09-29 16:24 - 2014-09-29 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Photo Editor Trial
2014-09-29 16:24 - 2014-09-29 16:24 - 00000000 ____D () C:\Program Files\Smart Photo Editor Trial
2014-09-29 16:14 - 2014-09-29 16:14 - 00000000 ____D () C:\Users\b\AppData\Roaming\Engelmann Media
2014-09-29 16:13 - 2014-09-29 16:13 - 00001171 _____ () C:\Users\Public\Desktop\Photomizer Retro.lnk
2014-09-29 16:13 - 2014-09-29 16:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Engelmann Media
2014-09-29 16:13 - 2014-09-29 16:13 - 00000000 ____D () C:\Program Files\Engelmann Media
2014-09-29 16:13 - 2014-09-29 16:13 - 00000000 ____D () C:\Program Files\Common Files\HDX4
2014-09-29 16:09 - 2014-09-29 16:09 - 00002038 _____ () C:\Users\Public\Desktop\NCH Suite.lnk
2014-09-29 16:09 - 2014-09-29 16:09 - 00001116 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoPad Image Editor.lnk
2014-09-29 16:09 - 2014-09-29 16:09 - 00000000 ____D () C:\Users\b\AppData\Roaming\NCH Software
2014-09-29 16:09 - 2014-09-29 16:09 - 00000000 ____D () C:\ProgramData\NCH Software
2014-09-29 16:09 - 2014-09-29 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-09-29 16:09 - 2014-09-29 16:09 - 00000000 ____D () C:\Program Files\NCH Software
2014-09-29 13:54 - 2014-09-29 13:54 - 00002262 _____ () C:\Users\Public\Desktop\ACDSee Photo Editor 6.lnk
2014-09-29 13:54 - 2014-09-29 13:54 - 00000000 ____D () C:\Users\b\Documents\ACDSee Photo Editor
2014-09-29 13:40 - 2014-09-29 13:40 - 00002174 _____ () C:\Users\Public\Desktop\ACDSee 18.lnk
2014-09-29 09:19 - 2014-09-29 09:19 - 00001188 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2014-09-29 09:19 - 2014-09-29 09:19 - 00001176 _____ () C:\Users\Public\Desktop\paint.net.lnk
2014-09-29 09:19 - 2014-09-29 09:19 - 00000000 ____D () C:\Program Files\paint.net
2014-09-29 09:18 - 2014-09-29 09:21 - 00000000 ____D () C:\Users\b\AppData\Local\paint.net
2014-09-28 16:17 - 2014-09-28 16:17 - 00000000 ____D () C:\Users\b\AppData\Local\QupZilla
2014-09-28 16:16 - 2014-09-28 16:16 - 00000965 _____ () C:\Users\Public\Desktop\QupZilla.lnk
2014-09-28 16:16 - 2014-09-28 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QupZilla
2014-09-28 16:16 - 2014-09-28 16:16 - 00000000 ____D () C:\Program Files\QupZilla
2014-09-28 13:45 - 2014-09-28 13:46 - 15491222 _____ () C:\Users\b\Documents\GT GARZA - MAVERICK MUSIC_(360p).mp4
2014-09-28 12:41 - 2014-10-06 13:18 - 00000000 ____D () C:\Windows\ERUNT
2014-09-28 12:20 - 2014-10-06 19:51 - 00000821 _____ () C:\Windows\system32\Drivers\etc\hosts.ccebak
2014-09-27 10:56 - 2014-09-27 10:56 - 00000000 ____D () C:\Program Files\Common Files\Corel
2014-09-27 10:53 - 2014-09-27 10:53 - 00001995 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Painter 2015.lnk
2014-09-27 10:14 - 2014-09-27 10:15 - 25948690 _____ () C:\Users\b\Documents\Subnoize Souljaz Droppin Bombs 8_29_06_(360p).mp4
2014-09-27 09:41 - 2014-09-27 09:41 - 08820701 _____ () C:\Users\b\Documents\Kottonmouth Kings - Down 4 tha Crown_(360p).mp4
2014-09-27 09:40 - 2014-09-27 09:40 - 06017963 _____ () C:\Users\b\Documents\D-Loc - Take A Ride Feat. Judge D_(360p).mp4
2014-09-27 09:31 - 2014-09-27 09:32 - 08962388 _____ () C:\Users\b\Documents\Potluck - Wake N Bake_(360p).mp4
2014-09-27 09:25 - 2014-09-27 09:25 - 16066685 _____ () C:\Users\b\Documents\Potluck - Hit Em Hard_(360p).mp4
2014-09-27 09:22 - 2014-09-27 09:23 - 07257057 _____ () C:\Users\b\Documents\Potluck - Be Easy_(360p).mp4
2014-09-27 09:20 - 2014-09-28 04:14 - 10864954 _____ () C:\Users\b\Documents\We Bad Subnoize Souljas_(360p).mp4
2014-09-27 09:15 - 2014-09-27 09:16 - 34623357 _____ () C:\Users\b\Documents\CHAPTER 6 Satan, Aleister Crowley and the Beatles part a_(360p).mp4
2014-09-27 07:04 - 2014-09-27 07:04 - 00001173 _____ () C:\Users\Public\Desktop\Sound Forge Audio Studio.lnk
2014-09-27 06:20 - 2014-09-27 06:22 - 00000000 ____D () C:\Users\b\AppData\Roaming\muvee Technologies
2014-09-27 06:20 - 2014-09-27 06:20 - 00002037 _____ () C:\Users\Public\Desktop\moviEZ HD.lnk
2014-09-27 06:20 - 2014-09-27 06:20 - 00001089 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\moviEZ HD.lnk
2014-09-27 06:19 - 2014-09-27 06:19 - 00000000 ____D () C:\Program Files\Common Files\muvee Technologies
2014-09-27 06:15 - 2014-09-27 06:21 - 00000000 ____D () C:\ProgramData\muvee Technologies
2014-09-27 06:13 - 2014-09-27 06:15 - 39792025 _____ () C:\Users\b\Documents\Satanist Aleister Crowley and the Beatles_(360p).mp4
2014-09-27 06:10 - 2014-09-27 06:17 - 156214024 _____ (Sony Creative Software Inc.) C:\Users\b\Desktop\audiostudio10.0.252.exe
2014-09-27 06:09 - 2014-09-27 06:15 - 101132656 _____ (Sony Creative Software Inc.) C:\Users\b\Desktop\moviezhd1.0.2911.exe
2014-09-27 05:12 - 2014-09-27 05:12 - 00000000 ____D () C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-27 05:12 - 2014-09-27 05:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-27 04:54 - 2014-09-27 04:54 - 00001160 _____ () C:\Users\Public\Desktop\Wondershare Video Editor.lnk
2014-09-27 04:54 - 2014-07-15 17:24 - 02140712 _____ (MainConcept GmbH) C:\Windows\system32\mcmpgvout.004
2014-09-27 04:54 - 2014-07-15 17:24 - 00531496 _____ (MainConcept GmbH) C:\Windows\system32\mcmpeg2mux.ax
2014-09-27 04:54 - 2014-07-15 17:24 - 00375848 _____ (MainConcept GmbH) C:\Windows\system32\mcm2ve.ax
2014-09-27 04:54 - 2014-07-15 17:24 - 00257064 _____ (MainConcept GmbH) C:\Windows\system32\mcl2ae.ax
2014-09-27 04:54 - 2014-07-15 17:24 - 00244776 _____ (MainConcept GmbH) C:\Windows\system32\mcmpgaout.dll
2014-09-27 04:54 - 2014-07-15 17:24 - 00020520 _____ (MainConcept GmbH) C:\Windows\system32\mcmpgvout.dll
2014-09-27 02:30 - 2014-09-27 02:30 - 01135397 _____ () C:\Users\b\Documents\سرقة نكات cut_(360p).mp4
2014-09-26 13:45 - 2014-09-26 13:45 - 12170441 _____ () C:\Users\b\Documents\The Dirtball - Lifestyles_(360p).mp4
2014-09-26 13:41 - 2014-09-26 13:41 - 08529373 _____ () C:\Users\b\Documents\Tech N9ne - Worldwide Choppers ( Busta Rhymes,  Yelawolf, Twista..)_(360p).mp4
2014-09-26 13:40 - 2014-09-26 13:40 - 08459432 _____ () C:\Users\b\Documents\Tech N9ne - Demons (feat. Three 6 Mafia)_(360p).mp4
2014-09-26 13:33 - 2014-09-26 13:34 - 21533962 _____ () C:\Users\b\Documents\TeamBackPack _ PotLuck & Liquid Assassin _ Prod. by KATO_(360p).mp4
2014-09-26 13:31 - 2014-09-26 13:32 - 28892881 _____ () C:\Users\b\Documents\TeamBackpack _ Miny, Onyx, Collins _ Prod. by Cool FD_(360p).mp4
2014-09-26 13:29 - 2014-09-26 13:29 - 09907958 _____ () C:\Users\b\Documents\Sadistik-Snow White(Lyrics on Screen)_(360p).mp4
2014-09-26 13:26 - 2014-09-26 13:26 - 12428050 _____ () C:\Users\b\Documents\Madchild - Blood Beast - Official Music Video_(360p).mp4
2014-09-26 13:21 - 2014-09-26 13:21 - 05326908 _____ () C:\Users\b\Documents\Atmosphere - Free or Dead_(360p).mp4
2014-09-26 13:11 - 2014-09-26 13:11 - 13062135 _____ () C:\Users\b\Documents\LOWKEY - OBAMA NATION (OFFICIAL VIDEO) - BANNED FROM TV_(360p).mp4
2014-09-26 13:09 - 2014-09-26 13:09 - 09286604 _____ () C:\Users\b\Documents\No Mercy - Immortal Technique [With Lyrics]_(360p).mp4
2014-09-26 13:06 - 2014-09-26 13:07 - 06518776 _____ () C:\Users\b\Documents\Atmosphere- They Lied_(360p).mp4
2014-09-26 13:01 - 2014-09-26 13:01 - 05654629 _____ () C:\Users\b\Documents\Grieves - Lock Down_(360p).mp4
2014-09-26 12:57 - 2014-09-26 12:58 - 15881904 _____ () C:\Users\b\Documents\Grieves - Lazt Kall (feat Type, Rik Rude & P Smoov)_(360p).mp4
2014-09-26 12:56 - 2014-09-26 12:57 - 03455822 _____ () C:\Users\b\Documents\Grieves, Budo & K.Flay - Lost In The Sun_(360p).mp4
2014-09-26 12:51 - 2014-09-26 12:52 - 15256327 _____ () C:\Users\b\Documents\Lil Kim feat. 2Pac & Phil Collins - Starin' (In The Air Tonight) Remix_(360p).mp4
2014-09-26 12:46 - 2014-09-26 12:47 - 25940583 _____ () C:\Users\b\Documents\Grieves - Kidding Me - Audiotree Live_(360p).mp4
2014-09-26 12:45 - 2014-09-26 12:46 - 18330588 _____ () C:\Users\b\Documents\Atmosphere - Bitter (Official Video)_(360p).mp4
2014-09-26 11:18 - 2014-09-26 11:18 - 08447140 _____ () C:\Users\b\Documents\MARCO POLO - Get Busy feat. Copywrite_(360p).mp4
2014-09-26 11:16 - 2014-09-26 11:17 - 13477555 _____ () C:\Users\b\Documents\Copywrite- Shotgun Official Video_(360p).mp4
2014-09-26 11:01 - 2014-09-26 11:02 - 15769109 _____ () C:\Users\b\Documents\Supastition - Yada Yada (Produced by Marco Polo)_(360p).mp4
2014-09-26 10:53 - 2014-09-26 10:54 - 06225955 _____ () C:\Users\b\Documents\Supastition - Worst Enemy (Prod. Marco Polo)_(360p).mp4
2014-09-26 10:49 - 2014-09-26 10:50 - 16248537 _____ () C:\Users\b\Documents\Playdough & DJ Sean P Real Like It (Official Music Video) Gold Tips_(360p).mp4
2014-09-26 09:03 - 2014-09-26 09:04 - 19008830 _____ () C:\Users\b\Documents\Double A.B. - Maxine_(360p).mp4
2014-09-26 08:58 - 2014-09-26 08:58 - 17081032 _____ () C:\Users\b\Documents\Tame One Feat  Copywrite, J Zone, Cage, Mr  Eon & Skillz   EC All Stars '95 Remix_(360p).mp4
2014-09-26 08:24 - 2014-09-26 08:24 - 00000095 _____ () C:\Windows\MovieHunter.INI
2014-09-26 08:23 - 2014-10-04 21:14 - 00000000 ____D () C:\Users\b\Documents\Corel DVD MovieFactory
2014-09-26 08:16 - 2014-09-26 08:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2014-09-26 08:16 - 2014-09-26 08:16 - 00000000 ____D () C:\Program Files\Common Files\NewBlue
2014-09-26 08:15 - 2014-09-26 08:15 - 00002173 _____ () C:\Users\Public\Desktop\CyberLink PowerDirector 13.lnk
2014-09-26 08:15 - 2014-09-26 08:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 13
2014-09-26 08:15 - 2014-09-26 08:15 - 00000000 ____D () C:\Program Files\NewBlue
2014-09-26 08:02 - 2014-09-26 08:17 - 00000000 ____D () C:\ProgramData\SUPPORTDIR
2014-09-26 08:02 - 2014-09-26 08:02 - 13095227 _____ () C:\Users\b\Documents\Psych Ward EXOSKELETONS Feat. Apathy & Celph Titled REEL WOLF RECORDS 2013_(360p).mp4
2014-09-26 07:54 - 2014-09-26 07:55 - 20656810 _____ () C:\Users\b\Documents\D.I.T.C ENT. CYPHER W_ DJ PREMIER 2013_(360p).mp4
2014-09-26 07:42 - 2014-09-26 07:53 - 482873392 _____ () C:\Users\b\Documents\PowerDirector_2104_GM2_Trial_Trial_VDE140804-02.exe
2014-09-26 07:41 - 2014-09-26 07:41 - 01299304 _____ (CyberLink) C:\Users\b\Desktop\CyberLink_PowerDirector_Downloader.exe
2014-09-26 06:26 - 2014-09-26 06:26 - 00001226 _____ () C:\Users\b\Desktop\Wondershare DVD Slideshow Builder Deluxe.lnk
2014-09-26 06:12 - 2014-09-26 06:12 - 00012180 _____ () C:\Users\b\Desktop\ضش.m3d
2014-09-26 06:12 - 2014-09-26 06:12 - 00000000 ____D () C:\Users\b\Documents\Aurora3D
2014-09-25 18:41 - 2014-09-25 18:41 - 00001080 _____ () C:\Users\Public\Desktop\Aurora 3D Text & Logo Maker.lnk
2014-09-25 18:41 - 2014-09-25 18:41 - 00000000 ____D () C:\Users\b\AppData\Local\Maker3D
2014-09-25 18:41 - 2014-09-25 18:41 - 00000000 ____D () C:\Users\b\AppData\Local\Configure
2014-09-25 18:41 - 2014-09-25 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aurora 3D Text & Logo Maker
2014-09-25 18:40 - 2014-09-25 18:40 - 00000000 ____D () C:\Program Files\Aurora3D
2014-09-25 18:40 - 2011-09-13 17:58 - 00581632 _____ (Optima SC Inc.) C:\Windows\system32\vp8vfw.dll
2014-09-25 18:18 - 2014-09-25 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FontTwister
2014-09-25 18:18 - 2014-09-25 18:18 - 00000000 ____D () C:\Program Files\FontTwister
2014-09-25 13:50 - 2014-09-25 13:50 - 00000000 ____D () C:\Users\b\AppData\Local\Nero_AG
2014-09-25 13:36 - 2014-09-25 13:36 - 00000000 ____D () C:\ProgramData\Atheros
2014-09-25 13:36 - 2014-09-25 13:36 - 00000000 ____D () C:\Program Files\Atheros
2014-09-25 13:36 - 2010-05-11 18:11 - 01803112 _____ (Atheros Communications, Inc.) C:\Windows\system32\athr.sys
2014-09-25 13:36 - 2010-05-08 15:05 - 00054468 _____ () C:\Windows\system32\athrext.cat
2014-09-25 12:50 - 2014-09-25 12:50 - 00000000 ____D () C:\Users\b\AppData\Local\Xara
2014-09-25 12:50 - 2014-09-25 12:50 - 00000000 ____D () C:\ProgramData\MAGIX
2014-09-25 12:47 - 2014-09-25 12:47 - 00001012 _____ () C:\Users\Public\Desktop\Xara 3D Maker 7.lnk
2014-09-25 12:47 - 2014-09-25 12:47 - 00000000 ____D () C:\ProgramData\Xara
2014-09-25 12:47 - 2014-09-25 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xara
2014-09-25 12:47 - 2014-09-25 12:47 - 00000000 ____D () C:\Program Files\Xara
2014-09-25 12:47 - 2014-09-25 12:47 - 00000000 ____D () C:\Program Files\Common Files\Xara Services
2014-09-25 10:38 - 2014-09-25 10:38 - 00000024 _____ () C:\Windows\system32\DKRNL.JAX
2014-09-25 10:38 - 2014-09-25 10:38 - 00000000 ____D () C:\Users\b\Documents\Corel MotionStudio 3D
2014-09-25 10:33 - 2014-09-25 10:33 - 00001015 _____ () C:\Users\Public\Desktop\Corel Motion Studio 3D.lnk
2014-09-25 10:33 - 2014-09-25 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel MotionStudio 3D
2014-09-25 10:31 - 2014-09-29 13:40 - 00154176 _____ () C:\Windows\DirectX.log
2014-09-25 10:28 - 2014-09-25 10:34 - 00000000 ____D () C:\Windows\msdownld.tmp
2014-09-25 10:28 - 2014-09-25 10:28 - 00002409 _____ () C:\Users\Public\Desktop\Corel DVD MovieFactory 7 Launcher.lnk
2014-09-25 10:28 - 2014-09-25 10:28 - 00000000 ____D () C:\Windows\RegisteredPackages
2014-09-25 10:28 - 2014-09-25 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
2014-09-25 10:28 - 2014-09-25 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel DVD MovieFactory 7
2014-09-25 10:28 - 2014-09-25 10:28 - 00000000 ____D () C:\ProgramData\InterVideo
2014-09-25 10:28 - 2008-05-05 17:00 - 00209040 _____ () C:\Windows\system32\IVIresizeW7.dll
2014-09-25 10:28 - 2008-05-05 17:00 - 00204944 _____ () C:\Windows\system32\IVIresizeA6.dll
2014-09-25 10:28 - 2008-05-05 17:00 - 00196752 _____ () C:\Windows\system32\IVIresizeP6.dll
2014-09-25 10:28 - 2008-05-05 17:00 - 00196752 _____ () C:\Windows\system32\IVIresizeM6.dll
2014-09-25 10:28 - 2008-05-05 17:00 - 00192656 _____ () C:\Windows\system32\IVIresizePX.dll
2014-09-25 10:28 - 2008-05-05 17:00 - 00024720 _____ () C:\Windows\system32\IVIresize.dll
2014-09-25 10:26 - 2014-09-29 16:49 - 00000000 ____D () C:\ProgramData\Ulead Systems
2014-09-25 10:26 - 2014-09-29 16:49 - 00000000 ____D () C:\Program Files\Common Files\Ulead Systems
2014-09-25 08:33 - 2014-09-25 08:36 - 86456696 _____ (WonderShare Software ) C:\Users\b\Desktop\dsb_resources.exe
2014-09-25 08:33 - 2014-09-25 08:34 - 41411064 _____ (Wondershare ) C:\Users\b\Desktop\dvd-creator_full619.exe
2014-09-25 08:32 - 2014-09-25 08:32 - 00745248 _____ (Wondershare) C:\Users\b\Desktop\dsb_deluxe_setup_full18.exe
2014-09-25 07:00 - 2014-09-25 07:00 - 00002181 _____ () C:\Users\b\Desktop\Tweaking.com - Registry Backup.lnk
2014-09-25 07:00 - 2014-09-25 07:00 - 00000000 ____D () C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-09-25 07:00 - 2014-09-25 07:00 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-09-25 03:54 - 2014-10-10 19:36 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-24 17:28 - 2014-10-10 19:14 - 00000000 ____D () C:\Windows\Minidump
2014-09-24 15:40 - 2014-09-24 15:40 - 00000000 ____D () C:\Users\b\SimpleJavaYoutubeUploader
2014-09-24 11:06 - 2014-09-24 11:06 - 07333766 _____ () C:\Users\b\Documents\دعس تركي على يد ازعر غزة_(360p).mp4
2014-09-24 07:42 - 2014-09-24 09:37 - 00025680 _____ () C:\Users\b\Desktop\Untitled.vf
2014-09-24 07:42 - 2014-09-24 07:42 - 00025440 _____ () C:\Users\b\Desktop\Untitled.vf.bak
2014-09-24 06:23 - 2014-09-24 06:23 - 04777761 _____ () C:\Users\b\Documents\Min Lama Re7ti - راب لبناني - من لمّا رحتي_(360p).mp4
2014-09-24 06:14 - 2014-09-24 06:14 - 07090602 _____ () C:\Users\b\Documents\راب سوري رائع جداً_(360p).mp4
2014-09-24 06:07 - 2014-09-24 06:07 - 09543063 _____ () C:\Users\b\Documents\راب اجنبي نار_(360p).mp4
2014-09-24 06:06 - 2014-09-24 06:06 - 20005374 _____ () C:\Users\b\Documents\NIMA   PSY   =======   من افضل اغاني الراب العربي_(360p).mp4
2014-09-24 05:54 - 2014-09-24 05:55 - 13282932 _____ () C:\Users\b\Documents\رداً على كل مخلوق يشتم سوريا __ مطلوب راسك __ اسماعيل تمر 2013_(new)_(360p).mp4
2014-09-24 05:46 - 2014-09-24 05:46 - 19935692 _____ () C:\Users\b\Documents\MC Amin, Sphinx - Gamed Fash5, جامد فشخ_(360p).mp4
2014-09-24 05:39 - 2014-09-24 05:40 - 04390668 _____ () C:\Users\b\Documents\Basbous - King of Rap Lebanese rap_(360p).mp4
2014-09-24 05:08 - 2014-09-24 05:08 - 08543177 _____ () C:\Users\b\Documents\راب ايجى سكول اسمع_(360p).mp4
2014-09-24 04:42 - 2014-09-24 04:42 - 09315753 _____ () C:\Users\b\Documents\راب رعب غناء همام وعمر العراقي وتصميم مستر سوات_(360p).mp4
2014-09-24 04:30 - 2014-09-24 04:30 - 08805044 _____ () C:\Users\b\Documents\عيال الجحيم خرفان العيد_(360p).mp4
2014-09-24 02:56 - 2014-09-10 00:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 17:42 - 2010-02-11 10:10 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-09-23 10:52 - 2014-09-23 10:53 - 08834912 _____ () C:\Users\b\Documents\Legacy 9 feat. Celph Titled - Hitmen_(360p).mp4
2014-09-23 10:48 - 2014-09-23 10:48 - 19423709 _____ () C:\Users\b\Documents\BIg Tymers Oh Yeah_(360p).mp4
2014-09-23 10:36 - 2014-09-23 10:36 - 03843807 _____ () C:\Users\b\Documents\Bekay- I Am (Prod. The Alchemist)_(360p).mp4
2014-09-22 22:04 - 2014-09-22 22:04 - 00208888 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKELL.sys
2014-09-21 17:04 - 2014-09-21 17:04 - 07922659 _____ () C:\Users\b\Documents\Bekay - Skemers (feat. Wordsworth)_(360p).mp4
2014-09-21 17:00 - 2014-09-21 17:00 - 10373087 _____ () C:\Users\b\Documents\Apathy - Public Execution [Demigodz Mix] (feat. Celph Titled & Esoteric) Demigodz Mix_(360p).mp4
2014-09-21 16:58 - 2014-09-21 16:58 - 03290111 _____ () C:\Users\b\Documents\Apathy & Celph Titled - Breeze Block Freestyle_(360p).mp4
2014-09-21 16:50 - 2014-09-21 16:51 - 13340699 _____ () C:\Users\b\Documents\Goondox (PMD, Sean Strange & Snowgoons) - Welcome To The Goondox_(360p).mp4
2014-09-21 16:42 - 2014-09-21 16:42 - 19967639 _____ () C:\Users\b\Documents\NECRO x DMC - MURDA YALL ft. Emilush & Caustic - OFFICIAL VIDEO (Kool G Rap cameo)_(360p).mp4
2014-09-21 16:38 - 2014-09-21 16:38 - 13813955 _____ () C:\Users\b\Documents\NECRO - THE KINK PANTHER OFFICIAL VIDEO (DIE! album)_(360p).mp4
2014-09-21 16:37 - 2014-09-21 16:37 - 02987157 _____ () C:\Users\b\Documents\Necro - Murder your Life_(360p).mp4
2014-09-21 16:34 - 2014-09-21 16:35 - 09908580 _____ () C:\Users\b\Documents\Necro - bang bang_(360p).mp4
2014-09-21 16:30 - 2014-09-21 16:30 - 16658482 _____ () C:\Users\b\Documents\Akir ft. Immortal Technique - Treason (Explicit) [HD]_(360p).mp4
2014-09-21 16:21 - 2014-09-21 16:21 - 10277514 _____ () C:\Users\b\Documents\Idle No More - Warriors by Blu ft. Knowledge & Da Okema (2013)_(360p).mp4
2014-09-21 14:30 - 2014-09-21 14:30 - 00005020 _____ () C:\ProgramData\hvcatrnw.tht
2014-09-21 14:30 - 2014-09-21 14:30 - 00000000 ____D () C:\Users\b\AppData\Roaming\Leawo
2014-09-21 14:28 - 2014-09-21 14:28 - 00002689 _____ () C:\Users\Public\Desktop\Leawo Video Editor.lnk
2014-09-21 14:25 - 2014-09-21 14:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leawo
2014-09-21 14:25 - 2014-09-21 14:25 - 00000000 ____D () C:\Program Files\Leawo
2014-09-21 14:11 - 2014-09-21 14:12 - 19404677 _____ () C:\Users\b\Documents\STRAIGHT G - JAY NORTHSIDE FT PRADA WEST & KRYPLE_(360p).mp4
2014-09-21 14:08 - 2014-09-21 14:10 - 21985494 _____ () C:\Users\b\Documents\Hustle All Day H-Town ft S.I.D Prod. by Darkone Beats (OFFICIAL VIDEO)_(360p).mp4
2014-09-21 13:57 - 2014-09-21 13:57 - 09851255 _____ () C:\Users\b\Documents\PRADA WEST - Cold World - (OFFICIAL VIDEO) - 2012_(360p).mp4
2014-09-20 13:27 - 2014-09-20 13:32 - 96404695 _____ () C:\Users\b\Documents\Swamp Thing - Creature Feature_(360p).mp4
2014-09-19 07:53 - 2014-09-19 07:53 - 00003584 _____ () C:\Users\b\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-19 07:53 - 2014-09-19 07:53 - 00000000 ____D () C:\Users\b\Documents\Any Video Editor
2014-09-19 07:53 - 2014-09-19 07:53 - 00000000 ____D () C:\Users\b\AppData\Roaming\Any Video Editor
2014-09-19 07:12 - 2014-09-19 07:57 - 00000000 ____D () C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnvSoft
2014-09-19 07:12 - 2014-09-19 07:12 - 00000000 ____D () C:\Program Files\AnvSoft
2014-09-19 03:56 - 2014-09-19 03:59 - 04337206 _____ () C:\kavremvr 2014-09-19 03-56-53 (pid 6548).log
2014-09-19 03:56 - 2014-09-19 03:56 - 07203008 _____ (Kaspersky Lab ZAO) C:\kavremover.exe
2014-09-18 16:00 - 2014-09-18 16:00 - 00262148 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-09-18 10:01 - 2014-09-18 10:01 - 05587199 _____ () C:\Users\b\Documents\Sabac - Speak Militant Ft. DJ Eclipse_(360p).mp4
2014-09-18 09:09 - 2014-09-18 09:10 - 14187795 _____ () C:\Users\b\Documents\East Coast Avengers _ Kill Bill O'Reilly [OFFICIAL MUSIC VIDEO]_(360p).mp4
2014-09-18 09:05 - 2014-09-18 09:05 - 09280639 _____ () C:\Users\b\Documents\East Coast Avengers-Shadow Of A Man_(360p).mp4
2014-09-18 07:24 - 2014-09-18 07:24 - 00000000 ____D () C:\Users\b\AppData\Local\TechSmith
2014-09-18 07:17 - 2014-09-18 07:17 - 00000000 ____D () C:\Users\b\AppData\Roaming\TechSmith
2014-09-18 07:16 - 2014-09-18 07:16 - 00000000 ____D () C:\Users\b\Documents\Camtasia Studio
2014-09-18 07:15 - 2014-09-18 07:15 - 00001126 _____ () C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2014-09-18 07:15 - 2014-09-18 07:15 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2014-09-18 07:15 - 2014-09-18 07:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2014-09-18 07:15 - 2014-09-18 07:15 - 00000000 ____D () C:\Program Files\Common Files\TechSmith Shared
2014-09-18 07:14 - 2014-09-18 07:14 - 00000000 ____D () C:\ProgramData\TechSmith
2014-09-18 07:14 - 2014-09-18 07:14 - 00000000 ____D () C:\Program Files\TechSmith
2014-09-18 07:11 - 2014-09-25 13:50 - 00000000 ____D () C:\Users\b\AppData\Local\Nero
2014-09-18 07:10 - 2014-09-18 07:10 - 00000000 ____D () C:\Users\b\Documents\NeroVideo
2014-09-17 16:57 - 2014-09-18 07:11 - 00000000 ____D () C:\Users\b\AppData\Roaming\Nero
2014-09-17 16:53 - 2014-09-17 16:53 - 00002889 _____ () C:\Users\Public\Desktop\Nero 2014.lnk
2014-09-17 16:47 - 2014-10-11 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-09-17 16:47 - 2014-10-02 17:22 - 00000000 ____D () C:\Program Files\Common Files\Nero
2014-09-17 16:47 - 2014-09-25 08:04 - 00000000 ____D () C:\Program Files\Nero
2014-09-17 16:46 - 2014-09-18 07:10 - 00000000 ____D () C:\ProgramData\Nero
2014-09-17 15:30 - 2014-09-17 15:30 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-09-17 12:57 - 2014-09-17 12:57 - 00000000 ____D () C:\Users\b\AppData\Local\Avg2014
2014-09-17 12:55 - 2014-10-11 01:51 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-09-17 12:55 - 2014-09-17 12:55 - 00000000 ____D () C:\Users\b\AppData\Roaming\TuneUp Software
2014-09-17 12:55 - 2014-09-17 12:55 - 00000000 ____D () C:\Users\b\AppData\Local\TuneUp Software
2014-09-17 12:53 - 2014-09-18 08:07 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-17 12:53 - 2014-09-17 12:56 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-09-17 11:48 - 2012-12-06 22:11 - 00163719 _____ () C:\Users\b\Desktop\Lz0.rar
2014-09-17 11:48 - 2012-12-06 22:11 - 00000000 ____D () C:\Users\b\Desktop\Lz0
2014-09-17 11:45 - 2014-09-17 11:45 - 00000000 ____D () C:\Users\b\AppData\Local\DDMSettings
2014-09-17 11:40 - 2014-09-17 11:40 - 00001543 _____ () C:\Users\b\Desktop\DivX Movies.lnk
2014-09-17 11:40 - 2014-09-17 11:40 - 00001032 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2014-09-17 11:39 - 2014-09-17 11:56 - 00000000 ____D () C:\Users\b\AppData\Roaming\DivX
2014-09-17 11:39 - 2014-09-17 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-09-17 11:39 - 2014-09-17 11:39 - 00001097 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-09-17 11:38 - 2014-09-17 11:40 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-09-17 11:36 - 2014-09-17 11:40 - 00000000 ____D () C:\Program Files\DivX
2014-09-17 11:34 - 2014-09-17 11:40 - 00000000 ____D () C:\ProgramData\DivX
2014-09-17 02:30 - 2014-09-17 02:30 - 00003065 _____ () C:\Users\b\Desktop\Connectivity Fixer.lnk
2014-09-17 02:30 - 2014-09-17 02:30 - 00000000 ____D () C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Badosoft
2014-09-17 02:30 - 2014-09-17 02:30 - 00000000 ____D () C:\Program Files\Badosoft
2014-09-16 16:14 - 2014-09-16 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alarm Clock Pro
2014-09-16 16:14 - 2014-09-16 16:14 - 00000000 ____D () C:\Program Files\Koingo Software, Inc
2014-09-16 12:45 - 2014-09-16 12:45 - 00000000 ____D () C:\Users\b\AppData\Local\Restore_Point_Creator
2014-09-16 12:44 - 2014-10-11 15:51 - 00000000 ____D () C:\Program Files\Restore Point Creator
2014-09-16 12:44 - 2014-09-16 12:44 - 00001121 _____ () C:\Users\Public\Desktop\Restore Point Creator.lnk
2014-09-16 12:44 - 2014-09-16 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restore Point Creator
2014-09-16 11:37 - 2014-09-16 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-16 11:37 - 2014-09-16 11:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-16 09:26 - 2014-09-16 09:26 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-09-16 09:26 - 2014-09-16 09:26 - 00000385 _____ () C:\Users\b\AppData\Roaminguser_gensett.xml
2014-09-16 06:01 - 2014-09-16 06:01 - 00000000 ____D () C:\ProgramData\BDLogging
2014-09-16 06:01 - 2014-09-16 06:01 - 00000000 _____ () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-09-16 06:01 - 2013-11-04 15:47 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll
2014-09-16 06:01 - 2013-11-04 15:46 - 00027168 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll
2014-09-16 06:01 - 2009-07-14 23:27 - 01461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-09-16 06:01 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2014-09-16 05:52 - 2014-09-29 08:51 - 00000000 ____D () C:\Program Files\Bitdefender
2014-09-16 05:51 - 2014-10-10 23:49 - 00000000 ____D () C:\Users\b\AppData\Roaming\QuickScan
2014-09-16 05:50 - 2014-09-29 08:41 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-09-15 09:10 - 2014-10-10 18:57 - 00000000 ____D () C:\Users\b\Desktop\Old Firefox Data
2014-09-14 04:44 - 2014-10-10 16:47 - 00000768 _____ () C:\Windows\system32\Drivers\etc\hosts.bak
2014-09-14 04:08 - 2014-09-14 04:08 - 03060320 _____ (Symantec Corporation) C:\Users\b\Desktop\NPE.exe
2014-09-14 04:06 - 2014-09-14 04:06 - 00014304 _____ () C:\ProgramData\Duplicaterecord.js
2014-09-14 04:04 - 2014-09-14 04:04 - 00000000 ____D () C:\SUPERDelete
2014-09-14 04:01 - 2014-09-14 04:10 - 00000000 ____D () C:\CCE_Quarantine
2014-09-13 05:59 - 2014-09-13 05:59 - 00000000 ____D () C:\Users\b\Desktop\Corel Auto-Preserve
2014-09-13 05:21 - 2014-09-13 05:21 - 00000921 _____ () C:\Users\b\Desktop\PhoXo.lnk
2014-09-13 05:21 - 2014-09-13 05:21 - 00000000 ____D () C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhoXo
2014-09-13 05:20 - 2014-10-04 23:35 - 00000000 ____D () C:\Users\b\AppData\Roaming\PhoXo
2014-09-13 05:13 - 2014-09-13 05:13 - 04797297 _____ () C:\Users\b\Desktop\phoxo.zip
2014-09-12 01:19 - 2014-09-12 01:19 - 00000000 ____D () C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-09-12 01:18 - 2014-09-12 01:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-09-12 01:18 - 2014-09-12 01:18 - 00001159 _____ () C:\Users\b\Desktop\AVS Video Editor.lnk
2014-09-12 00:04 - 2014-09-12 00:31 - 108325135 _____ (Online Media Technologies Ltd. ) C:\Users\b\Desktop\AVSVideoEditor.exe.qstgu2r.partial
2014-09-11 22:49 - 2014-09-11 22:49 - 00001279 _____ () C:\Users\Public\Desktop\ACDSee Video Studio.lnk
2014-09-11 05:38 - 2014-09-11 05:38 - 00000000 ____D () C:\مجلد جديد ‫‬
2014-09-11 00:11 - 2014-09-13 05:03 - 00000000 ____D () C:\Users\b\Desktop\مجلد جديد

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-11 20:02 - 2014-09-06 08:18 - 00644430 _____ () C:\Windows\system32\perfh01F.dat
2014-10-11 20:02 - 2014-09-06 08:18 - 00135812 _____ () C:\Windows\system32\perfc01F.dat
2014-10-11 20:02 - 2014-09-01 14:37 - 00000000 ____D () C:\Users\b\Desktop\Tweaking.com - Windows Repair
2014-10-11 20:02 - 2010-11-21 00:01 - 02941380 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-11 19:59 - 2014-09-01 00:34 - 01533492 _____ () C:\Windows\WindowsUpdate.log
2014-10-11 19:58 - 2014-09-01 04:25 - 00000872 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-11 19:57 - 2010-11-21 00:48 - 00374016 _____ () C:\Windows\PFRO.log
2014-10-11 19:57 - 2009-07-14 07:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-11 19:56 - 2009-07-14 07:34 - 00040768 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-11 19:56 - 2009-07-14 07:34 - 00040768 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-11 19:52 - 2014-09-01 20:15 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-11 19:47 - 2014-09-01 20:17 - 00000000 ____D () C:\Program Files\UVK - Ultra Virus Killer
2014-10-11 19:43 - 2014-09-01 00:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-11 19:30 - 2014-09-01 04:25 - 00000876 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-11 15:00 - 2014-09-01 01:39 - 00000000 ____D () C:\Users\b\Documents\CaptureWiz
2014-10-11 13:55 - 2011-04-12 05:24 - 00000000 ____D () C:\Windows\CSC
2014-10-11 13:34 - 2009-07-14 05:04 - 00000768 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_423
2014-10-11 13:23 - 2014-09-08 13:35 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-10-11 13:22 - 2014-09-01 01:35 - 00000000 ____D () C:\ProgramData\spotflux
2014-10-11 13:22 - 2014-09-01 01:35 - 00000000 ____D () C:\Program Files\Spotflux
2014-10-11 13:06 - 2014-09-01 00:43 - 00122696 _____ () C:\Users\b\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-11 12:18 - 2009-07-14 07:53 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-11 12:12 - 2009-07-14 07:33 - 00419840 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-11 10:53 - 2014-09-01 03:20 - 00000000 ____D () C:\Users\b\Documents\BB FlashBack Movies
2014-10-11 02:00 - 2014-09-08 00:54 - 00000000 ____D () C:\Users\b\AppData\Local\Adobe
2014-10-11 01:07 - 2014-09-01 00:36 - 00000000 ____D () C:\Users\b
2014-10-11 00:10 - 2014-09-03 16:36 - 00000000 ____D () C:\Users\b\AppData\Roaming\Youtube Downloader HD
2014-10-11 00:10 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-10-11 00:09 - 2014-09-01 01:42 - 00000000 ____D () C:\ProgramData\Real
2014-10-11 00:09 - 2011-04-12 05:24 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-10-11 00:09 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\registration
2014-10-10 22:47 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-10-10 17:20 - 2014-09-05 20:10 - 00000000 ____D () C:\Users\b\AppData\Roaming\Sony
2014-10-10 17:20 - 2014-09-03 00:03 - 00000000 ____D () C:\Users\b\AppData\Local\Downloaded Installations
2014-10-10 17:06 - 2014-09-06 02:52 - 00000000 ____D () C:\Qoobox
2014-10-10 16:26 - 2014-09-08 14:14 - 00000000 ____D () C:\AdwCleaner
2014-10-10 16:19 - 2014-09-06 10:46 - 00000000 ____D () C:\Users\b\AppData\Local\NPE
2014-10-10 14:54 - 2014-09-01 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2014-10-10 14:51 - 2014-09-06 10:48 - 00000000 ____D () C:\NPE
2014-10-09 17:05 - 2014-09-01 03:20 - 00000000 ____D () C:\Users\b\AppData\Roaming\Blueberry
2014-10-08 14:45 - 2014-09-01 04:26 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-06 19:45 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-06 15:50 - 2014-09-01 03:20 - 00000000 ____D () C:\Program Files\Common Files\Blueberry Software
2014-10-06 13:18 - 2014-09-06 02:52 - 00000000 ____D () C:\Windows\erdnt
2014-10-06 10:46 - 2014-09-07 00:44 - 00011781 ___SH () C:\Users\b\AppData\Local\win_flfiles_sys.dat
2014-10-06 10:46 - 2014-09-07 00:44 - 00003465 ___SH () C:\Users\b\AppData\Local\win_stlthdb_sys.dat
2014-10-06 01:52 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-04 23:34 - 2014-09-03 16:36 - 00000000 ____D () C:\Program Files\Youtube Downloader HD
2014-10-04 20:33 - 2014-09-01 01:53 - 00000000 ____D () C:\Users\b\AppData\Local\CrashDumps
2014-10-04 16:20 - 2009-07-14 05:04 - 00000215 _____ () C:\Windows\system.ini
2014-10-03 19:37 - 2014-09-05 20:15 - 00000000 ____D () C:\Users\b\Documents\Movie Studio Platinum 13.0 Projects
2014-10-01 16:01 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\rescache
2014-10-01 06:31 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\Speech
2014-09-30 17:08 - 2014-09-09 04:57 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-09-30 17:08 - 2014-09-09 04:53 - 00000000 ____D () C:\Program Files\Baidu Security
2014-09-29 16:58 - 2014-09-01 00:40 - 00000000 ____D () C:\Program Files\InstallShield Installation Information
2014-09-29 16:51 - 2009-07-14 05:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-29 16:49 - 2014-09-01 01:00 - 00000000 ____D () C:\Program Files\Corel
2014-09-29 15:59 - 2014-09-05 20:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-09-29 15:59 - 2014-09-05 20:12 - 00000000 ____D () C:\Program Files\Sony
2014-09-29 13:54 - 2014-09-03 00:08 - 00000000 ____D () C:\Users\b\AppData\Roaming\ACD Systems
2014-09-29 13:54 - 2014-09-03 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2014-09-29 13:53 - 2014-09-03 00:04 - 00000000 ____D () C:\Program Files\ACD Systems
2014-09-29 13:44 - 2014-09-03 00:08 - 00000000 ____D () C:\Users\b\AppData\Local\ACD Systems
2014-09-29 13:40 - 2014-09-03 00:04 - 00000000 ____D () C:\Program Files\Common Files\ACD Systems
2014-09-27 11:00 - 2014-09-01 01:02 - 00000000 ____D () C:\ProgramData\Protexis
2014-09-27 10:58 - 2014-09-01 01:02 - 00000000 ____D () C:\Users\b\AppData\Roaming\Corel
2014-09-27 10:55 - 2014-09-01 01:00 - 00000000 ____D () C:\ProgramData\Corel
2014-09-27 09:05 - 2014-09-01 01:10 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-27 07:14 - 2014-09-05 20:12 - 00000000 ____D () C:\Users\b\AppData\Local\Sony
2014-09-27 07:04 - 2014-09-05 20:12 - 00000000 ____D () C:\ProgramData\Sony
2014-09-27 04:54 - 2014-09-01 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-09-26 08:23 - 2014-09-01 01:02 - 00000000 ____D () C:\Users\b\AppData\Roaming\Ulead Systems
2014-09-26 08:17 - 2014-09-06 02:11 - 00000000 ____D () C:\Users\b\AppData\Local\Cyberlink
2014-09-26 08:03 - 2014-09-06 00:16 - 00000000 ____D () C:\Program Files\CyberLink
2014-09-26 08:02 - 2014-09-06 00:15 - 00000000 ____D () C:\ProgramData\install_clap
2014-09-26 06:26 - 2014-09-01 20:00 - 00000000 ____D () C:\Users\Public\Documents\Wondershare
2014-09-25 14:15 - 2014-09-01 00:39 - 00000000 ____D () C:\Program Files\Broadcom
2014-09-25 13:40 - 2014-09-01 00:41 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-09-25 13:39 - 2014-09-01 00:41 - 00000000 ____D () C:\Program Files\Intel
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\th-TH
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\it-IT
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\he-IL
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\et-EE
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-09-25 13:38 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-09-25 13:37 - 2014-09-01 00:39 - 00006656 _____ () C:\Windows\system32\bcmwlrc.dll
2014-09-25 12:50 - 2014-09-05 22:34 - 00000000 ____D () C:\Users\b\AppData\Roaming\MAGIX
2014-09-25 10:28 - 2014-09-01 00:40 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-09-25 08:27 - 2014-09-01 01:16 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack
2014-09-24 16:32 - 2014-09-01 19:59 - 00000000 ____D () C:\Users\b\Documents\Wondershare DVD Slideshow Builder Deluxe
2014-09-24 03:43 - 2014-09-01 00:57 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-24 03:43 - 2014-09-01 00:57 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-20 10:04 - 2009-07-14 05:03 - 50855936 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-09-20 10:04 - 2009-07-14 05:03 - 17563648 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-09-20 10:04 - 2009-07-14 05:03 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-09-20 10:04 - 2009-07-14 05:03 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-09-20 10:04 - 2009-07-14 05:03 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-09-18 08:06 - 2014-09-01 01:35 - 00000000 ____D () C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-17 16:55 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\Cursors
2014-09-17 07:37 - 2014-09-01 03:26 - 00000000 ____D () C:\ProgramData\Blueberry
2014-09-17 07:31 - 2014-09-01 03:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blueberry Software
2014-09-17 07:31 - 2014-09-01 03:20 - 00000000 ____D () C:\Program Files\Blueberry Software
2014-09-17 07:31 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\Help
2014-09-15 09:06 - 2014-09-01 01:05 - 00231568 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-14 04:10 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\IME
2014-09-14 04:06 - 2014-09-09 04:58 - 00000000 ____D () C:\Users\b\AppData\Roaming\Baidu Security
2014-09-14 04:06 - 2014-09-09 04:53 - 00000000 ____D () C:\ProgramData\Baidu Security
2014-09-14 03:36 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Public
2014-09-13 10:51 - 2014-09-04 18:16 - 00000000 ____D () C:\Program Files\PhoXo
2014-09-12 01:19 - 2014-09-09 04:40 - 00000000 ____D () C:\Program Files\Common Files\AVSMedia
2014-09-12 01:19 - 2014-09-09 04:40 - 00000000 ____D () C:\Program Files\AVS4YOU
2014-09-11 20:34 - 2014-09-09 04:58 - 00000000 ____D () C:\Users\b\AppData\Local\29001

Files to move or delete:
====================
C:\ProgramData\Duplicaterecord.js
C:\ProgramData\whlb32g.dll
C:\ProgramData\whlpusp32.dll


Some content of TEMP:
====================
C:\Users\b\AppData\Local\temp\bassmod.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-08 23:32

==================== End Of Log ============================

Link to post
Share on other sites
Naathim

Naathim

Posted
Posted

Hi and I'm sorry for the delay, I had a terribly rushed Sunday and wasnt able to re'spond timely.
My next step would be to get ridd of all security programs you have thrown on your machine. I will delete any remnants and later we will try to restore permissions.

I still see some remnants of SpyEmergency in your logfile. Is it really uninstalled?

remove%20outdated.jpg Uninstall some programs

We need to uninstall some programs.

  • Press the WindowsKey.png + R on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search there for each entry mentioned below, right-click the entry and click Uninstall one at a time

The list of programs to uninstall:

  • Spy Emergency
  • ESET Online Scanner

After completing uninstalls, please manually reboot your machine!


After that


51a5d669693dd-icon_OTL.png Scan with OTL

Please download OTL by OldTimer and save the file to your desktop.

  • Right-click on 51a5d669693dd-icon_OTL.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Make sure that Scan All Users, LOP check and Purity check are ticked.
  • For 64-bit systems only - make sure that Include 64-bit option is also ticked.
  • Sections Processes, Modules, Services, Drivers, Standard Registry are set to Use Safelist.
  • Section Extra Registry is also set to Use Safelist.
  • Under the Custom Scans/Fixes bar in the box paste in the following:
    BASESERVICEScreaterestorepointdrivers32/md5startrpcss.dll/md5stop
  • Push Run Scan and wait patiently.
  • Two notepad windows will be opened after this run: OTL.txt (maximized) and Extras.txt (minimized).

Please include the content of both logfiles in your next reply.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.