dalsi co naletel na FB vir..

[eyewar]

Ahoj spravil som vsetko co ste zatial poradili len som neposlal tie logy neviem ci je to chyba no tie programiky som postahoval ale pri combofixe to urobi par kontrolnych faz asi aj tych 36 ako bolo v popise a ked to chce vytvarat log nabehne takzvana modra smrt. Najvacsi paradox je ze ten bot bol akurat od ucitelky anglictiny .

prikladam log z RSITU:
Logfile of random's system information tool 1.09 (written by random/random)
Run by pc at 2011-07-26 23:54:04
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 12 GB (2%) free of 477 GB
Total RAM: 3327 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:54:12, on 26.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\WINDOWS\emMON.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
c:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\WINDOWS\update.tray-3-0\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\GamersFirst\LIVE!\Live.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\KWorld Multimedia\EM_USB Device Utilities\EMRCtl.exe
C:\Program Files\Logitech\SetPoint II\SetpointII.exe
C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\update.5.0\svchost.exe
C:\WINDOWS\update.2\svchost.exe
C:\WINDOWS\update.5.0\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\sysdriver32.exe
C:\WINDOWS\system32\svchost.exe
C:\Programy\Tunngle\TnglCtrl.exe
C:\WINDOWS\update.1\svchost.exe
C:\WINDOWS\update.2\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\pc\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\pc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/facesmooch3/{ ... 3342FB2590}
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\FaceSmooch Toolbar\tbhelper.dll
R3 - URLSearchHook: Gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\prxtbGoss.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Gossiper - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\prxtbGoss.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: XfireXO - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - (no file)
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\FaceSmooch Toolbar\tbcore3.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll
O3 - Toolbar: GOM Player + Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - (no file)
O3 - Toolbar: FaceSmooch Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\FaceSmooch Toolbar\tbcore3.dll
O3 - Toolbar: Gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\prxtbGoss.dll
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\Six Engine\SixEngine.exe" -r
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [emMON] emMON.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [tray_ico0] C:\WINDOWS\update.tray-3-0\svchost.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Remote Control.lnk = C:\Program Files\KWorld Multimedia\EM_USB Device Utilities\EMRCtl.exe
O4 - Global Startup: SetPointII.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/stati ... 0.21.0.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8ECB3DC3-6D8D-4789-8AA8-111D6B5A694D}: NameServer = 217.118.96.203,217.118.96.205
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (file missing)
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (file missing)
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate1ca3d78520b2574) (gupdate1ca3d78520b2574) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\pev.cfxxe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: srvbtcclient - Unknown owner - C:\WINDOWS\update.5.0\svchost.exe
O23 - Service: srviecheck - Unknown owner - C:\WINDOWS\update.2\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - C:\WINDOWS\sysdriver32.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Programy\Tunngle\TnglCtrl.exe
O23 - Service: wxpdrivers - Unknown owner - C:\WINDOWS\update.1\svchost.exe

--
End of file - 16635 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-764733703-725345543-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-764733703-725345543-1003UA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.sk"
prefs.js - "extensions.enabledItems" - "anycolor.pavlos256@gmail.com:0.3.3, battlefieldheroespatcher@ea.com:4.0.23.0, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8, {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, personas@christopher.beard:1.6.2, {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:3.3.3.2, youtubedownloader@mybrowserbar.com:4.3, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, toolbar@ask.com:3.11.3.15590, wtxpcom@mybrowserbar.com:4.3, 2020Player@2020Technologies.com:4.5.4.0, engine@conduit.com:3.3.3.2, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94, mozilla_cc@internetdownloadmanager.com:7.2.8, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17, nasanightlaunch@example.com:0.6.20110419, redshift_V2@shift-themes.com:3.6"
prefs.js - "keyword.URL" - "http://slirsredirect.search.aol.com/sli ... pab&query="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@comrade.gamespy.com/comrade]
"Description"=
"Path"=C:\Program Files\GameSpy\Comrade\npcomrade.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@gamersfirst.com/LiveLauncher]
"Description"=GamersFirst LIVE! Web Launcher
"Path"=C:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@idsoftware.com/QuakeLive]
"Description"=
"Path"=C:\Documents and Settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@research.microsoft.com/HDView]
"Description"=Microsoft Research HD View
"Path"=C:\Program Files\Microsoft Research\HD View\nphdview.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
npijjiCHPlugin.xpt
nsILegitCheckPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npDivxPlayerPlugin.dll
npijjiautoinstallpluginff.dll
npijjiCHPlugin.dll
npLegitCheckPlugin.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class
uc_luminary_launching.dll

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml

C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\
2020Player@2020Technologies.com
anycolor.pavlos256@gmail.com
battlefieldheroespatcher@ea.com
personas@christopher.beard
redshift_V2@shift-themes.com
toolbar@ask.com
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
{20a82645-c095-46ed-80e3-08825760534b}
{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}

C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\
askcom.xml
conduit.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-30.xml
icqplugin-31.xml
icqplugin-32.xml
icqplugin-33.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
search.xml
winamp-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0a452a47-c5a8-4854-a237-4b9b06b376f0}]
Gossiper Toolbar - C:\Program Files\Gossiper\prxtbGoss.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
XfireXO Toolbar - C:\Program Files\XfireXO\prxtbXfi2.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
GOM Player + Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-29 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-06-29 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
YouTube Downloader Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files\FaceSmooch Toolbar\tbcore3.dll [2010-02-16 2495488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-02 1018616]
{5e5ab302-7f65-44cd-8211-c1d4caaccea3} - XfireXO Toolbar - C:\Program Files\XfireXO\prxtbXfi2.dll [2011-01-17 175912]
{D4027C7F-154A-4066-A1AD-4243D8127440} - GOM Player + Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
{F3FEE66E-E034-436a-86E4-9690573BEE8A} -
{338B4DFE-2E2C-4338-9E41-E176D497299E} - FaceSmooch Toolbar - C:\Program Files\FaceSmooch Toolbar\tbcore3.dll [2010-02-16 2495488]
{0a452a47-c5a8-4854-a237-4b9b06b376f0} - Gossiper Toolbar - C:\Program Files\Gossiper\prxtbGoss.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2008-03-24 884736]
"Six Engine"=C:\Program Files\ASUS\Six Engine\SixEngine.exe [2008-05-14 5958656]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-07-17 55824]
"VolPanel"=C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe [2008-05-05 221300]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice []
"NPSStartup"= []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd.exe [2003-08-04 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]
"HydraVisionDesktopManager"=C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe [2003-09-15 270336]
"ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]
"itype"=c:\Program Files\Microsoft IntelliType Pro\itype.exe [2010-07-21 1778064]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-03-16 1040384]
"RealTray"=C:\Program Files\Real\RealPlayer\RealPlay.exe [2010-10-30 20480]
"LVCOMS"=C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE [2002-12-10 127022]
"LogitechGalleryRepair"=C:\Program Files\Logitech\ImageStudio\ISStart.exe [2002-12-10 155648]
"LogitechImageStudioTray"=C:\Program Files\Logitech\ImageStudio\LogiTray.exe [2002-12-10 61440]
"emMON"=C:\WINDOWS\emMON.exe [2006-05-31 61440]
""= []
"QuickTime Task"=C:\Program Files\QuickTime Alternative\QTTask.exe [2010-11-29 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-01-25 421160]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-05 98304]
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-05-17 395144]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"tray_ico"= []
"tray_ico0"=C:\WINDOWS\update.tray-3-0\svchost.exe [2011-07-26 1183232]
"tray_ico1"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"RocketDock"=C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-19 630784]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-01-25 102400]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-05-19 1957888]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2010-10-30 16384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files\Camera Assistant Software for ViewSonic\traybar.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd.exe [2003-08-04 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ASUS WiFi-AP @n Utility.lnk]
C:\PROGRA~1\ASUS\WIFI-A~1\WIFI-A~1.EXE [2007-08-15 1224704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2003-09-16 237568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk]
C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2004-06-04 212992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^pc^Start Menu^Programs^Startup^FreeRapid 0.82.lnk]
C:\DOCUME~1\pc\Desktop\FREERA~1.82\frd.exe [2009-04-15 35840]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
GamersFirst LIVE!.lnk - C:\Program Files\GamersFirst\LIVE!\Live.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Remote Control.lnk - C:\Program Files\KWorld Multimedia\EM_USB Device Utilities\EMRCtl.exe
SetPointII.lnk - C:\Program Files\Logitech\SetPoint II\SetpointII.exe

C:\Documents and Settings\pc\Start Menu\Programs\Startup
Alienware Dock.lnk - C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-05-05 188416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCMD"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableSecureUIAPaths"=0
"DisableTaskMgr"=0
"DisableCMD"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\InterVideo\DVD6\WinDVD.exe"="C:\Program Files\InterVideo\DVD6\WinDVD.exe:*:Enabled:WinDVD"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe"="C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI"
"F:\Games\Valves\Steam\SteamApps\common\trackmania nations forever\TmForever.exe"="F:\Games\Valves\Steam\SteamApps\common\trackmania nations forever\TmForever.exe:*:Enabled:TrackMania Nations Forever"
"F:\Games\Valves\Steam\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe"="F:\Games\Valves\Steam\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe:*:Enabled:TrackMania Nations Forever"
"F:\Games\valve\SteamApps\eyewar123\counter-strike\hl.exe"="F:\Games\valve\SteamApps\eyewar123\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\games\Warcraft III\Warcraft III.exe"="C:\games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"D:\Games\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe"="D:\Games\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (CLI)"
"D:\Games\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe"="D:\Games\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (SRV)"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"D:\Games\valve\Steam.exe"="D:\Games\valve\Steam.exe:*:Enabled:Steam"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programy\Garena\Garena.exe"="C:\Programy\Garena\Garena.exe:*:Enabled:Garena"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\games\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\games\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\games\BFHeroes.exe"="C:\games\BFHeroes.exe:*:Enabled:BFHeroes"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Ahead\ODD Toolkit\ODDUpdate.exe"="C:\Program Files\Ahead\ODD Toolkit\ODDUpdate.exe:*:Enabled:AsusUpdate"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\cod4\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\cod4\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Documents and Settings\pc\temp\TeamViewer\Version4\TeamViewer.exe"="C:\Documents and Settings\pc\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\games\HiveRise\HiveRise.exe"="C:\games\HiveRise\HiveRise.exe:*:Enabled:HiveRise"
"D:\Games\Electronic Arts\BattleForge\Bootstrapper.exe"="D:\Games\Electronic Arts\BattleForge\Bootstrapper.exe:*:Enabled:BattleForge™ Launcher"
"D:\Games\Electronic Arts\BattleForge\BattleForge.exe"="D:\Games\Electronic Arts\BattleForge\BattleForge.exe:*:Enabled:BattleForge™"
"D:\Games\supcom\SupCom\Supreme Commander\bin\SupremeCommander.exe"="D:\Games\supcom\SupCom\Supreme Commander\bin\SupremeCommander.exe:*:Enabled:Supreme Commander Application"
"C:\Program Files\GameSpy\Comrade\Comrade.exe"="C:\Program Files\GameSpy\Comrade\Comrade.exe:*:Enabled:Comrade"
"D:\Games\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe"="D:\Games\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4"
"C:\Documents and Settings\pc\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe"="C:\Documents and Settings\pc\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\FirefoxPortable\App\Firefox\firefox.exe"="C:\FirefoxPortable\App\Firefox\firefox.exe:*:Enabled:Firefox"
"D:\Progames\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe"="D:\Progames\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe:*:Enabled:biahh"
"D:\Games\RESIDENT EVIL 5\RE5DX9.EXE"="D:\Games\RESIDENT EVIL 5\RE5DX9.EXE:*:Enabled:RESIDENT EVIL 5"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Messenger\Msmsgs.exe"="C:\Program Files\Messenger\Msmsgs.exe:*:Enabled:Windows Messenger"
"D:\Games\valve\SteamApps\eyewar123\condition zero deleted scenes\hl.exe"="D:\Games\valve\SteamApps\eyewar123\condition zero deleted scenes\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Games\Volition Inc\Red Faction Guerrilla\rfg.exe"="D:\Games\Volition Inc\Red Faction Guerrilla\rfg.exe:*:Enabled:Red Faction: Guerrilla"
"D:\Games\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"="D:\Games\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Games\World of Warcraft\Launcher.exe"="D:\Games\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"D:\Games\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe"="D:\Games\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"D:\Games\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe"="D:\Games\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (CLI)"
"D:\Games\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe"="D:\Games\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (SRV)"
"D:\Games\Mass Effect\Binaries\MassEffect.exe"="D:\Games\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game"
"D:\Games\Mass Effect\MassEffectLauncher.exe"="D:\Games\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher"
"D:\Games\Mass Effect 2\Binaries\MassEffect2.exe"="D:\Games\Mass Effect 2\Binaries\MassEffect2.exe:*:Enabled:Mass Effect 2 Hra"
"D:\Games\Mass Effect 2\MassEffect2Launcher.exe"="D:\Games\Mass Effect 2\MassEffect2Launcher.exe:*:Enabled:Mass Effect 2 Spustit"
"D:\Games\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="D:\Games\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\games\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe"="C:\games\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe:*:Enabled:Tom Clancy's Splinter Cell Conviction"
"C:\games\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe"="C:\games\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe:*:Enabled:Tom Clancy's Splinter Cell Conviction aktualizace"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"C:\games\League of Legends\Air\LolClient.exe"="C:\games\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby"
"C:\games\League of Legends\Game\League of Legends.exe"="C:\games\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"C:\games\World of Warcraft Public Test\Launcher.exe"="C:\games\World of Warcraft Public Test\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\games\World of Warcraft Public Test\Launcher.patch.exe"="C:\games\World of Warcraft Public Test\Launcher.patch.exe:*:Enabled:Blizzard Launcher"
"C:\games\Activision\Modern Warfare 2\iw4mp.exe"="C:\games\Activision\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\Games\valve\SteamApps\common\trackmania nations forever\TmForever.exe"="D:\Games\valve\SteamApps\common\trackmania nations forever\TmForever.exe:*:Enabled:TrackMania Nations Forever"
"D:\Games\valve\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe"="D:\Games\valve\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe:*:Enabled:TrackMania Nations Forever"
"D:\Games\World of Warcraft\Launcher.patch.exe"="D:\Games\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher"
"D:\Games\World of Warcraft\Blizzard Downloader.exe"="D:\Games\World of Warcraft\Blizzard Downloader.exe:*:Enabled:Blizzard Downloader"
"C:\ijji\ENGLISH\GenesisAD\AnotherDay.exe"="C:\ijji\ENGLISH\GenesisAD\AnotherDay.exe:*:Enabled:AnotherDay"
"C:\ijji\ENGLISH\GenesisAD\GameConsole.bin"="C:\ijji\ENGLISH\GenesisAD\GameConsole.bin:*:Enabled:adhost"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:backWeb-8876480"
"C:\Program Files\REACTOR\ijjiOptimizer.exe"="C:\Program Files\REACTOR\ijjiOptimizer.exe:*:Enabled:ijjiOptimizer.exe"
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe"="C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company™ 2"
"D:\Games\Electronic Arts\Medal of Honor\MP\MoHMPGame.exe"="D:\Games\Electronic Arts\Medal of Honor\MP\MoHMPGame.exe:*:Enabled:Medal of Honor: Multiplayer"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"D:\Games\505games\1C\Men of War\mow.exe"="D:\Games\505games\1C\Men of War\mow.exe:*:Disabled:Main executable"
"C:\DeadSpace2 MULTI6\deadspace2.exe"="C:\DeadSpace2 MULTI6\deadspace2.exe:*:Enabled:Dead Space™ 2"
"D:\Games\valve\SteamApps\common\alien swarm\srcds.exe"="D:\Games\valve\SteamApps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server"
"D:\Games\Duty Calls\binaries\Win32\DutyCalls.exe"="D:\Games\Duty Calls\binaries\Win32\DutyCalls.exe:*:Enabled:DutyCalls"
"D:\Games\Paradox Interactive\Magicka\Magicka.exe"="D:\Games\Paradox Interactive\Magicka\Magicka.exe:*:Enabled:Magicka"
"D:\Games\Stunlock Studios\Bloodline Champions\Binary\BloodlineChampions.exe"="D:\Games\Stunlock Studios\Bloodline Champions\Binary\BloodlineChampions.exe:*:Enabled:Bloodline Champions"
"D:\Games\CCP\EVE\bin\ExeFile.exe"="D:\Games\CCP\EVE\bin\ExeFile.exe:*:Enabled:CCP ExeFile"
"C:\Programy\Xfire\Xfire.exe"="C:\Programy\Xfire\Xfire.exe:*:Enabled:Xfire"
"D:\Games\valve\SteamApps\common\r.u.s.e\Ruse.exe"="D:\Games\valve\SteamApps\common\r.u.s.e\Ruse.exe:*:Enabled:R.U.S.E"
"C:\games\World of Warcraft\Launcher.patch.exe"="C:\games\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher"
"D:\Games\valve\SteamApps\common\command and conquer red alert 3\runme.exe"="D:\Games\valve\SteamApps\common\command and conquer red alert 3\runme.exe:*:Enabled:Command and Conquer: Red Alert 3"
"D:\Games\valve\SteamApps\common\command and conquer red alert 3\Support\EA Help\Electronic_Arts_Technical_Support.htm"="D:\Games\valve\SteamApps\common\command and conquer red alert 3\Support\EA Help\Electronic_Arts_Technical_Support.htm:*:Enabled:Command and Conquer: Red Alert 3"
"D:\Games\valve\SteamApps\common\command and conquer red alert 3\Data\ra3_1.12.game"="D:\Games\valve\SteamApps\common\command and conquer red alert 3\Data\ra3_1.12.game:*:Enabled:Command & Conquer™ Red Alert™ 3"
"D:\Games\valve\SteamApps\common\command and conquer red alert 3 uprising\RA3EP1.exe"="D:\Games\valve\SteamApps\common\command and conquer red alert 3 uprising\RA3EP1.exe:*:Enabled:Command and Conquer: Red Alert 3 - Uprising"
"D:\Games\valve\SteamApps\common\command and conquer red alert 3 uprising\Support\EA Help\Electronic_Arts_Technical_Support.htm"="D:\Games\valve\SteamApps\common\command and conquer red alert 3 uprising\Support\EA Help\Electronic_Arts_Technical_Support.htm:*:Enabled:Command and Conquer: Red Alert 3 - Uprising"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Games\Electronic Arts\Crytek\Crysis 2 Demo\bin32\Crysis2Launcher.exe"="D:\Games\Electronic Arts\Crytek\Crysis 2 Demo\bin32\Crysis2Launcher.exe:*:Enabled:Crysis® 2 Demo"
"D:\Games\Electronic Arts\Crytek\Crysis 2 Demo\bin32\Crysis2Demo.exe"="D:\Games\Electronic Arts\Crytek\Crysis 2 Demo\bin32\Crysis2Demo.exe:*:Enabled:Crysis2Demo"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"vidc.XVID"=xvidvfw.dll
"msacm.ac3filter"=ac3filter.acm
"VIDC.ACDV"=ACDV.dll
"MSVideo8"=VfWWDM32.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.XFR1"=xfcodec.dll
"vidc.LEAD"=LCODCCMP.DLL
"VIDC.FPS1"=frapsvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"msacm.voxacm160"=vct3216.acm
"MSVideo"=vfwwdm32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"vidc.mxmc"=MimicICM.DLL
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.MP43"=mpg4c32.dll
"msacm.divxa32"=msaud32_divx.acm
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-07-26 23:54:04 ----D---- C:\rsit
2011-07-26 23:54:04 ----D---- C:\Program Files\trend micro
2011-07-26 23:11:41 ----SD---- C:\ComboFix
2011-07-26 22:46:28 ----A---- C:\Boot.bak
2011-07-26 22:46:23 ----RASHD---- C:\cmdcons
2011-07-26 22:44:30 ----A---- C:\WINDOWS\zip.exe
2011-07-26 22:44:30 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-07-26 22:44:30 ----A---- C:\WINDOWS\SWSC.exe
2011-07-26 22:44:30 ----A---- C:\WINDOWS\SWREG.exe
2011-07-26 22:44:30 ----A---- C:\WINDOWS\sed.exe
2011-07-26 22:44:30 ----A---- C:\WINDOWS\PEV.exe
2011-07-26 22:44:30 ----A---- C:\WINDOWS\NIRCMD.exe
2011-07-26 22:44:30 ----A---- C:\WINDOWS\MBR.exe
2011-07-26 22:44:30 ----A---- C:\WINDOWS\grep.exe
2011-07-26 22:44:24 ----D---- C:\WINDOWS\ERDNT
2011-07-26 22:40:57 ----D---- C:\Qoobox
2011-07-26 16:38:05 ----D---- C:\WINDOWS\ufa
2011-07-26 16:38:05 ----D---- C:\WINDOWS\rpcminer
2011-07-26 16:38:05 ----D---- C:\WINDOWS\phoenix
2011-07-26 16:18:54 ----A---- C:\WINDOWS\iecheck_iplist.txt
2011-07-26 16:18:48 ----A---- C:\WINDOWS\l1rezerv.exe
2011-07-26 16:18:14 ----HD---- C:\WINDOWS\update.2
2011-07-26 16:17:07 ----A---- C:\WINDOWS\btc_client_iplist.txt
2011-07-26 16:16:35 ----A---- C:\WINDOWS\unrar.exe
2011-07-26 16:16:15 ----HD---- C:\WINDOWS\update.5.0
2011-07-26 16:15:35 ----A---- C:\WINDOWS\iplist.txt
2011-07-26 16:15:21 ----A---- C:\WINDOWS\sysdriver32_.exe
2011-07-26 16:15:07 ----A---- C:\WINDOWS\sysdriver32.exe
2011-07-26 16:14:51 ----A---- C:\WINDOWS\front_ip_list.txt
2011-07-26 16:14:18 ----D---- C:\WINDOWS\av_ico
2011-07-26 16:11:45 ----HD---- C:\WINDOWS\update.1
2011-07-26 16:11:23 ----HD---- C:\WINDOWS\update.tray-3-0
2011-07-26 16:11:22 ----HD---- C:\WINDOWS\update.tray-3-0-lnk
2011-07-26 15:57:39 ----A---- C:\WINDOWS\winlog-ids.txt
2011-07-26 15:57:39 ----A---- C:\WINDOWS\winlog-dirs.txt
2011-07-26 15:57:32 ----A---- C:\WINDOWS\services32.exe
2011-07-20 16:12:14 ----A---- C:\APB_Reloaded_Installer.exe
2011-07-20 15:47:56 ----D---- C:\Program Files\GamersFirst
2011-07-19 17:26:14 ----D---- C:\Documents and Settings\pc\Application Data\Might & Magic Heroes VI - Public Closed Beta
2011-07-17 19:31:22 ----ASH---- C:\pagefile.sys
2011-07-16 05:49:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-16 05:45:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-07-05 03:43:30 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2011-07-05 01:03:42 ----D---- C:\menofwar1.90.4
2011-07-04 17:19:18 ----D---- C:\Super.Street.Fighter.IV.Arcade.Edition-SKIDROW
2011-07-03 22:25:31 ----D---- C:\terrariaverzia
2011-07-03 22:06:04 ----A---- C:\WINDOWS\system32\Access.dat
2011-07-03 21:53:55 ----D---- C:\Documents and Settings\pc\Application Data\Tunngle
2011-07-03 21:53:55 ----D---- C:\Documents and Settings\All Users\Application Data\Tunngle
2011-07-03 21:53:51 ----A---- C:\WINDOWS\system32\drivers\tap0901t.sys
2011-07-03 20:46:35 ----D---- C:\Men.of.War.Assault.Squad-SKIDROW
2011-06-29 17:53:52 ----D---- C:\crackalice
2011-06-29 17:45:19 ----D---- C:\Crack
2011-06-29 10:09:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
2011-06-28 22:36:27 ----D---- C:\Alice.Madness.Returns.Crackfix-SKIDROW

======List of files/folders modified in the last 1 month======

2011-07-26 23:54:04 ----D---- C:\Program Files
2011-07-26 23:52:28 ----D---- C:\Documents and Settings\pc\Application Data\Skype
2011-07-26 23:52:11 ----D---- C:\WINDOWS\Temp
2011-07-26 23:26:49 ----AD---- C:\WINDOWS
2011-07-26 23:19:17 ----D---- C:\WINDOWS\system32\drivers
2011-07-26 23:19:17 ----D---- C:\WINDOWS\system32
2011-07-26 23:19:17 ----D---- C:\WINDOWS\AppPatch
2011-07-26 23:19:15 ----D---- C:\Program Files\Common Files
2011-07-26 23:12:10 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-26 23:11:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-26 22:46:28 ----RASH---- C:\boot.ini
2011-07-26 22:35:37 ----D---- C:\Program Files\Mozilla Firefox
2011-07-26 16:21:39 ----SHD---- C:\System Volume Information
2011-07-26 16:21:39 ----D---- C:\WINDOWS\system32\Restore
2011-07-26 16:19:01 ----D---- C:\WINDOWS\Prefetch
2011-07-26 16:18:32 ----D---- C:\WINDOWS\system32\drivers\etc
2011-07-26 09:18:48 ----D---- C:\OA
2011-07-26 04:43:08 ----D---- C:\Documents and Settings\pc\Application Data\PriceGong
2011-07-26 04:25:49 ----D---- C:\Documents and Settings\All Users\Application Data\PMB Files
2011-07-26 03:24:45 ----D---- C:\WINDOWS\system32\config
2011-07-25 22:51:41 ----D---- C:\Documents and Settings\pc\Application Data\Mumble
2011-07-25 15:03:29 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2011-07-25 01:40:28 ----SHD---- C:\WINDOWS\Installer
2011-07-25 01:40:26 ----RD---- C:\Program Files\Skype
2011-07-25 01:40:24 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2011-07-25 01:40:09 ----D---- C:\Documents and Settings\All Users\Application Data\Easybits GO
2011-07-25 01:40:01 ----D---- C:\Documents and Settings\pc\Application Data\go
2011-07-22 16:02:58 ----D---- C:\WINDOWS\Debug
2011-07-22 08:58:47 ----A---- C:\WINDOWS\wincmd.ini
2011-07-21 23:05:31 ----D---- C:\Program Files\TeamSpeak 3 Client
2011-07-20 19:00:26 ----D---- C:\Program Files\REACTOR
2011-07-20 17:33:54 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2011-07-20 17:33:50 ----D---- C:\WINDOWS\system32\DirectX
2011-07-20 17:33:49 ----HD---- C:\WINDOWS\inf
2011-07-20 17:18:17 ----D---- C:\games
2011-07-20 04:05:56 ----A---- C:\WINDOWS\NeroDigital.ini
2011-07-19 17:21:29 ----RSD---- C:\WINDOWS\assembly
2011-07-19 17:21:03 ----D---- C:\WINDOWS\WinSxS
2011-07-19 17:17:03 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-16 17:13:13 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-07-16 05:49:26 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-16 05:46:32 ----A---- C:\WINDOWS\system32\MRT.exe
2011-07-16 05:46:23 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2011-07-13 09:29:44 ----HD---- C:\WINDOWS\$hf_mig$
2011-07-13 00:02:43 ----D---- C:\Documents and Settings\All Users\Application Data\Skype Extras
2011-07-10 06:20:18 ----D---- C:\Documents and Settings\pc\Application Data\uTorrent
2011-07-05 23:17:56 ----D---- C:\Program Files\Zrychlenie PC
2011-07-05 18:38:52 ----D---- C:\Documents and Settings\pc\Application Data\Xfire
2011-07-03 21:55:02 ----D---- C:\Programy
2011-07-03 21:53:51 ----RSD---- C:\WINDOWS\Fonts
2011-06-29 10:10:00 ----D---- C:\Program Files\Microsoft Office

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mv61xx;mv61xx; C:\WINDOWS\system32\DRIVERS\mv61xx.sys [2008-05-19 150568]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-06-10 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-09-29 66048]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 appdrv01;Application Driver (01); C:\WINDOWS\System32\Drivers\appdrv01.sys [2010-04-13 2627760]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2008-08-20 9072]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2008-08-20 9200]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-11-16 55768]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-04-19 279712]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-11-16 135048]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-04-19 25888]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-03-24 331264]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-05-05 6537728]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2011-03-30 101392]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-06-19 33096]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-07-17 34960]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-07-17 36240]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-02-26 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2009-04-16 10368]
R3 PhilCam8116;Logitech QuickCam Pro 3000(PID_08B0); C:\WINDOWS\system32\DRIVERS\CamDrL21.sys [2002-12-10 236121]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\WINDOWS\system32\DRIVERS\vcsvad.sys [2008-12-26 17792]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-08-15 265856]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 catchme;catchme; \??\C:\DOCUME~1\pc\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ESLvnic1;ESLvnic Virtual Network 32 Bit; C:\WINDOWS\system32\DRIVERS\ESLvnic.sys [2010-01-21 24504]
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\pc\LOCALS~1\Temp\UGM8BE4.tmp []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Programy\Garena\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-02-26 51056]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-02-26 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-02-26 21488]
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2007-06-18 23680]
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2007-07-28 517632]
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\WINDOWS\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\WINDOWS\system32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\WINDOWS\system32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 s616bus;Sony Ericsson Device 616 driver (WDM); C:\WINDOWS\system32\DRIVERS\s616bus.sys [2007-04-03 83208]
S3 skfilt;skfilt; C:\WINDOWS\system32\drivers\skfilt.sys [2008-02-12 1670016]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys [2008-01-25 25088]
S3 USB28xxBGA;USB 2870 Device; C:\WINDOWS\system32\DRIVERS\emBDA.sys [2006-09-12 292864]
S3 USB28xxOEM;USB 28xx OEM Filter; C:\WINDOWS\system32\DRIVERS\emOEM.sys [2006-08-22 7168]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-09-28 41984]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-01-05 37664]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-05-05 643072]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-04-30 417792]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-07-24 53248]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-07-20 75136]
R2 srvbtcclient;srvbtcclient; C:\WINDOWS\update.5.0\svchost.exe [2011-07-26 348672]
R2 srviecheck;srviecheck; C:\WINDOWS\update.2\svchost.exe [2011-07-26 495616]
R2 srvsysdriver32;srvsysdriver32; C:\WINDOWS\sysdriver32.exe [2011-07-26 256000]
R2 TunngleService;TunngleService; C:\Programy\Tunngle\TnglCtrl.exe [2011-07-15 741624]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 wxpdrivers;wxpdrivers; C:\WINDOWS\update.1\svchost.exe [2011-07-26 1183232]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-01-25 820008]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\WINDOWS\System32\appdrvrem01.exe [2010-04-13 316888]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-09-25 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe []
S2 gupdate1ca3d78520b2574;Služba Google Update (gupdate1ca3d78520b2574); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-25 133104]
S2 PEVSystemStart;PEVSystemStart; C:\ComboFix\pev.cfxxe [2011-06-26 256000]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-08-25 79360]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe []
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-25 133104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2010-03-14 3613896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-02-26 65795]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[motji]

Dobrý večer

Stáhněte Roguekiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
-ukončete všechny spuštěné programy
-spusťte program, pro visty/win 7 spustte pravým tlačítkem myši - jako správce
-použijte volbu 2 - enter
-pak použijte postupně i volby 3,4,5
-vložte zde logy



Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[eyewar]

Toto je ten prvy
RogueKiller V5.2.8 [07/23/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: pc [Admin rights]
Mode: Remove -- Date : 07/26/2011 22:37:24

Bad processes: 7
[SVCHOST] svchost.exe -- c:\windows\update.5.0\svchost.exe -> KILLED
[SUSP PATH] sysdriver32.exe -- c:\windows\sysdriver32.exe -> KILLED
[SVCHOST] svchost.exe -- c:\windows\update.2\svchost.exe -> KILLED
[SUSP PATH] emMON.exe -- c:\windows\emmon.exe -> KILLED
[SVCHOST] svchost.exe -- c:\windows\update.tray-3-0\svchost.exe -> KILLED
[SUSP PATH] l1rezerv.exe -- c:\windows\l1rezerv.exe -> KILLED
[SUSP PATH] TempIadHide3.dll -- C:\DOCUME~1\pc\LOCALS~1\TempIadHide3.dll -> UNLOADED

Registry Entries: 12
[SUSP PATH] HKLM\[...]\Run : wxpdrv (C:\WINDOWS\services32.exe) -> DELETED
[SUSP PATH] HKLM\[...]\Run : sysdriver32.exe ("C:\WINDOWS\sysdriver32.exe" rezerv) -> DELETED
[SUSP PATH] HKLM\[...]\Run : sysdriver32_.exe ("C:\WINDOWS\sysdriver32_.exe" rezerv) -> DELETED
[SUSP PATH] HKLM\[...]\Run : 1855253.exe ("C:\WINDOWS\TEMP\1855253.exe") -> DELETED
[SUSP PATH] HKLM\[...]\Run : l1rezerv.exe ("C:\WINDOWS\l1rezerv.exe") -> DELETED
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

HOSTS File:
127.0.0.1 localhost
127.0.0.1 vkontakte.ru
127.0.0.1 http://www.vkontakte.ru
127.0.0.1 login.vk.com
127.0.0.1 vk.com
127.0.0.1 http://www.vk.com
127.0.0.1 odnoklassniki.ru
127.0.0.1 http://www.odnoklassniki.ru
127.0.0.1 facebook.com
127.0.0.1 http://www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 de-de.facebook.com
[...]


Finished : << RKreport[1].txt >>
RKreport[1].txt

Druhy:
RogueKiller V5.2.8 [07/23/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: pc [Admin rights]
Mode: HOSTSFix -- Date : 07/26/2011 22:37:56

Bad processes: 0

HOSTS File:
127.0.0.1 localhost
127.0.0.1 vkontakte.ru
127.0.0.1 http://www.vkontakte.ru
127.0.0.1 login.vk.com
127.0.0.1 vk.com
127.0.0.1 http://www.vk.com
127.0.0.1 odnoklassniki.ru
127.0.0.1 http://www.odnoklassniki.ru
127.0.0.1 facebook.com
127.0.0.1 http://www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 de-de.facebook.com
[...]


Resetted HOSTS:
127.0.0.1 localhost

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

treti:
RogueKiller V5.2.8 [07/23/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: pc [Admin rights]
Mode: ProxyFix -- Date : 07/26/2011 22:38:52

Bad processes: 0

Registry Entries: 0

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

stvrti:
RogueKiller V5.2.8 [07/23/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: pc [Admin rights]
Mode: DNSFix -- Date : 07/27/2011 00:11:48

Bad processes: 6
[SUSP PATH] TempIadHide3.dll -- C:\DOCUME~1\pc\LOCALS~1\TempIadHide3.dll -> UNLOADED
[SUSP PATH] emMON.exe -- c:\windows\emmon.exe -> KILLED
[SVCHOST] svchost.exe -- c:\windows\update.tray-3-0\svchost.exe -> KILLED
[SVCHOST] svchost.exe -- c:\windows\update.5.0\svchost.exe -> KILLED
[SUSP PATH] sysdriver32.exe -- c:\windows\sysdriver32.exe -> KILLED
[SVCHOST] svchost.exe -- c:\windows\update.2\svchost.exe -> KILLED

Registry Entries: 0

Finished : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

Po skoro 3 hodinach
LOG MBAM:

Malwarebytes' Anti-Malware 1.50
http://www.malwarebytes.org

Verze databáze: 7287

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

27.7.2011 2:54:55
mbam-log-2011-07-27 (02-54-43).txt

Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 562536
Uplynulý čas: 2 hodin, 38 minut, 3 sekund

Infikované procesy v paměti: 3
Infikované moduly v paměti: 0
Infikované klíče v registru: 10
Infikované hodnoty v registru: 3
Infikované datové položky v registru: 0
Infikované složky: 1
Infikované soubory: 31

Infikované procesy v paměti:
c:\WINDOWS\update.1\svchost.exe (Backdoor.Delf) -> 3784 -> No action taken.
c:\WINDOWS\update.2\svchost.exe (Backdoor.Agent) -> 1988 -> No action taken.
c:\WINDOWS\update.5.0\svchost.exe (Trojan.Downloader) -> 300 -> No action taken.

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpdrivers (Backdoor.Delf) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvsysdriver32 (Trojan.Delf) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srviecheck (Backdoor.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvbtcclient (Trojan.Downloader) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\sysdriver32.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\systeminfog (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\SERVICES32.EXE (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SRVSYSDRIVER32 (Trojan.Agent) -> No action taken.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico0 (Backdoor.Delf) -> Value: tray_ico0 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Services32.exe\close (Trojan.Agent) -> Value: close -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpDrivers\ImagePath (Trojan.Agent) -> Value: ImagePath -> No action taken.

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
c:\WINDOWS\rpcminer (Trojan.BCMiner) -> No action taken.

Infikované soubory:
c:\WINDOWS\update.1\svchost.exe (Backdoor.Delf) -> No action taken.
c:\WINDOWS\update.tray-3-0\svchost.exe (Backdoor.Delf) -> No action taken.
c:\terraria.v1.0.2.cracked-theta\nfoviewer.exe (Malware.Packer.Krunchy) -> No action taken.
c:\documents and settings\pc\Desktop\rk_quarantine\services32.exe.vir (Backdoor.Delf) -> No action taken.
c:\documents and settings\pc\my documents\preberanie\flash-player(1).exe (Backdoor.Delf) -> No action taken.
c:\documents and settings\pc\my documents\preberanie\flash-player(2).exe (Backdoor.Delf) -> No action taken.
c:\documents and settings\pc\my documents\preberanie\flash-player(3).exe (Backdoor.Delf) -> No action taken.
c:\documents and settings\pc\my documents\preberanie\flash-player.exe (Backdoor.Delf) -> No action taken.
c:\WINDOWS\services32.exe (Backdoor.Delf) -> No action taken.
c:\WINDOWS\$ntservicepackuninstall$\iexplore.exe (Trojan.FakeMS) -> No action taken.
c:\WINDOWS\update.tray-3-0-lnk\svchost.exe (Backdoor.Delf) -> No action taken.
d:\terraria\terraria.v1.0.1.cracked-theta\nfoviewer.exe (Malware.Packer.Krunchy) -> No action taken.
c:\WINDOWS\l1rezerv.exe (Trojan.Agent) -> No action taken.
c:\WINDOWS\sysdriver32.exe (Trojan.Delf) -> No action taken.
c:\WINDOWS\sysdriver32_.exe (Trojan.Delf) -> No action taken.
c:\WINDOWS\update.2\svchost.exe (Backdoor.Agent) -> No action taken.
c:\WINDOWS\update.5.0\svchost.exe (Trojan.Downloader) -> No action taken.
c:\WINDOWS\rpcminer\bitcoinmineropencl.cl (Trojan.BCMiner) -> No action taken.
c:\WINDOWS\rpcminer\bitcoinminercuda_10.cubin (Trojan.BCMiner) -> No action taken.
c:\WINDOWS\rpcminer\bitcoinminercuda_11.cubin (Trojan.BCMiner) -> No action taken.
c:\WINDOWS\rpcminer\bitcoinminercuda_20.cubin (Trojan.BCMiner) -> No action taken.
c:\WINDOWS\rpcminer\cudart32_32_16.dll (Trojan.BCMiner) -> No action taken.
c:\WINDOWS\rpcminer\curllib.dll (Trojan.BCMiner) -> No action taken.
c:\WINDOWS\rpcminer\libeay32.dll (Trojan.BCMiner) -> No action taken.
c:\WINDOWS\rpcminer\libsasl.dll (Trojan.BCMiner) -> No action taken.
c:\WINDOWS\rpcminer\openldap.dll (Trojan.BCMiner) -> No action taken.
c:\WINDOWS\rpcminer\rpcminer-4way.exe (Trojan.BCMiner) -> No action taken.
c:\WINDOWS\rpcminer\rpcminer-cpu.exe (Trojan.BCMiner) -> No action taken.
c:\WINDOWS\rpcminer\rpcminer-cuda.exe (Trojan.BCMiner) -> No action taken.
c:\WINDOWS\rpcminer\rpcminer-opencl.exe (Trojan.BCMiner) -> No action taken.
c:\WINDOWS\rpcminer\ssleay32.dll (Trojan.BCMiner) -> No action taken.

[motji]

V mbamu vše smažte.
Pak napište, jestli jde pc v normálním režimu.

[eyewar]

tak pocitac som resetoval chcem sa spytat mam skusit spustit ten ESET?! asi tym si to overim ci som sa toho zbavil... ako mne pocitac isiel celkom v pohode celu noc len poobede to robilo nejake zmatky a ku veceru.

[motji]

Zkuste, ale nemyslím si že by to už bylo v pořádku

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
ws2_32.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys
Changer.sys
fastfat.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
/md5stop

C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5 

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

[eyewar]

tak som na to klikol a ukazuje mi ze ten subor neexistuje uz nenabieha ten hnusny cerveny enhanced mode

[motji]

Udělejte ten OTL

[eyewar]

ma to moc vela znakov ako vam (ti) to pripojim pripojit subor ako textovy nejde :/

[motji]

Rozdělejte to do více příspěvků

[eyewar]

OTL logfile created on: 27.7.2011 9:38:31 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\pc\My Documents\Preberanie
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 71,30% Memory free
7,09 Gb Paging File | 6,19 Gb Available in Paging File | 87,30% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 10,97 Gb Free Space | 2,36% Space Free | Partition Type: NTFS
Drive D: | 465,75 Gb Total Space | 7,16 Gb Free Space | 1,54% Space Free | Partition Type: NTFS
Drive F: | 5,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: MATRIX | User Name: pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.07.27 09:37:18 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pc\My Documents\Preberanie\OTL.exe
PRC - [2011.07.20 15:48:15 | 003,071,384 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2011.07.15 03:14:44 | 000,741,624 | ---- | M] (Tunngle.net GmbH) -- C:\Programy\Tunngle\TnglCtrl.exe
PRC - [2011.06.30 22:21:10 | 002,588,784 | ---- | M] (GamersFirst) -- C:\Program Files\GamersFirst\LIVE!\Live.exe
PRC - [2011.06.27 22:51:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.03.21 23:10:00 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.10.30 14:22:50 | 000,020,480 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe
PRC - [2010.10.30 14:21:06 | 000,016,384 | ---- | M] () -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
PRC - [2010.06.02 16:58:20 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.01.25 00:57:29 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2009.03.31 10:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008.05.14 18:42:56 | 005,958,656 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
PRC - [2008.04.30 04:27:50 | 000,417,792 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2008.04.14 02:12:19 | 000,975,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.03.19 00:05:02 | 000,630,784 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
PRC - [2006.10.05 14:05:51 | 000,090,112 | ---- | M] (Kworld Computer Co., Ltd.) -- C:\Program Files\KWorld Multimedia\EM_USB Device Utilities\EMRCtl.exe
PRC - [2006.10.03 17:12:08 | 002,074,360 | ---- | M] (Stardock) -- C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
PRC - [2006.05.31 06:24:20 | 000,061,440 | ---- | M] (eMPIA Technology, Inc.) -- C:\WINDOWS\emMON.exe
PRC - [2006.05.21 09:43:14 | 000,155,648 | ---- | M] (Y'z@Home) -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
PRC - [2006.05.21 09:43:08 | 000,180,224 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
PRC - [2005.05.12 11:02:24 | 000,437,760 | ---- | M] (Stardock Systems, Inc) -- C:\Program Files\AlienGUIse\wbload.exe
PRC - [2003.08.04 17:28:18 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd.exe


========== Modules (SafeList) ==========

MOD - [2011.07.27 09:37:18 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pc\My Documents\Preberanie\OTL.exe
MOD - [2010.10.30 14:21:06 | 000,024,576 | ---- | M] (BackWeb) -- C:\Documents and Settings\pc\Local Settings\TempIadHide3.dll
MOD - [2010.08.23 18:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2007.03.19 00:04:22 | 000,069,632 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
MOD - [2006.08.08 14:09:54 | 000,501,821 | ---- | M] (Stardock.Net, Inc) -- C:\Program Files\AlienGUIse\wblind.dll
MOD - [2006.08.01 21:16:56 | 000,020,480 | ---- | M] () -- C:\Program Files\AlienGUIse\AlienwareDock\DockShellHookOEM.dll
MOD - [2006.05.21 09:43:14 | 000,053,248 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll
MOD - [2006.05.21 09:43:08 | 000,065,536 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
MOD - [2003.02.26 22:24:32 | 000,028,740 | ---- | M] (Stardock.Net, Inc) -- C:\Program Files\AlienGUIse\wbhelp.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (wuauserv)
SRV - File not found [Auto | Stopped] -- -- (PEVSystemStart)
SRV - File not found [Auto | Stopped] -- -- (ekrn)
SRV - File not found [On_Demand | Stopped] -- -- (EhttpSrv)
SRV - [2011.07.15 03:14:44 | 000,741,624 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Programy\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2010.06.02 16:58:20 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.04.13 02:26:55 | 000,316,888 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\WINDOWS\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2010.03.14 21:46:00 | 003,613,896 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009.08.25 09:33:04 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2009.03.31 10:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008.04.30 04:27:50 | 000,417,792 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008.04.07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2004.02.26 12:56:42 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2011.05.05 08:06:16 | 006,537,728 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2011.03.30 20:46:12 | 000,101,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010.04.13 02:26:56 | 002,627,760 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2010.04.12 10:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010.02.11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2010.01.21 11:48:38 | 000,024,504 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ESLvnic.sys -- (ESLvnic1)
DRV - [2009.11.16 10:06:48 | 000,055,768 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2009.11.16 10:06:44 | 000,135,048 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2009.11.16 10:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.11.16 09:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009.09.16 08:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV - [2009.06.19 09:10:40 | 000,033,096 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2009.04.19 06:05:32 | 000,279,712 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.04.19 06:01:18 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.04.16 12:50:04 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2009.03.31 10:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 11:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 11:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009.03.20 11:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.12.26 12:56:04 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV - [2008.08.20 19:58:58 | 000,009,200 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2008.08.20 19:58:58 | 000,009,072 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2008.05.19 09:46:30 | 000,150,568 | R--- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mv61xx.sys -- (mv61xx)
DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008.02.12 04:50:56 | 001,670,016 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\skfilt.sys -- (skfilt)
DRV - [2008.01.25 11:12:34 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2007.12.17 11:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2007.09.17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.08.15 10:22:00 | 000,265,856 | R--- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007.07.28 14:50:36 | 000,517,632 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2007.07.17 17:40:20 | 000,036,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007.07.17 17:40:14 | 000,034,960 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007.06.29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007.06.18 20:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007.04.03 14:57:54 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116unic.sys -- (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM)
DRV - [2007.04.03 14:57:52 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116obex.sys -- (s116obex)
DRV - [2007.04.03 14:57:52 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116nd5.sys -- (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS)
DRV - [2007.04.03 14:57:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mgmt.sys -- (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM)
DRV - [2007.04.03 14:57:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mdm.sys -- (s116mdm)
DRV - [2007.04.03 14:57:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mdfl.sys -- (s116mdfl)
DRV - [2007.04.03 14:57:42 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM)
DRV - [2007.04.03 13:59:30 | 000,083,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s616bus.sys -- (s616bus) Sony Ericsson Device 616 driver (WDM)
DRV - [2006.09.12 22:21:46 | 000,292,864 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2006.08.22 00:38:46 | 000,007,168 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2006.03.17 11:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005.09.29 19:01:51 | 000,066,048 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.08.10 16:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.08.13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2002.12.10 17:53:24 | 000,236,121 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CamDrL21.sys -- (PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/facesmooch3/{ ... 3342FB2590}
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1220945662-764733703-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-1220945662-764733703-725345543-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1220945662-764733703-725345543-1003\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-1220945662-764733703-725345543-1003\..\URLSearchHook: {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\prxtbGoss.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1220945662-764733703-725345543-1003\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1220945662-764733703-725345543-1003\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1220945662-764733703-725345543-1003\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\FaceSmooch Toolbar\tbhelper.dll ()
IE - HKU\S-1-5-21-1220945662-764733703-725345543-1003\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - Reg Error: Value error. File not found
IE - HKU\S-1-5-21-1220945662-764733703-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1220945662-764733703-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.sk"
FF - prefs.js..extensions.enabledItems: anycolor.pavlos256@gmail.com:0.3.3
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.23.0
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:3.3.3.2
FF - prefs.js..extensions.enabledItems: youtubedownloader@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: 2020Player@2020Technologies.com:4.5.4.0
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.2.8
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20110419
FF - prefs.js..extensions.enabledItems: redshift_V2@shift-themes.com:3.6
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/sli ... pab&query="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@comrade.gamespy.com/comrade: C:\Program Files\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\Documents and Settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@research.microsoft.com/HDView: C:\Program Files\Microsoft Research\HD View\nphdview.dll (Microsoft Research)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Documents and Settings\pc\Application Data\Octoshape\Octoshape Streaming Services\sua-1002170-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\pc\Local Settings\Application Data\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\pc\Local Settings\Application Data\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\pc\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\www.floatingminds.com/Tunnelers: C:\games\Tunnelers\npTunnelers.dll (Floating Minds)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.04.16 21:10:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.04.16 21:10:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.27 22:51:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.06 15:53:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\pc\Application Data\IDM\idmmzcc3

[2009.09.06 07:22:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pc\Application Data\Mozilla\Extensions
[2009.09.06 07:22:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pc\Application Data\Mozilla\Extensions\prism@developer.mozilla.org
[2011.07.07 21:04:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions
[2011.06.28 12:33:45 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010.06.29 15:02:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.06.28 12:33:47 | 000,000,000 | ---D | M] (XfireXO Community Toolbar) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2011.03.22 19:50:03 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.12.28 01:33:21 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\2020Player@2020Technologies.com
[2010.08.25 15:13:52 | 000,000,000 | ---D | M] (AnyColor) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\anycolor.pavlos256@gmail.com
[2009.09.16 17:08:12 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\battlefieldheroespatcher@ea.com
[2011.03.22 19:50:03 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\personas@christopher.beard
[2010.11.20 00:49:44 | 000,000,000 | ---D | M] (RedShift V3.6) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\redshift_V2@shift-themes.com
[2011.05.27 17:00:29 | 000,000,000 | ---D | M] (GOM Player + Ask Toolbar) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\toolbar@ask.com
[2011.07.26 23:28:13 | 000,002,396 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\askcom.xml
[2010.04.21 12:06:36 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\conduit.xml
[2011.07.23 07:32:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-1.xml
[2010.02.05 15:53:13 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-10.xml
[2010.02.07 05:26:59 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-11.xml
[2010.02.19 18:46:59 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-12.xml
[2010.03.13 20:26:20 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-13.xml
[2010.03.24 02:57:23 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-14.xml
[2010.04.03 13:03:35 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-15.xml
[2010.05.30 04:15:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-16.xml
[2010.06.27 22:34:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-17.xml
[2010.06.27 22:35:29 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-18.xml
[2010.07.21 04:18:00 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-19.xml
[2009.07.27 14:13:57 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-2.xml
[2010.07.25 05:57:18 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-20.xml
[2010.09.08 14:29:42 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-21.xml
[2010.09.17 21:46:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-22.xml
[2010.09.17 22:32:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-23.xml
[2010.10.21 04:50:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-24.xml
[2010.10.29 05:44:49 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-25.xml
[2010.11.16 08:17:29 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-26.xml
[2010.12.11 22:23:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-27.xml
[2011.03.03 01:28:05 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-28.xml
[2011.03.06 23:07:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-29.xml
[2009.08.04 16:15:13 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-3.xml
[2011.03.11 10:43:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-30.xml
[2011.03.24 00:52:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-31.xml
[2011.04.30 08:32:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-32.xml
[2011.05.07 03:14:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-33.xml
[2009.09.02 06:29:59 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-4.xml
[2009.09.06 10:21:56 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-5.xml
[2009.10.28 20:46:19 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-6.xml
[2009.11.06 04:54:08 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-7.xml
[2009.12.17 03:00:20 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-8.xml
[2010.01.07 05:09:29 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-9.xml
[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin.xml
[2011.03.30 17:50:36 | 000,002,380 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\search.xml
[2009.08.08 09:18:06 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\winamp-search.xml
[2011.05.06 15:53:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.04.21 20:43:40 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.07.14 02:01:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
File not found (No name found) --
[2009.04.17 01:58:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.06.27 22:51:04 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.07.27 17:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
[2009.01.29 13:08:06 | 000,132,528 | ---- | M] (NHN USA Inc.) -- C:\Program Files\mozilla firefox\plugins\npijjiCHPlugin.dll
[2009.03.31 18:43:32 | 000,053,248 | ---- | M] (<NHN USA Inc>.) -- C:\Program Files\mozilla firefox\plugins\uc_luminary_launching.dll
[2010.01.01 10:00:00 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2010.01.01 10:00:00 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2010.01.01 10:00:00 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2010.01.01 10:00:00 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2010.01.01 10:00:00 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2010.01.01 10:00:00 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2011.07.27 03:27:46 | 000,203,160 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 vkontakte.ru
O1 - Hosts: 127.0.0.1 www.vkontakte.ru
O1 - Hosts: 127.0.0.1 login.vk.com
O1 - Hosts: 127.0.0.1 vk.com
O1 - Hosts: 127.0.0.1 www.vk.com
O1 - Hosts: 127.0.0.1 odnoklassniki.ru
O1 - Hosts: 127.0.0.1 www.odnoklassniki.ru
O1 - Hosts: 127.0.0.1 facebook.com
O1 - Hosts: 127.0.0.1 www.facebook.com
O1 - Hosts: 127.0.0.1 af-za.facebook.com
O1 - Hosts: 127.0.0.1 az-az.facebook.com
O1 - Hosts: 127.0.0.1 id-id.facebook.com
O1 - Hosts: 127.0.0.1 ms-my.facebook.com
O1 - Hosts: 127.0.0.1 bs-ba.facebook.com
O1 - Hosts: 127.0.0.1 ca-es.facebook.com
O1 - Hosts: 127.0.0.1 cs-cz.facebook.com
O1 - Hosts: 127.0.0.1 cy-gb.facebook.com
O1 - Hosts: 127.0.0.1 da-dk.facebook.com
O1 - Hosts: 127.0.0.1 de-de.facebook.com
O1 - Hosts: 127.0.0.1 et-ee.facebook.com
O1 - Hosts: 127.0.0.1 en-gb.facebook.com
O1 - Hosts: 127.0.0.1 es-la.facebook.com
O1 - Hosts: 127.0.0.1 eo-eo.facebook.com
O1 - Hosts: 127.0.0.1 eu-es.facebook.com
O1 - Hosts: 50060 more lines...
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Gossiper Toolbar) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\prxtbGoss.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll (Conduit Ltd.)
O2 - BHO: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - Reg Error: Value error. File not found
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\FaceSmooch Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Gossiper Toolbar) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\prxtbGoss.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (FaceSmooch Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\FaceSmooch Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - Reg Error: Value error. File not found
O3 - HKU\S-1-5-21-1220945662-764733703-725345543-1003\..\Toolbar\WebBrowser: (Gossiper Toolbar) - {0A452A47-C5A8-4854-A237-4B9B06B376F0} - C:\Program Files\Gossiper\prxtbGoss.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1220945662-764733703-725345543-1003\..\Toolbar\WebBrowser: (FaceSmooch Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\FaceSmooch Toolbar\tbcore3.dll ()
O3 - HKU\S-1-5-21-1220945662-764733703-725345543-1003\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files\XfireXO\prxtbXfi2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1220945662-764733703-725345543-1003\..\Toolbar\WebBrowser: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [egui] File not found
O4 - HKLM..\Run: [emMON] C:\WINDOWS\emMON.exe (eMPIA Technology, Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime Alternative\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Six Engine] C:\Program Files\ASUS\Six Engine\SixEngine.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-1220945662-764733703-725345543-1003..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-1220945662-764733703-725345543-1003..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe ()
O4 - HKU\S-1-5-21-1220945662-764733703-725345543-1003..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - HKU\S-1-5-21-1220945662-764733703-725345543-1003..\Run: [RocketDock] C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe (GamersFirst)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Remote Control.lnk = C:\Program Files\KWorld Multimedia\EM_USB Device Utilities\EMRCtl.exe (Kworld Computer Co., Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SetPointII.lnk = C:\Program Files\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\pc\Start Menu\Programs\Startup\Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe (Stardock)
O4 - Startup: C:\Documents and Settings\pc\Start Menu\Programs\Startup\RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Documents and Settings\pc\Start Menu\Programs\Startup\TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe (AKSoftware)
O4 - Startup: C:\Documents and Settings\pc\Start Menu\Programs\Startup\UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe ()
O4 - Startup: C:\Documents and Settings\pc\Start Menu\Programs\Startup\Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe (Y'z@Home)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1220945662-764733703-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1220945662-764733703-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/stati ... 0.21.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\WB: DllName - C:\Program Files\AlienGUIse\fastload.dll - C:\Program Files\AlienGUIse\fastload.dll (Stardock)
O24 - Desktop WallPaper: C:\yodm3d\desktopwallpaper0.bmp
O24 - Desktop BackupWallPaper: C:\yodm3d\desktopwallpaper0.bmp
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.04.16 11:32:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.02.10 03:55:59 | 000,423,304 | R--- | M] (Electronic Arts) - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2010.02.10 08:21:09 | 000,000,000 | R--D | M] - F:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2010.01.31 10:21:13 | 000,367,686 | R--- | M] () - F:\Autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2010.02.10 04:55:03 | 009,965,568 | R--- | M] () - F:\autorun.dat -- [ CDFS ]
O32 - AutoRun File - [2010.02.10 04:54:55 | 000,000,155 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{71a40a41-45b1-11e0-8c0a-0022151b9c82}\Shell - "" = AutoRun
O33 - MountPoints2\{71a40a41-45b1-11e0-8c0a-0022151b9c82}\Shell\AutoRun\command - "" = "M:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{a1a45761-2f86-11de-88b2-0022151b9223}\Shell\AutoRun\command - "" = Iexplores.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: wuauserv - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: VIDC.ACDV - C:\WINDOWS\System32\ACDV.dll (ACD Systems)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: vidc.mxmc - C:\WINDOWS\System32\MimicICM.dll ()
Drivers32: VIDC.XFR1 - C:\WINDOWS\System32\xfcodec.dll ()
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011.07.27 00:13:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Application Data\Malwarebytes
[2011.07.27 00:13:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.07.27 00:13:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.07.27 00:13:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011.07.27 00:13:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.07.27 00:13:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.07.26 23:54:04 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.07.26 23:54:04 | 000,000,000 | ---D | C] -- C:\rsit
[2011.07.26 23:11:41 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011.07.26 22:46:23 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.07.26 22:44:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.07.26 22:44:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.07.26 22:44:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.07.26 22:44:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.07.26 22:44:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.07.26 22:40:57 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.07.26 22:37:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Desktop\RK_Quarantine
[2011.07.26 16:38:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\ufa
[2011.07.26 16:38:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\phoenix
[2011.07.26 16:18:14 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.2
[2011.07.26 16:16:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\WinRAR
[2011.07.26 16:16:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.5.0
[2011.07.26 16:14:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\av_ico
[2011.07.26 16:11:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.1
[2011.07.26 16:11:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-3-0
[2011.07.26 16:11:22 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-3-0-lnk
[2011.07.25 01:40:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011.07.20 16:12:14 | 078,078,224 | ---- | C] (K2 Network, Inc.) -- C:\APB_Reloaded_Installer.exe
[2011.07.20 15:49:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Local Settings\Application Data\GamersFirst LIVE!
[2011.07.20 15:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Desktop\GamersFirst
[2011.07.20 15:47:56 | 000,000,000 | ---D | C] -- C:\Program Files\GamersFirst
[2011.07.19 17:26:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Application Data\Might & Magic Heroes VI - Public Closed Beta
[2011.07.19 14:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Local Settings\Application Data\CrashRpt
[2011.07.19 14:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\My Documents\Arktos
[2011.07.19 14:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Local Settings\Application Data\Arktos
[2011.07.16 05:42:45 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\pc\Recent
[2011.07.06 02:24:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Start Menu\Programs\Curse
[2011.07.05 03:43:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011.07.05 01:03:42 | 000,000,000 | ---D | C] -- C:\menofwar1.90.4
[2011.07.05 00:50:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\1C Company
[2011.07.04 17:19:18 | 000,000,000 | ---D | C] -- C:\Super.Street.Fighter.IV.Arcade.Edition-SKIDROW
[2011.07.03 22:25:31 | 000,000,000 | ---D | C] -- C:\terrariaverzia
[2011.07.03 21:53:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\My Documents\Tunngle
[2011.07.03 21:53:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Application Data\Tunngle
[2011.07.03 21:53:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tunngle
[2011.07.03 21:53:51 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\WINDOWS\System32\drivers\tap0901t.sys
[2011.07.03 21:53:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Tunngle
[2011.07.03 21:53:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Tunngle
[2011.07.03 20:46:35 | 000,000,000 | ---D | C] -- C:\Men.of.War.Assault.Squad-SKIDROW
[2011.06.30 21:13:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Start Menu\Programs\Perpetuum
[2011.06.29 17:53:52 | 000,000,000 | ---D | C] -- C:\crackalice
[2011.06.29 17:45:19 | 000,000,000 | ---D | C] -- C:\Crack
[2011.06.28 22:36:27 | 000,000,000 | ---D | C] -- C:\Alice.Madness.Returns.Crackfix-SKIDROW
[2010.06.02 05:22:02 | 001,801,048 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2010.06.02 05:22:02 | 000,537,432 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe
[2010.06.02 05:22:02 | 000,089,944 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[2010.02.26 16:39:22 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\pc\Application Data\pcouffin.sys
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.07.27 09:39:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.07.27 09:32:06 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011.07.27 09:28:00 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.27 09:24:02 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.07.27 09:23:25 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.27 09:23:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.07.27 09:10:00 | 000,001,004 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-764733703-725345543-1003UA.job
[2011.07.27 09:01:00 | 000,000,228 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011.07.27 03:27:46 | 000,203,160 | -H-- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.07.27 03:27:46 | 000,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hîsts
[2011.07.26 23:27:31 | 000,001,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SkypeSetupFull.exe
[2011.07.26 23:26:49 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2011.07.26 22:46:28 | 000,000,343 | RHS- | M] () -- C:\boot.ini
[2011.07.26 22:34:02 | 000,000,149 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\rk-proxy.reg
[2011.07.26 16:38:04 | 005,589,370 | ---- | M] () -- C:\WINDOWS\phoenix.rar
[2011.07.26 16:38:04 | 000,246,272 | ---- | M] () -- C:\WINDOWS\unrar.exe
[2011.07.26 16:38:04 | 000,182,617 | ---- | M] () -- C:\WINDOWS\ufa.rar
[2011.07.26 16:38:03 | 001,075,284 | ---- | M] () -- C:\WINDOWS\rpcminer.rar
[2011.07.26 16:20:07 | 000,000,157 | ---- | M] () -- C:\WINDOWS\info1
[2011.07.26 16:16:35 | 000,904,792 | ---- | M] () -- C:\WINDOWS\geoiplist.rar
[2011.07.26 16:15:41 | 000,000,000 | ---- | M] () -- C:\WINDOWS\loader2.exe_ok
[2011.07.26 16:11:55 | 000,000,227 | ---- | M] () -- C:\Boot.bak
[2011.07.25 23:25:49 | 000,002,563 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\Word.lnk
[2011.07.25 19:10:00 | 000,000,952 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-764733703-725345543-1003Core.job
[2011.07.25 15:03:37 | 000,141,200 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011.07.25 15:03:29 | 000,281,656 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2011.07.25 01:47:05 | 000,281,656 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2011.07.22 08:58:47 | 000,002,692 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011.07.20 17:34:18 | 000,138,056 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\PnkBstrK.sys
[2011.07.20 17:11:49 | 3816,745,337 | ---- | M] () -- C:\Client1.5.1.565640.7z
[2011.07.20 17:11:48 | 078,078,224 | ---- | M] (K2 Network, Inc.) -- C:\APB_Reloaded_Installer.exe
[2011.07.20 15:48:02 | 000,000,807 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2011.07.20 15:48:02 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GamersFirst LIVE!.lnk
[2011.07.20 13:26:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.07.20 04:05:56 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.07.19 17:22:01 | 000,001,890 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Might & Magic Heroes VI - Public Closed Beta.lnk
[2011.07.19 17:21:11 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011.07.19 14:10:05 | 000,000,174 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\WarInc.url
[2011.07.17 03:24:20 | 004,636,907 | ---- | M] () -- C:\WINDOWS\geoiplist
[2011.07.16 17:12:25 | 000,000,593 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2011.07.16 17:12:24 | 000,000,575 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Tunngle beta.lnk
[2011.07.16 05:52:12 | 000,307,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.07.16 02:05:03 | 000,222,720 | ---- | M] () -- C:\Documents and Settings\pc\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.06 02:24:56 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\Curse Client.appref-ms
[2011.07.05 18:24:09 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat
[2011.07.05 00:50:23 | 000,001,821 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\Men of War. Assault Squad.lnk
[2011.07.04 17:10:08 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.07.03 13:13:43 | 000,000,457 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\BABKA 70-tka.lnk
[2011.07.02 21:21:24 | 001,083,411 | ---- | M] () -- C:\WoWScrnShot_070211_212053.jpg
[2011.07.02 00:21:03 | 000,170,209 | ---- | M] () -- C:\New home.jpg
[2011.07.01 16:12:45 | 511,420,100 | ---- | M] () -- C:\babka 70-tka.rar
[2011.06.30 21:13:54 | 000,000,540 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\Perpetuum.lnk
[2011.06.30 21:13:54 | 000,000,540 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Perpetuum.lnk
[2011.06.27 14:47:15 | 000,000,205 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\Team Fortress 2.url
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[eyewar]

========== Files Created - No Company Name ==========

[2011.07.27 09:39:33 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.07.26 22:46:28 | 000,000,227 | ---- | C] () -- C:\Boot.bak
[2011.07.26 22:46:25 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011.07.26 22:44:30 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.07.26 22:44:30 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.07.26 22:44:30 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.07.26 22:44:30 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.07.26 22:44:30 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.07.26 22:34:02 | 000,000,149 | ---- | C] () -- C:\Documents and Settings\pc\Desktop\rk-proxy.reg
[2011.07.26 16:38:04 | 005,589,370 | ---- | C] () -- C:\WINDOWS\phoenix.rar
[2011.07.26 16:38:04 | 000,182,617 | ---- | C] () -- C:\WINDOWS\ufa.rar
[2011.07.26 16:38:03 | 001,075,284 | ---- | C] () -- C:\WINDOWS\rpcminer.rar
[2011.07.26 16:16:36 | 004,636,907 | ---- | C] () -- C:\WINDOWS\geoiplist
[2011.07.26 16:16:35 | 000,904,792 | ---- | C] () -- C:\WINDOWS\geoiplist.rar
[2011.07.26 16:16:35 | 000,246,272 | ---- | C] () -- C:\WINDOWS\unrar.exe
[2011.07.26 16:16:15 | 000,000,157 | ---- | C] () -- C:\WINDOWS\info1
[2011.07.26 16:15:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\loader2.exe_ok
[2011.07.26 16:14:43 | 000,001,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SkypeSetupFull.exe
[2011.07.25 01:40:26 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011.07.20 16:12:14 | 3816,745,337 | ---- | C] () -- C:\Client1.5.1.565640.7z
[2011.07.20 15:48:02 | 000,000,807 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2011.07.20 15:48:02 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GamersFirst LIVE!.lnk
[2011.07.19 17:22:01 | 000,001,890 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Might & Magic Heroes VI - Public Closed Beta.lnk
[2011.07.19 14:06:50 | 000,000,174 | ---- | C] () -- C:\Documents and Settings\pc\Desktop\WarInc.url
[2011.07.17 19:31:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2011.07.05 00:50:23 | 000,001,821 | ---- | C] () -- C:\Documents and Settings\pc\Desktop\Men of War. Assault Squad.lnk
[2011.07.03 22:06:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2011.07.03 21:53:51 | 000,000,593 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2011.07.03 21:53:51 | 000,000,575 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Tunngle beta.lnk
[2011.07.03 13:13:49 | 000,000,457 | ---- | C] () -- C:\Documents and Settings\pc\Desktop\BABKA 70-tka.lnk
[2011.07.02 21:20:45 | 001,083,411 | ---- | C] () -- C:\WoWScrnShot_070211_212053.jpg
[2011.07.02 00:20:34 | 000,170,209 | ---- | C] () -- C:\New home.jpg
[2011.07.01 12:43:12 | 511,420,100 | ---- | C] () -- C:\babka 70-tka.rar
[2011.06.30 21:13:54 | 000,000,540 | ---- | C] () -- C:\Documents and Settings\pc\Desktop\Perpetuum.lnk
[2011.06.30 21:13:54 | 000,000,540 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Perpetuum.lnk
[2011.06.27 14:47:15 | 000,000,205 | ---- | C] () -- C:\Documents and Settings\pc\Desktop\Team Fortress 2.url
[2011.05.25 20:26:41 | 000,000,311 | ---- | C] () -- C:\WINDOWS\game.ini
[2011.05.16 05:54:59 | 000,046,658 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\room.dat
[2011.04.08 13:28:58 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2011.04.05 22:09:48 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011.02.28 17:22:01 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ra3.ini
[2011.02.09 07:13:16 | 000,050,372 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011.02.07 10:12:06 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\pc\Local Settings\Application Data\SRDownloader.nast
[2011.01.28 12:06:10 | 000,323,856 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010.12.28 15:53:42 | 002,601,752 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_moh.exe
[2010.10.30 14:25:41 | 000,000,241 | ---- | C] () -- C:\WINDOWS\QSync.INI
[2010.10.30 14:25:05 | 000,011,653 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010.10.30 14:23:35 | 000,000,744 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2010.10.30 14:23:07 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\MimicICM.dll
[2010.10.30 14:21:06 | 000,081,920 | R--- | C] () -- C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe
[2010.08.04 20:51:33 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010.08.04 20:51:32 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010.07.27 04:09:26 | 000,001,899 | ---- | C] () -- C:\WINDOWS\TVEpaDrv.ini
[2010.07.27 03:35:49 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2010.07.06 17:40:11 | 000,038,872 | ---- | C] () -- C:\WINDOWS\hpomdl03.dat
[2010.07.06 17:40:11 | 000,029,363 | ---- | C] () -- C:\WINDOWS\hpoins03.dat
[2010.07.06 17:39:27 | 000,565,248 | R--- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2010.07.06 16:47:24 | 000,038,872 | ---- | C] () -- C:\WINDOWS\hpomdl03.dat.temp
[2010.07.06 16:47:24 | 000,029,363 | ---- | C] () -- C:\WINDOWS\hpoins03.dat.temp
[2010.06.02 05:22:54 | 001,412,902 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab
[2010.06.02 05:22:54 | 001,127,217 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab
[2010.06.02 05:22:54 | 000,273,960 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x64.cab
[2010.06.02 05:22:54 | 000,272,611 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x86.cab
[2010.06.02 05:22:54 | 000,182,361 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x64.cab
[2010.06.02 05:22:54 | 000,138,017 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x86.cab
[2010.06.02 05:22:54 | 000,086,037 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab
[2010.06.02 05:22:54 | 000,045,359 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab
[2010.06.02 05:22:52 | 001,906,878 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x64.cab
[2010.06.02 05:22:52 | 001,550,796 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x86.cab
[2010.06.02 05:22:52 | 000,965,421 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x86.cab
[2010.06.02 05:22:52 | 000,121,794 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x64.cab
[2010.06.02 05:22:52 | 000,092,684 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x86.cab
[2010.06.02 05:22:52 | 000,054,522 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x64.cab
[2010.06.02 05:22:52 | 000,021,851 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x86.cab
[2010.06.02 05:22:50 | 000,994,154 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x64.cab
[2010.06.02 05:22:50 | 000,196,762 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x64.cab
[2010.06.02 05:22:50 | 000,148,264 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x86.cab
[2010.06.02 05:22:50 | 000,046,144 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab
[2010.06.02 05:22:50 | 000,018,496 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab
[2010.06.02 05:22:48 | 001,802,058 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x64.cab
[2010.06.02 05:22:48 | 001,709,360 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x86.cab
[2010.06.02 05:22:48 | 000,864,600 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x64.cab
[2010.06.02 05:22:48 | 000,803,884 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x86.cab
[2010.06.02 05:22:48 | 000,273,018 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x86.cab
[2010.06.02 05:22:46 | 000,275,044 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x64.cab
[2010.06.02 05:22:46 | 000,121,506 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x64.cab
[2010.06.02 05:22:46 | 000,092,740 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x86.cab
[2010.06.02 05:22:38 | 000,054,600 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x64.cab
[2010.06.02 05:22:38 | 000,021,298 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x86.cab
[2010.06.02 05:22:36 | 001,973,702 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x64.cab
[2010.06.02 05:22:36 | 001,612,446 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x86.cab
[2010.06.02 05:22:36 | 001,067,160 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x64.cab
[2010.06.02 05:22:36 | 001,040,745 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x86.cab
[2010.06.02 05:22:36 | 000,251,194 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x64.cab
[2010.06.02 05:22:36 | 000,226,250 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x86.cab
[2010.06.02 05:22:36 | 000,122,336 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x64.cab
[2010.06.02 05:22:36 | 000,093,734 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x86.cab
[2010.06.02 05:22:34 | 001,769,862 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab
[2010.06.02 05:22:34 | 001,443,282 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab
[2010.06.02 05:22:34 | 000,818,260 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab
[2010.06.02 05:22:34 | 000,055,058 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab
[2010.06.02 05:22:34 | 000,021,867 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab
[2010.06.02 05:22:32 | 000,937,246 | ---- | C] () -- C:\Program Files\Jun2010_d3dx9_43_x64.cab
[2010.06.02 05:22:32 | 000,844,884 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab
[2010.06.02 05:22:32 | 000,768,036 | ---- | C] () -- C:\Program Files\Jun2010_d3dx9_43_x86.cab
[2010.06.02 05:22:32 | 000,278,060 | ---- | C] () -- C:\Program Files\Jun2010_XAudio_x86.cab
[2010.06.02 05:22:32 | 000,277,338 | ---- | C] () -- C:\Program Files\Jun2010_XAudio_x64.cab
[2010.06.02 05:22:32 | 000,124,596 | ---- | C] () -- C:\Program Files\Jun2010_XACT_x64.cab
[2010.06.02 05:22:32 | 000,093,686 | ---- | C] () -- C:\Program Files\Jun2010_XACT_x86.cab
[2010.06.02 05:22:30 | 000,762,188 | ---- | C] () -- C:\Program Files\Jun2010_d3dcsx_43_x86.cab
[2010.06.02 05:22:30 | 000,235,955 | ---- | C] () -- C:\Program Files\Jun2010_d3dx10_43_x64.cab
[2010.06.02 05:22:30 | 000,197,283 | ---- | C] () -- C:\Program Files\Jun2010_d3dx10_43_x86.cab
[2010.06.02 05:22:30 | 000,138,205 | ---- | C] () -- C:\Program Files\Jun2010_d3dx11_43_x64.cab
[2010.06.02 05:22:30 | 000,109,445 | ---- | C] () -- C:\Program Files\Jun2010_d3dx11_43_x86.cab
[2010.06.02 05:22:28 | 000,944,460 | ---- | C] () -- C:\Program Files\Jun2010_D3DCompiler_43_x64.cab
[2010.06.02 05:22:28 | 000,931,471 | ---- | C] () -- C:\Program Files\Jun2010_D3DCompiler_43_x86.cab
[2010.06.02 05:22:28 | 000,752,783 | ---- | C] () -- C:\Program Files\Jun2010_d3dcsx_43_x64.cab
[2010.06.02 05:22:20 | 000,269,024 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x86.cab
[2010.06.02 05:22:18 | 001,792,608 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x64.cab
[2010.06.02 05:22:18 | 001,463,878 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x86.cab
[2010.06.02 05:22:18 | 000,867,828 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x64.cab
[2010.06.02 05:22:18 | 000,849,919 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x86.cab
[2010.06.02 05:22:18 | 000,269,628 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x64.cab
[2010.06.02 05:22:18 | 000,152,909 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x86.cab
[2010.06.02 05:22:18 | 000,121,054 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x64.cab
[2010.06.02 05:22:18 | 000,093,128 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x86.cab
[2010.06.02 05:22:18 | 000,055,154 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x64.cab
[2010.06.02 05:22:18 | 000,021,905 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x86.cab
[2010.06.02 05:22:16 | 001,607,774 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab
[2010.06.02 05:22:16 | 001,607,286 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab
[2010.06.02 05:22:16 | 001,064,925 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab
[2010.06.02 05:22:16 | 000,699,044 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab
[2010.06.02 05:22:16 | 000,698,472 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab
[2010.06.02 05:22:16 | 000,197,122 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x64.cab
[2010.06.02 05:22:16 | 000,180,785 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x64.cab
[2010.06.02 05:22:16 | 000,133,671 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x86.cab
[2010.06.02 05:22:14 | 001,336,002 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab
[2010.06.02 05:22:14 | 000,277,191 | ---- | C] () -- C:\Program Files\Feb2010_XAudio_x86.cab
[2010.06.02 05:22:14 | 000,276,960 | ---- | C] () -- C:\Program Files\Feb2010_XAudio_x64.cab
[2010.06.02 05:22:14 | 000,122,446 | ---- | C] () -- C:\Program Files\Feb2010_XACT_x64.cab
[2010.06.02 05:22:14 | 000,093,180 | ---- | C] () -- C:\Program Files\Feb2010_XACT_x86.cab
[2010.06.02 05:22:12 | 000,194,675 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x64.cab
[2010.06.02 05:22:12 | 000,147,983 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x86.cab
[2010.06.02 05:22:12 | 000,054,678 | ---- | C] () -- C:\Program Files\Feb2010_X3DAudio_x64.cab
[2010.06.02 05:22:12 | 000,020,713 | ---- | C] () -- C:\Program Files\Feb2010_X3DAudio_x86.cab
[2010.06.02 05:22:10 | 000,178,359 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x64.cab
[2010.06.02 05:22:10 | 000,132,409 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x86.cab
[2010.06.02 05:22:04 | 001,084,720 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab
[2010.06.02 05:22:02 | 001,574,376 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab
[2010.06.02 05:22:02 | 001,362,796 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab
[2010.06.02 05:22:02 | 001,247,499 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab
[2010.06.02 05:22:02 | 001,013,225 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab
[2010.06.02 05:22:02 | 000,192,475 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x64.cab
[2010.06.02 05:22:02 | 000,145,599 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x86.cab
[2010.06.02 05:22:02 | 000,094,011 | ---- | C] () -- C:\Program Files\dxupdate.cab
[2010.06.02 05:22:02 | 000,042,410 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab
[2010.06.02 05:22:00 | 001,571,154 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab
[2010.06.02 05:22:00 | 001,357,976 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab
[2010.06.02 05:22:00 | 001,079,456 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab
[2010.06.02 05:22:00 | 000,273,264 | ---- | C] () -- C:\Program Files\Aug2009_XAudio_x64.cab
[2010.06.02 05:22:00 | 000,272,642 | ---- | C] () -- C:\Program Files\Aug2009_XAudio_x86.cab
[2010.06.02 05:22:00 | 000,212,807 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab
[2010.06.02 05:22:00 | 000,191,720 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab
[2010.06.02 05:22:00 | 000,122,408 | ---- | C] () -- C:\Program Files\Aug2009_XACT_x64.cab
[2010.06.02 05:22:00 | 000,093,106 | ---- | C] () -- C:\Program Files\Aug2009_XACT_x86.cab
[2010.06.02 05:21:58 | 000,930,116 | ---- | C] () -- C:\Program Files\Aug2009_d3dx9_42_x64.cab
[2010.06.02 05:21:58 | 000,728,456 | ---- | C] () -- C:\Program Files\Aug2009_d3dx9_42_x86.cab
[2010.06.02 05:21:58 | 000,232,635 | ---- | C] () -- C:\Program Files\Aug2009_d3dx10_42_x64.cab
[2010.06.02 05:21:58 | 000,192,131 | ---- | C] () -- C:\Program Files\Aug2009_d3dx10_42_x86.cab
[2010.06.02 05:21:58 | 000,136,301 | ---- | C] () -- C:\Program Files\Aug2009_d3dx11_42_x64.cab
[2010.06.02 05:21:58 | 000,105,044 | ---- | C] () -- C:\Program Files\Aug2009_d3dx11_42_x86.cab
[2010.06.02 05:21:56 | 003,319,740 | ---- | C] () -- C:\Program Files\Aug2009_d3dcsx_42_x86.cab
[2010.06.02 05:21:56 | 003,112,111 | ---- | C] () -- C:\Program Files\Aug2009_d3dcsx_42_x64.cab
[2010.06.02 05:21:56 | 000,900,598 | ---- | C] () -- C:\Program Files\Aug2009_D3DCompiler_42_x86.cab
[2010.06.02 05:21:46 | 000,919,044 | ---- | C] () -- C:\Program Files\Aug2009_D3DCompiler_42_x64.cab
[2010.06.02 05:21:46 | 000,271,412 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x64.cab
[2010.06.02 05:21:46 | 000,271,038 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x86.cab
[2010.06.02 05:21:44 | 001,794,084 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x64.cab
[2010.06.02 05:21:44 | 001,464,672 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x86.cab
[2010.06.02 05:21:44 | 000,849,167 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x86.cab
[2010.06.02 05:21:44 | 000,198,096 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x64.cab
[2010.06.02 05:21:44 | 000,153,012 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x86.cab
[2010.06.02 05:21:44 | 000,121,772 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x64.cab
[2010.06.02 05:21:44 | 000,092,996 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x86.cab
[2010.06.02 05:21:42 | 001,800,160 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab
[2010.06.02 05:21:42 | 001,708,152 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab
[2010.06.02 05:21:42 | 000,867,612 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x64.cab
[2010.06.02 05:21:42 | 000,852,286 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab
[2010.06.02 05:21:42 | 000,796,867 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab
[2010.06.02 05:21:40 | 001,350,542 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab
[2010.06.02 05:21:40 | 001,077,644 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab
[2010.06.02 05:21:40 | 000,182,903 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x64.cab
[2010.06.02 05:21:40 | 000,137,235 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x86.cab
[2010.06.02 05:21:40 | 000,087,142 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x64.cab
[2010.06.02 05:21:40 | 000,053,302 | ---- | C] () -- C:\Program Files\APR2007_xinput_x86.cab
[2010.06.02 05:21:40 | 000,046,058 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x86.cab
[2010.06.02 05:21:38 | 001,606,039 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab
[2010.06.02 05:21:38 | 000,195,766 | ---- | C] () -- C:\Program Files\APR2007_XACT_x64.cab
[2010.06.02 05:21:38 | 000,151,225 | ---- | C] () -- C:\Program Files\APR2007_XACT_x86.cab
[2010.06.02 05:21:38 | 000,096,817 | ---- | C] () -- C:\Program Files\APR2007_xinput_x64.cab
[2010.06.02 05:21:36 | 001,607,358 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab
[2010.06.02 05:21:36 | 000,698,612 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab
[2010.06.02 05:21:36 | 000,695,865 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab
[2010.06.02 05:21:34 | 000,046,010 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab
[2010.06.02 05:21:20 | 000,087,101 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab
[2010.06.02 05:21:18 | 004,162,630 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab
[2010.06.02 05:21:18 | 000,916,430 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab
[2010.06.02 05:21:18 | 000,179,133 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab
[2010.06.02 05:21:18 | 000,133,103 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab
[2010.06.02 05:21:16 | 001,397,830 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab
[2010.06.02 05:21:16 | 001,347,354 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab
[2010.06.02 05:21:16 | 001,115,221 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab
[2010.06.02 05:21:16 | 001,078,962 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab
[2010.04.14 21:57:14 | 002,434,856 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_bc2.exe
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2010.03.07 04:49:57 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\setup_ldm.iss
[2010.02.26 16:39:22 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\inst.exe
[2010.02.26 16:39:22 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\pcouffin.cat
[2010.02.26 16:39:22 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\pcouffin.inf
[2009.12.18 05:54:37 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009.12.18 05:54:37 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009.12.18 05:54:29 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\$_hpcst$.hpc
[2009.12.01 22:57:01 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009.09.06 10:59:07 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009.08.29 21:31:22 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.08.25 09:34:38 | 000,024,825 | ---- | C] () -- C:\WINDOWS\System32\xfisk.ini
[2009.08.25 09:34:38 | 000,000,052 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2009.08.25 09:34:28 | 000,151,040 | ---- | C] () -- C:\WINDOWS\System32\KSXPPI32.dll
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009.07.13 00:51:54 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2009.07.13 00:51:54 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2009.06.19 15:33:37 | 000,141,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.06.19 15:33:37 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\PnkBstrK.sys
[2009.06.19 15:33:20 | 000,281,656 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009.06.19 15:33:18 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009.06.19 15:33:17 | 002,373,712 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2009.05.31 03:16:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2009.05.23 03:11:39 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2009.04.30 13:49:44 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.04.30 13:49:42 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.04.23 16:13:33 | 000,000,010 | ---- | C] () -- C:\WINDOWS\System32\wfxhelp21.dll
[2009.04.19 06:01:19 | 000,279,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.04.19 06:01:18 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.04.18 06:07:06 | 000,106,097 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2009.04.17 13:44:07 | 000,000,056 | ---- | C] () -- C:\WINDOWS\wb.ini
[2009.04.17 07:04:00 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.04.17 01:55:43 | 000,002,692 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.04.17 01:49:09 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\pc\Local Settings\Application Data\fusioncache.dat
[2009.04.16 19:03:53 | 000,000,061 | ---- | C] () -- C:\WINDOWS\VSWizard.ini
[2009.04.16 18:18:56 | 000,222,720 | ---- | C] () -- C:\Documents and Settings\pc\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.16 13:24:10 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.04.16 13:23:12 | 000,307,600 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.04.16 12:56:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009.04.16 12:49:00 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.04.16 12:49:00 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.04.16 12:43:42 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009.04.16 12:43:42 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009.04.16 12:43:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009.04.16 12:43:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009.04.16 12:43:42 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009.04.16 12:43:42 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009.04.16 12:43:11 | 000,831,600 | ---- | C] () -- C:\WINDOWS\System32\Ctaa1.dat
[2009.04.16 12:43:11 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\cddvdint.dll
[2009.04.16 12:40:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.04.16 12:38:46 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009.04.16 12:38:34 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009.04.16 12:38:34 | 000,233,012 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009.04.16 12:03:49 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2009.04.16 12:03:49 | 000,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2009.04.16 12:03:47 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2009.04.16 12:03:47 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2009.04.16 11:44:15 | 000,041,615 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009.04.16 11:44:09 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009.04.16 11:43:56 | 000,041,160 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.04.16 11:43:56 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009.04.16 11:33:45 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009.04.16 11:30:24 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007.10.25 18:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007.07.27 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2007.07.27 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2007.07.27 14:00:00 | 000,497,052 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2007.07.27 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2007.07.27 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2007.07.27 14:00:00 | 000,085,536 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2007.07.27 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2007.07.27 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2007.07.27 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2007.07.27 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2007.07.27 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2007.07.27 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002.03.21 15:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[1999.01.27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997.06.13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2009.04.16 12:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2009.06.09 23:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acoustica
[2011.06.26 09:13:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BCR
[2011.02.07 10:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2010.12.28 20:51:41 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\DSS
[2011.03.24 16:05:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Core
[2011.07.25 01:40:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2010.12.19 23:43:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010.06.16 19:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2009.09.01 09:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\id Software
[2010.10.23 12:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009.12.18 06:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011.07.27 08:09:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011.06.08 17:40:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Recisio
[2010.10.18 17:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Screentime
[2011.03.26 21:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Solidshield
[2011.06.05 15:20:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs
[2011.01.26 16:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tages
[2011.07.05 18:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010.10.20 13:17:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania
[2011.07.03 22:23:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle
[2010.10.23 12:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2010.10.12 23:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2010.02.26 17:04:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2010.11.22 03:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.03.17 14:45:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.04.16 12:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\ACD Systems
[2009.06.09 23:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Acoustica
[2011.06.12 16:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Avnex
[2010.09.03 06:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Bioshock
[2010.08.01 04:42:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Bioshock2
[2010.09.18 11:02:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Codemasters
[2010.06.29 14:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\com.fox.simpsons.simpsonsgags.8DB2FB41E3AF9617470F9C3E78FDAAA51EF66383.1
[2009.04.22 21:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Consultia
[2011.03.30 15:29:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Darkfall
[2011.03.31 07:28:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\DarksporeData
[2011.04.16 21:13:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\DDMSettings
[2011.06.02 03:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\DMCache
[2009.12.03 09:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\ESET
[2010.10.30 14:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\FotoWire
[2009.11.01 18:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\GARMIN
[2011.06.12 17:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\GetRightToGo
[2011.07.25 01:40:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\go
[2009.07.28 03:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\HiveRise
[2011.06.13 00:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\ICQ
[2009.06.24 21:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\id Software
[2011.06.03 01:17:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\IDM
[2010.11.10 00:52:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\ijjigame
[2009.04.16 12:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\InterVideo
[2009.12.18 05:35:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\LG Electronics
[2010.08.10 00:44:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\LolClient
[2011.07.21 00:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Might & Magic Heroes VI - Public Closed Beta
[2011.01.09 18:16:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Mount&Blade Warband
[2011.07.25 22:51:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Mumble
[2009.08.29 01:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Octoshape
[2009.04.22 19:09:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\OtakuSoftware
[2009.12.18 06:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\PC Suite
[2011.06.10 05:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\PFStaticIP
[2011.07.27 08:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\PriceGong
[2009.09.06 10:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Prism
[2011.02.28 20:04:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Red Alert 3
[2011.03.01 08:21:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Red Alert 3 Uprising
[2011.02.15 19:54:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\RIFT
[2011.01.22 21:00:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Runscanner.net
[2009.12.18 05:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Samsung
[2011.02.17 23:57:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Search Settings
[2009.07.27 20:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\TeamViewer
[2009.04.22 19:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Thinking Minds Budiling Bytes
[2009.04.16 11:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\TMP
[2011.03.30 17:50:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Toolbar4
[2010.03.17 18:19:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\TS3Client
[2011.07.24 17:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Tunngle
[2009.12.01 06:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Ubisoft
[2009.04.18 05:10:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Uniblue
[2011.02.02 05:11:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Unity
[2011.07.10 06:20:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\uTorrent
[2009.07.06 19:14:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\VitySoft
[2010.02.26 16:39:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Vso
[2010.11.22 19:25:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\W
[2010.11.22 19:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\wargaming.net
[2009.09.06 10:19:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\WebApps
[2009.05.29 03:04:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\WeGame
[2009.05.01 18:51:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\XRay Engine
[2010.06.27 22:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\YouTube Downloader
[2011.07.27 09:01:00 | 000,000,228 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 02:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation)
"RocketDock" = "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" -- [2007.03.19 00:05:02 | 000,630,784 | ---- | M] ()
"AutoStartNPSAgent" = C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe -- [2010.01.25 00:57:29 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.)
"NBJ" = "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" -- [2005.05.19 19:38:08 | 001,957,888 | ---- | M] (Ahead Software AG)
"LDM" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe -- [2010.10.30 14:21:06 | 000,016,384 | ---- | M] ()

< >


< MD5 for: AGP440.SYS >
[2007.07.27 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.06.11 13:19:18 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.06.11 13:19:18 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2007.07.27 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.06.11 13:19:18 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.06.11 13:19:18 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2007.07.27 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\cmdcons\autochk.exe
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2007.07.27 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2007.07.27 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.06.11 13:19:18 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.06.11 13:19:18 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2007.07.27 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2007.07.27 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2008.04.14 02:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008.04.14 02:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\system32\csrss.exe
[2007.07.27 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F12B178B1678D778CFD3FF1FC38C71FB -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe

< MD5 for: EVENTLOG.DLL >
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2007.07.27 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 02:12:19 | 000,975,872 | ---- | M] (Microsoft Corporation) MD5=561A50497324F378E30F55D09B4E1258 -- C:\WINDOWS\explorer.exe
[2008.04.14 02:12:19 | 000,975,872 | ---- | M] (Microsoft Corporation) MD5=561A50497324F378E30F55D09B4E1258 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.07.27 14:00:00 | 000,974,336 | ---- | M] (Microsoft Corporation) MD5=A5C1F2CF7C31874E66478910B43D6513 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: FASTFAT.SYS >
[2007.07.27 14:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3117F595E9615E04F05A54FC15A03B20 -- C:\WINDOWS\$NtServicePackUninstall$\fastfat.sys
[2008.04.13 21:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\ServicePackFiles\i386\fastfat.sys
[2008.04.13 21:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys

< MD5 for: HAL.DLL >
[2007.07.27 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.06.11 13:19:18 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.06.11 13:19:18 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2007.07.27 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2007.07.27 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009.06.11 13:19:18 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2009.06.11 13:19:18 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2009.06.11 13:19:18 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2009.06.11 13:19:18 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.08.17 13:58:02 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.08.17 13:58:02 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2007.07.27 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: MV61XX.SYS >
[2008.05.19 09:46:30 | 000,150,568 | R--- | M] (Marvell Semiconductor, Inc.) MD5=E6F48050AF7548E4BF775F0D83873794 -- C:\WINDOWS\system32\drivers\mv61xx.sys

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2007.07.27 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2007.07.27 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NTFS.SYS >
[2008.04.13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
[2008.04.13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004.08.03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\NTFS.SYS
[2007.07.27 14:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys

< MD5 for: SCECLI.DLL >
[2007.07.27 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.06 13:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008.04.14 02:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 02:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009.02.06 19:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.06 12:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.06 13:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009.02.06 13:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.06 13:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
[2007.07.27 14:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe

< MD5 for: SMSS.EXE >
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2007.07.27 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.04 00:56:58 | 000,152,576 | ---- | M] (Microsoft Corporation) MD5=DA5CF1C368B33D75602FD6B3A7F5E0C6 -- C:\cmdcons\SYSTEM32\SMSS.EXE

< MD5 for: SPOOLSV.EXE >
[2010.08.17 15:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2007.07.27 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=7435B108B935E42EA92CA94F59C8E717 -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe
[2008.04.14 02:12:36 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=D8E14A61ACC1D4A6CD0D38AEBAC7FA3B -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
[2008.04.14 02:12:36 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=D8E14A61ACC1D4A6CD0D38AEBAC7FA3B -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2007.07.27 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2007.07.27 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2007.07.27 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2007.07.27 14:00:00 | 000,506,880 | ---- | M] (Microsoft Corporation) MD5=051A52001D625F316CE81A539BD25192 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2007.07.27 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll

< >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006.10.26 19:58:12 | 000,030,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2006.10.26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008.07.06 14:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll

< %systemroot%\system32\drivers\*.sys /5 >
[2011.07.25 15:03:37 | 000,141,200 | ---- | M] () -- C:\WINDOWS\system32\drivers\PnkBstrK.sys

< %systemroot%\system32\drivers\*.sys /X >
[2008.04.14 02:11:48 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008.04.14 02:11:48 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008.04.14 02:11:48 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008.04.14 02:11:48 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008.04.14 02:11:48 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008.04.14 02:11:48 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008.04.14 02:11:48 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2011.05.05 06:43:54 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2erec.dll
[2004.07.17 11:36:24 | 000,064,352 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativmc20.cod
[2008.04.14 02:11:50 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008.04.14 02:11:50 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008.04.14 02:11:50 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008.04.14 02:11:50 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008.04.14 02:11:50 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008.04.14 02:11:50 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2004.07.17 22:55:24 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfs2.cty
[2009.09.29 18:37:58 | 000,002,819 | ---- | M] () -- C:\WINDOWS\system32\drivers\fwdrv.err
[2007.07.27 14:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2007.07.27 14:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2002.12.10 17:51:46 | 000,179,712 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVSVF.dll
[2009.04.16 20:22:57 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2009.04.16 20:22:58 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2009.04.16 20:23:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2009.09.05 18:31:57 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\Msft_Kernel_motmodem_01005.Wdf
[2004.07.17 11:35:00 | 000,067,866 | ---- | M] () -- C:\WINDOWS\system32\drivers\netwlan5.img
[2008.04.14 02:12:05 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2008.04.14 02:12:08 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /5 >
[2011.07.25 01:47:05 | 000,281,656 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.ex0
[2011.07.25 15:03:29 | 000,281,656 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
[2011.07.25 15:03:29 | 000,281,656 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.xtr
[2011.07.27 09:24:02 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >
[2009.04.16 13:21:42 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.04.16 13:21:42 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.04.16 13:21:42 | 000,929,792 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[10 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[6 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2009.04.16 12:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\ACD Systems
[2009.06.09 23:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Acoustica
[2010.06.29 14:56:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Adobe
[2010.04.18 14:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Ahead
[2011.02.09 07:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Apple Computer
[2009.04.16 12:57:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\ATI
[2011.06.12 16:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Avnex
[2010.09.03 06:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Bioshock
[2010.08.01 04:42:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Bioshock2
[2010.09.18 11:02:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Codemasters
[2010.06.29 14:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\com.fox.simpsons.simpsonsgags.8DB2FB41E3AF9617470F9C3E78FDAAA51EF66383.1
[2009.04.22 21:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Consultia
[2010.04.02 12:23:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Creative
[2009.07.13 00:24:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\CyberLink
[2011.03.30 15:29:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Darkfall
[2011.03.31 07:28:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\DarksporeData
[2011.04.16 21:13:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\DDMSettings
[2010.07.11 07:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\DivX
[2011.06.02 03:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\DMCache
[2009.12.03 09:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\ESET
[2010.10.30 14:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\FotoWire
[2009.11.01 18:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\GARMIN
[2011.06.12 17:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\GetRightToGo
[2011.07.25 01:40:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\go
[2009.09.25 02:39:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Google
[2010.11.10 10:39:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\GRETECH
[2011.05.23 18:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Hamachi
[2009.06.28 22:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Help
[2009.07.28 03:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\HiveRise
[2010.11.02 11:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\HP
[2011.06.13 00:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\ICQ
[2009.06.24 21:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\id Software
[2009.04.16 11:39:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Identities
[2011.06.03 01:17:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\IDM
[2010.11.10 00:52:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\ijjigame
[2009.04.16 12:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\InstallShield
[2009.04.16 12:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\InterVideo
[2009.12.18 05:35:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\LG Electronics
[2010.08.10 00:44:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\LolClient
[2009.04.16 13:33:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Macromedia
[2011.07.27 00:13:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Malwarebytes
[2010.03.24 06:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Media Player Classic
[2010.12.07 01:31:34 | 000,000,000 | --SD | M] -- C:\Documents and Settings\pc\Application Data\Microsoft
[2011.07.21 00:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Might & Magic Heroes VI - Public Closed Beta
[2010.10.07 22:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\mIRC
[2011.01.09 18:16:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Mount&Blade Warband
[2010.08.01 00:40:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Mozilla
[2011.07.25 22:51:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Mumble
[2009.08.29 01:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Octoshape
[2009.10.08 05:38:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Office Genuine Advantage
[2009.04.22 19:09:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\OtakuSoftware
[2009.12.18 06:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\PC Suite
[2011.06.10 05:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\PFStaticIP
[2011.07.27 08:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\PriceGong
[2009.09.06 10:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Prism
[2011.06.12 17:09:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Real
[2011.02.28 20:04:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Red Alert 3
[2011.03.01 08:21:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Red Alert 3 Uprising
[2011.02.15 19:54:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\RIFT
[2010.10.30 14:54:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Roxio
[2011.01.22 21:00:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Runscanner.net
[2009.12.18 05:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Samsung
[2011.02.17 23:57:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Search Settings
[2009.04.17 00:15:10 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\pc\Application Data\SecuROM
[2011.07.27 09:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Skype
[2011.05.29 16:54:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\skypePM
[2009.04.17 01:58:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Sun
[2009.07.27 20:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\TeamViewer
[2009.04.22 19:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Thinking Minds Budiling Bytes
[2009.04.16 11:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\TMP
[2011.03.30 17:50:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Toolbar4
[2010.03.17 18:19:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\TS3Client
[2011.07.24 17:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Tunngle
[2009.12.01 06:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Ubisoft
[2009.04.18 05:10:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Uniblue
[2011.02.02 05:11:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Unity
[2011.07.10 06:20:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\uTorrent
[2009.04.16 18:30:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Ventrilo
[2009.07.06 19:14:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\VitySoft
[2010.06.30 07:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\vlc
[2010.02.26 16:39:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Vso
[2010.11.22 19:25:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\W
[2010.11.22 19:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\wargaming.net
[2009.09.06 10:19:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\WebApps
[2009.05.29 03:04:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\WeGame
[2009.04.16 12:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\WinRAR
[2011.07.05 18:38:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Xfire
[2009.05.01 18:51:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\XRay Engine
[2009.04.19 15:38:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Yahoo!
[2010.06.27 22:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\YouTube Downloader

< %APPDATA%\*.* >
[2009.12.18 05:54:29 | 000,002,528 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\$_hpcst$.hpc
[2009.04.16 13:23:44 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\pc\Application Data\desktop.ini
[2010.02.26 16:39:22 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\inst.exe
[2010.02.26 16:39:22 | 000,007,887 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\pcouffin.cat
[2010.02.26 16:39:22 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\pcouffin.inf
[2010.02.26 16:39:26 | 000,000,034 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\pcouffin.log
[2010.02.26 16:39:22 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\pc\Application Data\pcouffin.sys
[2011.07.20 17:34:18 | 000,138,056 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\PnkBstrK.sys
[2011.05.16 05:54:59 | 000,046,658 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\room.dat
[2010.03.07 04:50:32 | 000,000,180 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\setup.log
[2010.03.07 04:50:13 | 000,000,760 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\setup_ldm.iss

< %APPDATA%\*.exe /s >
[2010.02.26 16:39:22 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\inst.exe
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\GRETECH\GomPlayer\GrLauncher.exe
[2009.04.16 20:35:47 | 000,015,872 | R--- | M] () -- C:\Documents and Settings\pc\Application Data\Microsoft\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C9.exe
[2009.04.16 20:23:53 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\pc\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2009.08.27 18:17:59 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\pc\Application Data\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2011.06.16 23:01:17 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\pc\Application Data\Microsoft\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe
[2009.08.28 14:00:36 | 001,291,640 | ---- | M] (EA Digital Illusions CE AB) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe
[2009.01.08 15:44:06 | 000,070,936 | ---- | M] (Octoshape ApS) -- C:\Documents and Settings\pc\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
[2011.01.22 21:21:48 | 000,157,184 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Runscanner.net\VirusTotalUpload.exe
[2010.01.25 00:56:39 | 089,280,248 | ---- | M] (Samsung Electronics Co., Ltd. ) -- C:\Documents and Settings\pc\Application Data\Samsung\New PC Studio\LiveUpdate\Setup_For_Full_Update_IH2_7.exe

< %SYSTEMDRIVE%\*.exe >
[2011.07.20 17:11:48 | 078,078,224 | ---- | M] (K2 Network, Inc.) -- C:\APB_Reloaded_Installer.exe
[2008.02.07 10:18:58 | 025,072,608 | ---- | M] (Online Media Technologies Ltd. ) -- C:\AVSDVDPlayer.exe

< >

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-07-16 03:49:27

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"StateIndex" = 0

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=AlwaysOff /fastdetect /usepmtimer

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.07.27 09:39:33 | 000,000,512 | ---- | M] () MD5=38DEF0F3DB75023BCC33D85257760618 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:75D366A3

< End of report >

[eyewar]

tak teraz to extras.txt

OTL Extras logfile created on: 27.7.2011 9:38:31 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\pc\My Documents\Preberanie
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 71,30% Memory free
7,09 Gb Paging File | 6,19 Gb Available in Paging File | 87,30% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 10,97 Gb Free Space | 2,36% Space Free | Partition Type: NTFS
Drive D: | 465,75 Gb Total Space | 7,16 Gb Free Space | 1,54% Space Free | Partition Type: NTFS
Drive F: | 5,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: MATRIX | User Name: pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1220945662-764733703-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files\ACD Systems\ACDSee\8.0.Pro\ACDSee8Pro.exe" "%1" (ACD Systems Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1
"DisableThumbnailCache" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"58566:TCP" = 58566:TCP:*:Enabled:Pando Media Booster
"58566:UDP" = 58566:UDP:*:Enabled:Pando Media Booster
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"58221:TCP" = 58221:TCP:*:Enabled:Pando Media Booster
"58221:UDP" = 58221:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"58566:TCP" = 58566:TCP:*:Enabled:Pando Media Booster
"58566:UDP" = 58566:UDP:*:Enabled:Pando Media Booster
"8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher
"8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader
"6112:TCP" = 6112:TCP:*:Enabled:Blizzard Downloader
"1119:TCP" = 1119:TCP:*:Enabled:Blizzard Downloader
"4000:TCP" = 4000:TCP:*:Enabled:Blizzard Downloader
"6113:TCP" = 6113:TCP:*:Enabled:Blizzard Downloader
"6114:TCP" = 6114:TCP:*:Enabled:Blizzard Downloader
"6997:TCP" = 6997:TCP:*:Enabled:League of Legends Launcher
"6997:UDP" = 6997:UDP:*:Enabled:League of Legends Launcher
"8395:TCP" = 8395:TCP:*:Enabled:League of Legends Launcher
"8395:UDP" = 8395:UDP:*:Enabled:League of Legends Launcher
"8396:TCP" = 8396:TCP:*:Enabled:League of Legends Launcher
"8396:UDP" = 8396:UDP:*:Enabled:League of Legends Launcher
"6942:TCP" = 6942:TCP:*:Enabled:League of Legends Launcher
"6942:UDP" = 6942:UDP:*:Enabled:League of Legends Launcher
"6889:TCP" = 6889:TCP:*:Enabled:League of Legends Launcher
"6889:UDP" = 6889:UDP:*:Enabled:League of Legends Launcher
"6920:TCP" = 6920:TCP:*:Enabled:League of Legends Launcher
"6920:UDP" = 6920:UDP:*:Enabled:League of Legends Launcher
"6922:TCP" = 6922:TCP:*:Enabled:League of Legends Launcher
"6922:UDP" = 6922:UDP:*:Enabled:League of Legends Launcher
"6966:TCP" = 6966:TCP:*:Enabled:League of Legends Launcher
"6966:UDP" = 6966:UDP:*:Enabled:League of Legends Launcher
"6892:TCP" = 6892:TCP:*:Enabled:League of Legends Launcher
"6892:UDP" = 6892:UDP:*:Enabled:League of Legends Launcher
"8397:TCP" = 8397:TCP:*:Enabled:League of Legends Launcher
"8397:UDP" = 8397:UDP:*:Enabled:League of Legends Launcher
"6902:TCP" = 6902:TCP:*:Enabled:League of Legends Launcher
"6902:UDP" = 6902:UDP:*:Enabled:League of Legends Launcher
"6993:TCP" = 6993:TCP:*:Enabled:League of Legends Launcher
"6993:UDP" = 6993:UDP:*:Enabled:League of Legends Launcher
"6887:TCP" = 6887:TCP:*:Enabled:League of Legends Launcher
"6887:UDP" = 6887:UDP:*:Enabled:League of Legends Launcher
"6965:TCP" = 6965:TCP:*:Enabled:League of Legends Launcher
"6965:UDP" = 6965:UDP:*:Enabled:League of Legends Launcher
"6940:TCP" = 6940:TCP:*:Enabled:League of Legends Launcher
"6940:UDP" = 6940:UDP:*:Enabled:League of Legends Launcher
"6960:TCP" = 6960:TCP:*:Enabled:League of Legends Launcher
"6960:UDP" = 6960:UDP:*:Enabled:League of Legends Launcher
"6996:TCP" = 6996:TCP:*:Enabled:League of Legends Launcher
"6996:UDP" = 6996:UDP:*:Enabled:League of Legends Launcher
"8398:TCP" = 8398:TCP:*:Enabled:League of Legends Launcher
"8398:UDP" = 8398:UDP:*:Enabled:League of Legends Launcher
"8393:TCP" = 8393:TCP:*:Enabled:League of Legends Lobby
"8393:UDP" = 8393:UDP:*:Enabled:League of Legends Lobby
"8390:TCP" = 8390:TCP:*:Enabled:League of Legends Game Client
"8390:UDP" = 8390:UDP:*:Enabled:League of Legends Game Client
"6881:TCP" = 6881:TCP:*:Enabled:Blizzard Downloader: 6881
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"12975:TCP" = 12975:TCP:*:Enabled:Hamachi 1
"32976:TCP" = 32976:TCP:*:Enabled:Hamachi
"7777:TCP" = 7777:TCP:*:Enabled:Terraria TCP port
"7777:UDP" = 7777:UDP:*:Enabled:Terraria UDP port
"58221:TCP" = 58221:TCP:*:Enabled:Pando Media Booster
"58221:UDP" = 58221:UDP:*:Enabled:Pando Media Booster

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\InterVideo\DVD6\WinDVD.exe" = C:\Program Files\InterVideo\DVD6\WinDVD.exe:*:Enabled:WinDVD -- (InterVideo Inc.)
"C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe" = C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI
"F:\Games\Valves\Steam\SteamApps\common\trackmania nations forever\TmForever.exe" = F:\Games\Valves\Steam\SteamApps\common\trackmania nations forever\TmForever.exe:*:Enabled:TrackMania Nations Forever
"F:\Games\Valves\Steam\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe" = F:\Games\Valves\Steam\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe:*:Enabled:TrackMania Nations Forever
"F:\Games\valve\SteamApps\eyewar123\counter-strike\hl.exe" = F:\Games\valve\SteamApps\eyewar123\counter-strike\hl.exe:*:Enabled:Half-Life Launcher
"C:\Program Files\Garena\Garena.exe" = C:\Program Files\Garena\Garena.exe:*:Enabled:Garena
"C:\games\Warcraft III\Warcraft III.exe" = C:\games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"D:\Games\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe" = D:\Games\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (CLI) -- ()
"D:\Games\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe" = D:\Games\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (SRV) -- ()
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6
"D:\Games\valve\Steam.exe" = D:\Games\valve\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Programy\Garena\Garena.exe" = C:\Programy\Garena\Garena.exe:*:Enabled:Garena -- (Garena Online PTE LTD)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\games\Activision\Call of Duty 2\CoD2MP_s.exe" = C:\games\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()
"C:\games\BFHeroes.exe" = C:\games\BFHeroes.exe:*:Enabled:BFHeroes
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe" = C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32 -- (Crytek GmbH)
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe" = C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32 -- (Crytek GmbH)
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe" = C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Ahead\ODD Toolkit\ODDUpdate.exe" = C:\Program Files\Ahead\ODD Toolkit\ODDUpdate.exe:*:Enabled:AsusUpdate -- ()
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\cod4\Call of Duty 4 - Modern Warfare\iw3mp.exe" = D:\cod4\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)
"C:\Documents and Settings\pc\temp\TeamViewer\Version4\TeamViewer.exe" = C:\Documents and Settings\pc\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- (TeamViewer GmbH)
"C:\games\HiveRise\HiveRise.exe" = C:\games\HiveRise\HiveRise.exe:*:Enabled:HiveRise -- (Vulcando Games GmbH)
"D:\Games\Electronic Arts\BattleForge\Bootstrapper.exe" = D:\Games\Electronic Arts\BattleForge\Bootstrapper.exe:*:Enabled:BattleForge™ Launcher -- (EA Phenomic)
"D:\Games\Electronic Arts\BattleForge\BattleForge.exe" = D:\Games\Electronic Arts\BattleForge\BattleForge.exe:*:Enabled:BattleForge™ -- (EA Phenomic)
"D:\Games\supcom\SupCom\Supreme Commander\bin\SupremeCommander.exe" = D:\Games\supcom\SupCom\Supreme Commander\bin\SupremeCommander.exe:*:Enabled:Supreme Commander Application
"C:\Program Files\GameSpy\Comrade\Comrade.exe" = C:\Program Files\GameSpy\Comrade\Comrade.exe:*:Enabled:Comrade -- (IGN Entertainment Inc.)
"D:\Games\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe" = D:\Games\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4
"C:\Documents and Settings\pc\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" = C:\Documents and Settings\pc\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client -- (Octoshape ApS)
"C:\FirefoxPortable\App\Firefox\firefox.exe" = C:\FirefoxPortable\App\Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"D:\Progames\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe" = D:\Progames\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe:*:Enabled:biahh -- ()
"D:\Games\RESIDENT EVIL 5\RE5DX9.EXE" = D:\Games\RESIDENT EVIL 5\RE5DX9.EXE:*:Enabled:RESIDENT EVIL 5 -- (CAPCOM CO., LTD.)
"D:\Games\valve\SteamApps\eyewar123\condition zero deleted scenes\hl.exe" = D:\Games\valve\SteamApps\eyewar123\condition zero deleted scenes\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"D:\Games\Volition Inc\Red Faction Guerrilla\rfg.exe" = D:\Games\Volition Inc\Red Faction Guerrilla\rfg.exe:*:Enabled:Red Faction: Guerrilla -- (THQ Inc.)
"D:\Games\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe" = D:\Games\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"D:\Games\World of Warcraft\Launcher.exe" = D:\Games\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"D:\Games\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe" = D:\Games\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"D:\Games\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe" = D:\Games\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (CLI) -- ()
"D:\Games\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe" = D:\Games\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (SRV) -- ()
"D:\Games\Mass Effect\Binaries\MassEffect.exe" = D:\Games\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game -- (BioWare)
"D:\Games\Mass Effect\MassEffectLauncher.exe" = D:\Games\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher -- (BioWare)
"D:\Games\Mass Effect 2\Binaries\MassEffect2.exe" = D:\Games\Mass Effect 2\Binaries\MassEffect2.exe:*:Enabled:Mass Effect 2 Hra -- (BioWare)
"D:\Games\Mass Effect 2\MassEffect2Launcher.exe" = D:\Games\Mass Effect 2\MassEffect2Launcher.exe:*:Enabled:Mass Effect 2 Spustit -- (BioWare)
"D:\Games\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe" = D:\Games\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- ()
"C:\games\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe" = C:\games\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe:*:Enabled:Tom Clancy's Splinter Cell Conviction -- ()
"C:\games\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe" = C:\games\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe:*:Enabled:Tom Clancy's Splinter Cell Conviction aktualizace -- (Ubisoft)
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe" = C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2 -- (EA Digital Illusions CE AB)
"C:\games\League of Legends\Air\LolClient.exe" = C:\games\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby
"C:\games\League of Legends\Game\League of Legends.exe" = C:\games\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client
"C:\games\World of Warcraft Public Test\Launcher.exe" = C:\games\World of Warcraft Public Test\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\games\World of Warcraft Public Test\Launcher.patch.exe" = C:\games\World of Warcraft Public Test\Launcher.patch.exe:*:Enabled:Blizzard Launcher
"C:\games\Activision\Modern Warfare 2\iw4mp.exe" = C:\games\Activision\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp -- ()
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"D:\Games\valve\SteamApps\common\trackmania nations forever\TmForever.exe" = D:\Games\valve\SteamApps\common\trackmania nations forever\TmForever.exe:*:Enabled:TrackMania Nations Forever -- ()
"D:\Games\valve\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe" = D:\Games\valve\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe:*:Enabled:TrackMania Nations Forever -- ()
"D:\Games\World of Warcraft\Launcher.patch.exe" = D:\Games\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher
"D:\Games\World of Warcraft\Blizzard Downloader.exe" = D:\Games\World of Warcraft\Blizzard Downloader.exe:*:Enabled:Blizzard Downloader
"C:\ijji\ENGLISH\GenesisAD\AnotherDay.exe" = C:\ijji\ENGLISH\GenesisAD\AnotherDay.exe:*:Enabled:AnotherDay
"C:\ijji\ENGLISH\GenesisAD\GameConsole.bin" = C:\ijji\ENGLISH\GenesisAD\GameConsole.bin:*:Enabled:adhost
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:backWeb-8876480 -- ()
"C:\Program Files\REACTOR\ijjiOptimizer.exe" = C:\Program Files\REACTOR\ijjiOptimizer.exe:*:Enabled:ijjiOptimizer.exe -- ()
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe" = C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company™ 2 -- (EA Digital Illusions CE AB)
"D:\Games\Electronic Arts\Medal of Honor\MP\MoHMPGame.exe" = D:\Games\Electronic Arts\Medal of Honor\MP\MoHMPGame.exe:*:Enabled:Medal of Honor: Multiplayer -- (EA Digital Illusions CE AB)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"D:\Games\505games\1C\Men of War\mow.exe" = D:\Games\505games\1C\Men of War\mow.exe:*:Disabled:Main executable -- ("Best Way" Corp)
"C:\DeadSpace2 MULTI6\deadspace2.exe" = C:\DeadSpace2 MULTI6\deadspace2.exe:*:Enabled:Dead Space™ 2
"D:\Games\valve\SteamApps\common\alien swarm\srcds.exe" = D:\Games\valve\SteamApps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server -- ()
"D:\Games\Duty Calls\binaries\Win32\DutyCalls.exe" = D:\Games\Duty Calls\binaries\Win32\DutyCalls.exe:*:Enabled:DutyCalls
"D:\Games\Paradox Interactive\Magicka\Magicka.exe" = D:\Games\Paradox Interactive\Magicka\Magicka.exe:*:Enabled:Magicka -- (Arrowhead Game Studios AB)
"D:\Games\Stunlock Studios\Bloodline Champions\Binary\BloodlineChampions.exe" = D:\Games\Stunlock Studios\Bloodline Champions\Binary\BloodlineChampions.exe:*:Enabled:Bloodline Champions -- (Stunlock Studios)
"D:\Games\CCP\EVE\bin\ExeFile.exe" = D:\Games\CCP\EVE\bin\ExeFile.exe:*:Enabled:CCP ExeFile
"C:\Programy\Xfire\Xfire.exe" = C:\Programy\Xfire\Xfire.exe:*:Enabled:Xfire -- (Xfire Inc.)
"D:\Games\valve\SteamApps\common\r.u.s.e\Ruse.exe" = D:\Games\valve\SteamApps\common\r.u.s.e\Ruse.exe:*:Enabled:R.U.S.E -- (Eugen Systems)
"C:\games\World of Warcraft\Launcher.patch.exe" = C:\games\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"D:\Games\valve\SteamApps\common\command and conquer red alert 3\runme.exe" = D:\Games\valve\SteamApps\common\command and conquer red alert 3\runme.exe:*:Enabled:Command and Conquer: Red Alert 3 -- ()
"D:\Games\valve\SteamApps\common\command and conquer red alert 3\Support\EA Help\Electronic_Arts_Technical_Support.htm" = D:\Games\valve\SteamApps\common\command and conquer red alert 3\Support\EA Help\Electronic_Arts_Technical_Support.htm:*:Enabled:Command and Conquer: Red Alert 3 -- ()
"D:\Games\valve\SteamApps\common\command and conquer red alert 3\Data\ra3_1.12.game" = D:\Games\valve\SteamApps\common\command and conquer red alert 3\Data\ra3_1.12.game:*:Enabled:Command & Conquer™ Red Alert™ 3 -- (Electronic Arts Inc.)
"D:\Games\valve\SteamApps\common\command and conquer red alert 3 uprising\RA3EP1.exe" = D:\Games\valve\SteamApps\common\command and conquer red alert 3 uprising\RA3EP1.exe:*:Enabled:Command and Conquer: Red Alert 3 - Uprising -- (Electronic Arts, Inc.)
"D:\Games\valve\SteamApps\common\command and conquer red alert 3 uprising\Support\EA Help\Electronic_Arts_Technical_Support.htm" = D:\Games\valve\SteamApps\common\command and conquer red alert 3 uprising\Support\EA Help\Electronic_Arts_Technical_Support.htm:*:Enabled:Command and Conquer: Red Alert 3 - Uprising -- ()
"D:\Games\Electronic Arts\Crytek\Crysis 2 Demo\bin32\Crysis2Launcher.exe" = D:\Games\Electronic Arts\Crytek\Crysis 2 Demo\bin32\Crysis2Launcher.exe:*:Enabled:Crysis® 2 Demo
"D:\Games\Electronic Arts\Crytek\Crysis 2 Demo\bin32\Crysis2Demo.exe" = D:\Games\Electronic Arts\Crytek\Crysis 2 Demo\bin32\Crysis2Demo.exe:*:Enabled:Crysis2Demo
"D:\Games\Electronic Arts\Crytek\bin32\Crysis2.exe" = D:\Games\Electronic Arts\Crytek\bin32\Crysis2.exe:*:Enabled:Crysis2
"D:\Games\Electronic Arts\NFS\Launcher.exe" = D:\Games\Electronic Arts\NFS\Launcher.exe:*:Enabled:Need for Speed(TM) Hot Pursuit -- (Electronic Arts)
"D:\Games\Electronic Arts\NFS\NFS11.exe" = D:\Games\Electronic Arts\NFS\NFS11.exe:*:Enabled:Need for Speed(TM) Hot Pursuit Application -- (Electronic Arts)
"D:\Games\Electronic Arts\crytek\Crysis2\bin32\Crysis2.exe" = D:\Games\Electronic Arts\crytek\Crysis2\bin32\Crysis2.exe:*:Enabled:Crysis2 -- (Crytek GmbH)
"D:\Games\Darkfall\Lobby.exe" = D:\Games\Darkfall\Lobby.exe:*:Enabled:Lobby
"D:\Games\Electronic Arts\Medal of Honor\Binaries\moh.exe" = D:\Games\Electronic Arts\Medal of Honor\Binaries\moh.exe:*:Enabled:Medal of Honor™ -- (Electronic Arts Inc.)
"D:\Games\valve\SteamApps\common\alien swarm\swarm.exe" = D:\Games\valve\SteamApps\common\alien swarm\swarm.exe:*:Enabled:Alien Swarm -- ()
"C:\games\League of Legends\lol.launcher.exe" = C:\games\League of Legends\lol.launcher.exe:*:Enabled:League of Legends Launcher -- ()
"D:\Games\World of Warcraft\BackgroundDownloader.exe" = D:\Games\World of Warcraft\BackgroundDownloader.exe:*:Enabled:BackgroundDownloader.exe -- (Blizzard Entertainment)
"D:\Games\valve\SteamApps\common\amd driver updater, xp, 32 bit\Setup.exe" = D:\Games\valve\SteamApps\common\amd driver updater, xp, 32 bit\Setup.exe:*:Enabled:AMD Driver Updater, XP, 32 bit -- (Advanced Micro Devices, Inc.)
"C:\games\The Witcher 2\bin\witcher2.exe" = C:\games\The Witcher 2\bin\witcher2.exe:*:Enabled:The Witcher 2: Assasins of Kings -- ()
"C:\games\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\UPlayBrowser.exe" = C:\games\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\UPlayBrowser.exe:*:Enabled:UPlayBrowser Application -- (Ubisoft Entertainment)
"C:\games\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\games\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" = C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe:*:Enabled:LogMeIn Hamachi
"D:\Games\valve\SteamApps\common\call of duty black ops\BlackOpsMP.exe" = D:\Games\valve\SteamApps\common\call of duty black ops\BlackOpsMP.exe:*:Enabled:Call of Duty: Black Ops - Multiplayer -- ()
"C:\terraria\Terraria 1.0.3\Terraria.exe" = C:\terraria\Terraria 1.0.3\Terraria.exe:*:Enabled:Terraria -- (Teh Gamez)
"C:\terraria\Terraria 1.0.3\TerrariaServer.exe" = C:\terraria\Terraria 1.0.3\TerrariaServer.exe:*:Enabled:TerrariaServer -- (Teh Gamez)
"D:\Games\valve\SteamApps\common\duke nukem forever\System\DukeForever.exe" = D:\Games\valve\SteamApps\common\duke nukem forever\System\DukeForever.exe:*:Enabled:Duke Nukem Forever -- ()
"D:\Games\valve\SteamApps\common\america's army 3\Binaries\AA3Game.exe" = D:\Games\valve\SteamApps\common\america's army 3\Binaries\AA3Game.exe:*:Enabled:America's Army 3 -- ()
"C:\games\Capcom\Bionic Commando Rearmed\bcr.exe" = C:\games\Capcom\Bionic Commando Rearmed\bcr.exe:*:Enabled:Bionic Commando Rearmed -- ()
"D:\Games\valve\SteamApps\eyewar123\team fortress 2\hl2.exe" = D:\Games\valve\SteamApps\eyewar123\team fortress 2\hl2.exe:*:Enabled:hl2 -- ()
"C:\games\1C Company\Men of War. Assault Squad\mow_assault_squad.exe" = C:\games\1C Company\Men of War. Assault Squad\mow_assault_squad.exe:*:Enabled:Main executable -- (Digitalmindsoft)
"C:\games\Ubisoft\Heroes of Might and Magic V\bin\H5_Game.exe" = C:\games\Ubisoft\Heroes of Might and Magic V\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V -- ()
"C:\Documents and Settings\pc\Local Settings\Apps\2.0\JDO6LGLC.ANG\888BYJOE.K6O\curs..tion_eee711038731a406_0004.0000_0d453ed5fea2fe48\CurseClient.exe" = C:\Documents and Settings\pc\Local Settings\Apps\2.0\JDO6LGLC.ANG\888BYJOE.K6O\curs..tion_eee711038731a406_0004.0000_0d453ed5fea2fe48\CurseClient.exe:*:Enabled:Curse Client 4.0 -- (Curse)
"D:\Games\valve\SteamApps\common\fallout new vegas enplczru\FalloutNVLauncher.exe" = D:\Games\valve\SteamApps\common\fallout new vegas enplczru\FalloutNVLauncher.exe:*:Enabled:Fallout: New Vegas -- (Bethesda Softworks, Obsidian Entertainment)
"C:\games\Ubisoft\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe" = C:\games\Ubisoft\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V- Tribes of the East -- ()
"D:\Games\valve\SteamApps\common\left 4 dead 2\left4dead2.exe" = D:\Games\valve\SteamApps\common\left 4 dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2
"C:\Programy\Tunngle\tnglctrl.exe" = C:\Programy\Tunngle\tnglctrl.exe:*:Enabled:Tunngle Service -- (Tunngle.net GmbH)
"C:\Programy\Tunngle\tunngle.exe" = C:\Programy\Tunngle\tunngle.exe:*:Enabled:Tunngle Client -- (Tunngle.net GmbH)
"D:\Games\valve\SteamApps\eyewar123\counter-strike\hl.exe" = D:\Games\valve\SteamApps\eyewar123\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
"D:\Games\valve\SteamApps\common\warincbattlezone\RSUpdate.exe" = D:\Games\valve\SteamApps\common\warincbattlezone\RSUpdate.exe:*:Enabled:War Inc. Battlezone -- (Arktos Entertainment Group)
"D:\Games\valve\SteamApps\common\warincbattlezone\WarInc.exe" = D:\Games\valve\SteamApps\common\warincbattlezone\WarInc.exe:*:Enabled:War Inc. Battlezone -- ()
"C:\games\Ubisoft\Might & Magic Heroes VI - Public Closed Beta\Might & Magic Heroes VI.exe" = C:\games\Ubisoft\Might & Magic Heroes VI - Public Closed Beta\Might & Magic Heroes VI.exe:*:Enabled:Might & Magic Heroes VI - Public Closed Beta -- (Black Hole Entertainment)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"D:\Games\valve\SteamApps\common\brink\brink.exe" = D:\Games\valve\SteamApps\common\brink\brink.exe:*:Enabled:Brink -- (Splash Damage, Ltd.)
"C:\Documents and Settings\pc\My Documents\Preberanie\Flash-Player.exe" = C:\Documents and Settings\pc\My Documents\Preberanie\Flash-Player.exe:*:Enabled:C:\Documents and Settings\pc\My Documents\Preberanie\Flash-Player.exe
"C:\WINDOWS\update.1\svchost.exe" = C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe
"C:\WINDOWS\services32.exe" = C:\WINDOWS\services32.exe:*:Enabled:C:\WINDOWS\services32.exe
"C:\WINDOWS\update.tray-3-0\svchost.exe" = C:\WINDOWS\update.tray-3-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-3-0\svchost.exe
"C:\WINDOWS\update.2\svchost.exe" = C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe
"C:\games\GamersFirst\APB Reloaded\Binaries\APB.exe" = C:\games\GamersFirst\APB Reloaded\Binaries\APB.exe:*:Enabled:APB: APB.exe -- (K2 Network, Inc.)
"C:\games\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe" = C:\games\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe:*:Enabled:APB: VivoxVoiceService.exe -- (Vivox Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{073FAA7C-1B13-69A6-12CC-97C28ACBBAAC}" = CCC Help Chinese Standard
"{083F79E4-6FE9-46FB-A6C6-4F8862742947}" = ATI HYDRAVISION
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0AEB967F-1D12-43C8-A59C-D93DA8EE4A4E}" = Duty Calls
"{0B5AF161-1D9B-5DEF-435F-BD69203EC438}" = CCC Help French
"{10ADFD73-86A4-A72A-FD31-6614C5E6EAD1}" = CCC Help Chinese Traditional
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{131206AE-33B9-4B7E-A589-F1C7EFEA5734}" = Might & Magic Heroes VI - Public Closed Beta
"{137D91E1-2347-4EAC-BB0B-CC06C6B92A52}_is1" = Men of War (Remove Only)
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{151F4583-1A05-46D9-8A0E-8F61B9C3502B}_is1" = Call Of Pripyat Benchmark 1.0
"{18E0918E-1060-48f3-925C-56C82E88551B}" = HP PSC & OfficeJet 3.5
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.6
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7473D9-6C0B-4F5A-8FA4-AB8AD78CBE54}" = DocProc
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Odovzdávací nástroj lokality Windows Live
"{206C28CD-4D19-AC7E-A8C4-F77783D478F7}" = CCC Help Finnish
"{22988B2A-374A-4A7B-B795-A1AFF2046BE9}" = PhotoGallery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22E4AC9C-9E05-47D5-B7EB-A9FC1D762A7B}" = Quake Live Internet Explorer Plugin
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = oZone3D.Net FurMark v1.8.2
"{257EC58E-03FD-472B-A9B6-93F23A3C4CB0}" = Scan
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 20
"{29B50D30-EAFC-4cea-9F76-3A0E3729E9B0}" = SkinsHP1
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{30262711-A0DA-C751-D884-A745AEEC2462}" = Catalyst Control Center Localization All
"{34957B51-9676-41CE-9E52-44AE91B73F1C}" = HP Software Update
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3B7BEF0B-2C8F-794A-305F-7C851DEAE25C}" = CCC Help English
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = er100LT
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call of Pripyat [v1.6.01]
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{415B8A4E-0EA2-4C69-975C-EEE07B837FD7}" = Unload
"{4215EF7E-3620-6132-C2E7-79A5910B0AC4}" = CCC Help Hungarian
"{42AF51C0-4028-46CF-B616-FB1F75286457}" = A.V.A
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{47C25360-AEBC-4B21-B233-87CE653B3369}" = AIOMinimal
"{48242276-DB89-42e8-9678-BD4280D7B99A}" = Copy
"{49B6F667-76EB-4E9D-ACD2-84B7437901C0}" = LG PC Suite II
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52A4E146-A102-4ED0-970F-6B1715EB3C86}" = Quake Live Mozilla Plugin
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{55CFA6F6-F2F2-B444-91AC-03B5C57E3011}" = CCC Help Greek
"{55D8440D-6577-46DC-9571-8E5E3046AC11}" = KWorld EM_USB Device Utilities
"{55DCBED7-5710-4939-A928-4CBD9AB09EBB}" = 1310_Help
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = Six Engine
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5786D2C8-A4C4-4DDB-B671-8ED2A53310EC}" = 1310Tour
"{57C7C46A-D35D-492d-A328-4F8C9B5B4B52}" = PrintScreen
"{5A24DD7E-7B01-41AC-ADA8-F1776177A3BA}" = Logitech ImageStudio
"{5B3A354B-C059-4861-A85B-CA46F1089E15}" = Creative USB Headsets
"{5B86C4CF-DF04-58C3-E602-6943E4B78CC5}" = CCC Help Thai
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}" = The Saboteur™
"{5CD9B1ED-6BEB-FFA6-A8A6-2CEEEEC0960D}" = CCC Help Italian
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{6600970A-BAE7-412A-BFFC-91AD793B3A41}" = ASUS WiFi-AP @n
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = ASUSDVD
"{6864A62D-3EF3-415F-9922-240EED34B4C0}" = Fax
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ACA2FD2-4C4A-42F3-AFB5-7B433BBDF6DB}" = InterVideo WinDVD 6
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6C90C4C4-559D-4FE8-A4BF-37550E74D1FC}" = Bloodline Champions
"{6CDAFDDB-5931-4B91-9872-0567D80B1C46}_is1" = Xvid Converter 1.3
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{6F9B9AEB-00D8-4000-AD5B-7E97E85571DE}" = ScopeUserGuide
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{723C033E-63EA-4227-BAB2-0AA8693C16EB}" = Director
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{745A92AF-53B4-41A7-91C3-9B026B1D5897}" = InstantShare
"{7596C248-4816-4C6F-8AAC-D8C81F2B4B49}" = HD View
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7B352D0B-CEE0-CF9E-6389-55DF077A9BCE}" = CCC Help Turkish
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{7BCC8F94-9F5B-5064-B50C-0F4B763D724C}" = Catalyst Control Center Graphics Previews Common
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7F752BAB-4AFD-4138-983D-7E9E7CFE077D}" = GameSpy Comrade
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{8173ACC6-7D30-6AD8-5F60-63045B710772}" = CCC Help Polish
"{81DD5688-695A-4c1d-AE7D-368BF857725A}" = TrayApp
"{82FF9CEB-A50B-45A4-B6B1-7BF8C585D8CA}" = Heroes of Might and Magic V - Tribes of the East
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8B9336DB-8D04-4325-BAFC-C7141D8E6CA1}" = Duke Nukem - Manhattan Project
"{8D2B09E2-6B04-4960-B780-4B0CE90780EE}" = LightScribe 1.4.39.1
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR
"{902CDBB1-3C80-03FB-B2DA-CEB1A70EBE70}" = Catalyst Control Center
"{92881120-6DA5-44A3-8BAB-2429A01D022E}" = YouTube Downloader Toolbar v4.3
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{984F10FD-11FD-4BED-8163-92DB81E6A825}" = Logitech IM Video Companion
"{99D48FBB-2DEF-49A9-BCC9-C5AF63DD2643}" = AiOSoftware
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B03C535-3AEA-4ef2-B326-0A01A2207034}" = CreativeProjects
"{9B22D57A-5338-49A5-AC08-70FE3E8B878B}" = Heroes of Might and Magic V
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A32D29EB-F9F5-4F35-87F5-B638F818B0B0}" = ESET Smart Security
"{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"{A6745F24-2E1C-090F-1E26-620968844F35}" = Catalyst Control Center InstallProxy
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA063CA5-0F16-B288-74C9-266CECC2ECCC}" = ccc-utility
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AB677AA9-704A-182E-4931-FF7D604F2F15}" = CCC Help Portuguese
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{AC786492-A98E-E890-3F73-A8BB051839AE}" = CCC Help Danish
"{AE9C8073-B7CA-4BE3-BC3A-8797109343BE}" = HyperMediaCenter
"{AEC20FEC-47D8-4DEA-85D7-0B7E5D905D11}" = AiO_Scan
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3276CB1-20B6-4AF9-AAEC-E72C83816495}" = IKEA Home Planner
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{BB46245B-CECA-406F-8790-3ABA0D01012F}" = Roxio VideoWave Movie Creator
"{BC339BFD-F550-471a-8D26-4D08126C62F7}" = SkinsHP2
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2960B59-BDCD-4F2E-B26B-6509F877CDC8}" = XSplit
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C3F79B4C-9914-9BD5-BC72-ABEE5ED7DB7D}" = CCC Help Spanish
"{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™
"{C6842947-17FF-3E5B-7FCB-9A9DCD76A2AA}" = ATI Catalyst Install Manager
"{C81B363C-3918-4D53-8B90-EBABA515928E}" = ASUS WiFi-AP @n
"{C8B7A983-5BE1-8152-A7C1-7A6D5487A9F9}" = CCC Help Korean
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBE3E0AF-73BB-4c21-8B96-B09E003EDE7F}" = QuickProjects
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D0AFAB32-33DC-B15D-74A4-BB81A373C5C5}" = CCC Help Japanese
"{D186329B-1B4D-408D-ABEC-EA5CE1F182C9}" = Overland
"{D1E44702-21F5-4918-B8A3-6D126D5BD33C}" = Windows Messenger 5.1
"{D2D9C3AA-A4D8-AAD8-4A42-E7057DEE5691}" = CCC Help Swedish
"{D3120436-1358-4253-9EB2-257FFE8CE1D9}" = Logitech SetPoint 5.00
"{D4CFC5F3-481C-40AA-9944-E7E4E732136C}" = Microsoft IntelliType Pro 8.0
"{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D8B5C1BB-5951-422D-A4D5-451675614956}_is1" = Men of War: Assault Squad (Remove Only)
"{D8B5C1BB-5951-422D-A4D5-451675614956}_update1.90.4.1" = Update 1.90.4.1 for "Men of War: Assault Squad"
"{DB219559-1F78-4343-9A6E-C2E987AD47A3}" = Bionic Commando Rearmed
"{DECC5460-9860-B6EA-3146-6EDE29E55ECA}" = CCC Help German
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock
"{E3BC3832-B4F3-B514-F226-B4D083A83268}" = CCC Help Dutch
"{E443F067-3345-482C-BD7A-12675A53D292}" = Readme
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E7664EE3-F76C-B27B-9567-82AEA0ACA743}" = CCC Help Czech
"{EB169303-270D-4F05-B957-E31EDF993A7D}_is1" = BC2SV 0.9
"{EC7C4194-B728-8F42-2DA4-76A2EDD09536}" = ATI AVIVO Codecs
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EEF7568A-BD2C-42B7-A22E-6D55EA287C34}" = Heroes of Might and Magic V - Hammers of Fate
"{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}" = Max Payne 2
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F532F61B-EED5-5267-F7C0-3509D8D05AB6}" = Skins
"{F5E58FC1-5C8E-C34D-8814-66849FFFCEBA}" = CCC Help Russian
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F730A60D-F6DA-4653-9C6E-548F7A3A5EE0}" = 1310Trb
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{F99F74B4-972B-4B06-B893-6B3B0DB0128B}" = ACDSee Pro
"{F9B0968A-810E-484C-B81D-7F19DC2CBBF5}" = 1310
"{FB5AF073-7A48-77E4-65CC-9B262FCF2783}" = CCC Help Norwegian
"{FBBF532A-47AC-457d-AC06-0D3163D8911E}" = WebReg
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"AC3Filter" = AC3Filter (remove only)
"Acoustica Effects Pack" = Acoustica Effects Pack
"Acoustica Mixcraft 3.1" = Acoustica Mixcraft 3.1
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AlienGUIse Theme Manager" = AlienGUIse Theme Manager
"APB Reloaded" = APB Reloaded
"AV Voice Changer Software DIAMOND 6.0" = AV Voice Changer Software DIAMOND 6.0
"AV Voice Changer Software DIAMOND 7.0" = AV Voice Changer Software DIAMOND 7.0
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"CCleaner" = CCleaner (remove only)
"conduitEngine" = Conduit Engine
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"CTDVDAudio Plugin" = Creative DVD Audio Plugin for Audigy Series
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"DVDFab 6_is1" = DVDFab 6.2.0.5 (11/11/2009)
"EADM" = EA Download Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FaceSmooch Toolbar" = FaceSmooch Toolbar
"Fallout_0" = Fallout 3
"Fraps" = Fraps
"GamersFirst LIVE!" = GamersFirst LIVE!
"Garena" = Garena
"GOM Player" = GOM Player
"Gossiper Toolbar" = Gossiper Toolbar
"Hive Rise" = Hive Rise
"hon" = Heroes of Newerth
"HP Photo & Imaging" = HP Image Zone 3.5
"ICQToolbar" = ICQ Toolbar
"ie8" = Windows Internet Explorer 8
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{8B9336DB-8D04-4325-BAFC-C7141D8E6CA1}" = Duke Nukem - Manhattan Project
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InterActual Player" = InterActual Player
"KaraFun_is1" = KaraFun 1.18
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.7.5 (Full)
"Kobra 11_is1" = Kobra 11 Nitro
"League of Legends_is1" = League of Legends
"lidl_halloween_saver" = lidl_halloween_saver
"Logitech Print Service" = Logitech Print Service
"Magicka_is1" = Magicka
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"mIRC" = mIRC
"Mozilla Firefox 5.0 (x86 sk)" = Mozilla Firefox 5.0 (x86 sk)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Mumble" = Mumble and Murmur
"NeroMultiInstaller!UninstallKey" = Nero Suite
"OpenAL" = OpenAL
"Pack Vista Inspirat 2" = Pack Vista Inspirat 2 1.0
"Perpetuum" = Perpetuum
"PowerISO" = PowerISO
"Privates_is1" = Privates
"PunkBusterSvc" = PunkBuster Services
"QuicktimeAlt_is1" = QuickTime Alternative 2.7.0
"RADVideo" = RAD Video Tools
"RealPlayer 6.0" = RealPlayer 7 Basic
"RESIDENT EVIL 5_is1" = RESIDENT EVIL 5 v1.0
"S.T.A.L.K.E.R. - Clear Sky_is1" = S.T.A.L.K.E.R. - Clear Sky
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"SpeedConnect Connection Tester_is1" = SpeedConnect Connection Tester
"Steam App 107900" = War Inc. Battlezone
"Steam App 11020" = TrackMania Nations Forever
"Steam App 13140" = America's Army 3
"Steam App 17480" = Command and Conquer: Red Alert 3
"Steam App 21970" = R.U.S.E
"Steam App 22350" = Brink
"Steam App 22490" = Fallout: New Vegas
"Steam App 24800" = Command and Conquer: Red Alert 3 - Uprising
"Steam App 30" = Day of Defeat
"Steam App 400" = Portal
"Steam App 41300" = Altitude
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 440" = Team Fortress 2
"Steam App 550" = Left 4 Dead 2
"Steam App 57900" = Duke Nukem Forever
"Steam App 630" = Alien Swarm
"Steam App 73050" = Magicka - Demo
"Steam App 91210" = Anomaly Warzone Earth Demo
"SubDownloader2" = SubDownloader2
"SysInfo" = Creative System Information
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Thoosje Vista Sidebar" = Thoosje Vista Sidebar
"Totalcmd" = Total Commander (Remove or Repair)
"Tunngle beta_is1" = Tunngle beta
"TVEpaDrv" = KWorld DVB-T BDA Drivers
"uTorrent" = µTorrent
"uTorrent Ultra Accelerator" = uTorrent Ultra Accelerator
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archivátor
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"World of Warcraft Public Test" = World of Warcraft Public Test
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xfire" = Xfire (remove only)
"XfireXO Toolbar" = XfireXO Toolbar
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Xvid_is1" = Xvid 1.1.3 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1220945662-764733703-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome
"Octoshape Streaming Services" = Octoshape Streaming Services
"Tunnelers" = Tunnelers
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 26.7.2011 9:43:35 | Computer Name = MATRIX | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1675765

Error - 26.7.2011 9:43:35 | Computer Name = MATRIX | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1675765

Error - 26.7.2011 9:43:37 | Computer Name = MATRIX | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 26.7.2011 9:43:37 | Computer Name = MATRIX | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1677718

Error - 26.7.2011 9:43:37 | Computer Name = MATRIX | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1677718

Error - 26.7.2011 9:43:39 | Computer Name = MATRIX | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 26.7.2011 9:43:39 | Computer Name = MATRIX | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1679671

Error - 26.7.2011 9:43:39 | Computer Name = MATRIX | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1679671

Error - 26.7.2011 16:40:57 | Computer Name = MATRIX | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie pev.cfxxe, verzia 0.0.0.0, zlyhanie modulu pev.cfxxe,
verzia 0.0.0.0, adresa zlyhania 0x0008d1c0.

Error - 26.7.2011 17:57:24 | Computer Name = MATRIX | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie skype.exe, verzia 5.3.0.120, zlyhanie modulu skype.exe,
verzia 5.3.0.120, adresa zlyhania 0x00890800.

[ System Events ]
Error - 26.7.2011 16:40:55 | Computer Name = MATRIX | Source = Service Control Manager | ID = 7034
Description = Služba wxpdrivers sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát.

Error - 26.7.2011 16:56:40 | Computer Name = MATRIX | Source = Dhcp | ID = 1002
Description = Server DHCP 192.168.1.1 odmietol prenájom 192.168.1.2 adresy IP pre
sieťovú kartu so sieťovou adresou 0022151B9C82 (server DHCP odoslal hlásenie DHCPNACK).

Error - 26.7.2011 16:57:03 | Computer Name = MATRIX | Source = Service Control Manager | ID = 7000
Description = Spustenie služby ESET Service zlyhalo kvôli nasledujúcej chybe: %%3

Error - 26.7.2011 16:57:03 | Computer Name = MATRIX | Source = Service Control Manager | ID = 7023
Description = Služba Automatic Updates bola ukončená s nasledujúcou chybou: %%126

Error - 26.7.2011 17:11:17 | Computer Name = MATRIX | Source = Service Control Manager | ID = 7034
Description = Služba srvbtcclient sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát.

Error - 27.7.2011 3:20:38 | Computer Name = MATRIX | Source = Service Control Manager | ID = 7034
Description = Služba wxpdrivers sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát.

Error - 27.7.2011 3:20:38 | Computer Name = MATRIX | Source = Service Control Manager | ID = 7034
Description = Služba srviecheck sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát.

Error - 27.7.2011 3:20:39 | Computer Name = MATRIX | Source = Service Control Manager | ID = 7034
Description = Služba srvbtcclient sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát.

Error - 27.7.2011 3:23:53 | Computer Name = MATRIX | Source = Service Control Manager | ID = 7000
Description = Spustenie služby ESET Service zlyhalo kvôli nasledujúcej chybe: %%3

Error - 27.7.2011 3:23:53 | Computer Name = MATRIX | Source = Service Control Manager | ID = 7023
Description = Služba Automatic Updates bola ukončená s nasledujúcou chybou: %%126


< End of report >

[motji]

Já ted musím od počítače, večer se Vám budu věnovat

[eyewar]

boha to je skoda som tu cakal ale tak jasne ked musis odist tak v poho.. dik za help zatial len teraz neviem co mam robit