otvaranim oknien - luky2007

[luky2007]

Logfile of random's system information tool 1.09 (written by random/random)
Run by nay at 2012-12-03 22:16:00
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 6 GB (6%) free of 102 GB
Total RAM: 3959 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:16:21, on 3. 12. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files (x86)\Synaptics\Scrybe\scrybe.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
E:\STAHNUTE\OTL.exe
C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\nay.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~3\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\nay\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'Default user')
O4 - Global Startup: Scrybe.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Aktualizačný program Scrybe Updater (ScrybeUpdater) - Synaptics, Inc. - C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 12413 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe" -service
taskeng.exe {735BC544-F8BB-46B4-88C8-C037DE316330}
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe"
"C:\Program Files (x86)\Synaptics\Scrybe\scrybe.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxSearchSuggest/15/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --channel="1660.0.457930697\1818063127" /prefetch:3
"C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1660.2.2077430360\756292483" --gpu-vendor-id=0x1002 --gpu-device-id=0x68c1 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=9.2.0.0 --ignored=" --type=renderer " /prefetch:12
"C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/15/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --channel="1660.3.376878486\1503177115" /prefetch:3
"C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/15/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --channel="1660.4.289413936\483076908" /prefetch:3
"C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/15/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --channel="1660.5.1308514848\1838059033" /prefetch:3
"C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/15/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --channel="1660.6.1757007405\379691406" /prefetch:3
"C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\nay\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.4.0.11328_0\npSkypeChromePlugin.dll" --lang=sk --channel="1660.7.1394279906\220417832" /prefetch:4
"C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\nay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin/ASCPlugin_Protect.dll" --lang=sk --channel="1660.8.1333886858\1255929818" /prefetch:4
"C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/15/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndDynamic/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="1660.13.1363761132\402009546" /prefetch:3
"C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1660.14.2064587647\196772555" --lang=sk --ignored=" --type=renderer " /prefetch:13
"C:\Program Files (x86)\StrongDC++\StrongDC.exe"
"C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/15/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndDynamic/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="1660.29.1589310084\1419534915" /prefetch:3
"C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/15/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndDynamic/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="1660.30.326823505\80646876" /prefetch:3
"C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/15/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndDynamic/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="1660.32.1302944053\1662526544" /prefetch:3
"C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\nay\Desktop\hijackthis.log
"E:\STAHNUTE\OTL.exe"
"C:\Users\nay\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/15/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndDynamic/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="1660.34.1962148239\539545447" /prefetch:3
"E:\STAHNUTE\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1930792347-3078004643-4175930854-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1930792347-3078004643-4175930854-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\nay\AppData\Roaming\Mozilla\Firefox\Profiles\xrxrzgwj.default

prefs.js - "browser.startup.homepage" - "http://www.google.com/ig?hl=sk"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@IObit.com/np_Asc_Plugin]
"Description"=Advanced SystemCare Surfing Protection
"Path"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0]
"Description"=Bing Bar
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Users\nay\AppData\Roaming\Mozilla\Firefox\Profiles\xrxrzgwj.default\extensions\
ascsurfingprotection@iobit.com
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-11-22 6305984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-03-02 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-11-22 4529344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADVANC~3\BROWER~1\ASCPLU~1.DLL [2012-10-11 662400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 1289704]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-03-31 2735400]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\nay\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-24 136176]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-08-28 3671904]
"Advanced SystemCare 6"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2012-09-24 490880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AccuWeatherWidget]
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [2011-05-30 885760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2012-04-04 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPA]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-08-28 3671904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Registration]
C:\Program Files (x86)\System Registration\prodreg.exe [2010-11-10 4144448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2009-06-24 409744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellStage]
C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2011-05-30 2055816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Disc Tool]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\nay\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-24 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDD Regenerator]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-09-13 283160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2012-01-12 4453208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [2012-04-04 954256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-04-04 21392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2012-04-04 3521424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2011-03-28 1910152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickSet]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartRAM]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2011-09-28 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AML Device Install.lnk]
C:\PROGRA~2\AMDAVT~1\bin\kdbsync.exe [2012-03-19 20992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scrybe.lnk]
[]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Scrybe.lnk - C:\Windows\Installer\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-12-03 22:16:05 ----D---- C:\Program Files\trend micro
2012-12-03 22:16:00 ----D---- C:\rsit
2012-12-03 22:04:42 ----D---- C:\Program Files (x86)\Trend Micro
2012-11-26 20:16:31 ----D---- C:\ProgramData\Blizzard Entertainment
2012-11-26 20:16:31 ----D---- C:\Program Files (x86)\Diablo III
2012-11-26 20:14:58 ----D---- C:\ProgramData\Battle.net
2012-11-14 21:36:24 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2012-11-14 21:36:24 ----D---- C:\Windows\RemotePackages
2012-11-14 21:36:24 ----D---- C:\Windows\CSC
2012-11-14 21:30:03 ----A---- C:\Windows\CompatibilityIssues.txt
2012-11-14 20:20:21 ----D---- C:\ProgramData\ATI
2012-11-14 20:07:18 ----D---- C:\Program Files (x86)\AMD APP
2012-11-14 20:04:35 ----D---- C:\Program Files\ATI Technologies
2012-11-13 22:24:31 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-11-13 22:24:30 ----A---- C:\Windows\system32\Wdfres.dll
2012-11-13 22:24:30 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-11-13 22:18:19 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-11-13 22:18:19 ----A---- C:\Windows\system32\mshtmled.dll
2012-11-13 22:18:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-11-13 22:18:18 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-11-13 22:18:18 ----A---- C:\Windows\system32\ieui.dll
2012-11-13 22:18:17 ----A---- C:\Windows\SYSWOW64\url.dll
2012-11-13 22:18:17 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-11-13 22:18:17 ----A---- C:\Windows\system32\url.dll
2012-11-13 22:18:17 ----A---- C:\Windows\system32\ieUnatt.exe
2012-11-13 22:18:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-11-13 22:18:16 ----A---- C:\Windows\system32\urlmon.dll
2012-11-13 22:18:15 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-11-13 22:18:15 ----A---- C:\Windows\system32\msfeeds.dll
2012-11-13 22:18:15 ----A---- C:\Windows\system32\jscript9.dll
2012-11-13 22:18:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-11-13 22:18:14 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-11-13 22:18:14 ----A---- C:\Windows\system32\wininet.dll
2012-11-13 22:18:14 ----A---- C:\Windows\system32\jsproxy.dll
2012-11-13 22:18:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-11-13 22:18:13 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-11-13 22:18:13 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-11-13 22:18:13 ----A---- C:\Windows\system32\vbscript.dll
2012-11-13 22:18:13 ----A---- C:\Windows\system32\jscript.dll
2012-11-13 22:18:13 ----A---- C:\Windows\system32\iertutil.dll
2012-11-13 22:18:11 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-11-13 22:18:10 ----A---- C:\Windows\system32\mshtml.dll
2012-11-13 22:18:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-11-13 22:18:09 ----A---- C:\Windows\system32\ieframe.dll
2012-11-13 22:14:03 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-11-13 22:14:02 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-11-13 22:14:02 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-11-13 22:14:02 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-11-13 22:14:00 ----A---- C:\Windows\system32\WUDFx.dll
2012-11-13 22:14:00 ----A---- C:\Windows\system32\WUDFHost.exe
2012-11-13 22:14:00 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-11-13 21:36:31 ----A---- C:\Windows\system32\win32k.sys
2012-11-13 21:36:28 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2012-11-13 21:36:28 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2012-11-13 21:36:28 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2012-11-13 21:36:28 ----A---- C:\Windows\system32\dhcpcore6.dll
2012-11-13 21:36:15 ----A---- C:\Windows\system32\ncsi.dll
2012-11-13 21:36:15 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-11-13 21:36:14 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2012-11-13 21:36:14 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2012-11-13 21:36:14 ----A---- C:\Windows\system32\nlasvc.dll
2012-11-13 21:36:14 ----A---- C:\Windows\system32\netcorehc.dll
2012-11-13 21:36:14 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-11-13 21:36:13 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2012-11-13 21:36:13 ----A---- C:\Windows\SYSWOW64\netevent.dll
2012-11-13 21:36:13 ----A---- C:\Windows\system32\nlaapi.dll
2012-11-13 21:36:13 ----A---- C:\Windows\system32\netevent.dll
2012-11-13 21:36:13 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2012-11-13 21:35:41 ----A---- C:\Windows\SYSWOW64\synceng.dll
2012-11-13 21:35:41 ----A---- C:\Windows\system32\synceng.dll
2012-11-04 16:28:03 ----D---- C:\Users\nay\AppData\Roaming\Apple Computer

======List of files/folders modified in the last 1 month======

2012-12-03 22:16:20 ----D---- C:\Windows\Prefetch
2012-12-03 22:16:05 ----RD---- C:\Program Files
2012-12-03 22:09:53 ----D---- C:\Users\nay\AppData\Roaming\Skype
2012-12-03 22:04:45 ----SHD---- C:\Windows\Installer
2012-12-03 22:04:45 ----SHD---- C:\Config.Msi
2012-12-03 22:04:42 ----RD---- C:\Program Files (x86)
2012-12-03 22:04:17 ----SHD---- C:\System Volume Information
2012-12-03 21:39:25 ----D---- C:\Windows\Temp
2012-12-03 21:39:25 ----AD---- C:\Windows
2012-12-03 19:53:07 ----D---- C:\Windows\system32\config
2012-12-02 19:35:16 ----D---- C:\Users\nay\AppData\Roaming\DAEMON Tools Lite
2012-12-02 19:18:21 ----D---- C:\ProgramData\Skype
2012-12-02 19:16:46 ----A---- C:\Windows\SYSWOW64\log.txt
2012-11-29 11:25:06 ----D---- C:\Program Files\AutoCAD 2010
2012-11-29 11:18:13 ----D---- C:\Program Files\Common Files\Autodesk Shared
2012-11-29 11:18:03 ----RSD---- C:\Windows\assembly
2012-11-29 08:14:56 ----D---- C:\Windows\rescache
2012-11-28 13:40:57 ----D---- C:\Windows\winsxs
2012-11-28 13:40:51 ----D---- C:\Windows\AppPatch
2012-11-28 13:36:56 ----D---- C:\Windows\system32\catroot
2012-11-28 13:36:55 ----D---- C:\Windows\system32\catroot2
2012-11-26 20:16:43 ----HD---- C:\ProgramData
2012-11-26 19:25:12 ----SHD---- C:\Boot
2012-11-25 19:33:00 ----D---- C:\Users\nay\AppData\Roaming\vlc
2012-11-25 17:46:48 ----D---- C:\Windows\tracing
2012-11-25 17:36:17 ----D---- C:\Windows\debug
2012-11-18 23:56:51 ----D---- C:\Program Files (x86)\HellShare Upload Manager
2012-11-14 22:08:53 ----D---- C:\Windows\Microsoft.NET
2012-11-14 21:36:25 ----D---- C:\Windows\SYSWOW64\wbem
2012-11-14 21:36:25 ----D---- C:\Windows\SYSWOW64\sk-SK
2012-11-14 21:36:25 ----D---- C:\Windows\SYSWOW64\en-US
2012-11-14 21:36:25 ----D---- C:\Windows\SysWOW64
2012-11-14 21:36:24 ----D---- C:\Windows\system32\wbem
2012-11-14 21:36:24 ----D---- C:\Windows\system32\sk-SK
2012-11-14 21:36:24 ----D---- C:\Windows\system32\drivers\UMDF
2012-11-14 21:36:24 ----D---- C:\Windows\system32\drivers\en-US
2012-11-14 21:36:24 ----D---- C:\Windows\system32\drivers
2012-11-14 21:36:24 ----D---- C:\Windows\security
2012-11-14 21:36:23 ----D---- C:\Windows\system32\en-US
2012-11-14 21:36:23 ----AD---- C:\Windows\System32
2012-11-14 21:36:21 ----D---- C:\Windows\PolicyDefinitions
2012-11-14 21:36:20 ----D---- C:\Windows\system32\DriverStore
2012-11-14 21:36:19 ----D---- C:\Windows\inf
2012-11-14 21:36:02 ----D---- C:\Windows\system32\restore
2012-11-14 20:07:24 ----D---- C:\ProgramData\AMD
2012-11-14 20:07:13 ----D---- C:\Program Files\Common Files\ATI Technologies
2012-11-14 17:22:32 ----D---- C:\Windows\SYSWOW64\migration
2012-11-14 17:22:32 ----D---- C:\Windows\system32\migration
2012-11-14 17:22:31 ----D---- C:\Program Files\Internet Explorer
2012-11-14 17:22:31 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-14 17:22:30 ----RSD---- C:\Windows\Fonts
2012-11-13 22:29:26 ----D---- C:\ProgramData\Microsoft Help
2012-11-13 22:14:39 ----A---- C:\Windows\system32\MRT.exe
2012-11-13 22:13:20 ----A---- C:\Windows\win.ini
2012-11-12 16:39:26 ----D---- C:\Windows\system32\wdi
2012-11-05 10:32:57 ----D---- C:\Windows\system32\Tasks
2012-11-05 00:45:03 ----D---- C:\Program Files (x86)\JetAudio
2012-11-04 16:14:50 ----D---- C:\ProgramData\IObit
2012-11-04 16:14:40 ----D---- C:\Program Files (x86)\IObit
2012-11-04 16:14:20 ----D---- C:\Users\nay\AppData\Roaming\IObit

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-09-13 437272]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-08-30 228768]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-09-25 834544]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-03-11 577824]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2012-03-11 43248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-10-14 283200]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-12-19 93200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2012-04-04 86584]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-09-28 10697216]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-09-28 460288]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-12-12 195072]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-12-12 8616448]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-11-23 648808]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-06-18 515584]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-03-31 1424944]
S3 ALSysIO;ALSysIO; C:\Windows\system32\drivers\ALSysIO.sys []
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2011-12-12 195072]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\fxxandroidusb.sys [2010-06-17 31744]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-03-30 53800]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2011-08-25 620072]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2011-08-25 167976]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2011-08-25 178728]
S3 BTWDPAN;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\btwdpan.sys [2011-08-25 89640]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-08-25 39976]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2011-08-25 21544]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-02-24 99384]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-01-26 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-01-26 27176]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2011-12-14 33736]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-03-18 7680512]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\FXX\qcusbser.sys [2010-06-17 364288]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]
S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2011-09-20 33184]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2011-12-14 74240]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-03-17 232480]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2011-12-02 239208]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 115240]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 19496]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 158760]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 137256]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 34344]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 136744]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 151592]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM); C:\Windows\system32\DRIVERS\sscebus.sys [2010-12-21 127488]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter; C:\Windows\system32\DRIVERS\sscemdfl.sys [2010-12-21 18944]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers; C:\Windows\system32\DRIVERS\sscemdm.sys [2010-12-21 161280]
S3 ssceserd;SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM); C:\Windows\system32\DRIVERS\ssceserd.sys [2010-12-21 129024]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-02-24 203320]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2012-02-24 203320]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-10-24 57856]
S3 tsusbhub;tsusbhub; C:\Windows\system32\drivers\tsusbhub.sys []
S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2011-09-20 21872]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S4 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
S4 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]
S4 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 68608]
S4 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 7168]
S4 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 89600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-09-28 239616]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 22072]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-12-13 75136]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 ScrybeUpdater;Aktualizačný program Scrybe Updater; C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-05-27 1300264]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-11-22 3290304]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-14 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-08 250808]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-10-08 1030600]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-10-03 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-14 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-16 129976]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 ActiveSMART Service;ActiveSMART Service; E:\Softy\ActiveSMART 2.9\ASmartService.exe [2011-01-06 602416]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 EsetNod32Fix;Nod32 AV; C:\Windows\Regedit.exe [2009-07-14 427008]
S4 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-03-28 2111368]
S4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S4 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-02-06 419624]

-----------------EOF-----------------
dakujem

[luky2007]

OTL Extras logfile created on: 12/4/2012 9:20:49 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\nay\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

3.87 Gb Total Physical Memory | 1.88 Gb Available Physical Memory | 48.64% Memory free
7.73 Gb Paging File | 5.23 Gb Available in Paging File | 67.70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100.00 Gb Total Space | 13.12 Gb Free Space | 13.12% Space Free | Partition Type: NTFS
Drive E: | 351.01 Gb Total Space | 32.12 Gb Free Space | 9.15% Space Free | Partition Type: NTFS
Drive F: | 3.73 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LUKINKO | User Name: nay | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01B62C6A-F6EA-49E8-B8C5-3BA3B97C50CF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{04E383D6-6972-4761-880E-B6381C7BB9EC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1254E9C1-A2E6-406D-8BE6-DCAA2CB3E87F}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1C6040C3-92CE-4383-830D-BD22038067D5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{22BA20DF-72DB-45D0-AC4D-75FA5BDE97F8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{2A6C23CF-AE64-49FD-80EE-05782A5CE583}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2CBFE0E5-6566-403E-BC60-498C4AD78EBB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3134D2E9-9BC9-4F39-B197-AB9C9F24E543}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{31ADBEA4-8190-4B4C-88C6-283DDF8316E0}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{3D49F3EB-EE15-4E7C-8897-1EA73C9D4830}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{439DBA81-940B-4D29-8AB6-55E60B6DEAFC}" = rport=137 | protocol=17 | dir=out | app=system |
"{48A8FF74-0132-4ABD-80A8-444724AD8804}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4B370778-E775-4C36-BF63-F33D3E94CCA6}" = lport=138 | protocol=17 | dir=in | app=system |
"{528025C3-340E-4E2C-9F8A-8B8523F5C79E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{553B82C3-3A8B-4E71-84B1-068E3E01AC49}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5B753C4E-D5C2-43B5-9E6D-782DDD2E04FB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{69654FE0-DFEE-459B-8104-4E7F9393A4CA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6B5B95A3-2F17-441D-848A-11CF23912E64}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{6B9E039D-0604-4950-A1CC-BA78D261D848}" = lport=139 | protocol=6 | dir=in | app=system |
"{75F30FEB-F2F5-4AC2-94E7-ADAD3302AE9C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7F55AFB4-EF16-4E23-B43B-A539C8B4835D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8BC865FA-A077-40AF-9365-B73EEAF2C4F5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8DF23928-B2F6-4F0E-9C64-83E89A98EFF7}" = rport=2869 | protocol=6 | dir=out | app=system |
"{908736EC-C2A9-47E0-936E-162E516FD1B2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9437C894-2B5B-416E-8B22-CF96C70649C1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9EB52329-C720-447D-BB8C-FB8317D9FBD0}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{A2BEF4C0-DDDA-4C84-950D-87E8D85F7FCC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A9157660-CE86-4A43-8D8C-99C01552C5E9}" = rport=139 | protocol=6 | dir=out | app=system |
"{B4DEF0F4-2731-4CA5-97C1-486498F94B92}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B9B36212-CDF4-4512-AC2E-18182A5A580F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C5A16ADB-617B-4F17-B4B2-55E38E754701}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{CB34332E-5C3B-4CAC-96A5-A6B6F8ECE214}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CB9E46F2-57AB-41A0-981A-F53463C5AFF3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D08FA0A9-57D4-4BA2-8C19-B9E7B68A8A1F}" = lport=445 | protocol=6 | dir=in | app=system |
"{D1C58496-8FCE-49D8-8BEC-14430D3369AA}" = rport=138 | protocol=17 | dir=out | app=system |
"{DACC9793-5A78-4D90-8701-C2687C330DA9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DCD5C0EC-E40B-4B1D-8B3F-2E97AA6D8D75}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E18CD53A-A749-4D7A-AD27-6E3AD52F2086}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E2A7E11F-9BBA-4074-AC7A-A0EAE1571F74}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E51848D8-6EFC-44F3-A724-516929E37EBA}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{EF99C316-6DDF-4FEB-A1F9-4BFB001C804D}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{EF99CE69-843B-4BDD-91DA-141B63DBE919}" = lport=137 | protocol=17 | dir=in | app=system |
"{F2083186-2365-4939-B3DD-0CC89578636A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FF46579C-8926-4E1C-85D3-02712E456CF6}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05CFCDF3-86EF-4A10-85FA-5FF54AAFE890}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{0612CC7D-B4C1-4DBA-9FD1-3A259AE689C7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{08E21C46-88DE-45B0-B6C4-CC3B3A54C19B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0F5F3E3A-17E2-4BD0-866D-10C46A10E319}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1029CB8F-F9A9-4628-8DDD-6FB7B9D2CD48}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{171BA3BA-DC9D-4444-A6ED-7E21DC92C166}" = protocol=17 | dir=in | app=e:\games\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{18B7845D-096C-4388-959B-1B3F36403DD5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{20F4B5F2-59A5-4C46-8A7F-35A776494D7D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{2262089F-CB3C-4EC1-91A1-5FC1FDDF092A}" = protocol=6 | dir=in | app=c:\nový priečinok\call of duty- modern warfare 3\iw5sp.exe |
"{22BDB926-DEDA-4FCD-99B6-D4468C66A48C}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{27992F4D-BF40-4CBB-8C81-8B086178F1D7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{289DEFEB-4998-49FA-BBDC-5F57119BCEDE}" = protocol=6 | dir=in | app=e:\games\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{29AE6884-D92F-4113-A914-740FA47EFA78}" = protocol=6 | dir=in | app=e:\games\landwirtschafts simulator 2011\game.exe |
"{2CC55EFF-9F51-408F-9FA8-7D4DC36EC6BF}" = protocol=6 | dir=out | app=system |
"{30B779E1-2920-45D9-819A-6469199260E1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{361A1C7E-8509-42BC-988E-282617DEEC3E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{376B8BD5-CC22-4904-A297-6BEC0EC3C663}" = protocol=6 | dir=in | app=e:\games\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{3C7EE04B-C38E-44CF-8CEA-0084161190A9}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{3DE1F813-8CCA-4DE9-8918-3F39A35AB93D}" = protocol=6 | dir=in | app=e:\games\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{40421157-314E-410D-8AE4-907BABF4E603}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{4B9C51CC-286E-47DA-A991-84840CF34F1E}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{4DA82110-2FBC-4444-886E-D23BD4583946}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{5036677A-54BB-4FC3-81F2-C2F8D3618223}" = protocol=17 | dir=in | app=e:\games\landwirtschafts simulator 2011\game.exe |
"{529949A7-BD12-4A9A-AC48-24FED99354BF}" = protocol=17 | dir=in | app=e:\games\call of duty 4 - modern warfare\iw3mp.exe |
"{5507B7C8-EEA7-48CB-BA06-595241AEE279}" = protocol=17 | dir=in | app=e:\games\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{55C86AB4-523F-459E-A230-D0202DD3FE9A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{59AACFF6-A2BF-45C0-88BF-B4FDB2BE6357}" = protocol=6 | dir=in | app=e:\games\assassin's creed revelations\acrsp.exe |
"{63793B4B-E9EB-4837-9CBE-F3C3B6381DA8}" = protocol=17 | dir=in | app=e:\games\assassin's creed revelations\acrsp.exe |
"{6B9B9E17-8109-4664-BC30-497A8E7A9D03}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6E09282E-CFB8-4BF2-A5FC-15A104D11385}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{6EB4A492-395D-46C8-973B-C98B9CB12C67}" = protocol=6 | dir=in | app=e:\games\assassin's creed revelations\assassinscreedrevelations.exe |
"{7AE7EB9B-4FAE-43F1-9662-82CAA5DA0139}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7D394F63-CF76-40A6-9712-3BAA62F6B591}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8597CCC2-F268-4F25-8F5E-C40E8FBC411D}" = protocol=17 | dir=in | app=e:\games\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{8BB86487-7FB6-4EAA-85F3-B9EA554C60FE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9024EC67-ABB9-40B0-9064-C2E315464411}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{90750E6C-9771-4F07-AFDC-1C3A151CF9B7}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{90E17767-D13D-48D7-80AD-5BA418A29DC5}" = protocol=17 | dir=in | app=e:\games\assassin's creed revelations\acrmp.exe |
"{94EE9299-849A-43E7-882D-B8EDBD69259A}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{96B7119C-E099-4074-99E1-E97FAC5BC290}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A5E35AE5-DCF8-42E0-A00E-8EF3EB2F8109}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A7A3C8AE-87DF-4D90-8E3F-19B68A010CAA}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{AFCCF94B-88C5-440B-B4EF-A32E295B3C9A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B0BA512C-39A1-4045-BC88-CEF93A0304C1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B5995DDF-0DAB-4CA9-A8E6-D5A3A38F3F27}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C0B64A7A-E1D9-4752-B8A0-33C079D12FA7}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{C43A4D33-9C0B-48EA-8E90-0D5522037454}" = protocol=6 | dir=in | app=e:\games\call of duty 4 - modern warfare\iw3mp.exe |
"{C8F6BC66-9BF4-4ABC-AB39-3453869279E4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CF4C5C13-F921-48AF-AC48-9945E6FDBCF4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D2C0C6E7-14F0-4D54-9399-4515707FBDFD}" = protocol=17 | dir=in | app=e:\games\assassin's creed revelations\assassinscreedrevelations.exe |
"{D3D71902-D755-4EBB-BF97-11A9EEA08490}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D4D7CEDD-CC45-4122-B52F-EF24E893CAC3}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{D9D52462-960D-453E-9EF4-E826CDE4418C}" = protocol=17 | dir=in | app=c:\nový priečinok\call of duty- modern warfare 3\iw5sp.exe |
"{D9FF9D1E-E753-42BF-A864-DDA615F34D5A}" = protocol=17 | dir=in | app=e:\games\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
"{DBD3EFF3-E11C-4EE7-B4FA-4220F3C05D81}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DD642C04-8422-444B-998C-EA0AB036B607}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{E1843A03-C104-4606-9600-584A6CD67CAB}" = protocol=6 | dir=in | app=e:\games\assassin's creed revelations\acrmp.exe |
"{E21A8F94-C155-41C9-8B09-786C69D81548}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{EB58F186-4FDE-44FD-A122-832AF597EE13}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{ECAB8ED3-05D2-4D2E-8F4C-F41253946901}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ED715B8A-48F0-4836-ACCF-CC272B87A452}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EDDCDB4B-B946-40C1-B662-9733BBFE1C2E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{EFB46760-A63A-49B2-8DF9-2F593B8DBB41}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |
"{F450C4D9-C6B0-45A5-AD15-858341FEEE6E}" = protocol=6 | dir=in | app=e:\games\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
"{FC5F3396-02DA-4FBA-9FE0-B74E641A5D2A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FE1FA7BE-AE0C-459B-B65D-8D565C5234E6}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"TCP Query User{0B6C02FC-2F73-4E14-82EF-DFB7B342DDBD}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{2FBACAAD-E118-4667-880F-C0E89A00B967}E:\games\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=e:\games\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{4002AC92-D459-44B2-80C9-501B2B89C965}C:\nový priečinok\call of duty- modern warfare 3\iw5sp.exe" = protocol=6 | dir=in | app=c:\nový priečinok\call of duty- modern warfare 3\iw5sp.exe |
"TCP Query User{75AC7878-A57E-48B8-B6F0-6F99002A8BDE}C:\program files (x86)\strongdc++\strongdc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\strongdc++\strongdc.exe |
"TCP Query User{B57139CB-9002-4345-B277-1BB433B484C8}E:\games\flatout2\flatout2.exe" = protocol=6 | dir=in | app=e:\games\flatout2\flatout2.exe |
"TCP Query User{DF562473-BC02-4AE2-87E3-704A62E5BFFA}E:\games\flatout2\flatout2.exe" = protocol=6 | dir=in | app=e:\games\flatout2\flatout2.exe |
"UDP Query User{10C6A95F-B113-4A22-AA89-905A417574DA}E:\games\flatout2\flatout2.exe" = protocol=17 | dir=in | app=e:\games\flatout2\flatout2.exe |
"UDP Query User{42027A5E-4E4D-42C8-8B8A-89A79BC94738}C:\program files (x86)\strongdc++\strongdc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\strongdc++\strongdc.exe |
"UDP Query User{43137213-C753-4806-A462-3DC86CB19CC7}E:\games\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=e:\games\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{5E822F30-027F-4C29-AAF2-4CDA37FDCB38}C:\nový priečinok\call of duty- modern warfare 3\iw5sp.exe" = protocol=17 | dir=in | app=c:\nový priečinok\call of duty- modern warfare 3\iw5sp.exe |
"UDP Query User{816A509B-D8A3-4CE4-8985-71A549EED1D8}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{EA1FE4B1-2581-4310-A7C7-B1A665D04A7D}E:\games\flatout2\flatout2.exe" = protocol=17 | dir=in | app=e:\games\flatout2\flatout2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC3
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{3DCF00F5-04A5-4543-A088-70548081120E}_is1" = Compiled Driver Disc (Full) 1.0
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5783F2D7-8001-0405-0102-0060B0CE6BBA}" = AutoCAD 2010 - česky
"{5783F2D7-8001-0405-1102-0060B0CE6BBA}" = Jazykový balíček aplikace AutoCAD 2010 - čeština
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}" = WIDCOMM Bluetooth Software
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{852B1308-4E5A-B54D-637D-F710D92C6930}" = AMD Accelerated Video Transcoding
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96F12D74-C53F-6276-73CB-851E73482270}" = AMD Drag and Drop Transcoding
"{A2BB8CAC-862B-468A-BB97-13EB1C22CF4C}" = Nitro Reader 2
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{ABFC0970-7FDF-9E49-C049-5D24CB1F150E}" = AMD Catalyst Install Manager
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BDDB58A5-F98E-4D3C-B554-4A4D31C6D405}_is1" = Phone Drivers Downloader 1.0
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DE7BAEF8-C639-381A-D835-95BD517ED602}" = AMD Media Foundation Decoders
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E7DC06A3-8516-4929-B712-80987AFFFB57}" = Intel(R) PROSet/Wireless WiFi Software
"{E88AD18B-D467-F11F-C431-99DE36FCACC7}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"AF09E130E2FD4D1BEFD1B9132AE624BAE0364719" = Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth (03/24/2010 6.3.0.2501)
"AutoCAD 2010 - česky" = AutoCAD 2010 - česky
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.58
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04272D8C-A0FE-4FFE-90C4-D19D63F130BE}" = Phone F USB Driver
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}" = Need for Speed™ The Run
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{10EBB586-D21E-60CA-0856-AA753EBE1F16}" = Application Profiles
"{11210BD7-A8EF-79EE-D18F-021D1E04A689}" = CCC Help Dutch
"{118AD615-8BCF-11D6-1700-B6763A0EA713}" = CCC Help Polish
"{12FEC00C-027C-4A34-9AAB-562EDA43DC18}_is1" = MiniTool Partition Wizard Home Edition 5.2
"{145238D6-1ADD-15DD-4499-744215DCCD18}" = Catalyst Control Center InstallProxy
"{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}" = Synaptics Gesture Suite featuring SYNAPTICS | Scrybe
"{15DEA4E9-E4AD-2A1A-4B59-89CA65D5075B}" = CCC Help Finnish
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1AFD9DDB-FB24-F8C4-E792-03901C50490D}" = CCC Help Swedish
"{1B0FF612-0E07-4AB2-DD95-EB7651AEB3A1}" = CCC Help Italian
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{20068980-5702-5CA7-F335-6592852F7F59}" = CCC Help Italian
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A0F2CC5-3065-492C-8380-B03AA7106B1A}" = Dell Product Registration
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{376A622B-F0FA-DDAB-9635-05D9F3F634D6}" = CCC Help Norwegian
"{39D06E77-8921-4056-8901-36D0035BAECA}" = Dell Stage
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D6F16CA-13B8-6425-A71A-B91DB3E14F51}" = CCC Help Danish
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E8A1ADF-B72C-47FE-85F6-F7A73C487F6C}" = Dell MusicStage
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47D6F3E4-D158-4E47-84C4-0D6452DB2488}_is1" = Call of Duty Black Ops 2
"{48BA11B4-3E38-FA74-2D5A-003475844AA3}" = CCC Help Spanish
"{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4DD75A56-D9DA-DD49-3507-470C7CA7B43F}" = CCC Help Chinese Standard
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Zem
"{5DB24244-5ABE-A87B-5FB1-95CF09F801A8}" = CCC Help German
"{61D73C02-EF3F-45D2-7F01-DCC4B1B39CC3}" = CCC Help Korean
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6DDC515D-1FE6-C5FC-E872-24D1B8B4C1A1}" = CCC Help Russian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7427941A-51A3-E2EB-BCD2-A1981DBCA4AD}" = Catalyst Control Center Graphics Previews Common
"{7677040A-E5AA-998C-8810-59F0B5D3E0A8}" = Catalyst Control Center InstallProxy
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79A16F82-9F79-E47E-C6D4-206E7CC1D593}" = CCC Help Czech
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8153BA0E-719E-3829-3B06-DC1412933BD6}" = CCC Help Japanese
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8B7D9B66-1B53-D729-FD0C-ED38629FA407}" = CCC Help Greek
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROPLUS_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-041B-1000-0000000FF1CE}_PROPLUS_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROPLUS_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4A550A8-4EEF-8577-1C15-E3C914FF4AD9}" = CCC Help Portuguese
"{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}" = ACDSee Photo Manager 12
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A866F37D-0E46-1812-3E3C-9778D4A458B2}" = Catalyst Control Center
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AAF7FFC8-20C4-CB57-4982-68EB410EBBC7}" = CCC Help Danish
"{AC76BA86-7AD7-1051-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Slovak
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD4B6B20-11CE-2C81-9615-2DCAABF15966}" = CCC Help French
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}" = System Requirements Lab for Intel
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}" = FlatOut2
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D165A6B1-6985-072E-969E-333D759D6777}" = CCC Help Spanish
"{D1931310-EEF5-3B7A-0C57-01127888E4E4}" = CCC Help Turkish
"{D23B94EF-3D81-4EC7-B826-EF3D07F8C7AF}_is1" = HellShare Upload Manager verzia 2.0.0
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = COWON Media Center - jetAudio Plus VX
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E72F1051-B87E-4EF4-AE9F-8FDD229CC438}" = Catalyst Control Center - Branding
"{E7A94CD8-526B-FDD3-E16F-CB40A0747C70}" = CCC Help Chinese Traditional
"{E8DEB138-8DAC-EB25-87CE-D38A2C1C35CE}" = CCC Help French
"{E91BD0CF-EFA8-477C-8207-A026E70BBED9}" = CCC Help English
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ECD4DCC1-C03F-8CC2-432B-317ECB9D6A09}" = Catalyst Control Center Localization All
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9F07F00-FF55-7752-7FF8-F512AF641BA9}" = CCC Help Thai
"{FBD68E88-2999-43B7-B249-E1B08FA2B065}_is1" = SysTools PDF Unlocker - v3.1
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFE0A7EE-0627-307D-F102-519B5B367703}" = CCC Help Hungarian
"ActiveSMART" = ActiveSMART
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"COMODO GeekBuddy" = COMODO GeekBuddy
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dell Webcam Central" = Dell Webcam Central
"Diablo III" = Diablo III
"Driver San Francisco" = Driver San Francisco
"Driver San Francisco 1.01" = Driver San Francisco 1.01
"GOM Player" = GOM Player
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"jetAudio 8.0.x Slovak Language Pack" = jetAudio 8.0.x Slovak Language Pack
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.3.0 (Full)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Need For Speed Most Wanted SK" = Need For Speed Most Wanted SK
"Need For Speed Most Wanted Unique 1.00" = Need For Speed Most Wanted Unique 1.00
"OpenAL" = OpenAL
"Plus500" = Plus500
"ProInst" = Intel PROSet Wireless
"PROPLUS" = Microsoft Office Professional Plus 2007
"PunkBusterSvc" = PunkBuster Services
"SpeedFan" = SpeedFan (remove only)
"StrongDC++" = StrongDC++ 2.41
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 2.0.1
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1930792347-3078004643-4175930854-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"bd4d3a0508d364f5" = Dell Driver Download Manager
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/11/2012 11:52:47 AM | Computer Name = Lukinko | Source = Microsoft-Windows-EapHost | ID = 2002
Description = Skipping: Eap method DLL path name validation failed. Error: typeId=21,
authorId=8086, vendorId=0, vendorType=0

Error - 11/11/2012 11:52:47 AM | Computer Name = Lukinko | Source = Microsoft-Windows-EapHost | ID = 2002
Description = Skipping: Eap method DLL path name validation failed. Error: typeId=23,
authorId=8086, vendorId=0, vendorType=0

Error - 11/11/2012 11:53:02 AM | Computer Name = Lukinko | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: WLANExt.exe, verzia: 6.1.7600.16385, časová
značka: 0x4a5bcc33 Názov chybového modulu: KERNELBASE.dll, verzia: 6.1.7601.17932,
časová značka: 0x503285c2 Kód výnimky: 0xc06d007e Odstup chyby: 0x000000000000caed
Identifikácia
chybného procesu: 0x60c Čas spustenia chybnej aplikácie: 0x01cdc0249c4874c9 Cesta
chybnej aplikácie: C:\Windows\system32\WLANExt.exe Cesta chybného modulu: C:\Windows\system32\KERNELBASE.dll
Identifikácia
hlásenia: df245ce8-2c17-11e2-9c12-8ca9820695e4

Error - 11/11/2012 11:54:53 AM | Computer Name = Lukinko | Source = Windows Search Service | ID = 3038
Description =

Error - 11/11/2012 11:54:53 AM | Computer Name = Lukinko | Source = Windows Search Service | ID = 7040
Description =

Error - 11/11/2012 11:54:53 AM | Computer Name = Lukinko | Source = Windows Search Service | ID = 7042
Description =

Error - 11/11/2012 11:55:07 AM | Computer Name = Lukinko | Source = Windows Search Service | ID = 3028
Description =

Error - 11/11/2012 11:55:07 AM | Computer Name = Lukinko | Source = Windows Search Service | ID = 3058
Description =

Error - 11/11/2012 11:55:07 AM | Computer Name = Lukinko | Source = Windows Search Service | ID = 7010
Description =

Error - 11/11/2012 12:00:13 PM | Computer Name = Lukinko | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = The performance counter explain text string value in the registry
is not formatted correctly. The malformed string is . The first DWORD in the Data
section contains the index value to the malformed string while the second and third
DWORDs in the Data section contain the last valid index values.

[ Dell Events ]
Error - 5/2/2011 2:00:43 PM | Computer Name = nay-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 6/16/2011 11:19:50 AM | Computer Name = nay-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 6/16/2011 11:19:50 AM | Computer Name = nay-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/23/2011 7:35:46 PM | Computer Name = Lukinko | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/23/2011 7:35:46 PM | Computer Name = Lukinko | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/23/2011 9:02:13 PM | Computer Name = Lukinko | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/23/2011 9:02:13 PM | Computer Name = Lukinko | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/23/2011 8:25:59 PM | Computer Name = Lukinko | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/23/2011 8:25:59 PM | Computer Name = Lukinko | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/23/2011 8:28:31 PM | Computer Name = Lukinko | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

[ System Events ]
Error - 12/3/2012 6:51:35 AM | Computer Name = Lukinko | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003
Description = Modul WLAN Extensibility Module sa neočakávane zastavil. Cesta k modulu:
C:\Windows\System32\IWMSSvc.dll

Error - 12/3/2012 6:51:35 AM | Computer Name = Lukinko | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Modul WLAN Extensibility Module sa nepodarilo spustiť. Cesta k modulu:
C:\Windows\System32\IWMSSvc.dll Kód chyby: 1726

Error - 12/3/2012 10:05:15 AM | Computer Name = Lukinko | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003
Description = Modul WLAN Extensibility Module sa neočakávane zastavil. Cesta k modulu:
C:\Windows\System32\IWMSSvc.dll

Error - 12/3/2012 10:05:15 AM | Computer Name = Lukinko | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Modul WLAN Extensibility Module sa nepodarilo spustiť. Cesta k modulu:
C:\Windows\System32\IWMSSvc.dll Kód chyby: 1726

Error - 12/3/2012 2:31:03 PM | Computer Name = Lukinko | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003
Description = Modul WLAN Extensibility Module sa neočakávane zastavil. Cesta k modulu:
C:\Windows\System32\IWMSSvc.dll

Error - 12/3/2012 2:31:03 PM | Computer Name = Lukinko | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Modul WLAN Extensibility Module sa nepodarilo spustiť. Cesta k modulu:
C:\Windows\System32\IWMSSvc.dll Kód chyby: 1726

Error - 12/3/2012 2:32:08 PM | Computer Name = Lukinko | Source = ipnathlp | ID = 31004
Description =

Error - 12/3/2012 2:32:17 PM | Computer Name = Lukinko | Source = ipnathlp | ID = 31004
Description =

Error - 12/4/2012 1:51:23 AM | Computer Name = Lukinko | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003
Description = Modul WLAN Extensibility Module sa neočakávane zastavil. Cesta k modulu:
C:\Windows\System32\IWMSSvc.dll

Error - 12/4/2012 1:51:23 AM | Computer Name = Lukinko | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Modul WLAN Extensibility Module sa nepodarilo spustiť. Cesta k modulu:
C:\Windows\System32\IWMSSvc.dll Kód chyby: 1726


< End of report >

[luky2007]

OTL logfile created on: 12/4/2012 9:20:49 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\nay\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

3.87 Gb Total Physical Memory | 1.88 Gb Available Physical Memory | 48.64% Memory free
7.73 Gb Paging File | 5.23 Gb Available in Paging File | 67.70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100.00 Gb Total Space | 13.12 Gb Free Space | 13.12% Space Free | Partition Type: NTFS
Drive E: | 351.01 Gb Total Space | 32.12 Gb Free Space | 9.15% Space Free | Partition Type: NTFS
Drive F: | 3.73 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LUKINKO | User Name: nay | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012/12/03 22:10:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\nay\Desktop\OTL.exe
PRC - [2012/11/22 10:29:16 | 003,290,304 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/06/11 15:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2011/12/13 23:36:30 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/05/27 15:23:00 | 004,999,976 | ---- | M] (Synaptics Incorporated) -- C:\Program Files (x86)\Synaptics\Scrybe\scrybe.exe
PRC - [2011/05/27 15:23:00 | 001,300,264 | ---- | M] (Synaptics, Inc.) -- C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe
PRC - [2010/03/03 21:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/03/03 21:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


========== Modules (No Company Name) ==========

MOD - [2012/11/28 04:43:17 | 000,460,904 | ---- | M] () -- C:\Users\nay\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
MOD - [2012/11/28 04:43:15 | 004,008,040 | ---- | M] () -- C:\Users\nay\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll
MOD - [2012/11/28 04:42:30 | 000,587,880 | ---- | M] () -- C:\Users\nay\AppData\Local\Google\Chrome\Application\23.0.1271.95\libglesv2.dll
MOD - [2012/11/28 04:42:29 | 000,124,520 | ---- | M] () -- C:\Users\nay\AppData\Local\Google\Chrome\Application\23.0.1271.95\libegl.dll
MOD - [2012/11/28 04:42:22 | 000,157,304 | ---- | M] () -- C:\Users\nay\AppData\Local\Google\Chrome\Application\23.0.1271.95\avutil-51.dll
MOD - [2012/11/28 04:42:21 | 002,168,952 | ---- | M] () -- C:\Users\nay\AppData\Local\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll
MOD - [2012/11/28 04:42:21 | 000,275,576 | ---- | M] () -- C:\Users\nay\AppData\Local\Google\Chrome\Application\23.0.1271.95\avformat-54.dll
MOD - [2011/03/31 18:29:46 | 000,066,856 | ---- | M] () -- C:\Windows\SysWOW64\SynTPEnhPS.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/10/08 12:13:33 | 001,030,600 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2012/09/28 02:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/09/12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/11/22 10:29:16 | 003,290,304 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/10/08 23:24:22 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/11 15:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 15:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/06/07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/06 11:03:19 | 000,419,624 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/12/13 23:36:30 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/10/03 21:42:04 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/05/27 15:23:00 | 001,300,264 | ---- | M] (Synaptics, Inc.) [Auto | Running] -- C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe -- (ScrybeUpdater)
SRV - [2011/03/28 14:41:12 | 002,111,368 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/01/06 00:07:54 | 000,602,416 | ---- | M] (Ariolic Software, Ltd. (http://www.ariolic.com)) [Disabled | Stopped] -- E:\SOFTY\ActiveSMART 2.9\AsmartService.exe -- (ActiveSMART Service)
SRV - [2010/09/13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 21:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/03 21:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/10/24 17:35:57 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/10/24 17:35:57 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/14 18:20:32 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/09/28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/09/28 02:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/08/30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/05/14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/04/04 16:33:43 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/24 10:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudserd.sys -- (ssudserd)
DRV:64bit: - [2012/02/24 10:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/02/24 10:14:42 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/01/26 16:51:12 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2012/01/26 16:51:12 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011/12/14 09:56:40 | 000,074,240 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2011/12/14 09:56:12 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2011/12/12 07:19:16 | 008,616,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/12/12 02:33:36 | 000,195,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011/12/12 02:33:36 | 000,195,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011/12/02 18:38:08 | 000,239,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011/11/23 23:02:20 | 000,648,808 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/09/25 18:27:51 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/08/25 02:33:32 | 000,089,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN)
DRV:64bit: - [2011/08/25 02:33:30 | 000,620,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2011/08/25 02:33:26 | 000,178,728 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011/08/25 02:33:26 | 000,167,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011/08/25 02:33:26 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011/08/25 02:33:26 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011/03/31 18:32:00 | 001,424,944 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/21 06:55:02 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscemdm.sys -- (sscemdm)
DRV:64bit: - [2010/12/21 06:55:02 | 000,129,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssceserd.sys -- (ssceserd)
DRV:64bit: - [2010/12/21 06:55:02 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscebus.sys -- (sscebus)
DRV:64bit: - [2010/12/21 06:55:02 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscemdfl.sys -- (sscemdfl)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/09 14:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010/09/13 18:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/08/16 14:31:18 | 000,019,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2010/08/16 14:31:16 | 000,013,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2010/06/18 06:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/06/17 13:53:53 | 000,364,288 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FXX\qcusbser.sys -- (qcusbser)
DRV:64bit: - [2010/06/17 13:53:53 | 000,031,744 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxxandroidusb.sys -- (androidusb)
DRV:64bit: - [2010/05/06 14:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/03/30 20:58:06 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2010/03/19 10:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/18 05:21:58 | 007,680,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2010/03/17 22:29:52 | 000,232,480 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/02/10 21:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/11/02 19:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/09/17 19:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/15 20:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/05/16 11:33:06 | 000,158,760 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdm.sys -- (s0016mdm)
DRV:64bit: - [2008/05/16 11:33:06 | 000,151,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016unic.sys -- (s0016unic)
DRV:64bit: - [2008/05/16 11:33:06 | 000,137,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mgmt.sys -- (s0016mgmt)
DRV:64bit: - [2008/05/16 11:33:06 | 000,136,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016obex.sys -- (s0016obex)
DRV:64bit: - [2008/05/16 11:33:06 | 000,034,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016nd5.sys -- (s0016nd5)
DRV:64bit: - [2008/05/16 11:33:04 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV:64bit: - [2008/05/16 11:32:56 | 000,115,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016bus.sys -- (s0016bus)
DRV:64bit: - [2006/11/01 19:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2005/11/03 15:40:56 | 000,089,600 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfvfs02.sys -- (sfvfs02)
DRV:64bit: - [2005/08/10 13:46:20 | 000,068,608 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfdrv01.sys -- (sfdrv01)
DRV:64bit: - [2005/05/16 14:21:16 | 000,007,168 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2012/04/04 16:33:43 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1930792347-3078004643-4175930854-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-1930792347-3078004643-4175930854-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1930792347-3078004643-4175930854-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1930792347-3078004643-4175930854-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1930792347-3078004643-4175930854-1000\..\SearchScopes\Moikrug: "URL" = http://moikrug.ru/persons/?clid=208263& ... ubmitted=1
IE - HKU\S-1-5-21-1930792347-3078004643-4175930854-1000\..\SearchScopes\Yandex: "URL" = http://yandex.ru/yandsearch?clid=208263 ... earchTerms}
IE - HKU\S-1-5-21-1930792347-3078004643-4175930854-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\nay\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\nay\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2012/10/01 15:34:20 | 000,000,000 | ---D | M]

[2012/12/04 09:15:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/12/02 19:18:21 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

========== Chrome ==========

CHR - homepage: http://www.google.com/ig?hl=sk
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/ig?hl=sk
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\nay\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\nay\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\nay\AppData\Local\Google\Chrome\Application\23.0.1271.95\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\nay\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\nay\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - Extension: Bejeweled = C:\Users\nay\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: Angry Birds = C:\Users\nay\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Adblock Plus = C:\Users\nay\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.1_0\
CHR - Extension: Bouncy Mouse = C:\Users\nay\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb\1.2.1_0\
CHR - Extension: Street Racers = C:\Users\nay\AppData\Local\Google\Chrome\User Data\Default\Extensions\cohkjfondhjjfehnehlpmjpljpihfhfc\1_0\
CHR - Extension: Lamborghini Sesto Elemento Theme = C:\Users\nay\AppData\Local\Google\Chrome\User Data\Default\Extensions\dappigdjllcnkkoacaoolciaolaaiemb\1.0_0\
CHR - Extension: Gmail v re\u017Eime offline = C:\Users\nay\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.19_0\
CHR - Extension: AdBlock = C:\Users\nay\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.48_0\
CHR - Extension: Online zadarmo PDF Unlocker = C:\Users\nay\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibjoacaoedfohchdpbeoekenccjokodm\1.0.1.1_0\
CHR - Extension: Skype Click to Call = C:\Users\nay\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.4.0.11328_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\nay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: Uno = C:\Users\nay\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnlcclaocpblfckpfgmpdfndodkofpo\2.3.4_0\

O1 HOSTS File: ([2012/10/08 11:41:31 | 000,445,876 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15263 more lines...
O2:64bit: - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No CLSID value found.
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\.DEFAULT..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart File not found
O4 - HKU\S-1-5-18..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1930792347-3078004643-4175930854-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 147.232.188.1 147.232.191.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{663908C4-652D-45A0-A468-93BADAD7E678}: DhcpNameServer = 147.232.188.1 147.232.191.6
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/10/08 12:03:32 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009/01/24 02:53:43 | 000,005,560 | R--- | M] () - F:\AutoCADConfig.pit -- [ CDFS ]
O32 - AutoRun File - [2002/02/22 18:35:36 | 000,000,043 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{62816af9-71de-11e1-829f-782bcbc55937}\Shell - "" = AutoRun
O33 - MountPoints2\{62816af9-71de-11e1-829f-782bcbc55937}\Shell\AutoRun\command - "" = G:\Bolt.exe
O33 - MountPoints2\{63e5395c-fa6e-11e0-bbf9-782bcbc55937}\Shell - "" = AutoRun
O33 - MountPoints2\{63e5395c-fa6e-11e0-bbf9-782bcbc55937}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\{63e53967-fa6e-11e0-bbf9-782bcbc55937}\Shell - "" = AutoRun
O33 - MountPoints2\{63e53967-fa6e-11e0-bbf9-782bcbc55937}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\{72bed427-1622-11e2-8a18-782bcbc55937}\Shell - "" = AutoRun
O33 - MountPoints2\{72bed427-1622-11e2-8a18-782bcbc55937}\Shell\AutoRun\command - "" = F:\setup.exe -- [2009/02/04 07:39:16 | 000,451,944 | R--- | M] (Autodesk, Inc.)
O33 - MountPoints2\{9eac4451-fd88-11e0-93b8-889ffab89da9}\Shell - "" = AutoRun
O33 - MountPoints2\{9eac4451-fd88-11e0-93b8-889ffab89da9}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\{9eac445f-fd88-11e0-93b8-889ffab89da9}\Shell - "" = AutoRun
O33 - MountPoints2\{9eac445f-fd88-11e0-93b8-889ffab89da9}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\{ff199b46-e79e-11e0-93f6-8ca9820695e4}\Shell - "" = AutoRun
O33 - MountPoints2\{ff199b46-e79e-11e0-93f6-8ca9820695e4}\Shell\AutoRun\command - "" = F:\starter.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012/12/04 09:19:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\nay\Desktop\OTL.exe
[2012/12/03 22:16:05 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012/12/03 22:16:00 | 000,000,000 | ---D | C] -- C:\rsit
[2012/12/03 22:04:44 | 000,000,000 | ---D | C] -- C:\Users\nay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/12/03 22:04:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[7 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012/12/04 09:24:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/04 09:23:17 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/12/04 09:21:00 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1930792347-3078004643-4175930854-1000UA.job
[2012/12/04 08:27:03 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/03 22:10:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\nay\Desktop\OTL.exe
[2012/12/03 19:46:07 | 000,018,112 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/03 19:46:07 | 000,018,112 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/03 11:27:00 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/03 11:21:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1930792347-3078004643-4175930854-1000Core.job
[2012/12/02 23:11:04 | 000,017,682 | ---- | M] () -- C:\Users\nay\Desktop\teaser_expertise_production_legierung.jpg
[2012/12/02 23:09:29 | 000,008,865 | ---- | M] () -- C:\Users\nay\Desktop\IMG_0188.JPG
[2012/12/02 23:00:53 | 000,113,394 | ---- | M] () -- C:\Users\nay\Desktop\brzdovy_kotuc.jpg
[2012/12/02 19:24:48 | 000,002,480 | ---- | M] () -- C:\Users\nay\Desktop\Google Chrome.lnk
[2012/12/02 19:16:45 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/12/02 19:15:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/02 19:15:27 | 3113,234,432 | -HS- | M] () -- C:\hiberfil.sys
[7 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/04 09:23:17 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/12/02 23:11:04 | 000,017,682 | ---- | C] () -- C:\Users\nay\Desktop\teaser_expertise_production_legierung.jpg
[2012/12/02 23:09:28 | 000,008,865 | ---- | C] () -- C:\Users\nay\Desktop\IMG_0188.JPG
[2012/12/02 23:00:51 | 000,113,394 | ---- | C] () -- C:\Users\nay\Desktop\brzdovy_kotuc.jpg
[2012/10/03 08:15:57 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2012/05/02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/02/15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/02/15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/01/03 22:00:23 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/01/03 20:55:20 | 000,765,178 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/12/13 23:36:31 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/12/13 23:36:30 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/11/01 21:33:08 | 000,007,606 | ---- | C] () -- C:\Users\nay\AppData\Local\Resmon.ResmonCfg
[2011/10/25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/10/10 22:04:12 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/10/03 22:28:34 | 000,007,168 | ---- | C] () -- C:\Users\nay\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/26 15:23:29 | 000,023,024 | ---- | C] () -- C:\Users\nay\AppData\Roaming\UserTile.png
[2011/09/16 10:54:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/09/16 10:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011/09/16 10:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/09/16 10:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/09/16 10:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/09/12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/02/16 13:55:00 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini
[2011/02/16 13:55:00 | 000,000,035 | ---- | C] () -- C:\Windows\DELL_LANGCODE.ini
[2011/02/16 13:55:00 | 000,000,033 | ---- | C] () -- C:\Windows\DELL_OSTYPE.ini
[2011/02/16 13:55:00 | 000,000,032 | ---- | C] () -- C:\Windows\WisHWDest.ini
[2011/02/16 13:55:00 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2011/02/16 13:55:00 | 000,000,023 | ---- | C] () -- C:\Windows\WisSysInfo.ini
[2011/02/16 13:17:12 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2011/02/16 13:01:46 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/12/10 01:33:11 | 000,000,325 | ---- | C] () -- C:\Windows\Prelaunch.ini

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/05/24 20:45:53 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2012/05/24 20:45:53 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
[2012/03/13 20:39:23 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\3v
[2011/09/28 11:34:03 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\ACD Systems
[2012/10/08 12:17:45 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Autodesk
[2012/04/02 15:54:28 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\BitDefender
[2011/09/24 01:50:33 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\COWON
[2012/12/02 19:35:16 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\DAEMON Tools Lite
[2012/01/11 17:22:06 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Downloaded Installations
[2012/01/31 21:11:23 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\ESET
[2011/09/24 09:25:41 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Fingertapps
[2011/12/06 22:47:00 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\GetRightToGo
[2011/09/28 19:39:37 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\GHISLER
[2012/09/24 15:37:24 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\HellShare Upload Manager
[2012/11/04 16:14:20 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\IObit
[2011/05/02 14:04:56 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Leadertech
[2012/04/16 16:34:38 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\MOBILedit
[2012/05/15 12:16:15 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Nitro PDF
[2011/09/28 01:43:39 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Opera
[2011/12/13 23:36:28 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\PunkBuster
[2012/12/04 09:14:54 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Samsung
[2011/09/25 12:56:26 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Synaptics
[2011/09/24 01:56:19 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Systweak
[2012/04/04 14:40:41 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Temp

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 06:08:49 | 000,020,834 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU(11).TXT
[2009/07/14 06:08:49 | 000,032,618 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/09/24 02:03:12 | 000,000,886 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1930792347-3078004643-4175930854-1000Core.job
[2011/09/24 02:03:12 | 000,000,938 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1930792347-3078004643-4175930854-1000UA.job
[2011/10/14 21:10:48 | 000,000,926 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011/10/14 21:10:49 | 000,000,930 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/04/03 22:01:16 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20575_none_39c1885e54505643\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

[luky2007]

< MD5 for: EXPLORER.EXE >
[2010/12/10 01:58:09 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011/02/26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010/12/10 02:16:35 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/12/10 01:58:09 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2010/12/10 01:47:46 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/12/10 02:16:35 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/12/10 01:47:46 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010/12/10 02:16:34 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/12/10 01:47:46 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/12/10 02:16:34 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010/12/10 01:58:09 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011/02/26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010/12/10 01:47:46 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010/12/10 01:58:09 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010/11/20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012/10/03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012/10/03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011/09/29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011/06/21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010/06/14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2012/03/30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011/04/25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012/03/30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012/08/22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010/06/14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/06/21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011/09/29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012/03/30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011/04/25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/06/21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2012/10/03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011/06/21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011/09/29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2012/08/22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011/09/29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010/12/10 02:16:35 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/12/10 02:16:35 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[11 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[21 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[10 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}\*.tmp files -> C:\Windows\Installer\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}\*.tmp -> ]
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[5 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012/03/13 20:39:23 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\3v
[2012/06/04 16:18:09 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\ABBYY
[2011/09/28 11:34:03 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\ACD Systems
[2012/09/23 21:13:21 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Adobe
[2012/11/04 16:28:03 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Apple Computer
[2011/05/02 14:04:56 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\ATI
[2012/10/08 12:17:45 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Autodesk
[2012/04/02 15:54:28 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\BitDefender
[2011/09/24 01:50:33 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\COWON
[2011/09/24 00:49:04 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Creative
[2011/05/02 14:06:56 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\CyberLink
[2012/12/02 19:35:16 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\DAEMON Tools Lite
[2011/05/02 14:05:07 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Dell
[2011/05/02 14:04:55 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Dell Touch Zone
[2012/01/11 17:22:06 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Downloaded Installations
[2012/01/31 21:11:23 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\ESET
[2011/09/24 09:25:41 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Fingertapps
[2011/12/06 22:47:00 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\GetRightToGo
[2011/09/28 19:39:37 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\GHISLER
[2011/10/13 17:14:52 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\GRETECH
[2012/09/24 15:37:24 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\HellShare Upload Manager
[2011/05/02 14:04:36 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Identities
[2012/03/13 20:58:05 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\InstallShield
[2011/05/02 14:04:54 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Intel
[2011/05/02 14:04:58 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Intel Corporation
[2012/11/04 16:14:20 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\IObit
[2011/05/02 14:04:56 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Leadertech
[2011/09/24 01:45:52 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Macromedia
[2011/09/25 19:18:19 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Macrovision
[2011/02/16 14:34:57 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Media Center Programs
[2012/09/23 21:13:21 | 000,000,000 | --SD | M] -- C:\Users\nay\AppData\Roaming\Microsoft
[2012/04/16 16:34:38 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\MOBILedit
[2012/05/15 12:16:15 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Nitro PDF
[2011/09/28 01:43:39 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Opera
[2011/12/13 23:36:28 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\PunkBuster
[2011/12/05 20:27:39 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Roxio
[2011/12/05 20:26:20 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Roxio Log Files
[2012/12/04 09:14:54 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Samsung
[2012/12/04 09:30:38 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Skype
[2011/09/25 12:56:26 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Synaptics
[2011/09/24 01:56:19 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Systweak
[2012/04/04 14:40:41 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\Temp
[2012/11/25 19:33:00 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\vlc
[2011/09/28 01:17:13 | 000,000,000 | ---D | M] -- C:\Users\nay\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2007/03/22 11:46:42 | 000,126,976 | ---- | M] () -- C:\Users\nay\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2011/10/26 03:06:10 | 000,159,744 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Users\nay\AppData\Roaming\IObit\Advanced SystemCare V5\Driver Manager\DriverBackup\2012-03-07 10-55-35\1\atiapfxx.exe
[2009/05/12 02:35:30 | 000,118,784 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Users\nay\AppData\Roaming\IObit\Advanced SystemCare V5\Driver Manager\DriverBackup\2012-03-07 10-55-35\1\atibtmon.exe
[2011/10/26 03:01:36 | 000,517,120 | ---- | M] (AMD) -- C:\Users\nay\AppData\Roaming\IObit\Advanced SystemCare V5\Driver Manager\DriverBackup\2012-03-07 10-55-35\1\atieclxx.exe
[2011/10/26 03:00:58 | 000,204,288 | ---- | M] (AMD) -- C:\Users\nay\AppData\Roaming\IObit\Advanced SystemCare V5\Driver Manager\DriverBackup\2012-03-07 10-55-35\1\atiesrxx.exe
[2009/06/22 16:34:36 | 000,051,200 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Users\nay\AppData\Roaming\IObit\Advanced SystemCare V5\Driver Manager\DriverBackup\2012-03-07 10-55-35\1\ATIODCLI.exe
[2010/08/27 19:33:08 | 000,332,800 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Users\nay\AppData\Roaming\IObit\Advanced SystemCare V5\Driver Manager\DriverBackup\2012-03-07 10-55-35\1\ATIODE.exe
[2010/06/18 06:10:14 | 000,564,224 | ---- | M] (IDT, Inc.) -- C:\Users\nay\AppData\Roaming\IObit\Advanced SystemCare V5\Driver Manager\DriverBackup\2012-03-07 10-55-35\13\idt64mp1.exe
[2011/11/27 19:16:01 | 000,088,102 | R--- | M] () -- C:\Users\nay\AppData\Roaming\Microsoft\Installer\{10EBB586-D21E-60CA-0856-AA753EBE1F16}\ARPPRODUCTICON.exe
[2012/12/03 22:04:44 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\nay\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
[2011/09/25 19:22:34 | 000,011,502 | R--- | M] () -- C:\Users\nay\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\ARPPRODUCTICON.exe
[2011/09/25 19:22:34 | 000,053,248 | R--- | M] (InstallShield Software Corp.) -- C:\Users\nay\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\FlatOut2.exe1_C884B05AF5D94AE49D84E6BD9F6E7890.exe
[2011/09/25 19:22:34 | 000,053,248 | R--- | M] (InstallShield Software Corp.) -- C:\Users\nay\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\FlatOut2.exe_C884B05AF5D94AE49D84E6BD9F6E7890.exe
[2011/09/25 19:22:34 | 000,015,086 | R--- | M] () -- C:\Users\nay\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\NewShortcut5_C884B05AF5D94AE49D84E6BD9F6E7890.exe
[2011/09/25 19:22:34 | 000,008,854 | R--- | M] () -- C:\Users\nay\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\Uninstall_FlatOut2_C884B05AF5D94AE49D84E6BD9F6E7890.exe
[2011/11/23 17:38:29 | 003,123,272 | R--- | M] () -- C:\Users\nay\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2012/10/08 09:02:17 | 009,738,240 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2011/09/24 01:02:11 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll
[2010/11/20 13:21:37 | 011,410,432 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\wmp.dll
[2010/11/20 13:21:37 | 000,299,520 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\wmpdxm.dll
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2012/12/04 09:24:00 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012/12/03 11:27:00 | 000,000,926 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/12/04 09:27:01 | 000,000,930 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/12/03 11:21:00 | 000,000,886 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1930792347-3078004643-4175930854-1000Core.job
[2012/12/04 09:21:00 | 000,000,938 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1930792347-3078004643-4175930854-1000UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2012/10/08 09:02:17 | 009,738,240 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2011/09/24 01:02:11 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll
[2010/11/20 13:21:37 | 011,410,432 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\wmp.dll
[2010/11/20 13:21:37 | 000,299,520 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\wmpdxm.dll
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012/12/02 19:16:46 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\nay\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011/09/24 02:03:11 | 000,136,176 | ---- | M] (Google Inc.)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010/11/20 14:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012/08/28 14:52:56 | 003,671,904 | ---- | M] (DT Soft Ltd)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012/10/08 09:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=270A1342BD5AF95CA25A586B4C2F1522 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/12/04 09:23:17 | 000,000,512 | ---- | M] () MD5=266BD73C1D83E6C067FC739B713C7669 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012/02/04 18:25:50 | 000,305,664 | ---- | M] () -- \Program Files (x86)\MOBILedit!\crack.exe

< *keygen* /s >

< *loader* /s >
[2009/02/03 19:08:46 | 000,032,616 | ---- | M] () -- \Autodesk\AutoCAD_2010_English_Win_64bit\x64\acad\Program Files\Root\AecLoader.arx
[2010/04/28 12:31:32 | 001,612,256 | ---- | M] () -- \Program Files (x86)\ACD Systems\ACDSee\12.0\PlugIns\CX_Ftpuploader.apl
[2009/02/06 11:09:18 | 000,042,739 | ---- | M] () -- \Program Files (x86)\ACD Systems\ACDSee\12.0\PlugIns\CX_Ftpuploader.chm
[2008/08/28 18:34:20 | 004,965,736 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\Photodownloader.exe
[2008/08/28 15:42:12 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\de_de\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\en_us\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\es_es\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\it_it\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\no_no\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2008/08/28 15:42:14 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2008/08/28 15:42:16 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2012/04/04 16:33:42 | 000,009,728 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Startup Scripts CS4\Adobe Version Cue\VersionCueSDKLoader.jsx
[2011/11/02 15:15:10 | 000,000,194 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2006/10/26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2008/12/02 18:02:08 | 000,081,920 | ---- | M] () -- \Program Files (x86)\Dell Webcam\Dell Webcam Central\uploader.crl
[2008/12/02 18:10:04 | 000,405,504 | ---- | M] () -- \Program Files (x86)\Dell Webcam\Dell Webcam Central\UtubeUploader.dll
[2010/10/11 21:16:16 | 000,058,600 | ---- | M] () -- \Program Files (x86)\Dell\VideoStage\Koan\pyloader.dll
[2010/10/11 21:16:56 | 000,004,207 | ---- | M] () -- \Program Files (x86)\Dell\VideoStage\System\MediaCtrl\ImageLoader.kc
[2010/10/11 21:16:56 | 000,011,040 | ---- | M] () -- \Program Files (x86)\Dell\VideoStage\System\MediaCtrl\moduleloader.kc
[2011/10/12 14:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\apps\chat\7.1.391\js\downloader.js
[2011/10/12 14:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\apps\facebook\7.1.391\js\downloader.js
[2011/10/12 14:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\apps\facebooklike\7.1.391\js\downloader.js
[2011/10/12 14:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\apps\fbsharedservices\7.1.391\js\downloader.js
[2011/10/12 14:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\apps\featured\7.1.391\js\downloader.js
[2011/10/12 14:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\apps\games\7.1.391\js\shared\downloader.js
[2011/10/12 14:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\scripts\io\downloader.js
[2012/03/30 11:24:00 | 000,069,120 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2012/04/04 06:05:26 | 000,183,696 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2008/06/20 18:13:32 | 000,044,032 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2012/02/29 07:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/02/29 07:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012/02/29 07:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/02/29 07:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012/11/11 21:36:34 | 000,003,208 | ---- | M] () -- \Users\nay\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.1_0\skin\ajax-loader.gif
[2012/01/31 15:16:24 | 000,006,643 | ---- | M] () -- \Users\nay\AppData\Local\Microsoft\BingBar\Apps\Chat_cf57b0088a3b4f61a0bfaad0ba784240\7.1.361\js\downloader.js
[2012/01/31 15:16:24 | 000,006,643 | ---- | M] () -- \Users\nay\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.1.361\js\downloader.js
[2012/01/31 15:16:24 | 000,006,643 | ---- | M] () -- \Users\nay\AppData\Local\Microsoft\BingBar\Apps\FacebookLike_08e57417866d4faa981702780b0d36c4\7.1.361\js\downloader.js
[2012/01/31 15:16:24 | 000,006,643 | ---- | M] () -- \Users\nay\AppData\Local\Microsoft\BingBar\Apps\fbsharedservices_bb9c6e8b961d477e9ec95f9698bde610\7.1.361\js\downloader.js
[2012/01/31 15:16:24 | 000,006,643 | ---- | M] () -- \Users\nay\AppData\Local\Microsoft\BingBar\Apps\Featured_ce53daa069a4a3ad2e3d7d81081f340d\7.1.361\js\downloader.js
[2010/08/13 22:18:48 | 000,005,272 | ---- | M] () -- \Users\nay\AppData\Local\Microsoft\Toolbar\Applications\loader.xap
[2012/10/14 18:22:35 | 000,057,728 | ---- | M] () -- \Users\nay\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2012/10/14 18:22:37 | 000,057,728 | ---- | M] () -- \Users\nay\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2012/10/14 18:22:37 | 000,057,728 | ---- | M] () -- \Users\nay\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2012/10/14 18:22:38 | 000,057,728 | ---- | M] () -- \Users\nay\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2012/10/14 18:22:48 | 000,057,728 | ---- | M] () -- \Users\nay\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2012/10/14 18:22:48 | 000,061,770 | ---- | M] () -- \Users\nay\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2012/10/14 18:22:48 | 000,061,770 | ---- | M] () -- \Users\nay\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2012/12/04 09:30:08 | 000,105,903 | ---- | M] () -- \Users\nay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JPFMYPXJ\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012/12/02 20:09:22 | 000,000,753 | ---- | M] () -- \Users\nay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UGHHZI5Q\AdLoader[1].htm
[2012/12/04 09:19:45 | 000,022,502 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-BC94E7C6.pf
[2012/10/09 19:39:21 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[5 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2012/10/09 19:39:21 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[5 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009/07/14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/09 19:39:19 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/09 19:39:19 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/09 19:39:20 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/09 19:39:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 06:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 06:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009/07/14 06:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009/07/14 06:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009/07/14 06:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2011/09/24 03:15:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/09/24 03:15:57 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011/09/24 03:15:57 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011/09/24 03:15:57 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011/09/24 03:15:57 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009/07/14 03:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2010/12/10 02:17:27 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16508_none_b7752fe386144dba.manifest
[2011/02/05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2010/12/10 02:17:27 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20624_none_b7e52bae9f45c00a.manifest
[2011/02/05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010/11/20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/09 19:39:19 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/09 19:39:19 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/09 19:39:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/09 19:39:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >
aj mam problem s otvaranim oknien.stale mi otvara nove okno a ne v okne.a mam to vypnute dakujem

[vyosek]

Zdravim

Vase prispevky jsem oddelil od puvodniho tematu, nemuzete se jen tak k nekomu nacpat

jen se zeptam, pouzivate legalni operacni system?? nejvyssi licence Ultimate neni zrovna bezna

[luky2007]

neviem ako sa to stalo ze som sa tam pritrafil sry..tak ako to vyzera s mojim log ???dakujem

[vyosek]

jen se zeptam, pouzivate legalni operacni system?? nejvyssi licence Ultimate neni zrovna bezna

[luky2007]

home premium mam legalny a ten som upgradoval na ultimate..ale nemam legalnu

[vyosek]

ale nemam legalnu

Tak nechapu proc jste delal ten upgrade

Pravidla jsou jasna

Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.)

[luky2007]

pretoze mi blbne pc a nechcel som ho cely preinstalovavat tak som myslel ze ked ho upgradnem kedze je to ovela rychlejsie tak sa vyriesia chyby.

[vyosek]

Myslet znamena vite co...

Nepomohl jste si jak vidite a ani my zde nepomuzem...

[luky2007]

nebojte bude tam naspat HP

[vyosek]

Az bude, tak to budeme resit

[luky2007]

prosim o preventivku

Logfile of random's system information tool 1.09 (written by random/random)
Run by Lukinko at 2012-12-05 19:20:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 74 GB (73%) free of 102 GB
Total RAM: 3959 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:20:07, on 5. 12. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files\trend micro\Lukinko.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [HDD Regenerator] "C:\Program Files (x86)\HDD Regenerator\Shell.exe" /1
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6774 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"taskhost.exe"
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play -Embedding
taskeng.exe {2F046213-9DBA-4028-980E-4D6B8DE36492}
C:\Windows\system32\msiexec.exe /V
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\sysWOW64\wbem\wmiprvse.exe -secured -Embedding
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\STAHNUTE\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-10-30 1502288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-10-30 1502288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-03-31 2735400]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-10-19 17875120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"HDD Regenerator"=C:\Program Files (x86)\HDD Regenerator\Shell.exe /1 []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-12-05 19:15:10 ----D---- C:\Program Files\trend micro
2012-12-05 19:15:09 ----D---- C:\rsit
2012-12-05 19:05:20 ----D---- C:\ProgramData\Blizzard Entertainment
2012-12-05 19:03:21 ----D---- C:\ProgramData\Battle.net
2012-12-05 13:29:40 ----D---- C:\ProgramData\FLEXnet
2012-12-05 13:16:02 ----D---- C:\Program Files\Common Files\Macrovision Shared
2012-12-05 13:13:51 ----D---- C:\Users\Lukinko\AppData\Roaming\Autodesk
2012-12-05 13:13:51 ----D---- C:\ProgramData\Autodesk
2012-12-05 13:13:51 ----D---- C:\Program Files\Common Files\Autodesk Shared
2012-12-05 13:13:51 ----D---- C:\Program Files\AutoCAD 2010
2012-12-05 13:13:27 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2012-12-05 13:13:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2012-12-05 13:13:27 ----A---- C:\Windows\system32\d3dx10_37.dll
2012-12-05 13:13:27 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2012-12-05 13:13:26 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2012-12-05 13:13:26 ----A---- C:\Windows\system32\D3DX9_37.dll
2012-12-05 13:13:19 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2012-12-05 13:13:19 ----A---- C:\Windows\system32\d3dx9_30.dll
2012-12-05 11:09:27 ----D---- C:\Users\Lukinko\AppData\Roaming\Adobe
2012-12-05 11:06:48 ----D---- C:\Program Files (x86)\Adobe
2012-12-05 11:05:13 ----D---- C:\Users\Lukinko\AppData\Roaming\Skype
2012-12-05 11:05:06 ----RD---- C:\Program Files (x86)\Skype
2012-12-05 11:05:02 ----D---- C:\ProgramData\Skype
2012-12-05 11:04:39 ----D---- C:\ProgramData\Adobe
2012-12-05 02:10:57 ----AD---- C:\ProgramData\TEMP
2012-12-05 02:10:23 ----D---- C:\Program Files (x86)\HDD Regenerator
2012-12-05 02:01:58 ----D---- C:\Windows\pss
2012-12-05 01:55:44 ----A---- C:\Windows\ntbtlog.txt
2012-12-05 01:23:21 ----D---- C:\Program Files\StrongDC++
2012-12-05 01:22:35 ----D---- C:\Program Files (x86)\Microsoft Works
2012-12-05 01:22:22 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2012-12-05 01:22:06 ----D---- C:\Windows\PCHEALTH
2012-12-05 01:19:34 ----D---- C:\Program Files\Microsoft Office
2012-12-05 01:19:28 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-12-05 01:18:34 ----D---- C:\Users\Lukinko\AppData\Roaming\ATI
2012-12-05 01:18:34 ----D---- C:\ProgramData\ATI
2012-12-05 01:18:30 ----D---- C:\Program Files (x86)\Microsoft Office
2012-12-05 01:18:29 ----D---- C:\ProgramData\Microsoft Help
2012-12-05 01:16:43 ----RHD---- C:\MSOCache
2012-12-05 01:13:23 ----D---- C:\Users\Lukinko\AppData\Roaming\Synaptics
2012-12-05 01:09:35 ----D---- C:\Program Files\Synaptics
2012-12-05 01:09:00 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll
2012-12-05 01:08:58 ----A---- C:\Windows\SYSWOW64\SynTPEnhPS.dll
2012-12-05 01:08:58 ----A---- C:\Windows\SYSWOW64\SynTPCOM.dll
2012-12-05 01:08:58 ----A---- C:\Windows\SYSWOW64\SynCtrl.dll
2012-12-05 01:08:58 ----A---- C:\Windows\SYSWOW64\SynCOM.dll
2012-12-05 01:08:58 ----A---- C:\Windows\system32\SynTPCo9.dll
2012-12-05 01:08:58 ----A---- C:\Windows\system32\SynTPAPI.dll
2012-12-05 01:08:58 ----A---- C:\Windows\system32\SynCtrl.dll
2012-12-05 01:08:58 ----A---- C:\Windows\system32\SynCOM.dll
2012-12-05 01:08:57 ----A---- C:\Windows\system32\drivers\SynTP.sys
2012-12-05 01:06:54 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-12-05 01:06:53 ----A---- C:\Windows\system32\drivers\sptd.sys
2012-12-05 01:06:43 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2012-12-05 01:06:22 ----D---- C:\Users\Lukinko\AppData\Roaming\DAEMON Tools Lite
2012-12-05 01:06:19 ----D---- C:\ProgramData\DAEMON Tools Lite
2012-12-05 01:04:13 ----D---- C:\Windows\SYSWOW64\Wat
2012-12-05 01:04:12 ----D---- C:\Windows\system32\Wat
2012-12-05 00:54:07 ----A---- C:\Windows\SYSWOW64\unrar.dll
2012-12-05 00:54:02 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2012-12-05 00:39:07 ----A---- C:\Windows\system32\Wdfres.dll
2012-12-05 00:39:07 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-12-05 00:39:07 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-12-05 00:34:51 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-12-05 00:34:50 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-12-05 00:34:43 ----A---- C:\Windows\system32\drivers\aswFW.sys
2012-12-05 00:34:35 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2012-12-05 00:34:35 ----A---- C:\Windows\system32\drivers\aswNdis2.sys
2012-12-05 00:34:34 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-12-05 00:34:34 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-12-05 00:34:34 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2012-12-05 00:34:32 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-12-05 00:34:30 ----A---- C:\Windows\system32\aswBoot.exe
2012-12-05 00:31:00 ----A---- C:\Windows\system32\browserchoice.exe
2012-12-05 00:28:42 ----A---- C:\Windows\system32\drivers\aswNdis.sys
2012-12-05 00:28:33 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2012-12-05 00:28:33 ----A---- C:\Windows\avastSS.scr
2012-12-05 00:28:22 ----D---- C:\ProgramData\AVAST Software
2012-12-05 00:28:22 ----D---- C:\Program Files\AVAST Software
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\wextract.exe
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\url.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\occache.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\msrating.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\msls31.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\mshta.exe
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\inseng.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\icardie.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2012-12-05 00:28:22 ----A---- C:\Windows\SYSWOW64\admparse.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\wininet.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\wextract.exe
2012-12-05 00:28:22 ----A---- C:\Windows\system32\webcheck.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\vbscript.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\urlmon.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\url.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2012-12-05 00:28:22 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2012-12-05 00:28:22 ----A---- C:\Windows\system32\pngfilt.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\occache.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\msrating.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\msls31.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\mshtmler.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\mshtmled.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\mshtml.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\mshta.exe
2012-12-05 00:28:22 ----A---- C:\Windows\system32\msfeedssync.exe
2012-12-05 00:28:22 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\msfeeds.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\licmgr10.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\jsproxy.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\jscript9.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\jscript.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\inseng.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\imgutil.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\iexpress.exe
2012-12-05 00:28:22 ----A---- C:\Windows\system32\ieUnatt.exe
2012-12-05 00:28:22 ----A---- C:\Windows\system32\ieui.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\iesysprep.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\iesetup.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\iertutil.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\iernonce.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\iepeers.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\ieframe.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\iedkcs32.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\ieapfltr.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\ieapfltr.dat
2012-12-05 00:28:22 ----A---- C:\Windows\system32\ieakui.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\ieaksie.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\ieakeng.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\IEAdvpack.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\ie4uinit.exe
2012-12-05 00:28:22 ----A---- C:\Windows\system32\icardie.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\dxtrans.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\dxtmsft.dll
2012-12-05 00:28:22 ----A---- C:\Windows\system32\admparse.dll
2012-12-05 00:26:37 ----D---- C:\Users\Lukinko\AppData\Roaming\WinRAR
2012-12-05 00:26:35 ----D---- C:\Program Files (x86)\WinRAR
2012-12-05 00:24:03 ----A---- C:\Windows\system32\MRT.exe
2012-12-05 00:23:33 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-12-05 00:23:33 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-12-05 00:23:32 ----A---- C:\Windows\system32\WUDFx.dll
2012-12-05 00:23:32 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-12-05 00:23:32 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-12-05 00:23:32 ----A---- C:\Windows\system32\WUDFHost.exe
2012-12-05 00:23:32 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-12-05 00:22:26 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-12-05 00:22:25 ----A---- C:\Windows\SYSWOW64\wmi.dll
2012-12-05 00:22:25 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2012-12-05 00:22:25 ----A---- C:\Windows\system32\wmi.dll
2012-12-05 00:22:25 ----A---- C:\Windows\system32\imagehlp.dll
2012-12-05 00:20:24 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2012-12-05 00:20:24 ----A---- C:\Windows\SYSWOW64\netevent.dll
2012-12-05 00:20:24 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2012-12-05 00:20:24 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2012-12-05 00:20:24 ----A---- C:\Windows\system32\nlasvc.dll
2012-12-05 00:20:24 ----A---- C:\Windows\system32\nlaapi.dll
2012-12-05 00:20:24 ----A---- C:\Windows\system32\netevent.dll
2012-12-05 00:20:24 ----A---- C:\Windows\system32\netcorehc.dll
2012-12-05 00:20:24 ----A---- C:\Windows\system32\ncsi.dll
2012-12-05 00:20:24 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-12-05 00:20:24 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2012-12-05 00:20:24 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-12-05 00:20:24 ----A---- C:\Windows\system32\drivers\netio.sys
2012-12-05 00:20:24 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2012-12-05 00:20:22 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-12-05 00:20:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-12-05 00:20:21 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-12-05 00:20:20 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2012-12-05 00:20:20 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2012-12-05 00:20:20 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-12-05 00:20:20 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2012-12-05 00:20:20 ----A---- C:\Windows\system32\fontsub.dll
2012-12-05 00:20:20 ----A---- C:\Windows\system32\d3d10_1.dll
2012-12-05 00:20:20 ----A---- C:\Windows\system32\atmlib.dll
2012-12-05 00:20:20 ----A---- C:\Windows\system32\atmfd.dll
2012-12-05 00:20:19 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2012-12-05 00:20:19 ----A---- C:\Windows\system32\d3d10level9.dll
2012-12-05 00:20:18 ----A---- C:\Windows\system32\drivers\afd.sys
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-12-05 00:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-12-05 00:20:14 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-12-05 00:20:14 ----A---- C:\Windows\SYSWOW64\user.exe
2012-12-05 00:20:14 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-12-05 00:20:14 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-12-05 00:20:14 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-12-05 00:20:14 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-12-05 00:20:14 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-12-05 00:20:14 ----A---- C:\Windows\system32\wow64win.dll
2012-12-05 00:20:14 ----A---- C:\Windows\system32\wow64cpu.dll
2012-12-05 00:20:14 ----A---- C:\Windows\system32\wow64.dll
2012-12-05 00:20:14 ----A---- C:\Windows\system32\winsrv.dll
2012-12-05 00:20:14 ----A---- C:\Windows\system32\ntvdm64.dll
2012-12-05 00:20:14 ----A---- C:\Windows\system32\KernelBase.dll
2012-12-05 00:20:14 ----A---- C:\Windows\system32\kernel32.dll
2012-12-05 00:20:14 ----A---- C:\Windows\system32\conhost.exe
2012-12-05 00:20:11 ----A---- C:\Windows\system32\schannel.dll
2012-12-05 00:20:10 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-12-05 00:20:10 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-12-05 00:20:10 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-12-05 00:20:10 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-12-05 00:20:10 ----A---- C:\Windows\system32\sspisrv.dll
2012-12-05 00:20:10 ----A---- C:\Windows\system32\sspicli.dll
2012-12-05 00:20:10 ----A---- C:\Windows\system32\secur32.dll
2012-12-05 00:20:10 ----A---- C:\Windows\system32\ncrypt.dll
2012-12-05 00:20:10 ----A---- C:\Windows\system32\lsass.exe
2012-12-05 00:20:10 ----A---- C:\Windows\system32\lsasrv.dll
2012-12-05 00:20:10 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-12-05 00:20:10 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-12-05 00:20:10 ----A---- C:\Windows\system32\drivers\cng.sys
2012-12-05 00:20:09 ----A---- C:\Windows\system32\shell32.dll
2012-12-05 00:20:08 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-12-05 00:20:08 ----A---- C:\Windows\system32\OxpsConverter.exe
2012-12-05 00:20:06 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2012-12-05 00:20:06 ----A---- C:\Windows\system32\psisdecd.dll
2012-12-05 00:20:05 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-12-05 00:20:04 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-12-05 00:20:04 ----A---- C:\Windows\system32\wintrust.dll
2012-12-05 00:20:04 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-12-05 00:19:49 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-12-05 00:19:48 ----A---- C:\Windows\system32\drivers\srvnet.sys
2012-12-05 00:19:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2012-12-05 00:19:48 ----A---- C:\Windows\system32\drivers\srv.sys
2012-12-05 00:19:31 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2012-12-05 00:19:31 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2012-12-05 00:19:31 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2012-12-05 00:19:31 ----A---- C:\Windows\system32\dhcpcore6.dll
2012-12-05 00:19:30 ----A---- C:\Windows\system32\win32k.sys
2012-12-05 00:18:30 ----A---- C:\Windows\SYSWOW64\sbe.dll
2012-12-05 00:18:30 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2012-12-05 00:18:30 ----A---- C:\Windows\system32\sbe.dll
2012-12-05 00:18:30 ----A---- C:\Windows\system32\CPFilters.dll
2012-12-05 00:17:29 ----A---- C:\Windows\system32\csrsrv.dll
2012-12-05 00:17:25 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2012-12-05 00:17:25 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2012-12-05 00:17:23 ----A---- C:\Windows\system32\drivers\ndis.sys
2012-12-05 00:17:22 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2012-12-05 00:17:14 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-12-05 00:17:14 ----A---- C:\Windows\system32\tzres.dll
2012-12-05 00:17:06 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-12-05 00:17:06 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-12-05 00:17:04 ----A---- C:\Windows\system32\rdpwsx.dll
2012-12-05 00:16:33 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2012-12-05 00:16:33 ----A---- C:\Windows\system32\EncDec.dll
2012-12-05 00:16:31 ----A---- C:\Windows\system32\crypt32.dll
2012-12-05 00:16:30 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-12-05 00:16:30 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-12-05 00:16:30 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-12-05 00:16:30 ----A---- C:\Windows\system32\cryptsvc.dll
2012-12-05 00:16:30 ----A---- C:\Windows\system32\cryptnet.dll
2012-12-05 00:16:20 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2012-12-05 00:16:20 ----A---- C:\Windows\system32\poqexec.exe
2012-12-05 00:16:18 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-12-05 00:16:17 ----A---- C:\Windows\system32\ntdll.dll
2012-12-05 00:16:09 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-12-05 00:16:09 ----A---- C:\Windows\system32\ntshrui.dll
2012-12-05 00:16:06 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2012-12-05 00:16:06 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2012-12-05 00:16:06 ----A---- C:\Windows\system32\dnsrslvr.dll
2012-12-05 00:16:06 ----A---- C:\Windows\system32\dnscacheugc.exe
2012-12-05 00:16:06 ----A---- C:\Windows\system32\dnsapi.dll
2012-12-05 00:16:05 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2012-12-05 00:16:05 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2012-12-05 00:16:05 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2012-12-05 00:16:05 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2012-12-05 00:16:05 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2012-12-05 00:16:05 ----A---- C:\Windows\system32\odbctrac.dll
2012-12-05 00:16:05 ----A---- C:\Windows\system32\odbccu32.dll
2012-12-05 00:16:05 ----A---- C:\Windows\system32\odbccr32.dll
2012-12-05 00:16:05 ----A---- C:\Windows\system32\odbccp32.dll
2012-12-05 00:16:04 ----A---- C:\Windows\SYSWOW64\tquery.dll
2012-12-05 00:16:04 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2012-12-05 00:16:04 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2012-12-05 00:16:04 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2012-12-05 00:16:04 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2012-12-05 00:16:04 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2012-12-05 00:16:04 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2012-12-05 00:16:04 ----A---- C:\Windows\SYSWOW64\mssph.dll
2012-12-05 00:16:04 ----A---- C:\Windows\system32\tquery.dll
2012-12-05 00:16:04 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2012-12-05 00:16:04 ----A---- C:\Windows\system32\SearchIndexer.exe
2012-12-05 00:16:04 ----A---- C:\Windows\system32\SearchFilterHost.exe
2012-12-05 00:16:04 ----A---- C:\Windows\system32\mssvp.dll
2012-12-05 00:16:04 ----A---- C:\Windows\system32\mssrch.dll
2012-12-05 00:16:04 ----A---- C:\Windows\system32\mssphtb.dll
2012-12-05 00:16:04 ----A---- C:\Windows\system32\mssph.dll
2012-12-05 00:16:04 ----A---- C:\Windows\system32\msscntrs.dll
2012-12-05 00:16:03 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2012-12-05 00:16:03 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2012-12-05 00:16:03 ----A---- C:\Windows\system32\kerberos.dll
2012-12-05 00:16:02 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-12-05 00:16:02 ----A---- C:\Windows\system32\msxml6.dll
2012-12-05 00:16:02 ----A---- C:\Windows\system32\msxml3.dll
2012-12-05 00:16:01 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2012-12-05 00:16:01 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-12-05 00:16:01 ----A---- C:\Windows\system32\msxml3r.dll
2012-12-05 00:16:00 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2012-12-05 00:16:00 ----A---- C:\Windows\system32\XpsPrint.dll
2012-12-05 00:16:00 ----A---- C:\Windows\system32\profsvc.dll
2012-12-05 00:15:58 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-12-05 00:15:58 ----A---- C:\Windows\system32\webio.dll
2012-12-05 00:15:57 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2012-12-05 00:15:57 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2012-12-05 00:15:57 ----A---- C:\Windows\system32\mfc42u.dll
2012-12-05 00:15:57 ----A---- C:\Windows\system32\mfc42.dll
2012-12-05 00:15:56 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-12-05 00:15:56 ----A---- C:\Windows\system32\DWrite.dll
2012-12-05 00:15:55 ----A---- C:\Windows\SYSWOW64\explorer.exe
2012-12-05 00:15:55 ----A---- C:\Windows\explorer.exe
2012-12-05 00:15:54 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2012-12-05 00:15:54 ----A---- C:\Windows\system32\xmllite.dll
2012-12-05 00:15:52 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-12-05 00:15:52 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-12-05 00:15:52 ----A---- C:\Windows\system32\quartz.dll
2012-12-05 00:15:52 ----A---- C:\Windows\system32\qdvd.dll
2012-12-05 00:15:42 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2012-12-05 00:15:42 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2012-12-05 00:15:42 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2012-12-05 00:14:17 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2012-12-05 00:14:17 ----A---- C:\Windows\system32\prevhost.exe
2012-12-05 00:13:50 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2012-12-05 00:13:50 ----A---- C:\Windows\system32\inetcomm.dll
2012-12-05 00:13:42 ----A---- C:\Windows\SYSWOW64\synceng.dll
2012-12-05 00:13:42 ----A---- C:\Windows\system32\synceng.dll
2012-12-05 00:13:40 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-12-05 00:13:40 ----A---- C:\Windows\system32\srcore.dll
2012-12-05 00:13:39 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-12-05 00:13:39 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2012-12-05 00:13:39 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2012-12-05 00:13:39 ----A---- C:\Windows\SYSWOW64\devobj.dll
2012-12-05 00:13:39 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2012-12-05 00:13:39 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-12-05 00:13:39 ----A---- C:\Windows\system32\umpnpmgr.dll
2012-12-05 00:13:39 ----A---- C:\Windows\system32\netapi32.dll
2012-12-05 00:13:39 ----A---- C:\Windows\system32\browser.dll
2012-12-05 00:13:39 ----A---- C:\Windows\system32\browcli.dll
2012-12-05 00:13:34 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-12-05 00:13:34 ----A---- C:\Windows\system32\msi.dll
2012-12-05 00:13:28 ----A---- C:\Windows\system32\winresume.exe
2012-12-05 00:13:28 ----A---- C:\Windows\system32\winload.exe
2012-12-05 00:13:28 ----A---- C:\Windows\system32\kdusb.dll
2012-12-05 00:13:28 ----A---- C:\Windows\system32\kdcom.dll
2012-12-05 00:13:28 ----A---- C:\Windows\system32\kd1394.dll
2012-12-05 00:13:26 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2012-12-05 00:13:20 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-12-05 00:13:20 ----A---- C:\Windows\system32\msvcrt.dll
2012-12-05 00:12:25 ----D---- C:\Program Files (x86)\Google
2012-12-05 00:12:16 ----A---- C:\Windows\system32\FXSCOVER.exe
2012-12-05 00:11:57 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2012-12-05 00:11:57 ----A---- C:\Windows\system32\cdosys.dll
2012-12-05 00:11:56 ----A---- C:\Windows\system32\localspl.dll
2012-12-05 00:11:54 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2012-12-05 00:11:54 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2012-12-05 00:11:54 ----A---- C:\Windows\system32\oleaut32.dll
2012-12-05 00:11:54 ----A---- C:\Windows\system32\oleacc.dll
2012-12-05 00:11:49 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-12-05 00:11:49 ----A---- C:\Windows\system32\packager.dll
2012-12-05 00:11:48 ----A---- C:\Windows\system32\drivers\bowser.sys
2012-12-05 00:11:46 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-12-05 00:11:46 ----A---- C:\Windows\system32\win32spl.dll
2012-12-05 00:11:46 ----A---- C:\Windows\system32\spoolsv.exe
2012-12-05 00:11:46 ----A---- C:\Windows\splwow64.exe
2012-12-05 00:09:41 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-12-05 00:09:41 ----A---- C:\Windows\system32\rdpcore.dll
2012-12-05 00:09:41 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-12-05 00:05:21 ----A---- C:\Windows\system32\wups2.dll
2012-12-05 00:05:21 ----A---- C:\Windows\system32\wucltux.dll
2012-12-05 00:05:21 ----A---- C:\Windows\system32\wuauclt.exe
2012-12-05 00:05:20 ----A---- C:\Windows\system32\wuaueng.dll
2012-12-05 00:05:14 ----A---- C:\Windows\system32\wups.dll
2012-12-05 00:05:14 ----A---- C:\Windows\system32\wudriver.dll
2012-12-05 00:05:14 ----A---- C:\Windows\system32\wuapi.dll
2012-12-05 00:05:06 ----A---- C:\Windows\system32\wuwebv.dll
2012-12-05 00:05:06 ----A---- C:\Windows\system32\wuapp.exe
2012-12-04 23:59:12 ----D---- C:\ProgramData\AMD
2012-12-04 23:59:11 ----D---- C:\Program Files (x86)\AMD AVT
2012-12-04 23:59:09 ----D---- C:\Program Files (x86)\AMD APP
2012-12-04 23:59:06 ----D---- C:\Program Files\Common Files\ATI Technologies
2012-12-04 23:58:16 ----D---- C:\Program Files (x86)\ATI Technologies
2012-12-04 23:58:13 ----SHD---- C:\Windows\Installer
2012-12-04 23:58:06 ----D---- C:\Program Files\ATI Technologies
2012-12-04 23:58:05 ----D---- C:\Program Files\ATI
2012-12-04 23:55:34 ----D---- C:\AMD
2012-12-04 23:46:20 ----D---- C:\Users\Lukinko\AppData\Roaming\Identities
2012-12-04 23:46:04 ----SD---- C:\Users\Lukinko\AppData\Roaming\Microsoft
2012-12-04 23:46:04 ----D---- C:\Users\Lukinko\AppData\Roaming\Media Center Programs
2012-12-04 23:45:57 ----SHD---- C:\Recovery
2012-12-04 23:39:47 ----D---- C:\Windows\SoftwareDistribution
2012-12-04 23:37:41 ----D---- C:\Windows\Prefetch
2012-12-04 23:36:52 ----SHD---- C:\System Volume Information
2012-12-04 23:36:52 ----ASH---- C:\pagefile.sys
2012-12-04 23:36:52 ----ASH---- C:\hiberfil.sys
2012-12-04 23:36:26 ----D---- C:\Windows\Panther

======List of files/folders modified in the last 1 month======

2012-12-05 19:20:07 ----D---- C:\Windows\Temp
2012-12-05 19:19:21 ----HD---- C:\ProgramData
2012-12-05 19:17:41 ----D---- C:\Windows\SysWOW64
2012-12-05 19:15:10 ----RD---- C:\Program Files
2012-12-05 18:32:11 ----D---- C:\Windows\Microsoft.NET
2012-12-05 18:32:10 ----RSD---- C:\Windows\assembly
2012-12-05 13:22:50 ----D---- C:\Windows\system32\config
2012-12-05 13:17:18 ----D---- C:\Windows\Downloaded Program Files
2012-12-05 13:16:41 ----D---- C:\Windows\Help
2012-12-05 13:16:23 ----D---- C:\Windows\System32
2012-12-05 13:16:02 ----D---- C:\Program Files\Common Files
2012-12-05 13:15:28 ----RSD---- C:\Windows\Fonts
2012-12-05 13:15:25 ----D---- C:\Program Files (x86)\Common Files
2012-12-05 13:13:20 ----D---- C:\Windows
2012-12-05 13:12:47 ----D---- C:\Windows\Logs
2012-12-05 13:12:43 ----D---- C:\Windows\winsxs
2012-12-05 11:06:48 ----RD---- C:\Program Files (x86)
2012-12-05 09:12:26 ----D---- C:\Windows\inf
2012-12-05 09:12:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-12-05 08:58:30 ----D---- C:\Windows\system32\wdi
2012-12-05 01:40:29 ----D---- C:\Windows\system32\LogFiles
2012-12-05 01:22:27 ----D---- C:\Program Files (x86)\MSBuild
2012-12-05 01:22:21 ----D---- C:\Windows\ShellNew
2012-12-05 01:22:06 ----SD---- C:\ProgramData\Microsoft
2012-12-05 01:20:57 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-12-05 01:18:57 ----A---- C:\Windows\win.ini
2012-12-05 01:11:20 ----D---- C:\Windows\system32\catroot
2012-12-05 01:09:46 ----D---- C:\Windows\system32\catroot2
2012-12-05 01:09:45 ----D---- C:\Windows\system32\drivers
2012-12-05 01:09:27 ----D---- C:\Windows\system32\DriverStore
2012-12-05 01:08:56 ----D---- C:\Windows\system32\Tasks
2012-12-05 01:06:56 ----D---- C:\Windows\SYSWOW64\en-US
2012-12-05 01:06:56 ----D---- C:\Windows\system32\en-US
2012-12-05 00:57:05 ----D---- C:\Windows\system32\sk-SK
2012-12-05 00:57:05 ----D---- C:\Windows\ehome
2012-12-05 00:57:05 ----D---- C:\Program Files\Common Files\System
2012-12-05 00:56:57 ----D---- C:\Windows\system32\wbem
2012-12-05 00:56:57 ----D---- C:\Windows\system32\drivers\en-US
2012-12-05 00:56:56 ----D---- C:\Windows\SYSWOW64\sk-SK
2012-12-05 00:56:56 ----D---- C:\Windows\AppPatch
2012-12-05 00:56:55 ----D---- C:\Program Files\Internet Explorer
2012-12-05 00:56:55 ----D---- C:\Program Files (x86)\Internet Explorer
2012-12-05 00:56:54 ----D---- C:\Windows\SYSWOW64\migration
2012-12-05 00:56:53 ----D---- C:\Windows\system32\migration
2012-12-05 00:56:53 ----D---- C:\Windows\PolicyDefinitions
2012-12-05 00:56:48 ----D---- C:\Windows\system32\Boot
2012-12-05 00:56:43 ----D---- C:\Program Files\Windows Journal
2012-12-05 00:24:04 ----D---- C:\Windows\debug
2012-12-05 00:12:32 ----D---- C:\Windows\Tasks
2012-12-05 00:04:53 ----D---- C:\Windows\system32\restore
2012-12-04 23:53:25 ----D---- C:\Windows\system32\CodeIntegrity
2012-12-04 23:46:17 ----SHD---- C:\$Recycle.Bin
2012-12-04 23:46:04 ----RD---- C:\Users
2012-12-04 23:45:57 ----D---- C:\Windows\system32\Recovery
2012-12-04 23:44:41 ----D---- C:\Windows\rescache
2012-12-04 23:42:23 ----D---- C:\Windows\system32\sysprep
2012-12-04 23:39:23 ----D---- C:\Windows\system32\drivers\UMDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2012-06-27 12368]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2012-10-30 262656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-12-05 834544]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2012-10-30 132864]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-30 21136]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 984144]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 370288]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 59728]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-09-28 10697216]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-09-28 460288]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-03-31 1424944]
S3 ajr357y9;ajr357y9; C:\Windows\system32\drivers\ajr357y9.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-09-28 239616]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2012-10-30 133912]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-05 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-10-19 160944]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-05 1030600]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-05 116648]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-05 1255736]

-----------------EOF-----------------

[vyosek]

Zdravim,

log se mi zda na havet cisty