Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan that no one has seen before


  • This topic is locked This topic is locked
11 replies to this topic

#1 Mrpartyalien

Mrpartyalien

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 22 February 2014 - 09:41 AM

So 3 days ago i downloaded a program wich seemed to be completely harmless i regret the decision i have made. This "thing" is killing my compiuter. A few symptoms:couldn't start my antivirus program(windows essentials), can't remove any programs, trying to do ANYTHING just pops up this error access denied (something about administrator rights). The things i tried:

 

  • Using Hitmanpro. It found a trojan called Microsoft.com. It failed to delete it.
  • Then tried using Malwarebytes program. Installed it but i couldn't run it.
  • Then tried using SUPERAntiSpyware Professional but didn't seem to work either.
  • Tried runing in safe mode(with comand promt) used the rstrui.exe command to do a system restore couldn't start system restore.
  • Tried different antivirus programs but could install any of them and i couldn't uninstall windows essentials but then somehow i deleted it piece by piece
  • Was thinking of running Combofix but after reading some forums i realised i shouldn't do it because i don't know how to deal with these trojan thingies.

​​So could somebody help me or put me in the right direction?


Edited by Mrpartyalien, 22 February 2014 - 09:43 AM.


BC AdBot (Login to Remove)

 


m

#2 Mrpartyalien

Mrpartyalien
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 22 February 2014 - 02:08 PM

And... my skype just disappeared :smash:



#3 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 22 February 2014 - 02:14 PM

Hi there,

can you run a FRST scan?


Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#4 Mrpartyalien

Mrpartyalien
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 22 February 2014 - 04:40 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-02-2014 01

Ran by Admin (administrator) on ADMIN-PC on 23-02-2014 00:35:30
Running from C:\Users\Admin\Downloads
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(SUPERAntiSpyware.com) D:\Program Files\ANTIVIRUSINE\SASCORE.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(HP) C:\Windows\system32\HPSIsvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(„Google Inc.“) C:\Program Files\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\mmc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [280576 2014-01-22] (Microsoft Corporation)
HKU\.DEFAULT\...\CurrentVersion\Windows: [Load] C:\Windows\system32\Microsoft.com <===== ATTENTION
HKU\S-1-5-19\...\CurrentVersion\Windows: [Load] C:\ProgramData\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-1674969235-1419107709-3905328805-1001\...\CurrentVersion\Windows: [Load] C:\ProgramData\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-1674969235-1419107709-3905328805-1001\...\MountPoints2: {8305c4d7-8819-11e3-91ea-001d7de7adda} - F:\setup.exe
HKU\S-1-5-21-1674969235-1419107709-3905328805-1001\...\Winlogon: [Shell] "C:\ProgramData\Windows Services\wservice.exe",explorer.exe,"C:\Users\Admin\Documents\Google.com" <==== ATTENTION 
IFEO\NisSrv.exe: [Debugger] C:\Windows\system32\Microsoft.com
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=U223
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x07FF00547C17CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://filmai.in/
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll No File
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll No File
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll No File
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Program Files\ANTIVIRUSINE\SASSEH.DLL No File [ ]
Tcpip\..\Interfaces\{63766C18-6BD2-44E5-9A4D-B85469E85A96}: [NameServer]8.8.8.8,4.4.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3cuql7kv.default
FF Homepage: hxxp://filmai.in/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/Lync,version=15.0 - C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 - D:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
 
Chrome: 
=======
CHR HomePage: hxxp://www.searchnu.com/406
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll No File
CHR Extension: („Google“ dokumentai) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-21]
CHR Extension: („Google“ diskas ) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-21]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-21]
CHR Extension: („Google“ paieška) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-21]
CHR Extension: (Skype Click to Call) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-01]
CHR Extension: („Google“ piniginė) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-21]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-21]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
 
========================== Services (Whitelisted) =================
 
R2 !SASCORE; D:\Program Files\ANTIVIRUSINE\SASCORE.EXE [120088 2013-10-11] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-04-29] (Advanced Micro Devices, Inc.)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64112 2014-01-16] (CyberGhost S.R.L)
S2 gupdate; C:\Program Files\Google\Update\GoogleUpdate.exe [116648 2014-01-21] („Google Inc.“)
S3 gupdatem; C:\Program Files\Google\Update\GoogleUpdate.exe [116648 2014-01-21] („Google Inc.“)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [10752 2009-07-14] („Microsoft Corporation“)
S2 HitmanPro37CrusaderBoot; "C:\Program Files\HitmanPro\HitmanPro.exe" /crusader:boot [X]
 
==================== Drivers (Whitelisted) ====================
 
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-01-29] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [159776 2009-06-24] (Realtek Semiconductor Corp.)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R4 hitmanpro37; \??\C:\Windows\system32\drivers\hitmanpro37.sys [X]
S1 SASDIFSV; \??\D:\Program Files\ANTIVIRUSINE\SASDIFSV.SYS [X]
S1 SASKUTIL; \??\D:\Program Files\ANTIVIRUSINE\SASKUTIL.SYS [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-23 00:35 - 2014-02-23 00:35 - 00011379 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-02-23 00:35 - 2014-02-23 00:35 - 00000000 ____D () C:\FRST
2014-02-23 00:34 - 2014-02-23 00:34 - 01142784 _____ (Farbar) C:\Users\Admin\Downloads\FRST.exe
2014-02-23 00:28 - 2014-02-23 00:29 - 05183886 _____ (Swearware) C:\Users\Admin\Downloads\ComboFix.exe
2014-02-23 00:17 - 2014-02-23 00:18 - 11161936 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\mseinstall (1).exe
2014-02-23 00:00 - 2014-02-23 00:00 - 00126083 _____ () C:\Users\Admin\Downloads\runassystem.zip
2014-02-22 23:55 - 2014-01-29 07:23 - 00227520 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\psping.exe
2014-02-22 23:55 - 2013-10-22 07:59 - 00387776 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\PsExec.exe
2014-02-22 23:55 - 2012-10-17 17:28 - 00171608 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\pspasswd.exe
2014-02-22 23:55 - 2012-10-01 08:23 - 00066582 _____ () C:\Windows\system32\Pstools.chm
2014-02-22 23:55 - 2012-06-21 22:34 - 00468592 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\pskill.exe
2014-02-22 23:55 - 2012-03-22 14:53 - 00232232 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\pslist.exe
2014-02-22 23:55 - 2010-04-27 10:04 - 00390520 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\PsInfo.exe
2014-02-22 23:55 - 2010-04-27 10:04 - 00333176 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\PsGetsid.exe
2014-02-22 23:55 - 2010-04-27 10:04 - 00183160 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\PsLoggedon.exe
2014-02-22 23:55 - 2010-04-27 10:04 - 00178040 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\psloglist.exe
2014-02-22 23:55 - 2010-04-27 10:04 - 00169848 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\PsService.exe
2014-02-22 23:55 - 2007-11-06 08:17 - 00000039 _____ () C:\Windows\system32\psversion.txt
2014-02-22 23:55 - 2006-12-04 16:53 - 00207664 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\psshutdown.exe
2014-02-22 23:55 - 2006-12-04 16:53 - 00187184 _____ (Sysinternals) C:\Windows\system32\pssuspend.exe
2014-02-22 23:55 - 2006-12-04 16:53 - 00105264 _____ (Sysinternals) C:\Windows\system32\psfile.exe
2014-02-22 23:55 - 2006-07-28 08:32 - 00007005 _____ () C:\Windows\system32\Eula.txt
2014-02-22 23:38 - 2014-02-22 23:38 - 00000000 ____D () C:\Users\Admin\Desktop\PSTools
2014-02-22 23:37 - 2014-02-22 23:38 - 01682813 _____ () C:\Users\Admin\Downloads\PSTools.zip
2014-02-22 22:33 - 2012-10-30 00:09 - 00003987 _____ () C:\Users\Admin\Downloads\index.html
2014-02-22 22:25 - 2014-02-22 22:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Malwarebytes
2014-02-22 22:24 - 2014-02-22 22:24 - 00000036 _____ () C:\Users\Admin\AppData\Local\housecall.guid.cache
2014-02-22 22:23 - 2014-02-22 23:25 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-22 22:22 - 2014-02-22 22:22 - 02049128 _____ (Trend Micro Inc.) C:\Users\Admin\Downloads\HousecallLauncher.exe
2014-02-22 22:21 - 2014-02-22 22:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-1-75-0-1300.exe
2014-02-22 20:22 - 2014-02-22 20:25 - 23556590 _____ () C:\Users\Admin\Downloads\Simtadienis.rar
2014-02-22 17:09 - 2014-02-22 17:10 - 02924736 _____ (Sysinternals - www.sysinternals.com) C:\Users\Admin\Downloads\procexp.exe
2014-02-22 16:53 - 2014-02-22 16:53 - 00000965 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-02-22 16:51 - 2014-02-22 16:54 - 00000000 ___HD () C:\AdwCleaner
2014-02-22 16:50 - 2014-02-22 16:50 - 00000000 ____D () C:\Windows\ERUNT
2014-02-21 22:20 - 2014-02-21 22:20 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-02-21 22:18 - 2014-02-21 22:18 - 00000054 _____ () C:\Users\Admin\AppData\Roaming\mbam.context.scan
2014-02-21 22:10 - 2014-02-21 22:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-21 21:52 - 2014-02-21 21:53 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-02-21 21:42 - 2014-02-21 21:42 - 00000000 ____D () C:\ProgramData\ESET
2014-02-21 20:56 - 2014-02-21 20:56 - 00000000 ____D () C:\Windows\pss
2014-02-21 17:16 - 2014-02-21 17:16 - 00000743 _____ () C:\Users\Admin\Desktop\Revo Uninstaller.lnk
2014-02-21 16:43 - 2014-02-21 16:43 - 00000000 ___HD () C:\Autoruns
2014-02-21 16:29 - 2014-02-21 16:29 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\SUPERAntiSpyware.com
2014-02-21 16:28 - 2014-02-21 21:33 - 00003100 _____ () C:\Users\Admin\Desktop\Rkill.txt
2014-02-21 16:28 - 2014-02-21 21:31 - 00000000 ____D () C:\Users\Admin\Desktop\rkill
2014-02-21 16:27 - 2014-02-21 16:32 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-02-21 16:27 - 2014-02-21 16:27 - 00000830 _____ () C:\Users\Admin\Desktop\SUPERAntiSpyware Professional.lnk
2014-02-21 15:58 - 2014-02-21 15:58 - 00000000 ____D () C:\Users\Admin\Desktop\Take_Ownership
2014-02-21 10:47 - 2014-02-21 10:47 - 00000000 ___HD () C:\Windows\Microsoft Antimalware
2014-02-21 08:00 - 2014-02-21 08:01 - 11161936 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\mseinstall.exe
2014-02-21 07:55 - 2014-02-23 00:18 - 00000936 _____ () C:\Windows\system32\.crusader
2014-02-21 07:51 - 2014-02-21 07:56 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-20 22:45 - 2014-02-22 23:20 - 00000000 __SHD () C:\Program Files\Windows Services
2014-02-20 22:44 - 2014-02-21 07:57 - 00000000 __SHD () C:\ProgramData\Windows Services
2014-02-20 22:44 - 2014-02-20 22:44 - 00000000 _____ () C:\Users\Admin\AppData\Roaming\system.ini
2014-02-20 20:45 - 2014-02-20 20:46 - 00000000 ____D () C:\Users\Admin\Desktop\muzika simtadieniui
2014-02-16 18:51 - 2014-02-16 18:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-16 16:19 - 2014-02-16 16:19 - 00000000 ____D () C:\Users\Admin\jagexcache1
2014-02-16 10:24 - 2014-02-16 10:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\EMU
2014-02-16 10:23 - 2014-02-16 10:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ttales
2014-02-14 09:44 - 2014-02-14 09:45 - 00000000 ___HD () C:\zMule
2014-02-14 09:44 - 2014-02-14 09:44 - 00002979 _____ () C:\Users\Admin\Desktop\Failu keitykla (zMule).lnk
2014-02-14 09:44 - 2014-02-14 09:44 - 00002939 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Failu keitykla (zMule).lnk
2014-02-13 23:19 - 2014-02-06 13:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 23:19 - 2014-02-06 12:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 23:19 - 2014-02-06 12:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 23:19 - 2014-02-06 12:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 23:19 - 2014-02-06 12:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 23:19 - 2014-02-06 12:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 23:19 - 2014-02-06 12:47 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 23:19 - 2014-02-06 12:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 23:19 - 2014-02-06 12:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 23:19 - 2014-02-06 12:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 23:19 - 2014-02-06 12:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 23:19 - 2014-02-06 12:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 23:19 - 2014-02-06 12:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 23:19 - 2014-02-06 12:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 23:19 - 2014-02-06 11:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 23:19 - 2014-02-06 11:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 23:19 - 2014-02-06 11:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 23:16 - 2013-12-21 11:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 22:57 - 2014-01-01 02:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 22:57 - 2013-12-06 05:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 22:57 - 2013-12-06 05:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 22:55 - 2013-12-25 02:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 22:55 - 2013-11-26 11:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-13 22:54 - 2013-12-04 05:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 22:54 - 2013-12-04 05:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 22:54 - 2013-12-04 05:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 22:54 - 2013-12-04 05:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 22:54 - 2013-12-04 05:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 22:54 - 2013-12-04 04:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 22:54 - 2013-12-04 04:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 22:54 - 2013-12-04 04:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 22:54 - 2013-12-04 04:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-09 11:21 - 2014-02-09 17:17 - 00000000 ____D () C:\Users\Admin\Documents\Telltale Games
2014-02-09 11:21 - 2014-02-09 11:21 - 00000000 ____D () C:\ProgramData\Steam
2014-02-09 11:19 - 2014-02-09 11:19 - 00000605 _____ () C:\Users\Admin\Desktop\The Wolf Among Us Episode 2.lnk
2014-02-09 11:14 - 2014-02-09 11:14 - 00000605 _____ () C:\Users\Public\Desktop\The Wolf Among Us.lnk
2014-02-07 21:47 - 2014-02-21 09:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc
2014-02-07 21:46 - 2014-02-07 21:46 - 00000630 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-06 20:26 - 2014-02-06 20:30 - 00000000 ____D () C:\Users\Admin\AppData\Local\CyberGhost
2014-02-06 20:25 - 2014-02-06 20:26 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-02-06 20:14 - 2014-02-06 20:14 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia
2014-02-06 20:06 - 2014-02-21 22:11 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-06 20:06 - 2014-02-06 20:07 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla
2014-02-06 20:06 - 2014-02-06 20:07 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla
2014-02-06 20:06 - 2014-02-06 20:06 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-06 20:06 - 2014-02-06 20:06 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-06 19:50 - 2014-02-06 19:50 - 00000000 ____D () C:\Users\Admin\jagexcache
2014-02-03 15:26 - 2014-02-03 15:26 - 00000000 ____D () C:\Users\Admin\AppData\Local\Octodad Dadliest Catch
2014-02-03 15:26 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-02-03 15:26 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-02-03 15:26 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-02-03 15:26 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-02-03 15:26 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-02-03 15:26 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-02-03 15:26 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-02-03 15:26 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-02-03 15:26 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-02-03 15:26 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-02-03 15:26 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-02-03 15:26 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-02-03 15:26 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-02-03 15:26 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-02-03 15:26 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-02-03 15:26 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-02-03 15:26 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-02-03 15:26 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-02-03 15:26 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-02-03 15:26 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-02-03 15:26 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-02-03 15:26 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-02-03 15:26 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-02-03 15:26 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-02-03 15:26 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-02-03 15:26 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-02-03 15:26 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-02-03 15:26 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-02-03 15:26 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-02-03 15:26 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-02-03 15:26 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-02-03 15:26 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-02-03 15:26 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-02-03 15:26 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-02-03 15:26 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-02-03 15:26 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-02-03 15:26 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-02-03 15:26 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-02-03 15:26 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-02-03 15:26 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-02-03 15:26 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-02-03 15:26 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-02-03 15:26 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-02-03 15:26 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-02-03 15:26 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-02-03 15:26 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-02-03 15:26 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-02-03 15:26 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-02-03 15:26 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-02-03 15:26 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-02-03 15:26 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-02-03 15:26 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-02-03 15:26 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-02-03 15:26 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-02-03 15:26 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-02-03 15:26 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-02-03 15:26 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-02-03 15:26 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-02-03 15:26 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-02-03 15:26 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-02-03 15:26 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-02-03 15:26 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-02-03 15:26 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-02-03 15:26 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-02-03 15:26 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-02-03 15:26 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-02-03 15:26 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-02-03 15:26 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-02-03 15:26 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-02-03 15:26 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-02-03 15:26 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-02-03 15:26 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-02-03 15:26 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-02-03 15:25 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-02-03 15:25 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-02-03 15:25 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-02-03 15:25 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-02-03 15:25 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-02-03 15:25 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-02-03 15:25 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-02-03 15:25 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-02-03 15:25 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-02-02 18:45 - 2014-02-02 18:45 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Unity
2014-02-01 19:50 - 2014-02-21 23:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype
2014-02-01 19:50 - 2014-02-01 19:51 - 00000000 ___RD () C:\Program Files\Skype
2014-02-01 19:50 - 2014-02-01 19:50 - 00002709 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-01 19:50 - 2014-02-01 19:50 - 00000000 ____D () C:\Users\Admin\AppData\Local\Skype
2014-02-01 19:50 - 2014-02-01 19:50 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-01 19:49 - 2014-02-01 19:51 - 00000000 ____D () C:\ProgramData\Skype
2014-02-01 14:39 - 2014-02-01 14:40 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Games
2014-02-01 12:55 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-02-01 12:55 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-02-01 12:55 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-02-01 12:55 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-02-01 12:27 - 2014-02-01 12:56 - 00000000 ____D () C:\Users\Admin\AppData\Local\TERA
2014-02-01 12:27 - 2014-02-01 12:27 - 00000523 _____ () C:\Users\Public\Desktop\TERA-Launcher.lnk
2014-01-31 22:01 - 2014-01-31 22:01 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-31 22:01 - 2014-01-31 22:01 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-31 22:01 - 2014-01-31 22:01 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-31 22:01 - 2014-01-31 22:01 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-31 22:01 - 2014-01-31 22:01 - 00000000 ___HD () C:\Program Files\Common Files\Java
2014-01-31 22:01 - 2014-01-31 22:01 - 00000000 ____D () C:\ProgramData\Sun
2014-01-31 22:01 - 2014-01-31 22:01 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-31 22:01 - 2014-01-31 22:01 - 00000000 ____D () C:\Program Files\Java
2014-01-31 14:50 - 2014-01-31 14:50 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-01-30 16:57 - 2014-01-30 16:57 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-30 16:57 - 2014-01-30 16:57 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-29 16:33 - 2014-01-29 16:33 - 00000000 ____D () C:\Users\Admin\AppData\Local\Unity
2014-01-29 10:06 - 2014-01-29 10:06 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-01-29 09:31 - 2014-01-29 09:31 - 00000000 ___HD () C:\Program Files\Common Files\DESIGNER
2014-01-29 09:28 - 2014-01-29 09:30 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-01-29 09:28 - 2014-01-29 09:28 - 00000000 ___HD () C:\Windows\PCHEALTH
2014-01-29 09:24 - 2014-01-30 17:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-29 09:24 - 2014-01-29 09:28 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-01-29 09:24 - 2014-01-29 09:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Help
2014-01-29 09:24 - 2014-01-29 09:24 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-01-29 09:23 - 2014-01-29 09:23 - 00000000 __RHD () C:\MSOCache
2014-01-29 09:22 - 2014-01-29 09:22 - 00000811 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-01-29 09:04 - 2014-01-29 09:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
2014-01-29 09:04 - 2014-01-29 09:04 - 00243128 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-01-29 09:04 - 2014-01-29 09:04 - 00000000 ____D () C:\Users\Admin\AppData\Local\Popajar
2014-01-29 09:03 - 2014-01-29 09:22 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-01-29 09:01 - 2014-02-22 23:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\rmi
2014-01-25 12:51 - 2014-01-25 12:51 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-01-25 12:51 - 2014-01-25 12:51 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canon
2014-01-25 12:50 - 2014-01-25 12:50 - 00002045 _____ () C:\Users\Public\Desktop\MP Navigator EX 2.0.lnk
2014-01-25 12:50 - 2014-01-25 12:50 - 00000000 ___HD () C:\Program Files\Canon
2014-01-25 11:58 - 2014-02-22 20:27 - 00000000 ____D () C:\Users\Admin\Desktop\Mančiaus
2014-01-24 20:35 - 2014-02-20 22:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-24 20:35 - 2014-02-05 20:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-01-24 20:35 - 2014-02-05 20:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-01-24 20:35 - 2014-01-24 20:35 - 00000000 ____D () C:\Windows\system32\Macromed
 
==================== One Month Modified Files and Folders =======
 
2014-02-23 00:35 - 2014-02-23 00:35 - 00011379 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-02-23 00:35 - 2014-02-23 00:35 - 00000000 ____D () C:\FRST
2014-02-23 00:34 - 2014-02-23 00:34 - 01142784 _____ (Farbar) C:\Users\Admin\Downloads\FRST.exe
2014-02-23 00:29 - 2014-02-23 00:28 - 05183886 _____ (Swearware) C:\Users\Admin\Downloads\ComboFix.exe
2014-02-23 00:18 - 2014-02-23 00:17 - 11161936 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\mseinstall (1).exe
2014-02-23 00:18 - 2014-02-21 07:55 - 00000936 _____ () C:\Windows\system32\.crusader
2014-02-23 00:17 - 2014-01-22 08:48 - 01573886 ____H () C:\Windows\WindowsUpdate.log
2014-02-23 00:14 - 2009-07-14 07:39 - 00027184 ____H () C:\Windows\setupact.log
2014-02-23 00:00 - 2014-02-23 00:00 - 00126083 _____ () C:\Users\Admin\Downloads\runassystem.zip
2014-02-22 23:38 - 2014-02-22 23:38 - 00000000 ____D () C:\Users\Admin\Desktop\PSTools
2014-02-22 23:38 - 2014-02-22 23:37 - 01682813 _____ () C:\Users\Admin\Downloads\PSTools.zip
2014-02-22 23:27 - 2009-07-14 07:34 - 00022128 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-22 23:27 - 2009-07-14 07:34 - 00022128 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-22 23:25 - 2014-02-22 22:23 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-22 23:21 - 2014-01-22 00:09 - 00075520 ____H () C:\Windows\PFRO.log
2014-02-22 23:21 - 2009-07-14 05:37 - 00000000 ___HD () C:\Windows\Help
2014-02-22 23:20 - 2014-02-20 22:45 - 00000000 __SHD () C:\Program Files\Windows Services
2014-02-22 23:20 - 2014-01-29 09:01 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\rmi
2014-02-22 22:25 - 2014-02-22 22:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Malwarebytes
2014-02-22 22:24 - 2014-02-22 22:24 - 00000036 _____ () C:\Users\Admin\AppData\Local\housecall.guid.cache
2014-02-22 22:22 - 2014-02-22 22:22 - 02049128 _____ (Trend Micro Inc.) C:\Users\Admin\Downloads\HousecallLauncher.exe
2014-02-22 22:22 - 2014-02-22 22:21 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-1-75-0-1300.exe
2014-02-22 20:27 - 2014-01-25 11:58 - 00000000 ____D () C:\Users\Admin\Desktop\Mančiaus
2014-02-22 20:25 - 2014-02-22 20:22 - 23556590 _____ () C:\Users\Admin\Downloads\Simtadienis.rar
2014-02-22 17:10 - 2014-02-22 17:09 - 02924736 _____ (Sysinternals - www.sysinternals.com) C:\Users\Admin\Downloads\procexp.exe
2014-02-22 16:54 - 2014-02-22 16:51 - 00000000 ___HD () C:\AdwCleaner
2014-02-22 16:53 - 2014-02-22 16:53 - 00000965 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-02-22 16:50 - 2014-02-22 16:50 - 00000000 ____D () C:\Windows\ERUNT
2014-02-22 16:42 - 2014-01-21 23:34 - 00002125 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-21 23:26 - 2014-02-01 19:50 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype
2014-02-21 23:06 - 2014-01-21 22:52 - 00000000 __SHD () C:\Recovery
2014-02-21 22:20 - 2014-02-21 22:20 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-02-21 22:18 - 2014-02-21 22:18 - 00000054 _____ () C:\Users\Admin\AppData\Roaming\mbam.context.scan
2014-02-21 22:11 - 2014-02-06 20:06 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-21 22:10 - 2014-02-21 22:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-21 21:53 - 2014-02-21 21:52 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-02-21 21:42 - 2014-02-21 21:42 - 00000000 ____D () C:\ProgramData\ESET
2014-02-21 21:33 - 2014-02-21 16:28 - 00003100 _____ () C:\Users\Admin\Desktop\Rkill.txt
2014-02-21 21:31 - 2014-02-21 16:28 - 00000000 ____D () C:\Users\Admin\Desktop\rkill
2014-02-21 21:08 - 2014-01-21 22:52 - 00000000 ___HD () C:\Users\Admin
2014-02-21 20:56 - 2014-02-21 20:56 - 00000000 ____D () C:\Windows\pss
2014-02-21 17:16 - 2014-02-21 17:16 - 00000743 _____ () C:\Users\Admin\Desktop\Revo Uninstaller.lnk
2014-02-21 16:43 - 2014-02-21 16:43 - 00000000 ___HD () C:\Autoruns
2014-02-21 16:32 - 2014-02-21 16:27 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-02-21 16:29 - 2014-02-21 16:29 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\SUPERAntiSpyware.com
2014-02-21 16:27 - 2014-02-21 16:27 - 00000830 _____ () C:\Users\Admin\Desktop\SUPERAntiSpyware Professional.lnk
2014-02-21 16:17 - 2014-01-22 21:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\BitTorrent
2014-02-21 16:07 - 2014-01-21 23:39 - 00002198 ____H () C:\Windows\epplauncher.mif
2014-02-21 15:58 - 2014-02-21 15:58 - 00000000 ____D () C:\Users\Admin\Desktop\Take_Ownership
2014-02-21 15:51 - 2014-01-21 22:56 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-21 10:47 - 2014-02-21 10:47 - 00000000 ___HD () C:\Windows\Microsoft Antimalware
2014-02-21 09:20 - 2014-02-07 21:47 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc
2014-02-21 09:19 - 2014-01-23 01:24 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AIMP3
2014-02-21 08:01 - 2014-02-21 08:00 - 11161936 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\mseinstall.exe
2014-02-21 07:57 - 2014-02-20 22:44 - 00000000 __SHD () C:\ProgramData\Windows Services
2014-02-21 07:56 - 2014-02-21 07:51 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-20 22:44 - 2014-02-20 22:44 - 00000000 _____ () C:\Users\Admin\AppData\Roaming\system.ini
2014-02-20 22:28 - 2014-01-24 20:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-20 21:49 - 2014-01-21 23:31 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-20 20:46 - 2014-02-20 20:45 - 00000000 ____D () C:\Users\Admin\Desktop\muzika simtadieniui
2014-02-20 15:15 - 2014-01-21 23:31 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-20 15:15 - 2009-07-14 07:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-16 18:52 - 2014-02-16 18:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-16 16:19 - 2014-02-16 16:19 - 00000000 ____D () C:\Users\Admin\jagexcache1
2014-02-16 10:24 - 2014-02-16 10:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\EMU
2014-02-16 10:23 - 2014-02-16 10:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ttales
2014-02-14 10:31 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\rescache
2014-02-14 10:14 - 2009-07-14 05:37 - 00000000 ___HD () C:\Windows\Microsoft.NET
2014-02-14 09:45 - 2014-02-14 09:44 - 00000000 ___HD () C:\zMule
2014-02-14 09:44 - 2014-02-14 09:44 - 00002979 _____ () C:\Users\Admin\Desktop\Failu keitykla (zMule).lnk
2014-02-14 09:44 - 2014-02-14 09:44 - 00002939 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Failu keitykla (zMule).lnk
2014-02-13 23:19 - 2014-01-21 23:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-13 23:18 - 2014-01-21 23:14 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-13 23:14 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-02-13 18:17 - 2014-01-23 01:24 - 00000000 ____D () C:\Users\Admin\Desktop\Gycio
2014-02-09 17:17 - 2014-02-09 11:21 - 00000000 ____D () C:\Users\Admin\Documents\Telltale Games
2014-02-09 11:21 - 2014-02-09 11:21 - 00000000 ____D () C:\ProgramData\Steam
2014-02-09 11:19 - 2014-02-09 11:19 - 00000605 _____ () C:\Users\Admin\Desktop\The Wolf Among Us Episode 2.lnk
2014-02-09 11:14 - 2014-02-09 11:14 - 00000605 _____ () C:\Users\Public\Desktop\The Wolf Among Us.lnk
2014-02-07 21:46 - 2014-02-07 21:46 - 00000630 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-06 20:30 - 2014-02-06 20:26 - 00000000 ____D () C:\Users\Admin\AppData\Local\CyberGhost
2014-02-06 20:30 - 2014-01-21 22:52 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore
2014-02-06 20:26 - 2014-02-06 20:25 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-02-06 20:14 - 2014-02-06 20:14 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia
2014-02-06 20:07 - 2014-02-06 20:06 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla
2014-02-06 20:07 - 2014-02-06 20:06 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla
2014-02-06 20:06 - 2014-02-06 20:06 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-06 20:06 - 2014-02-06 20:06 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-06 19:50 - 2014-02-06 19:50 - 00000000 ____D () C:\Users\Admin\jagexcache
2014-02-06 13:00 - 2014-02-13 23:19 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 12:57 - 2014-02-13 23:19 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:52 - 2014-02-13 23:19 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 12:52 - 2014-02-13 23:19 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 12:49 - 2014-02-13 23:19 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 12:47 - 2014-02-13 23:19 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 12:47 - 2014-02-13 23:19 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 12:46 - 2014-02-13 23:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 12:34 - 2014-02-13 23:19 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 12:25 - 2014-02-13 23:19 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 12:25 - 2014-02-13 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 12:13 - 2014-02-13 23:19 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 12:09 - 2014-02-13 23:19 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 12:03 - 2014-02-13 23:19 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 11:41 - 2014-02-13 23:19 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 11:36 - 2014-02-13 23:19 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 11:34 - 2014-02-13 23:19 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-05 20:28 - 2014-01-24 20:35 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-05 20:28 - 2014-01-24 20:35 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-03 15:26 - 2014-02-03 15:26 - 00000000 ____D () C:\Users\Admin\AppData\Local\Octodad Dadliest Catch
2014-02-02 18:45 - 2014-02-02 18:45 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Unity
2014-02-01 19:51 - 2014-02-01 19:50 - 00000000 ___RD () C:\Program Files\Skype
2014-02-01 19:51 - 2014-02-01 19:49 - 00000000 ____D () C:\ProgramData\Skype
2014-02-01 19:50 - 2014-02-01 19:50 - 00002709 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-01 19:50 - 2014-02-01 19:50 - 00000000 ____D () C:\Users\Admin\AppData\Local\Skype
2014-02-01 19:50 - 2014-02-01 19:50 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-01 14:40 - 2014-02-01 14:39 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Games
2014-02-01 12:56 - 2014-02-01 12:27 - 00000000 ____D () C:\Users\Admin\AppData\Local\TERA
2014-02-01 12:27 - 2014-02-01 12:27 - 00000523 _____ () C:\Users\Public\Desktop\TERA-Launcher.lnk
2014-01-31 22:01 - 2014-01-31 22:01 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-31 22:01 - 2014-01-31 22:01 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-31 22:01 - 2014-01-31 22:01 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-31 22:01 - 2014-01-31 22:01 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-31 22:01 - 2014-01-31 22:01 - 00000000 ___HD () C:\Program Files\Common Files\Java
2014-01-31 22:01 - 2014-01-31 22:01 - 00000000 ____D () C:\ProgramData\Sun
2014-01-31 22:01 - 2014-01-31 22:01 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-31 22:01 - 2014-01-31 22:01 - 00000000 ____D () C:\Program Files\Java
2014-01-31 14:54 - 2009-07-14 07:33 - 00434504 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-31 14:50 - 2014-01-31 14:50 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-01-31 14:35 - 2014-01-21 23:31 - 00111912 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-30 17:12 - 2014-01-29 09:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-30 17:12 - 2009-07-14 05:04 - 00000478 ____H () C:\Windows\win.ini
2014-01-30 16:57 - 2014-01-30 16:57 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-30 16:57 - 2014-01-30 16:57 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-30 16:54 - 2014-01-22 17:51 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-01-29 16:33 - 2014-01-29 16:33 - 00000000 ____D () C:\Users\Admin\AppData\Local\Unity
2014-01-29 12:07 - 2014-01-22 18:14 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-01-29 10:12 - 2009-07-14 10:49 - 00000000 ___HD () C:\Windows\ShellNew
2014-01-29 10:11 - 2009-07-14 05:37 - 00000000 ___HD () C:\Program Files\Common Files\microsoft shared
2014-01-29 10:06 - 2014-01-29 10:06 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-01-29 09:31 - 2014-01-29 09:31 - 00000000 ___HD () C:\Program Files\Common Files\DESIGNER
2014-01-29 09:30 - 2014-01-29 09:28 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-01-29 09:28 - 2014-01-29 09:28 - 00000000 ___HD () C:\Windows\PCHEALTH
2014-01-29 09:28 - 2014-01-29 09:24 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-01-29 09:26 - 2009-07-14 05:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-01-29 09:24 - 2014-01-29 09:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Help
2014-01-29 09:24 - 2014-01-29 09:24 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-01-29 09:23 - 2014-01-29 09:23 - 00000000 __RHD () C:\MSOCache
2014-01-29 09:22 - 2014-01-29 09:22 - 00000811 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-01-29 09:22 - 2014-01-29 09:04 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
2014-01-29 09:22 - 2014-01-29 09:03 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-01-29 09:04 - 2014-01-29 09:04 - 00243128 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-01-29 09:04 - 2014-01-29 09:04 - 00000000 ____D () C:\Users\Admin\AppData\Local\Popajar
2014-01-29 07:23 - 2014-02-22 23:55 - 00227520 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\psping.exe
2014-01-25 12:51 - 2014-01-25 12:51 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-01-25 12:51 - 2014-01-25 12:51 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canon
2014-01-25 12:50 - 2014-01-25 12:50 - 00002045 _____ () C:\Users\Public\Desktop\MP Navigator EX 2.0.lnk
2014-01-25 12:50 - 2014-01-25 12:50 - 00000000 ___HD () C:\Program Files\Canon
2014-01-24 20:35 - 2014-01-24 20:35 - 00000000 ____D () C:\Windows\system32\Macromed
 
Files to move or delete:
====================
C:\Users\Admin\AppData\Roaming\system.ini
 
 
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\HitmanPro.exe
C:\Users\Admin\AppData\Local\Temp\InstHelper.exe
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-08 02:35
 
==================== End Of Log ============================
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-02-2014 01
Ran by Admin at 2014-02-23 00:36:01
Running from C:\Users\Admin\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
„Microsoft Office 2013“ tikrinimo įrankiai – lietuvių k. (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.44 - Adobe Systems Incorporated)
AIMP3 (HKLM\...\AIMP3) (Version: v3.50.1224 Beta 1, 31.01.2013 - AIMP DevTeam)
AMD Accelerated Video Transcoding (Version: 12.5.100.30429 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{B448BC74-1CB7-7A57-3313-5E075AFB413E}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80430.0002 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
BitTorrent (HKCU\...\BitTorrent) (Version: 7.8.2.30489 - BitTorrent Inc.)
Canon MP Navigator EX 2.0 (HKLM\...\MP Navigator EX 2.0) (Version:  - )
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{CD3C2621-B611-4A30-BB37-81CA880AB895}) (Version:  - Microsoft)
Driver Robot (HKLM\...\{1A36CF15-DF66-4756-9482-A9ABF3DDACE6}_is1) (Version:  - Blitware Technology Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.117 - „Google Inc.“)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version:  - )
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (Version: 3.0.1 - Riot Games) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access MUI (Lithuanian) 2013 (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Lithuanian) 2013 (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Lithuanian) 2013 (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Lithuanian) 2013 (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Lithuanian) 2013 (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Lithuanian) 2013 (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2013  - Lithuanian/Lietuvių k. (HKLM\...\Office15.OMUI.lt-lt) (Version: 15.0.4454.1509 - Microsoft Corporation)
Microsoft Office O MUI (Lithuanian) 2013 (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Lithuanian) 2013 (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Lithuanian) 2013 (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Lithuanian) 2013 (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Lithuanian) 2013 (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Lithuanian) 2013 (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Lithuanian) 2013 (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Lithuanian) 2013 (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Lithuanian) 2013 (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Word MUI (Lithuanian) 2013 (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Microsoft X MUI (Lithuanian) 2013 (Version: 15.0.4454.1509 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Realtek 8136 8168 8169 Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5938 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.13 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TERA (HKLM\...\{0FCDA0F8-F3E5-402E-B9B6-13CB2B01182B}) (Version: 1.6 - En Masse Entertainment)
The Wolf Among Us (HKLM\...\VGhlV29sZkFtb25nVXM=_is1) (Version: 1 - )
The Wolf Among Us Episode 2 (HKLM\...\The Wolf Among Us Episode 2_is1) (Version:  - CODEX)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS) <==== ATTENTION
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition (HKLM\...\{90150000-0015-0409-0000-0000000FF1CE}_Office15.PROPLUS_{104D0AEE-BC85-4FFB-8BD8-D95A850D7A4D}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition (HKLM\...\{90150000-0015-0427-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{4E4E933B-A7AD-476C-9336-B698388D94D3}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FB31ABE4-BB41-4E9A-A252-1A4BC9DC8C43}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{F15AA550-A0B9-44AD-9067-2294CCA51F1C}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{AC57CF13-C24E-4C00-969F-5394DAE589C5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM\...\{90150000-012B-0427-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{A0294B08-3799-43B5-8310-54E25F6234F8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F307363-49DA-4AE7-9D9D-DAA1FF59274F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6E6B2968-B9D7-40C9-9FC2-8E729DDBB39C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AFDC9BDD-5608-4A21-8066-13E2ACE1EDB4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (HKLM\...\{90150000-0100-0427-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{AFDC9BDD-5608-4A21-8066-13E2ACE1EDB4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F8AD68D-9F41-446E-AA81-C43BF88671BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BCD0EA38-A8FB-4F3D-B04E-DFFB38BC7849}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9E03AB38-EF60-4DE6-92FB-656E23403BFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E58009CD-D950-4CAE-89B4-E97C3B78319B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{03FC8649-9511-4FB1-BE34-67A442505DCF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B299B17D-874D-43DD-84AA-414BD9C70021}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7E8D777B-BD75-480D-AC03-AF9C3D83CDBF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUS_{A07ABCD5-4CAF-4493-A591-A6233EF13C7F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B9A3A7A7-8B5B-4D07-9816-80EE2EA5B9B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{670559E6-5725-4B84-A16C-0859771F25DE}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUS_{5EFADE14-CE0B-43BF-ADD2-850FCB79485F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0016-0427-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{5EFADE14-CE0B-43BF-ADD2-850FCB79485F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0016-0427-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{6D4F89E6-73AB-4B06-BB82-70DA35F9824D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{188DFB16-BA3F-4AD3-9432-45C8FA64EC8B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BC369230-B0E0-4BB0-82D6-E93196060BFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FD782270-0456-4B87-AC5E-C6EE2D063C48}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C5CF8938-646A-41A5-A4E6-6EEE4205CBA4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{08F8B8BC-97B5-4110-8FC1-A840DEAD0DF9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{F75F8521-118D-4DE2-927F-073BE7B6DC7F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUS_{F75F8521-118D-4DE2-927F-073BE7B6DC7F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUS_{E11A0DDD-9F6D-49C6-8F02-850D44DD7639}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0415-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{40F5F42B-9B5B-4C28-867A-1C2C7528D20E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0419-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{5CC9A9DB-7F15-4C75-89D6-37F00BC18410}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0427-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{EED7CFFD-0AE9-443B-B0BC-100B6580D669}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{E6D73E98-906E-4520-99B6-FA1647EC2DAE}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{954A0EA5-CCCB-4B4E-8664-40E2CC8BBCBB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (HKLM\...\{90150000-0100-0427-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{954A0EA5-CCCB-4B4E-8664-40E2CC8BBCBB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4B1A48FA-CAE2-49BB-A912-6F96AE7875D9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{079FC22A-639F-4690-8512-F54DCD8493C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{13A97DC6-1E49-40B1-94E6-EB4CC3087607}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C89EE024-ECC9-43EB-9D6A-52AB9B73ED63}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2982593C-B10B-4757-A58A-7926ED063448}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUS_{90737997-99D8-46FB-BB7F-7153AEAD6C05}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 32-Bit Edition (HKLM\...\{90150000-006E-0427-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{AE2592D0-7E48-41EB-93FF-23E25E7DBF1F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{0AA960ED-0F9A-42EC-B9F4-52A104EB954D}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FA115DB4-AD0A-4C2B-8713-DB15275B7426}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 32-Bit Edition (HKLM\...\{90150000-00A1-0409-0000-0000000FF1CE}_Office15.PROPLUS_{70686EE3-2A2C-4049-B42F-9E285FE28EFD}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 32-Bit Edition (HKLM\...\{90150000-00A1-0427-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{D5335A38-2B23-4A9B-9EE2-E229E8E290DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2850061) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{3EF35AB5-21A1-4858-97BB-E4CF1ECF3736}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2850061) 32-Bit Edition (HKLM\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUS_{C212BC6C-7778-4333-BE90-15C2512945EF}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2850061) 32-Bit Edition (HKLM\...\{90150000-001A-0427-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{84B9EDF9-F2B3-40A6-A7A8-7F6EE55034CD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{94A5E2C5-5F2C-4238-8387-F16873B7927C}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 32-Bit Edition (HKLM\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUS_{03FB2087-E3D5-4B28-A3A9-70CE02CA4E39}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 32-Bit Edition (HKLM\...\{90150000-0018-0427-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{7214B819-8FA5-495B-8E56-F3B66C0A9651}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{696ACAB0-DCE3-4050-849A-629CE94A9E3A}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (HKLM\...\{90150000-0019-0427-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{FCA1D40A-E75F-44A8-AB0C-EB1EB03AA670}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{00ADF78E-D103-44D9-93FC-4E0B4255DF61}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 32-Bit Edition (HKLM\...\{90150000-00BA-0409-0000-0000000FF1CE}_Office15.PROPLUS_{A6D399B8-E269-4872-8B45-7E43C04D08AA}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 32-Bit Edition (HKLM\...\{90150000-00BA-0427-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{A9128DBC-CF84-48A3-BED1-CD76398739CD}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{166909FC-6736-4EE5-9491-1BF9A4EE84E7}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9CEFDC22-A298-451A-905E-28E42B90A563}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 32-Bit Edition (HKLM\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUS_{C550C85A-004E-494A-A6D2-700C998CA806}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 32-Bit Edition (HKLM\...\{90150000-001A-0427-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{6A3C9B7F-758E-4947-8A5A-B70874C1CEFE}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 32-Bit Edition (HKLM\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{C550C85A-004E-494A-A6D2-700C998CA806}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 32-Bit Edition (HKLM\...\{90150000-001B-0427-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{6A3C9B7F-758E-4947-8A5A-B70874C1CEFE}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{C550C85A-004E-494A-A6D2-700C998CA806}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 32-Bit Edition (HKLM\...\{90150000-012B-0427-0000-0000000FF1CE}_Office15.OMUI.lt-lt_{6A3C9B7F-758E-4947-8A5A-B70874C1CEFE}) (Version:  - Microsoft)
UpdateChecker (HKCU\...\Popajar, inc UpdateChecker) (Version:  - Popajar, inc) <==== ATTENTION
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
zMule (HKLM\...\{7D60CAB0-904B-4667-9ACB-314F869756D9}) (Version: 2.0.16 - emule-project.net)
Средства проверки правописания Microsoft Office 2013 — русский (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
 
==================== Restore Points  =========================
 
Could not list Restore Points. Check "winmgmt" service or repair WMI.
 
 
==================== Hosts content: ==========================
 
2009-07-14 05:04 - 2009-06-11 00:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {1D6622D7-0B6C-479F-AE00-03A2A815786B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: {290ED01D-21F7-400A-B8B5-64EA8DEE5EEA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {303334FA-50FD-41CF-A613-7C525D2C2A7D} - System32\Tasks\Driver Robot => C:\Program Files\Driver Robot\Driver Robot.lnk [2014-01-22] ()
Task: {5960BEA8-A042-4F9A-9041-C2B0D1262F93} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-21] („Google Inc.“)
Task: {7586A406-BD2D-42FF-BCA5-972DCDEC9FF9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {7BAACCBA-2AFA-44D5-94C9-6DD0DBAD2C5E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {B40AED21-1F0E-4868-BD72-A57F98F60C19} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {F5B25AF9-CB8A-4F10-85CA-539AF8EB95EF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-21] („Google Inc.“)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-01-22 18:51 - 2012-08-31 15:01 - 00151552 _____ () C:\Windows\System32\HP1100LM.DLL
2014-01-22 18:51 - 2012-08-31 15:01 - 00069632 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HP1100PP.DLL
2014-01-22 18:51 - 2012-08-31 15:02 - 02306048 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\hp1100su.dll
2014-01-22 18:51 - 2012-08-31 15:01 - 00794624 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1100GC.dll
2014-02-22 16:42 - 2014-02-20 04:02 - 00051016 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
2014-02-22 16:42 - 2014-02-20 04:02 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
2014-02-22 16:42 - 2014-02-20 04:02 - 00100168 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\libegl.dll
2014-02-22 16:42 - 2014-02-20 04:03 - 04060488 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\pdf.dll
2014-02-22 16:42 - 2014-02-20 04:03 - 00394568 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
2014-02-22 16:42 - 2014-02-20 04:02 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
2014-02-05 20:28 - 2014-02-05 20:28 - 16287624 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\startupfolder: C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Google.com.url => C:\Windows\pss\Google.com.url.Startup
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart /min
MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: eMuleAutoStart => C:\zMule\zmule.exe -AutoStart
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: PS2 => C:\Windows\system32\ps2.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
 
==================== Faulty Device Manager Devices =============
 
Name: SASDIFSV
Description: SASDIFSV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SASDIFSV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: SASKUTIL
Description: SASKUTIL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SASKUTIL
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/23/2014 00:35:21 AM) (Source: ESENT) (User: )
Description: DllHost (2500) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
Error: (02/23/2014 00:35:21 AM) (Source: ESENT) (User: )
Description: DllHost (2500) WebCacheLocal: An attempt to open the file "C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 5 (0x00000005): "Prieiga uždrausta. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (02/23/2014 00:35:11 AM) (Source: ESENT) (User: )
Description: DllHost (2500) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
Error: (02/23/2014 00:35:11 AM) (Source: ESENT) (User: )
Description: DllHost (2500) WebCacheLocal: An attempt to open the file "C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 5 (0x00000005): "Prieiga uždrausta. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (02/23/2014 00:35:00 AM) (Source: ESENT) (User: )
Description: DllHost (2500) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
Error: (02/23/2014 00:35:00 AM) (Source: ESENT) (User: )
Description: DllHost (2500) WebCacheLocal: An attempt to open the file "C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 5 (0x00000005): "Prieiga uždrausta. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (02/23/2014 00:34:50 AM) (Source: ESENT) (User: )
Description: DllHost (2500) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
Error: (02/23/2014 00:34:50 AM) (Source: ESENT) (User: )
Description: DllHost (2500) WebCacheLocal: An attempt to open the file "C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 5 (0x00000005): "Prieiga uždrausta. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (02/23/2014 00:34:40 AM) (Source: ESENT) (User: )
Description: DllHost (2500) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
Error: (02/23/2014 00:34:40 AM) (Source: ESENT) (User: )
Description: DllHost (2500) WebCacheLocal: An attempt to open the file "C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 5 (0x00000005): "Prieiga uždrausta. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
 
System errors:
=============
Error: (02/23/2014 00:25:32 AM) (Source: Service Control Manager) (User: )
Description: Windows Defender tarnybai skirtas laikas baigėsi dėl šios klaidos: 
%%-2147024891
 
Error: (02/23/2014 00:25:32 AM) (Source: Service Control Manager) (User: )
Description: ScRegSetValueExW iškvietimas, skirtas Start, nepavyko dėl šios klaidos: 
%%5
 
Error: (02/23/2014 00:25:31 AM) (Source: Service Control Manager) (User: )
Description: Windows Defender tarnybai skirtas laikas baigėsi dėl šios klaidos: 
%%-2147024891
 
Error: (02/23/2014 00:25:31 AM) (Source: Service Control Manager) (User: )
Description: ScRegSetValueExW iškvietimas, skirtas Start, nepavyko dėl šios klaidos: 
%%5
 
Error: (02/23/2014 00:25:28 AM) (Source: Service Control Manager) (User: )
Description: Windows Defender tarnybai skirtas laikas baigėsi dėl šios klaidos: 
%%-2147024891
 
Error: (02/23/2014 00:25:28 AM) (Source: Service Control Manager) (User: )
Description: ScRegSetValueExW iškvietimas, skirtas Start, nepavyko dėl šios klaidos: 
%%5
 
Error: (02/23/2014 00:25:25 AM) (Source: Service Control Manager) (User: )
Description: Windows Defender tarnybai skirtas laikas baigėsi dėl šios klaidos: 
%%-2147024891
 
Error: (02/23/2014 00:25:25 AM) (Source: Service Control Manager) (User: )
Description: ScRegSetValueExW iškvietimas, skirtas Start, nepavyko dėl šios klaidos: 
%%5
 
Error: (02/23/2014 00:25:21 AM) (Source: Service Control Manager) (User: )
Description: Windows Defender tarnybai skirtas laikas baigėsi dėl šios klaidos: 
%%-2147024891
 
Error: (02/23/2014 00:25:21 AM) (Source: Service Control Manager) (User: )
Description: ScRegSetValueExW iškvietimas, skirtas Start, nepavyko dėl šios klaidos: 
%%5
 
 
Microsoft Office Sessions:
=========================
Error: (02/23/2014 00:35:21 AM) (Source: ESENT)(User: )
Description: DllHost2500WebCacheLocal: C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)
 
Error: (02/23/2014 00:35:21 AM) (Source: ESENT)(User: )
Description: DllHost2500WebCacheLocal: C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)5 (0x00000005)Prieiga uždrausta.
 
Error: (02/23/2014 00:35:11 AM) (Source: ESENT)(User: )
Description: DllHost2500WebCacheLocal: C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)
 
Error: (02/23/2014 00:35:11 AM) (Source: ESENT)(User: )
Description: DllHost2500WebCacheLocal: C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)5 (0x00000005)Prieiga uždrausta.
 
Error: (02/23/2014 00:35:00 AM) (Source: ESENT)(User: )
Description: DllHost2500WebCacheLocal: C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)
 
Error: (02/23/2014 00:35:00 AM) (Source: ESENT)(User: )
Description: DllHost2500WebCacheLocal: C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)5 (0x00000005)Prieiga uždrausta.
 
Error: (02/23/2014 00:34:50 AM) (Source: ESENT)(User: )
Description: DllHost2500WebCacheLocal: C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)
 
Error: (02/23/2014 00:34:50 AM) (Source: ESENT)(User: )
Description: DllHost2500WebCacheLocal: C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)5 (0x00000005)Prieiga uždrausta.
 
Error: (02/23/2014 00:34:40 AM) (Source: ESENT)(User: )
Description: DllHost2500WebCacheLocal: C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)
 
Error: (02/23/2014 00:34:40 AM) (Source: ESENT)(User: )
Description: DllHost2500WebCacheLocal: C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)5 (0x00000005)Prieiga uždrausta.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 52%
Total physical RAM: 2046.49 MB
Available physical RAM: 980.86 MB
Total Pagefile: 4092.98 MB
Available Pagefile: 2736.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892.57 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:146.39 GB) (Free:122.09 GB) NTFS
Drive d: () (Fixed) (Total:226.12 GB) (Free:171.04 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 373 GB) (Disk ID: D62CD62C)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 


#5 Mrpartyalien

Mrpartyalien
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 22 February 2014 - 04:41 PM

By the way i can't turn on my Windows defender and can't install any antivirus programs...



#6 Mrpartyalien

Mrpartyalien
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 22 February 2014 - 05:10 PM

Ok it seems i deleted the virus but everythings the same except now hitman pro doesn't find any virus.. so i'm guessing i need cleaning up after the aftermath if theres anyway you could help me that would be great...



#7 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 22 February 2014 - 06:15 PM

So you made some changes yourself after the FRST scan?

Then I shall need a fresh FRST log to see the most recent state:

 

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste this log in your next reply.



#8 Mrpartyalien

Mrpartyalien
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 22 February 2014 - 06:24 PM

The FRST test i posted is after i made the changes.

#9 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 23 February 2014 - 08:25 AM

Ok.


Step 1

Please download this attached Attached File  fixlist.txt   683bytes   17 downloads and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to same location the tool was run from.
    Please copy and paste its contents in your next reply.

Restart your computer.

 

 

Step 2

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste this log in your next reply.

Edited by aharonov, 23 February 2014 - 08:25 AM.


#10 Mrpartyalien

Mrpartyalien
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 23 February 2014 - 09:59 AM

Here are the logs:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 22-02-2014 01
Ran by Admin at 2014-02-23 17:53:34 Run:1
Running from C:\Users\Admin\Desktop\Naujas aplankas
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
HKU\.DEFAULT\...\CurrentVersion\Windows: [Load] C:\Windows\system32\Microsoft.com <===== ATTENTION
HKU\S-1-5-19\...\CurrentVersion\Windows: [Load] C:\ProgramData\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-1674969235-1419107709-3905328805-1001\...\CurrentVersion\Windows: [Load] C:\ProgramData\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-1674969235-1419107709-3905328805-1001\...\Winlogon: [Shell] "C:\ProgramData\Windows Services\wservice.exe",explorer.exe,"C:\Users\Admin\Documents\Google.com" <==== ATTENTION 
IFEO\NisSrv.exe: [Debugger] C:\Windows\system32\Microsoft.com
C:\Windows\system32\Microsoft.com
C:\ProgramData\Windows Services
C:\Users\Admin\Documents\Google.com
*****************
 
HKU\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Load => Value was restored successfully.
HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Load => Value was restored successfully.
HKU\S-1-5-21-1674969235-1419107709-3905328805-1001\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Load => Value was restored successfully.
HKU\S-1-5-21-1674969235-1419107709-3905328805-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Unable to delete value
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\NisSrv.exe => Key deleted successfully.
"C:\Windows\system32\Microsoft.com" => File/Directory not found.
C:\ProgramData\Windows Services => Moved successfully.
"C:\Users\Admin\Documents\Google.com" => File/Directory not found.
 
==== End of Fixlog ====
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-02-2014 01
Ran by Admin (administrator) on ADMIN-PC on 23-02-2014 17:55:38
Running from C:\Users\Admin\Desktop\Naujas aplankas
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(SUPERAntiSpyware.com) D:\Program Files\ANTIVIRUSINE\SASCORE.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(HP) C:\Windows\system32\HPSIsvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Skype Technologies) C:\Program Files\Skype\Updater\Updater.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\HitmanPro.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [280576 2014-01-22] (Microsoft Corporation)
HKU\S-1-5-21-1674969235-1419107709-3905328805-1001\...\Run: [CCleaner Monitoring] - C:\Program Files\CCleaner\CCleaner.exe [4455704 2014-01-21] (Piriform Ltd)
HKU\S-1-5-21-1674969235-1419107709-3905328805-1001\...\MountPoints2: {8305c4d7-8819-11e3-91ea-001d7de7adda} - F:\setup.exe
HKU\S-1-5-21-1674969235-1419107709-3905328805-1001\...\Winlogon: [Shell] "C:\ProgramData\Windows Services\wservice.exe",explorer.exe,"C:\Users\Admin\Documents\Google.com" <==== ATTENTION 
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=U223
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x07FF00547C17CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://filmai.in/
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll No File
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll No File
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll No File
ShellExecuteHooks:  - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} -  No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{63766C18-6BD2-44E5-9A4D-B85469E85A96}: [NameServer]8.8.8.8,4.4.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3cuql7kv.default
FF Homepage: hxxp://filmai.in/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/Lync,version=15.0 - C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 - D:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
 
Chrome: 
=======
CHR HomePage: hxxp://www.searchnu.com/406
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll No File
CHR Extension: („Google“ dokumentai) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-21]
CHR Extension: („Google“ diskas ) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-21]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-21]
CHR Extension: („Google“ paieška) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-21]
CHR Extension: (Skype Click to Call) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-01]
CHR Extension: („Google“ piniginė) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-21]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-21]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
 
========================== Services (Whitelisted) =================
 
R2 !SASCORE; D:\Program Files\ANTIVIRUSINE\SASCORE.EXE [120088 2013-10-11] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-04-29] (Advanced Micro Devices, Inc.)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64112 2014-01-16] (CyberGhost S.R.L)
S2 gupdate; C:\Program Files\Google\Update\GoogleUpdate.exe [116648 2014-01-21] („Google Inc.“)
S3 gupdatem; C:\Program Files\Google\Update\GoogleUpdate.exe [116648 2014-01-21] („Google Inc.“)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [106248 2014-02-23] (SurfRight B.V.)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [10752 2009-07-14] („Microsoft Corporation“)
 
==================== Drivers (Whitelisted) ====================
 
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-01-29] (Disc Soft Ltd)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrv.sys [22312 2009-02-12] (EldoS Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [159776 2009-06-24] (Realtek Semiconductor Corp.)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
S1 SASDIFSV; \??\D:\Program Files\ANTIVIRUSINE\SASDIFSV.SYS [X]
S1 SASKUTIL; \??\D:\Program Files\ANTIVIRUSINE\SASKUTIL.SYS [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-23 17:52 - 2014-02-23 17:55 - 00000000 ____D () C:\Users\Admin\Desktop\Naujas aplankas
2014-02-23 17:51 - 2014-02-23 17:51 - 00000683 _____ () C:\Users\Admin\Downloads\fixlist (2).txt
2014-02-23 17:51 - 2014-02-23 17:51 - 00000683 _____ () C:\Users\Admin\Downloads\fixlist (1).txt
2014-02-23 16:02 - 2014-02-23 16:02 - 00787000 _____ () C:\Users\Admin\Desktop\Lietuvos elektrinės.pptx
2014-02-23 16:01 - 2014-02-23 16:01 - 00000000 ____D () C:\Users\Admin\Documents\Pasirinktiniai „Office“ šablonai
2014-02-23 15:07 - 2014-02-23 15:07 - 00001849 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-02-23 15:07 - 2014-02-23 15:07 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canneverbe Limited
2014-02-23 15:07 - 2014-02-23 15:07 - 00000000 ____D () C:\Program Files\CDBurnerXP
2014-02-23 15:05 - 2014-02-23 15:07 - 05284632 _____ (Canneverbe Limited ) C:\Users\Admin\Downloads\cdbxp_setup_4.5.2.4478.exe
2014-02-23 15:02 - 2014-02-23 15:02 - 00019980 _____ () C:\Users\Admin\Downloads\Windows 8.1 AIO 20in1 x64 en-US Pre-Activated DaRT 8.1 Dec2013.torrent
2014-02-23 14:30 - 2014-02-23 17:54 - 00000112 _____ () C:\Windows\setupact.log
2014-02-23 14:30 - 2014-02-23 14:30 - 00003740 _____ () C:\Windows\PFRO.log
2014-02-23 14:30 - 2014-02-23 14:30 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-23 14:10 - 2014-02-23 14:10 - 00141120 _____ (GridinSoft) C:\Users\Admin\Downloads\unhider.exe
2014-02-23 13:19 - 2014-02-23 13:19 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-23 13:18 - 2014-02-23 13:28 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-23 13:17 - 2014-02-23 13:18 - 04721144 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup410pro.exe
2014-02-23 13:13 - 2014-02-23 13:14 - 05330688 _____ (ReviverSoft LLC) C:\Users\Admin\Downloads\RegistryReviverSetup.exe
2014-02-23 12:57 - 2014-02-23 12:57 - 01056768 _____ () C:\Windows\system32\defltbase.sdb
2014-02-23 12:57 - 2014-02-23 12:57 - 00747520 _____ () C:\Users\Admin\Downloads\MicrosoftFixit50198.msi
2014-02-23 12:55 - 2014-02-23 12:55 - 00000388 _____ () C:\Note.txt
2014-02-23 12:45 - 2014-02-23 12:46 - 00000000 ____D () C:\Users\Pepel
2014-02-23 12:45 - 2014-02-23 12:45 - 00001417 _____ () C:\Users\Pepel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-23 12:45 - 2014-02-23 12:45 - 00000020 ___SH () C:\Users\Pepel\ntuser.ini
2014-02-23 12:45 - 2014-02-23 12:45 - 00000000 ____D () C:\Users\Pepel\AppData\Roaming\Adobe
2014-02-23 12:45 - 2014-02-23 12:45 - 00000000 ____D () C:\Users\Pepel\AppData\Local\VirtualStore
2014-02-23 12:45 - 2014-01-30 16:57 - 00000000 ____D () C:\Users\Pepel\AppData\Local\Microsoft Help
2014-02-23 12:45 - 2009-07-14 07:42 - 00000000 ___RD () C:\Users\Pepel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-23 12:45 - 2009-07-14 07:37 - 00000000 ___RD () C:\Users\Pepel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-23 12:37 - 2014-02-23 12:37 - 00036280 _____ () C:\Users\Admin\Downloads\fixit_kb978591.diagcab
2014-02-23 11:42 - 2014-02-23 11:42 - 00000290 _____ () C:\Users\Admin\Desktop\bbd.cmd
2014-02-23 11:34 - 2014-02-23 11:34 - 00379392 _____ () C:\Users\Admin\Downloads\subinacl.msi
2014-02-23 11:28 - 2014-02-23 11:28 - 27403064 _____ () C:\Users\Admin\Documents\Recovery Session File # Sun, 23-Feb-2014[11 28 38].rrs4
2014-02-23 11:26 - 2014-02-23 11:26 - 00000000 ____D () C:\ProgramData\Licenses
2014-02-23 11:22 - 2014-02-23 11:36 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\GetRightToGo
2014-02-23 11:22 - 2014-02-23 11:22 - 00433848 _____ (Remo Software) C:\Users\Admin\Downloads\bestfilerecovery-windows.exe
2014-02-23 11:17 - 2014-02-23 11:17 - 27403656 _____ () C:\Users\Admin\Desktop\Recovery Session File # Sun, 23-Feb-2014[11 16 54].ysrs
2014-02-23 11:11 - 2009-02-12 15:11 - 00022312 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rsdrv.sys
2014-02-23 11:08 - 2014-02-23 11:10 - 19325292 _____ (Yodot Software ) C:\Users\Admin\Downloads\yodot-file-recovery.exe
2014-02-23 01:38 - 2014-02-23 01:39 - 01581384 _____ (ESET) C:\Users\Admin\Downloads\eset_smart_security_live_installer_.exe
2014-02-23 01:01 - 2014-02-23 01:01 - 00001897 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-02-23 01:01 - 2014-02-23 01:01 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-23 01:00 - 2014-02-23 01:00 - 09988304 _____ (SurfRight B.V.) C:\Users\Admin\Downloads\hitmanpro.exe
2014-02-23 00:36 - 2014-02-23 00:36 - 00038817 _____ () C:\Users\Admin\Downloads\Addition.txt
2014-02-23 00:35 - 2014-02-23 17:55 - 00000000 ____D () C:\FRST
2014-02-23 00:28 - 2014-02-23 00:29 - 05183886 _____ (Swearware) C:\Users\Admin\Downloads\ComboFix.exe
2014-02-23 00:17 - 2014-02-23 00:18 - 11161936 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\mseinstall (1).exe
2014-02-23 00:00 - 2014-02-23 00:00 - 00126083 _____ () C:\Users\Admin\Downloads\runassystem.zip
2014-02-22 23:55 - 2014-01-29 07:23 - 00227520 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\psping.exe
2014-02-22 23:55 - 2013-10-22 07:59 - 00387776 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\PsExec.exe
2014-02-22 23:55 - 2012-10-17 17:28 - 00171608 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\pspasswd.exe
2014-02-22 23:55 - 2012-10-01 08:23 - 00066582 _____ () C:\Windows\system32\Pstools.chm
2014-02-22 23:55 - 2012-06-21 22:34 - 00468592 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\pskill.exe
2014-02-22 23:55 - 2012-03-22 14:53 - 00232232 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\pslist.exe
2014-02-22 23:55 - 2010-04-27 10:04 - 00390520 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\PsInfo.exe
2014-02-22 23:55 - 2010-04-27 10:04 - 00333176 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\PsGetsid.exe
2014-02-22 23:55 - 2010-04-27 10:04 - 00183160 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\PsLoggedon.exe
2014-02-22 23:55 - 2010-04-27 10:04 - 00178040 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\psloglist.exe
2014-02-22 23:55 - 2010-04-27 10:04 - 00169848 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\PsService.exe
2014-02-22 23:55 - 2007-11-06 08:17 - 00000039 _____ () C:\Windows\system32\psversion.txt
2014-02-22 23:55 - 2006-12-04 16:53 - 00207664 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\psshutdown.exe
2014-02-22 23:55 - 2006-12-04 16:53 - 00187184 _____ (Sysinternals) C:\Windows\system32\pssuspend.exe
2014-02-22 23:55 - 2006-12-04 16:53 - 00105264 _____ (Sysinternals) C:\Windows\system32\psfile.exe
2014-02-22 23:55 - 2006-07-28 08:32 - 00007005 _____ () C:\Windows\system32\Eula.txt
2014-02-22 23:38 - 2014-02-22 23:38 - 00000000 ____D () C:\Users\Admin\Desktop\PSTools
2014-02-22 23:37 - 2014-02-22 23:38 - 01682813 _____ () C:\Users\Admin\Downloads\PSTools.zip
2014-02-22 22:33 - 2012-10-30 00:09 - 00003987 _____ () C:\Users\Admin\Downloads\index.html
2014-02-22 22:25 - 2014-02-22 22:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Malwarebytes
2014-02-22 22:24 - 2014-02-22 22:24 - 00000036 _____ () C:\Users\Admin\AppData\Local\housecall.guid.cache
2014-02-22 22:23 - 2014-02-22 23:25 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-22 22:22 - 2014-02-22 22:22 - 02049128 _____ (Trend Micro Inc.) C:\Users\Admin\Downloads\HousecallLauncher.exe
2014-02-22 22:21 - 2014-02-22 22:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-1-75-0-1300.exe
2014-02-22 20:22 - 2014-02-22 20:25 - 23556590 _____ () C:\Users\Admin\Downloads\Simtadienis.rar
2014-02-22 17:09 - 2014-02-22 17:10 - 02924736 _____ (Sysinternals - www.sysinternals.com) C:\Users\Admin\Downloads\procexp.exe
2014-02-22 16:53 - 2014-02-22 16:53 - 00000965 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-02-22 16:51 - 2014-02-22 16:54 - 00000000 ___HD () C:\AdwCleaner
2014-02-22 16:50 - 2014-02-22 16:50 - 00000000 ____D () C:\Windows\ERUNT
2014-02-21 22:20 - 2014-02-21 22:20 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-02-21 22:18 - 2014-02-21 22:18 - 00000054 _____ () C:\Users\Admin\AppData\Roaming\mbam.context.scan
2014-02-21 22:10 - 2014-02-21 22:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-21 21:52 - 2014-02-21 21:53 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-02-21 21:42 - 2014-02-21 21:42 - 00000000 ____D () C:\ProgramData\ESET
2014-02-21 20:56 - 2014-02-21 20:56 - 00000000 ____D () C:\Windows\pss
2014-02-21 17:16 - 2014-02-21 17:16 - 00000743 _____ () C:\Users\Admin\Desktop\Revo Uninstaller.lnk
2014-02-21 16:43 - 2014-02-21 16:43 - 00000000 ___HD () C:\Autoruns
2014-02-21 16:29 - 2014-02-21 16:29 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\SUPERAntiSpyware.com
2014-02-21 16:28 - 2014-02-21 21:33 - 00003100 _____ () C:\Users\Admin\Desktop\Rkill.txt
2014-02-21 16:28 - 2014-02-21 21:31 - 00000000 ____D () C:\Users\Admin\Desktop\rkill
2014-02-21 16:27 - 2014-02-21 16:32 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-02-21 16:27 - 2014-02-21 16:27 - 00000830 _____ () C:\Users\Admin\Desktop\SUPERAntiSpyware Professional.lnk
2014-02-21 15:58 - 2014-02-21 15:58 - 00000000 ____D () C:\Users\Admin\Desktop\Take_Ownership
2014-02-21 10:47 - 2014-02-21 10:47 - 00000000 ___HD () C:\Windows\Microsoft Antimalware
2014-02-21 08:00 - 2014-02-21 08:01 - 11161936 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\mseinstall.exe
2014-02-21 07:55 - 2014-02-23 00:18 - 00000936 _____ () C:\Windows\system32\.crusader
2014-02-21 07:51 - 2014-02-21 07:56 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-20 22:45 - 2014-02-22 23:20 - 00000000 __SHD () C:\Program Files\Windows Services
2014-02-20 22:44 - 2014-02-20 22:44 - 00000000 _____ () C:\Users\Admin\AppData\Roaming\system.ini
2014-02-20 20:45 - 2014-02-20 20:46 - 00000000 ____D () C:\Users\Admin\Desktop\muzika simtadieniui
2014-02-16 18:51 - 2014-02-16 18:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-16 16:19 - 2014-02-16 16:19 - 00000000 ____D () C:\Users\Admin\jagexcache1
2014-02-16 10:24 - 2014-02-16 10:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\EMU
2014-02-16 10:23 - 2014-02-16 10:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ttales
2014-02-14 09:44 - 2014-02-14 09:45 - 00000000 ___HD () C:\zMule
2014-02-14 09:44 - 2014-02-14 09:44 - 00002979 _____ () C:\Users\Admin\Desktop\Failu keitykla (zMule).lnk
2014-02-14 09:44 - 2014-02-14 09:44 - 00002939 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Failu keitykla (zMule).lnk
2014-02-13 23:19 - 2014-02-06 13:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 23:19 - 2014-02-06 12:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 23:19 - 2014-02-06 12:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 23:19 - 2014-02-06 12:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 23:19 - 2014-02-06 12:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 23:19 - 2014-02-06 12:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 23:19 - 2014-02-06 12:47 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 23:19 - 2014-02-06 12:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 23:19 - 2014-02-06 12:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 23:19 - 2014-02-06 12:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 23:19 - 2014-02-06 12:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 23:19 - 2014-02-06 12:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 23:19 - 2014-02-06 12:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 23:19 - 2014-02-06 12:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 23:19 - 2014-02-06 11:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 23:19 - 2014-02-06 11:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 23:19 - 2014-02-06 11:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 23:16 - 2013-12-21 11:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 22:57 - 2014-01-01 02:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 22:57 - 2013-12-06 05:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 22:57 - 2013-12-06 05:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 22:55 - 2013-12-25 02:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 22:55 - 2013-11-26 11:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-13 22:54 - 2013-12-04 05:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 22:54 - 2013-12-04 05:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 22:54 - 2013-12-04 05:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 22:54 - 2013-12-04 05:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 22:54 - 2013-12-04 05:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 22:54 - 2013-12-04 04:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 22:54 - 2013-12-04 04:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 22:54 - 2013-12-04 04:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 22:54 - 2013-12-04 04:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-09 11:21 - 2014-02-09 17:17 - 00000000 ____D () C:\Users\Admin\Documents\Telltale Games
2014-02-09 11:21 - 2014-02-09 11:21 - 00000000 ____D () C:\ProgramData\Steam
2014-02-09 11:19 - 2014-02-09 11:19 - 00000605 _____ () C:\Users\Admin\Desktop\The Wolf Among Us Episode 2.lnk
2014-02-09 11:14 - 2014-02-09 11:14 - 00000605 _____ () C:\Users\Public\Desktop\The Wolf Among Us.lnk
2014-02-07 21:47 - 2014-02-21 09:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc
2014-02-07 21:46 - 2014-02-07 21:46 - 00000630 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-06 20:26 - 2014-02-06 20:30 - 00000000 ____D () C:\Users\Admin\AppData\Local\CyberGhost
2014-02-06 20:25 - 2014-02-06 20:26 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-02-06 20:14 - 2014-02-06 20:14 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia
2014-02-06 20:06 - 2014-02-21 22:11 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-06 20:06 - 2014-02-06 20:07 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla
2014-02-06 20:06 - 2014-02-06 20:07 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla
2014-02-06 20:06 - 2014-02-06 20:06 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-06 20:06 - 2014-02-06 20:06 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-06 19:50 - 2014-02-06 19:50 - 00000000 ____D () C:\Users\Admin\jagexcache
2014-02-03 15:26 - 2014-02-03 15:26 - 00000000 ____D () C:\Users\Admin\AppData\Local\Octodad Dadliest Catch
2014-02-03 15:26 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-02-03 15:26 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-02-03 15:26 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-02-03 15:26 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-02-03 15:26 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-02-03 15:26 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-02-03 15:26 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-02-03 15:26 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-02-03 15:26 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-02-03 15:26 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-02-03 15:26 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-02-03 15:26 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-02-03 15:26 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-02-03 15:26 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-02-03 15:26 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-02-03 15:26 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-02-03 15:26 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-02-03 15:26 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-02-03 15:26 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-02-03 15:26 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-02-03 15:26 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-02-03 15:26 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-02-03 15:26 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-02-03 15:26 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-02-03 15:26 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-02-03 15:26 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-02-03 15:26 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-02-03 15:26 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-02-03 15:26 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-02-03 15:26 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-02-03 15:26 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-02-03 15:26 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-02-03 15:26 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-02-03 15:26 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-02-03 15:26 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-02-03 15:26 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-02-03 15:26 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-02-03 15:26 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-02-03 15:26 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-02-03 15:26 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-02-03 15:26 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-02-03 15:26 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-02-03 15:26 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-02-03 15:26 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-02-03 15:26 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-02-03 15:26 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-02-03 15:26 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-02-03 15:26 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-02-03 15:26 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-02-03 15:26 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-02-03 15:26 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-02-03 15:26 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-02-03 15:26 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-02-03 15:26 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-02-03 15:26 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-02-03 15:26 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-02-03 15:26 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-02-03 15:26 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-02-03 15:26 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-02-03 15:26 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-02-03 15:26 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-02-03 15:26 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-02-03 15:26 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-02-03 15:26 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-02-03 15:26 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-02-03 15:26 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-02-03 15:26 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-02-03 15:26 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-02-03 15:26 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-02-03 15:26 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-02-03 15:26 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-02-03 15:26 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-02-03 15:26 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-02-03 15:25 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-02-03 15:25 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-02-03 15:25 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-02-03 15:25 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-02-03 15:25 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-02-03 15:25 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-02-03 15:25 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-02-03 15:25 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-02-03 15:25 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-02-02 18:45 - 2014-02-02 18:45 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Unity
2014-02-01 19:50 - 2014-02-21 23:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype
2014-02-01 19:50 - 2014-02-01 19:51 - 00000000 ___RD () C:\Program Files\Skype
2014-02-01 19:50 - 2014-02-01 19:50 - 00002709 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-01 19:50 - 2014-02-01 19:50 - 00000000 ____D () C:\Users\Admin\AppData\Local\Skype
2014-02-01 19:50 - 2014-02-01 19:50 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-01 19:49 - 2014-02-01 19:51 - 00000000 ____D () C:\ProgramData\Skype
2014-02-01 14:39 - 2014-02-01 14:40 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Games
2014-02-01 12:55 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-02-01 12:55 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-02-01 12:55 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-02-01 12:55 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-02-01 12:27 - 2014-02-01 12:56 - 00000000 ____D () C:\Users\Admin\AppData\Local\TERA
2014-02-01 12:27 - 2014-02-01 12:27 - 00000523 _____ () C:\Users\Public\Desktop\TERA-Launcher.lnk
2014-01-31 22:01 - 2014-01-31 22:01 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-31 22:01 - 2014-01-31 22:01 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-31 22:01 - 2014-01-31 22:01 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-31 22:01 - 2014-01-31 22:01 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-31 22:01 - 2014-01-31 22:01 - 00000000 ___HD () C:\Program Files\Common Files\Java
2014-01-31 22:01 - 2014-01-31 22:01 - 00000000 ____D () C:\ProgramData\Sun
2014-01-31 22:01 - 2014-01-31 22:01 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-31 22:01 - 2014-01-31 22:01 - 00000000 ____D () C:\Program Files\Java
2014-01-31 14:50 - 2014-01-31 14:50 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-01-30 16:57 - 2014-01-30 16:57 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-30 16:57 - 2014-01-30 16:57 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-29 16:33 - 2014-01-29 16:33 - 00000000 ____D () C:\Users\Admin\AppData\Local\Unity
2014-01-29 10:06 - 2014-01-29 10:06 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-01-29 09:31 - 2014-01-29 09:31 - 00000000 ___HD () C:\Program Files\Common Files\DESIGNER
2014-01-29 09:28 - 2014-01-29 09:30 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-01-29 09:28 - 2014-01-29 09:28 - 00000000 ___HD () C:\Windows\PCHEALTH
2014-01-29 09:24 - 2014-01-30 17:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-29 09:24 - 2014-01-29 09:28 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-01-29 09:24 - 2014-01-29 09:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Help
2014-01-29 09:24 - 2014-01-29 09:24 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-01-29 09:23 - 2014-01-29 09:23 - 00000000 __RHD () C:\MSOCache
2014-01-29 09:22 - 2014-01-29 09:22 - 00000811 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-01-29 09:04 - 2014-02-23 14:12 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
2014-01-29 09:04 - 2014-01-29 09:04 - 00243128 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-01-29 09:04 - 2014-01-29 09:04 - 00000000 ____D () C:\Users\Admin\AppData\Local\Popajar
2014-01-29 09:03 - 2014-01-29 09:22 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-01-29 09:01 - 2014-02-22 23:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\rmi
2014-01-25 12:51 - 2014-01-25 12:51 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canon
2014-01-25 12:51 - 2014-01-25 12:51 - 00000000 ____D () C:\ProgramData\CanonIJScan
2014-01-25 12:50 - 2014-01-25 12:50 - 00002045 _____ () C:\Users\Public\Desktop\MP Navigator EX 2.0.lnk
2014-01-25 12:50 - 2014-01-25 12:50 - 00000000 ___HD () C:\Program Files\Canon
2014-01-25 11:58 - 2014-02-22 20:27 - 00000000 ____D () C:\Users\Admin\Desktop\Mančiaus
2014-01-24 20:35 - 2014-02-20 22:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-24 20:35 - 2014-02-05 20:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-01-24 20:35 - 2014-02-05 20:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-01-24 20:35 - 2014-01-24 20:35 - 00000000 ____D () C:\Windows\system32\Macromed
 
==================== One Month Modified Files and Folders =======
 
2014-02-23 17:55 - 2014-02-23 17:52 - 00000000 ____D () C:\Users\Admin\Desktop\Naujas aplankas
2014-02-23 17:55 - 2014-02-23 00:35 - 00000000 ____D () C:\FRST
2014-02-23 17:54 - 2014-02-23 14:30 - 00000112 _____ () C:\Windows\setupact.log
2014-02-23 17:53 - 2014-01-22 21:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\BitTorrent
2014-02-23 17:51 - 2014-02-23 17:51 - 00000683 _____ () C:\Users\Admin\Downloads\fixlist (2).txt
2014-02-23 17:51 - 2014-02-23 17:51 - 00000683 _____ () C:\Users\Admin\Downloads\fixlist (1).txt
2014-02-23 16:33 - 2009-07-14 07:34 - 00026000 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-23 16:33 - 2009-07-14 07:34 - 00026000 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-23 16:02 - 2014-02-23 16:02 - 00787000 _____ () C:\Users\Admin\Desktop\Lietuvos elektrinės.pptx
2014-02-23 16:01 - 2014-02-23 16:01 - 00000000 ____D () C:\Users\Admin\Documents\Pasirinktiniai „Office“ šablonai
2014-02-23 15:07 - 2014-02-23 15:07 - 00001849 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-02-23 15:07 - 2014-02-23 15:07 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canneverbe Limited
2014-02-23 15:07 - 2014-02-23 15:07 - 00000000 ____D () C:\Program Files\CDBurnerXP
2014-02-23 15:07 - 2014-02-23 15:05 - 05284632 _____ (Canneverbe Limited ) C:\Users\Admin\Downloads\cdbxp_setup_4.5.2.4478.exe
2014-02-23 15:02 - 2014-02-23 15:02 - 00019980 _____ () C:\Users\Admin\Downloads\Windows 8.1 AIO 20in1 x64 en-US Pre-Activated DaRT 8.1 Dec2013.torrent
2014-02-23 14:31 - 2014-01-22 08:48 - 01762735 _____ () C:\Windows\WindowsUpdate.log
2014-02-23 14:30 - 2014-02-23 14:30 - 00003740 _____ () C:\Windows\PFRO.log
2014-02-23 14:30 - 2014-02-23 14:30 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-23 14:12 - 2014-01-29 09:04 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
2014-02-23 14:12 - 2014-01-23 01:24 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AIMP3
2014-02-23 14:12 - 2014-01-22 08:45 - 00000000 ___HD () C:\Windows\Panther
2014-02-23 14:10 - 2014-02-23 14:10 - 00141120 _____ (GridinSoft) C:\Users\Admin\Downloads\unhider.exe
2014-02-23 13:32 - 2014-01-21 22:56 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-23 13:28 - 2014-02-23 13:18 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-23 13:19 - 2014-02-23 13:19 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-23 13:18 - 2014-02-23 13:17 - 04721144 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup410pro.exe
2014-02-23 13:14 - 2014-02-23 13:13 - 05330688 _____ (ReviverSoft LLC) C:\Users\Admin\Downloads\RegistryReviverSetup.exe
2014-02-23 12:57 - 2014-02-23 12:57 - 01056768 _____ () C:\Windows\system32\defltbase.sdb
2014-02-23 12:57 - 2014-02-23 12:57 - 00747520 _____ () C:\Users\Admin\Downloads\MicrosoftFixit50198.msi
2014-02-23 12:55 - 2014-02-23 12:55 - 00000388 _____ () C:\Note.txt
2014-02-23 12:46 - 2014-02-23 12:45 - 00000000 ____D () C:\Users\Pepel
2014-02-23 12:45 - 2014-02-23 12:45 - 00001417 _____ () C:\Users\Pepel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-23 12:45 - 2014-02-23 12:45 - 00000020 ___SH () C:\Users\Pepel\ntuser.ini
2014-02-23 12:45 - 2014-02-23 12:45 - 00000000 ____D () C:\Users\Pepel\AppData\Roaming\Adobe
2014-02-23 12:45 - 2014-02-23 12:45 - 00000000 ____D () C:\Users\Pepel\AppData\Local\VirtualStore
2014-02-23 12:37 - 2014-02-23 12:37 - 00036280 _____ () C:\Users\Admin\Downloads\fixit_kb978591.diagcab
2014-02-23 11:42 - 2014-02-23 11:42 - 00000290 _____ () C:\Users\Admin\Desktop\bbd.cmd
2014-02-23 11:36 - 2014-02-23 11:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\GetRightToGo
2014-02-23 11:34 - 2014-02-23 11:34 - 00379392 _____ () C:\Users\Admin\Downloads\subinacl.msi
2014-02-23 11:28 - 2014-02-23 11:28 - 27403064 _____ () C:\Users\Admin\Documents\Recovery Session File # Sun, 23-Feb-2014[11 28 38].rrs4
2014-02-23 11:26 - 2014-02-23 11:26 - 00000000 ____D () C:\ProgramData\Licenses
2014-02-23 11:22 - 2014-02-23 11:22 - 00433848 _____ (Remo Software) C:\Users\Admin\Downloads\bestfilerecovery-windows.exe
2014-02-23 11:17 - 2014-02-23 11:17 - 27403656 _____ () C:\Users\Admin\Desktop\Recovery Session File # Sun, 23-Feb-2014[11 16 54].ysrs
2014-02-23 11:10 - 2014-02-23 11:08 - 19325292 _____ (Yodot Software ) C:\Users\Admin\Downloads\yodot-file-recovery.exe
2014-02-23 01:39 - 2014-02-23 01:38 - 01581384 _____ (ESET) C:\Users\Admin\Downloads\eset_smart_security_live_installer_.exe
2014-02-23 01:01 - 2014-02-23 01:01 - 00001897 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-02-23 01:01 - 2014-02-23 01:01 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-23 01:00 - 2014-02-23 01:00 - 09988304 _____ (SurfRight B.V.) C:\Users\Admin\Downloads\hitmanpro.exe
2014-02-23 00:36 - 2014-02-23 00:36 - 00038817 _____ () C:\Users\Admin\Downloads\Addition.txt
2014-02-23 00:29 - 2014-02-23 00:28 - 05183886 _____ (Swearware) C:\Users\Admin\Downloads\ComboFix.exe
2014-02-23 00:18 - 2014-02-23 00:17 - 11161936 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\mseinstall (1).exe
2014-02-23 00:18 - 2014-02-21 07:55 - 00000936 _____ () C:\Windows\system32\.crusader
2014-02-23 00:00 - 2014-02-23 00:00 - 00126083 _____ () C:\Users\Admin\Downloads\runassystem.zip
2014-02-22 23:38 - 2014-02-22 23:38 - 00000000 ____D () C:\Users\Admin\Desktop\PSTools
2014-02-22 23:38 - 2014-02-22 23:37 - 01682813 _____ () C:\Users\Admin\Downloads\PSTools.zip
2014-02-22 23:25 - 2014-02-22 22:23 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-22 23:21 - 2009-07-14 05:37 - 00000000 ___HD () C:\Windows\Help
2014-02-22 23:20 - 2014-02-20 22:45 - 00000000 __SHD () C:\Program Files\Windows Services
2014-02-22 23:20 - 2014-01-29 09:01 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\rmi
2014-02-22 22:25 - 2014-02-22 22:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Malwarebytes
2014-02-22 22:24 - 2014-02-22 22:24 - 00000036 _____ () C:\Users\Admin\AppData\Local\housecall.guid.cache
2014-02-22 22:22 - 2014-02-22 22:22 - 02049128 _____ (Trend Micro Inc.) C:\Users\Admin\Downloads\HousecallLauncher.exe
2014-02-22 22:22 - 2014-02-22 22:21 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-1-75-0-1300.exe
2014-02-22 20:27 - 2014-01-25 11:58 - 00000000 ____D () C:\Users\Admin\Desktop\Mančiaus
2014-02-22 20:25 - 2014-02-22 20:22 - 23556590 _____ () C:\Users\Admin\Downloads\Simtadienis.rar
2014-02-22 17:10 - 2014-02-22 17:09 - 02924736 _____ (Sysinternals - www.sysinternals.com) C:\Users\Admin\Downloads\procexp.exe
2014-02-22 16:54 - 2014-02-22 16:51 - 00000000 ___HD () C:\AdwCleaner
2014-02-22 16:53 - 2014-02-22 16:53 - 00000965 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-02-22 16:50 - 2014-02-22 16:50 - 00000000 ____D () C:\Windows\ERUNT
2014-02-22 16:42 - 2014-01-21 23:34 - 00002125 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-21 23:26 - 2014-02-01 19:50 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype
2014-02-21 23:06 - 2014-01-21 22:52 - 00000000 __SHD () C:\Recovery
2014-02-21 22:20 - 2014-02-21 22:20 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-02-21 22:18 - 2014-02-21 22:18 - 00000054 _____ () C:\Users\Admin\AppData\Roaming\mbam.context.scan
2014-02-21 22:11 - 2014-02-06 20:06 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-21 22:10 - 2014-02-21 22:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-21 21:53 - 2014-02-21 21:52 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-02-21 21:42 - 2014-02-21 21:42 - 00000000 ____D () C:\ProgramData\ESET
2014-02-21 21:33 - 2014-02-21 16:28 - 00003100 _____ () C:\Users\Admin\Desktop\Rkill.txt
2014-02-21 21:31 - 2014-02-21 16:28 - 00000000 ____D () C:\Users\Admin\Desktop\rkill
2014-02-21 21:08 - 2014-01-21 22:52 - 00000000 ____D () C:\Users\Admin
2014-02-21 20:56 - 2014-02-21 20:56 - 00000000 ____D () C:\Windows\pss
2014-02-21 17:16 - 2014-02-21 17:16 - 00000743 _____ () C:\Users\Admin\Desktop\Revo Uninstaller.lnk
2014-02-21 16:43 - 2014-02-21 16:43 - 00000000 ___HD () C:\Autoruns
2014-02-21 16:32 - 2014-02-21 16:27 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-02-21 16:29 - 2014-02-21 16:29 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\SUPERAntiSpyware.com
2014-02-21 16:27 - 2014-02-21 16:27 - 00000830 _____ () C:\Users\Admin\Desktop\SUPERAntiSpyware Professional.lnk
2014-02-21 16:07 - 2014-01-21 23:39 - 00002198 ____H () C:\Windows\epplauncher.mif
2014-02-21 15:58 - 2014-02-21 15:58 - 00000000 ____D () C:\Users\Admin\Desktop\Take_Ownership
2014-02-21 10:47 - 2014-02-21 10:47 - 00000000 ___HD () C:\Windows\Microsoft Antimalware
2014-02-21 09:20 - 2014-02-07 21:47 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc
2014-02-21 08:01 - 2014-02-21 08:00 - 11161936 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\mseinstall.exe
2014-02-21 07:56 - 2014-02-21 07:51 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-20 22:44 - 2014-02-20 22:44 - 00000000 _____ () C:\Users\Admin\AppData\Roaming\system.ini
2014-02-20 22:28 - 2014-01-24 20:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-20 21:49 - 2014-01-21 23:31 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-20 20:46 - 2014-02-20 20:45 - 00000000 ____D () C:\Users\Admin\Desktop\muzika simtadieniui
2014-02-20 15:15 - 2014-01-21 23:31 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-20 15:15 - 2009-07-14 07:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-16 18:52 - 2014-02-16 18:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-16 16:19 - 2014-02-16 16:19 - 00000000 ____D () C:\Users\Admin\jagexcache1
2014-02-16 10:24 - 2014-02-16 10:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\EMU
2014-02-16 10:23 - 2014-02-16 10:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ttales
2014-02-14 10:31 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\rescache
2014-02-14 10:14 - 2009-07-14 05:37 - 00000000 ___HD () C:\Windows\Microsoft.NET
2014-02-14 09:45 - 2014-02-14 09:44 - 00000000 ___HD () C:\zMule
2014-02-14 09:44 - 2014-02-14 09:44 - 00002979 _____ () C:\Users\Admin\Desktop\Failu keitykla (zMule).lnk
2014-02-14 09:44 - 2014-02-14 09:44 - 00002939 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Failu keitykla (zMule).lnk
2014-02-13 23:19 - 2014-01-21 23:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-13 23:18 - 2014-01-21 23:14 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-13 23:14 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-02-13 18:17 - 2014-01-23 01:24 - 00000000 ____D () C:\Users\Admin\Desktop\Gycio
2014-02-09 17:17 - 2014-02-09 11:21 - 00000000 ____D () C:\Users\Admin\Documents\Telltale Games
2014-02-09 11:21 - 2014-02-09 11:21 - 00000000 ____D () C:\ProgramData\Steam
2014-02-09 11:19 - 2014-02-09 11:19 - 00000605 _____ () C:\Users\Admin\Desktop\The Wolf Among Us Episode 2.lnk
2014-02-09 11:14 - 2014-02-09 11:14 - 00000605 _____ () C:\Users\Public\Desktop\The Wolf Among Us.lnk
2014-02-07 21:46 - 2014-02-07 21:46 - 00000630 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-06 20:30 - 2014-02-06 20:26 - 00000000 ____D () C:\Users\Admin\AppData\Local\CyberGhost
2014-02-06 20:30 - 2014-01-21 22:52 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore
2014-02-06 20:26 - 2014-02-06 20:25 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-02-06 20:14 - 2014-02-06 20:14 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia
2014-02-06 20:07 - 2014-02-06 20:06 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla
2014-02-06 20:07 - 2014-02-06 20:06 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla
2014-02-06 20:06 - 2014-02-06 20:06 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-06 20:06 - 2014-02-06 20:06 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-06 19:50 - 2014-02-06 19:50 - 00000000 ____D () C:\Users\Admin\jagexcache
2014-02-06 13:00 - 2014-02-13 23:19 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 12:57 - 2014-02-13 23:19 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:52 - 2014-02-13 23:19 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 12:52 - 2014-02-13 23:19 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 12:49 - 2014-02-13 23:19 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 12:47 - 2014-02-13 23:19 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 12:47 - 2014-02-13 23:19 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 12:46 - 2014-02-13 23:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 12:34 - 2014-02-13 23:19 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 12:25 - 2014-02-13 23:19 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 12:25 - 2014-02-13 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 12:13 - 2014-02-13 23:19 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 12:09 - 2014-02-13 23:19 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 12:03 - 2014-02-13 23:19 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 11:41 - 2014-02-13 23:19 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 11:36 - 2014-02-13 23:19 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 11:34 - 2014-02-13 23:19 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-05 20:28 - 2014-01-24 20:35 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-05 20:28 - 2014-01-24 20:35 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-03 15:26 - 2014-02-03 15:26 - 00000000 ____D () C:\Users\Admin\AppData\Local\Octodad Dadliest Catch
2014-02-02 18:45 - 2014-02-02 18:45 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Unity
2014-02-01 19:51 - 2014-02-01 19:50 - 00000000 ___RD () C:\Program Files\Skype
2014-02-01 19:51 - 2014-02-01 19:49 - 00000000 ____D () C:\ProgramData\Skype
2014-02-01 19:50 - 2014-02-01 19:50 - 00002709 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-01 19:50 - 2014-02-01 19:50 - 00000000 ____D () C:\Users\Admin\AppData\Local\Skype
2014-02-01 19:50 - 2014-02-01 19:50 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-01 14:40 - 2014-02-01 14:39 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Games
2014-02-01 12:56 - 2014-02-01 12:27 - 00000000 ____D () C:\Users\Admin\AppData\Local\TERA
2014-02-01 12:27 - 2014-02-01 12:27 - 00000523 _____ () C:\Users\Public\Desktop\TERA-Launcher.lnk
2014-01-31 22:01 - 2014-01-31 22:01 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-31 22:01 - 2014-01-31 22:01 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-31 22:01 - 2014-01-31 22:01 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-31 22:01 - 2014-01-31 22:01 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-31 22:01 - 2014-01-31 22:01 - 00000000 ___HD () C:\Program Files\Common Files\Java
2014-01-31 22:01 - 2014-01-31 22:01 - 00000000 ____D () C:\ProgramData\Sun
2014-01-31 22:01 - 2014-01-31 22:01 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-31 22:01 - 2014-01-31 22:01 - 00000000 ____D () C:\Program Files\Java
2014-01-31 14:54 - 2009-07-14 07:33 - 00434504 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-31 14:50 - 2014-01-31 14:50 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-01-31 14:35 - 2014-01-21 23:31 - 00111912 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-30 17:12 - 2014-01-29 09:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-30 17:12 - 2009-07-14 05:04 - 00000478 ____H () C:\Windows\win.ini
2014-01-30 16:57 - 2014-02-23 12:45 - 00000000 ____D () C:\Users\Pepel\AppData\Local\Microsoft Help
2014-01-30 16:57 - 2014-01-30 16:57 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-30 16:57 - 2014-01-30 16:57 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-30 16:54 - 2014-01-22 17:51 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-01-29 16:33 - 2014-01-29 16:33 - 00000000 ____D () C:\Users\Admin\AppData\Local\Unity
2014-01-29 12:07 - 2014-01-22 18:14 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-01-29 10:12 - 2009-07-14 10:49 - 00000000 ___HD () C:\Windows\ShellNew
2014-01-29 10:11 - 2009-07-14 05:37 - 00000000 ___HD () C:\Program Files\Common Files\microsoft shared
2014-01-29 10:06 - 2014-01-29 10:06 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-01-29 09:31 - 2014-01-29 09:31 - 00000000 ___HD () C:\Program Files\Common Files\DESIGNER
2014-01-29 09:30 - 2014-01-29 09:28 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-01-29 09:28 - 2014-01-29 09:28 - 00000000 ___HD () C:\Windows\PCHEALTH
2014-01-29 09:28 - 2014-01-29 09:24 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-01-29 09:26 - 2009-07-14 05:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-01-29 09:24 - 2014-01-29 09:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Help
2014-01-29 09:24 - 2014-01-29 09:24 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-01-29 09:23 - 2014-01-29 09:23 - 00000000 __RHD () C:\MSOCache
2014-01-29 09:22 - 2014-01-29 09:22 - 00000811 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-01-29 09:22 - 2014-01-29 09:03 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-01-29 09:04 - 2014-01-29 09:04 - 00243128 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-01-29 09:04 - 2014-01-29 09:04 - 00000000 ____D () C:\Users\Admin\AppData\Local\Popajar
2014-01-29 07:23 - 2014-02-22 23:55 - 00227520 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\psping.exe
2014-01-25 12:51 - 2014-01-25 12:51 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canon
2014-01-25 12:51 - 2014-01-25 12:51 - 00000000 ____D () C:\ProgramData\CanonIJScan
2014-01-25 12:50 - 2014-01-25 12:50 - 00002045 _____ () C:\Users\Public\Desktop\MP Navigator EX 2.0.lnk
2014-01-25 12:50 - 2014-01-25 12:50 - 00000000 ___HD () C:\Program Files\Canon
2014-01-24 20:35 - 2014-01-24 20:35 - 00000000 ____D () C:\Windows\system32\Macromed
 
Files to move or delete:
====================
C:\Users\Admin\AppData\Roaming\system.ini
 
 
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\HitmanPro.exe
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-08 02:35
 
==================== End Of Log ============================
 
 
was the fix.txt supposed to disappear?


#11 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 25 February 2014 - 05:24 AM

How is your computer running now? Has it changed to the better or is it still bad?


Please download Combofix (by sUBs) and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start Combofix.exe and follow its instructions.
  • Do not use the computer while the scan is running. This may cause the program to stall.
  • When finished, a log file will be displayed (that can also be found at C:\Combofix.txt).
    Please copy and paste the contents of this file into your next post.
Note: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." after the scan, just restart the computer.
(You can find more detailed instructions in this guide on using Combofix.)

#12 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 12 March 2014 - 12:03 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users