VIRY.CZ

Zdravím.

Logfile of random's system information tool 1.09 (written by random/random)
Run by ntb at 2011-08-15 18:58:37
Microsoft Windows 7 Home Premium
System drive C: has 247 GB (86%) free of 288 GB
Total RAM: 3894 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:58:50, on 15. 8. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\ntb.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/6
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/6
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON/6
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Obrazovková spinka a spúšťač programu OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10225 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\WLANExt.exe 34635904
\??\C:\Windows\system32\conhost.exe "996053933-1636161577-248227410-668479699-1765326180828146681-142527509-1124906938
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe"
"C:\Windows\System32\GfxUI.exe" /startup:silent
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
taskeng.exe {8DE1B46D-A700-4B81-97FB-DC5AA5DA5AD7}
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe"
"C:\Program Files\Realtek\RtVOsd\RtVOsd.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" mode=windowless
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Wireless Assistant</Title><Text>WLAN: On</Text><IconPath>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WA_tray_32_on.ico</IconPath><ID>371956914</ID><Path>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe</Path><Parameters></Parameters></Toast></hpNotification>"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"igfxtray.exe"
"hkcmd.exe"
"C:\Users\ntb\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\AutoKMS.job

=========Mozilla firefox=========

ProfilePath - C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\ggd59uhi.default

prefs.js - "browser.startup.homepage" - "http://www.google.sk/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-22 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-07-22 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-04-16 2095400]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2010-03-13 6234144]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-06-22 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-06-22 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-06-22 414744]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-06-18 8192]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-01-12 2918656]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [2010-02-09 1712184]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-05-19 2736128]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2010-03-16 718208]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2010-05-07 26211624]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-04-13 284696]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-06-21 98304]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-07-02 602680]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2011-07-06 449584]

C:\Users\ntb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Obrazovková spinka a spúšťač programu OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-06-22 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-07-22 52920]
"UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-08-15 18:58:37 ----D---- C:\rsit
2011-08-15 18:58:37 ----D---- C:\Program Files\trend micro
2011-08-15 18:08:14 ----D---- C:\Users\ntb\AppData\Roaming\ESET
2011-08-15 18:06:36 ----D---- C:\ProgramData\ESET
2011-08-15 18:06:36 ----D---- C:\Program Files\ESET
2011-08-15 17:46:18 ----D---- C:\Users\ntb\AppData\Roaming\Malwarebytes
2011-08-15 17:45:52 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-08-15 17:45:51 ----D---- C:\ProgramData\Malwarebytes
2011-08-15 17:45:48 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-08-15 17:45:48 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-08-15 17:18:36 ----D---- C:\ProgramData\Easybits GO
2011-08-15 12:06:52 ----D---- C:\Windows\SYSWOW64\Wat
2011-08-15 12:06:52 ----D---- C:\Windows\system32\Wat
2011-08-15 11:41:14 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2011-08-15 11:41:14 ----A---- C:\Windows\system32\wcncsvc.dll
2011-08-15 11:32:27 ----A---- C:\Windows\system32\browserchoice.exe
2011-08-15 07:50:05 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2011-08-15 07:50:05 ----A---- C:\Windows\system32\xmllite.dll
2011-08-15 07:50:04 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2011-08-15 07:50:04 ----A---- C:\Windows\system32\kerberos.dll
2011-08-15 07:50:03 ----A---- C:\Windows\system32\odbccu32.dll
2011-08-15 07:50:03 ----A---- C:\Windows\system32\odbccr32.dll
2011-08-15 07:50:02 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2011-08-15 07:50:02 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2011-08-15 07:50:02 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2011-08-15 07:50:02 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2011-08-15 07:50:02 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2011-08-15 07:50:02 ----A---- C:\Windows\system32\odbctrac.dll
2011-08-15 07:50:02 ----A---- C:\Windows\system32\odbccp32.dll
2011-08-15 07:50:01 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-08-15 07:50:00 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-08-15 07:50:00 ----A---- C:\Windows\system32\tzres.dll
2011-08-15 07:49:52 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2011-08-15 07:49:52 ----A---- C:\Windows\system32\poqexec.exe
2011-08-15 07:49:51 ----A---- C:\Windows\SYSWOW64\explorer.exe
2011-08-15 07:49:51 ----A---- C:\Windows\explorer.exe
2011-08-15 07:49:50 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-08-15 07:49:50 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2011-08-15 07:49:50 ----A---- C:\Windows\system32\sbe.dll
2011-08-15 07:49:50 ----A---- C:\Windows\system32\EncDec.dll
2011-08-15 07:49:50 ----A---- C:\Windows\system32\CPFilters.dll
2011-08-15 07:49:49 ----A---- C:\Windows\SYSWOW64\sbe.dll
2011-08-15 07:49:48 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2011-08-15 07:49:48 ----A---- C:\Windows\system32\t2embed.dll
2011-08-15 07:49:47 ----A---- C:\Windows\system32\ole32.dll
2011-08-15 07:49:46 ----A---- C:\Windows\SYSWOW64\ole32.dll
2011-08-15 07:49:46 ----A---- C:\Windows\system32\taskschd.dll
2011-08-15 07:49:46 ----A---- C:\Windows\system32\schedsvc.dll
2011-08-15 07:49:45 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2011-08-15 07:49:45 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2011-08-15 07:49:45 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2011-08-15 07:49:45 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2011-08-15 07:49:45 ----A---- C:\Windows\system32\wmicmiplugin.dll
2011-08-15 07:49:45 ----A---- C:\Windows\system32\taskeng.exe
2011-08-15 07:49:45 ----A---- C:\Windows\system32\taskcomp.dll
2011-08-15 07:49:45 ----A---- C:\Windows\system32\schtasks.exe
2011-08-15 07:49:43 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2011-08-15 07:49:43 ----A---- C:\Windows\system32\tquery.dll
2011-08-15 07:49:43 ----A---- C:\Windows\system32\mssrch.dll
2011-08-15 07:49:42 ----A---- C:\Windows\SYSWOW64\tquery.dll
2011-08-15 07:49:42 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-08-15 07:49:42 ----A---- C:\Windows\system32\mssph.dll
2011-08-15 07:49:41 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2011-08-15 07:49:41 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2011-08-15 07:49:41 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2011-08-15 07:49:41 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2011-08-15 07:49:41 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2011-08-15 07:49:41 ----A---- C:\Windows\SYSWOW64\mssph.dll
2011-08-15 07:49:41 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2011-08-15 07:49:41 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-08-15 07:49:41 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-08-15 07:49:41 ----A---- C:\Windows\system32\mssvp.dll
2011-08-15 07:49:41 ----A---- C:\Windows\system32\mssphtb.dll
2011-08-15 07:49:41 ----A---- C:\Windows\system32\msscntrs.dll
2011-08-15 07:49:39 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2011-08-15 07:49:39 ----A---- C:\Windows\system32\StructuredQuery.dll
2011-08-15 07:49:37 ----A---- C:\Windows\system32\drivers\afd.sys
2011-08-15 07:49:36 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-08-15 07:49:36 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-15 07:49:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-08-15 07:49:35 ----A---- C:\Windows\system32\shell32.dll
2011-08-15 07:49:34 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-08-15 07:49:31 ----A---- C:\Windows\system32\msdri.dll
2011-08-15 07:49:27 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-08-15 07:49:27 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-08-15 07:49:24 ----A---- C:\Windows\SYSWOW64\schannel.dll
2011-08-15 07:49:24 ----A---- C:\Windows\system32\schannel.dll
2011-08-15 07:49:23 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2011-08-15 07:49:23 ----A---- C:\Windows\system32\comctl32.dll
2011-08-15 07:49:22 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-08-15 07:49:22 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-08-15 07:49:22 ----A---- C:\Windows\system32\vbscript.dll
2011-08-15 07:49:22 ----A---- C:\Windows\system32\jscript.dll
2011-08-15 07:49:19 ----A---- C:\Windows\SYSWOW64\upnp.dll
2011-08-15 07:49:19 ----A---- C:\Windows\system32\upnp.dll
2011-08-15 07:49:19 ----A---- C:\Windows\system32\msxml6.dll
2011-08-15 07:49:19 ----A---- C:\Windows\system32\msxml3.dll
2011-08-15 07:49:18 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2011-08-15 07:49:18 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2011-08-15 07:49:18 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2011-08-15 07:49:18 ----A---- C:\Windows\SYSWOW64\slwga.dll
2011-08-15 07:49:18 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2011-08-15 07:49:18 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2011-08-15 07:49:18 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2011-08-15 07:49:18 ----A---- C:\Windows\system32\wscsvc.dll
2011-08-15 07:49:18 ----A---- C:\Windows\system32\wscapi.dll
2011-08-15 07:49:18 ----A---- C:\Windows\system32\winhttp.dll
2011-08-15 07:49:18 ----A---- C:\Windows\system32\WebClnt.dll
2011-08-15 07:49:18 ----A---- C:\Windows\system32\slwga.dll
2011-08-15 07:49:18 ----A---- C:\Windows\system32\davclnt.dll
2011-08-15 07:49:14 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-08-15 07:49:14 ----A---- C:\Windows\system32\XpsPrint.dll
2011-08-15 07:49:12 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2011-08-15 07:49:12 ----A---- C:\Windows\system32\rtutils.dll
2011-08-15 07:49:11 ----A---- C:\Windows\system32\mfc42u.dll
2011-08-15 07:49:10 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2011-08-15 07:49:10 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2011-08-15 07:49:10 ----A---- C:\Windows\system32\mfc42.dll
2011-08-15 07:49:04 ----A---- C:\Windows\system32\spoolsv.exe
2011-08-15 07:49:03 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-08-15 07:49:03 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-08-15 07:49:03 ----A---- C:\Windows\system32\atmlib.dll
2011-08-15 07:49:03 ----A---- C:\Windows\system32\atmfd.dll
2011-08-15 07:49:02 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2011-08-15 07:49:02 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-08-15 07:49:02 ----A---- C:\Windows\system32\WMVDECOD.DLL
2011-08-15 07:49:02 ----A---- C:\Windows\system32\DWrite.dll
2011-08-15 07:49:02 ----A---- C:\Windows\system32\d3d10warp.dll
2011-08-15 07:49:02 ----A---- C:\Windows\system32\d2d1.dll
2011-08-15 07:49:01 ----A---- C:\Windows\SYSWOW64\mf.dll
2011-08-15 07:49:01 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-08-15 07:49:01 ----A---- C:\Windows\system32\mf.dll
2011-08-15 07:49:01 ----A---- C:\Windows\system32\FntCache.dll
2011-08-15 07:49:00 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2011-08-15 07:49:00 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2011-08-15 07:49:00 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2011-08-15 07:49:00 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2011-08-15 07:49:00 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-08-15 07:49:00 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-08-15 07:49:00 ----A---- C:\Windows\system32\mfps.dll
2011-08-15 07:49:00 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-08-15 07:49:00 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-08-15 07:49:00 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-08-15 07:49:00 ----A---- C:\Windows\system32\cdd.dll
2011-08-15 07:48:53 ----A---- C:\Windows\system32\webio.dll
2011-08-15 07:48:52 ----A---- C:\Windows\SYSWOW64\webio.dll
2011-08-15 07:48:52 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2011-08-15 07:48:52 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-08-15 07:48:50 ----A---- C:\Windows\system32\drivers\fvevol.sys
2011-08-15 07:48:28 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2011-08-15 07:48:28 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2011-08-15 07:48:28 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-08-15 07:48:28 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-08-15 07:48:28 ----A---- C:\Windows\system32\dnsapi.dll
2011-08-15 07:48:17 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2011-08-15 07:48:17 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2011-08-15 07:48:17 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-08-15 07:48:17 ----A---- C:\Windows\system32\wmpmde.dll
2011-08-15 07:48:17 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-08-15 07:48:17 ----A---- C:\Windows\system32\d3d10_1.dll
2011-08-15 07:48:16 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-08-15 07:48:16 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-08-15 07:48:16 ----A---- C:\Windows\system32\drivers\srv.sys
2011-08-15 07:48:09 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2011-08-15 07:48:09 ----A---- C:\Windows\system32\ntdll.dll
2011-08-15 07:45:40 ----A---- C:\Windows\system32\winresume.exe
2011-08-15 07:45:40 ----A---- C:\Windows\system32\winload.exe
2011-08-15 07:45:40 ----A---- C:\Windows\system32\kdusb.dll
2011-08-15 07:45:40 ----A---- C:\Windows\system32\kdcom.dll
2011-08-15 07:45:40 ----A---- C:\Windows\system32\kd1394.dll
2011-08-15 07:45:39 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-08-15 07:45:39 ----A---- C:\Windows\system32\oleaut32.dll
2011-08-15 07:45:38 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2011-08-15 07:45:38 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2011-08-15 07:45:37 ----A---- C:\Windows\system32\KernelBase.dll
2011-08-15 07:45:37 ----A---- C:\Windows\system32\kernel32.dll
2011-08-15 07:45:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-15 07:45:36 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-15 07:45:36 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-08-15 07:45:36 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-08-15 07:45:36 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-08-15 07:45:36 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2011-08-15 07:45:36 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-08-15 07:45:36 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-08-15 07:45:36 ----A---- C:\Windows\system32\wow64win.dll
2011-08-15 07:45:36 ----A---- C:\Windows\system32\wow64cpu.dll
2011-08-15 07:45:36 ----A---- C:\Windows\system32\wow64.dll
2011-08-15 07:45:36 ----A---- C:\Windows\system32\winsrv.dll
2011-08-15 07:45:36 ----A---- C:\Windows\system32\ntvdm64.dll
2011-08-15 07:45:36 ----A---- C:\Windows\system32\conhost.exe
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-15 07:45:35 ----A---- C:\Windows\SYSWOW64\user.exe
2011-08-15 07:45:31 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-08-15 07:45:30 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2011-08-15 07:45:30 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2011-08-15 07:45:30 ----A---- C:\Windows\SYSWOW64\devobj.dll
2011-08-15 07:45:30 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2011-08-15 07:45:13 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2011-08-15 07:45:13 ----A---- C:\Windows\system32\mstscax.dll
2011-08-15 07:45:12 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2011-08-15 07:45:12 ----A---- C:\Windows\system32\mstsc.exe
2011-08-15 07:45:11 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2011-08-15 07:45:11 ----A---- C:\Windows\system32\odbc32.dll
2011-08-15 07:45:02 ----A---- C:\Windows\system32\mshtml.dll
2011-08-15 07:45:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-08-15 07:44:59 ----A---- C:\Windows\system32\ieframe.dll
2011-08-15 07:44:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-08-15 07:44:58 ----A---- C:\Windows\system32\iertutil.dll
2011-08-15 07:44:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-08-15 07:44:56 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-08-15 07:44:56 ----A---- C:\Windows\system32\urlmon.dll
2011-08-15 07:44:56 ----A---- C:\Windows\system32\mstime.dll
2011-08-15 07:44:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-08-15 07:44:55 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-08-15 07:44:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-08-15 07:44:55 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-08-15 07:44:55 ----A---- C:\Windows\system32\wininet.dll
2011-08-15 07:44:55 ----A---- C:\Windows\system32\msfeeds.dll
2011-08-15 07:44:55 ----A---- C:\Windows\system32\iedkcs32.dll
2011-08-15 07:44:54 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-08-15 07:44:54 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-08-15 07:44:54 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-08-15 07:44:54 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-15 07:44:54 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-08-15 07:44:54 ----A---- C:\Windows\system32\licmgr10.dll
2011-08-15 07:44:54 ----A---- C:\Windows\system32\iepeers.dll
2011-08-15 07:44:53 ----A---- C:\Windows\SYSWOW64\url.dll
2011-08-15 07:44:53 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-08-15 07:44:53 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-08-15 07:44:53 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-08-15 07:44:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-08-15 07:44:53 ----A---- C:\Windows\system32\url.dll
2011-08-15 07:44:53 ----A---- C:\Windows\system32\msfeedssync.exe
2011-08-15 07:44:53 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-15 07:44:53 ----A---- C:\Windows\system32\ieui.dll
2011-08-15 07:44:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-15 07:44:37 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-08-15 07:44:37 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-08-15 07:43:22 ----A---- C:\Windows\system32\win32k.sys
2011-08-15 07:43:20 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-15 07:43:17 ----A---- C:\Windows\system32\wmp.dll
2011-08-15 07:43:16 ----A---- C:\Windows\SYSWOW64\wmp.dll
2011-08-15 07:43:15 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2011-08-15 07:43:14 ----A---- C:\Windows\system32\wmploc.DLL
2011-08-15 07:43:06 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2011-08-15 07:43:06 ----A---- C:\Windows\system32\prevhost.exe
2011-08-15 07:43:05 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-08-15 07:43:05 ----A---- C:\Windows\system32\consent.exe
2011-08-15 07:43:04 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-08-15 07:43:04 ----A---- C:\Windows\system32\inetcomm.dll
2011-08-15 07:30:22 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-08-15 07:28:37 ----A---- C:\Windows\SYSWOW64\sscore.dll
2011-08-15 07:28:37 ----A---- C:\Windows\system32\srvsvc.dll
2011-08-14 20:48:41 ----A---- C:\Windows\system32\drivers\ks.sys
2011-08-14 20:41:17 ----D---- C:\Users\ntb\AppData\Roaming\skypePM
2011-08-14 19:05:17 ----A---- C:\Windows\system32\drivers\revoflt.sys
2011-08-14 19:05:16 ----D---- C:\Program Files\VS Revo Group
2011-08-14 18:25:01 ----D---- C:\Program Files\CCleaner
2011-08-14 18:02:17 ----A---- C:\Windows\nsreg.dat
2011-08-14 18:02:16 ----D---- C:\Users\ntb\AppData\Roaming\Mozilla
2011-08-14 18:02:05 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-08-14 17:47:46 ----N---- C:\Windows\system32\MpSigStub.exe
2011-08-03 11:09:58 ----D---- C:\Users\ntb\AppData\Roaming\funkitron
2011-08-03 09:59:41 ----D---- C:\ProgramData\Wild Tangent
2011-08-02 20:47:10 ----D---- C:\Users\ntb\AppData\Roaming\PlayFirst
2011-08-02 20:47:10 ----D---- C:\ProgramData\PlayFirst
2011-08-01 21:04:49 ----D---- C:\Users\ntb\AppData\Roaming\iWin
2011-07-30 17:27:19 ----A---- C:\Windows\popcinfo.dat
2011-07-30 15:03:22 ----D---- C:\Users\ntb\AppData\Roaming\Skype
2011-07-30 15:03:17 ----RD---- C:\Program Files (x86)\Skype
2011-07-30 15:03:14 ----D---- C:\ProgramData\Skype
2011-07-30 14:37:30 ----D---- C:\Users\ntb\AppData\Roaming\Macromedia
2011-07-30 14:37:30 ----A---- C:\Windows\SYSWOW64\win_utilman.exe
2011-07-30 14:37:27 ----D---- C:\Users\ntb\AppData\Roaming\_MDLogs
2011-07-29 12:53:30 ----D---- C:\Windows\AutoKMS
2011-07-29 12:51:09 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-07-29 12:48:39 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2011-07-29 12:48:39 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2011-07-29 12:48:39 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2011-07-29 12:48:39 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2011-07-29 12:48:39 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2011-07-29 12:48:39 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2011-07-29 12:48:39 ----A---- C:\Windows\system32\PresentationHost.exe
2011-07-29 12:48:39 ----A---- C:\Windows\system32\netfxperf.dll
2011-07-29 12:48:39 ----A---- C:\Windows\system32\mscoree.dll
2011-07-29 12:48:39 ----A---- C:\Windows\system32\dfshim.dll
2011-07-29 12:16:56 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2011-07-29 12:16:40 ----D---- C:\Windows\PCHEALTH
2011-07-29 12:16:40 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-07-29 12:16:40 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2011-07-29 12:16:40 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-07-29 12:14:28 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-07-29 12:14:15 ----D---- C:\Program Files\Microsoft Office
2011-07-29 12:14:07 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2011-07-29 12:14:04 ----D---- C:\Windows\SHELLNEW
2011-07-29 12:13:52 ----D---- C:\ProgramData\Microsoft Help
2011-07-29 12:13:52 ----D---- C:\Program Files (x86)\Microsoft Office
2011-07-29 12:13:44 ----RHD---- C:\MSOCache
2011-07-29 12:10:44 ----D---- C:\Program Files (x86)\TC PowerPack
2011-07-29 12:09:46 ----D---- C:\Users\ntb\AppData\Roaming\Adobe
2011-07-29 12:08:17 ----D---- C:\Users\ntb\AppData\Roaming\CyberLink
2011-07-29 12:06:44 ----D---- C:\Program Files (x86)\Nero
2011-07-29 12:02:16 ----A---- C:\Windows\SYSWOW64\unrar.dll
2011-07-29 12:02:16 ----A---- C:\Windows\avisplitter.ini
2011-07-29 12:02:15 ----A---- C:\Windows\SYSWOW64\yv12vfw.dll
2011-07-29 12:02:15 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2011-07-29 12:02:15 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2011-07-29 12:02:15 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2011-07-29 12:02:13 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2011-07-29 12:01:28 ----D---- C:\Users\ntb\AppData\Roaming\AIMP
2011-07-22 09:04:47 ----D---- C:\Windows\SYSWOW64\en
2011-07-22 09:04:47 ----D---- C:\Windows\SYSWOW64\0409
2011-07-22 09:04:40 ----D---- C:\Windows\SYSWOW64\drivers\sk-SK
2011-07-22 09:04:40 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2011-07-22 09:04:32 ----D---- C:\Windows\sk-SK
2011-07-22 09:04:31 ----D---- C:\Windows\system32\en
2011-07-22 09:04:31 ----D---- C:\Windows\system32\0409
2011-07-22 09:04:13 ----D---- C:\Windows\system32\drivers\sk-SK
2011-07-22 09:04:13 ----D---- C:\Windows\system32\drivers\en-US
2011-07-22 08:58:29 ----D---- C:\1vistalizatorw7
2011-07-22 08:53:00 ----D---- C:\Users\ntb\AppData\Roaming\ATI
2011-07-22 08:52:19 ----D---- C:\Users\ntb\AppData\Roaming\Intel Corporation
2011-07-22 08:52:05 ----D---- C:\Users\ntb\AppData\Roaming\Hewlett-Packard
2011-07-22 08:52:00 ----D---- C:\Users\ntb\AppData\Roaming\hpqLog
2011-07-22 08:51:35 ----D---- C:\Users\ntb\AppData\Roaming\Identities
2011-07-22 08:51:22 ----SD---- C:\Users\ntb\AppData\Roaming\Microsoft
2011-07-22 08:51:22 ----D---- C:\Users\ntb\AppData\Roaming\Media Center Programs
2011-07-22 08:51:06 ----SHD---- C:\Programmi
2011-07-22 08:51:06 ----SHD---- C:\ProgramData\Preferiti
2011-07-22 08:51:06 ----SHD---- C:\ProgramData\Modelli
2011-07-22 08:51:06 ----SHD---- C:\ProgramData\Menu Avvio
2011-07-22 08:51:06 ----SHD---- C:\ProgramData\Documenti
2011-07-22 08:51:06 ----SHD---- C:\ProgramData\Dati applicazioni
2011-07-22 08:51:06 ----SHD---- C:\Program Files\File comuni

======List of files/folders modified in the last 1 month======

2011-08-15 18:58:41 ----D---- C:\Windows\Temp
2011-08-15 18:58:37 ----RD---- C:\Program Files
2011-08-15 18:45:23 ----D---- C:\Windows
2011-08-15 18:17:52 ----D---- C:\Windows\Microsoft.NET
2011-08-15 18:17:50 ----RSD---- C:\Windows\assembly
2011-08-15 18:15:45 ----D---- C:\Windows\system32\config
2011-08-15 18:08:05 ----SHD---- C:\Windows\Installer
2011-08-15 18:07:59 ----D---- C:\Windows\system32\DriverStore
2011-08-15 18:07:59 ----D---- C:\Windows\system32\drivers
2011-08-15 18:07:59 ----D---- C:\Windows\system32\catroot
2011-08-15 18:07:59 ----D---- C:\Windows\inf
2011-08-15 18:06:36 ----HD---- C:\ProgramData
2011-08-15 18:06:28 ----SHD---- C:\System Volume Information
2011-08-15 18:02:26 ----A---- C:\Windows\SYSWOW64\log.txt
2011-08-15 18:02:05 ----D---- C:\Program Files (x86)
2011-08-15 17:58:16 ----D---- C:\ProgramData\WildTangent
2011-08-15 17:45:52 ----D---- C:\Windows\SYSWOW64\drivers
2011-08-15 17:22:23 ----D---- C:\Windows\system32\catroot2
2011-08-15 17:22:19 ----D---- C:\Windows\winsxs
2011-08-15 16:03:50 ----D---- C:\Windows\AppPatch
2011-08-15 12:10:06 ----D---- C:\Windows\SysWOW64
2011-08-15 12:10:06 ----D---- C:\Windows\System32
2011-08-15 12:07:03 ----D---- C:\Windows\SYSWOW64\sk-SK
2011-08-15 12:07:03 ----D---- C:\Windows\SYSWOW64\it-IT
2011-08-15 12:07:03 ----D---- C:\Windows\system32\sk-SK
2011-08-15 12:07:03 ----D---- C:\Windows\system32\it-IT
2011-08-15 12:07:02 ----D---- C:\Program Files\Internet Explorer
2011-08-15 12:07:02 ----D---- C:\Program Files (x86)\Internet Explorer
2011-08-15 12:07:00 ----D---- C:\Windows\ehome
2011-08-15 12:07:00 ----D---- C:\Program Files\Windows Mail
2011-08-15 12:07:00 ----D---- C:\Program Files (x86)\Windows Mail
2011-08-15 12:06:59 ----RSD---- C:\Windows\Fonts
2011-08-15 12:06:49 ----D---- C:\Windows\system32\Boot
2011-08-15 12:06:45 ----D---- C:\Program Files\Windows Media Player
2011-08-15 12:06:45 ----D---- C:\Program Files (x86)\Windows Media Player
2011-08-15 12:06:42 ----D---- C:\Windows\SYSWOW64\migration
2011-08-15 12:06:42 ----D---- C:\Windows\system32\migration
2011-08-15 11:26:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-14 20:38:27 ----D---- C:\Windows\Logs
2011-08-14 19:57:50 ----D---- C:\Windows\Tasks
2011-08-14 19:35:12 ----D---- C:\Windows\system32\LogFiles
2011-08-14 19:28:21 ----SD---- C:\ProgramData\Microsoft
2011-08-14 19:24:54 ----D---- C:\Windows\debug
2011-08-08 11:14:38 ----D---- C:\Windows\Prefetch
2011-08-06 16:07:52 ----D---- C:\Windows\system32\wdi
2011-07-30 15:03:21 ----D---- C:\Windows\system32\Tasks
2011-07-30 15:03:18 ----D---- C:\Program Files (x86)\Common Files
2011-07-30 14:27:57 ----D---- C:\ProgramData\CyberLink
2011-07-29 12:57:08 ----A---- C:\Windows\win.ini
2011-07-29 12:49:08 ----D---- C:\Windows\SYSWOW64\en-US
2011-07-29 12:49:08 ----D---- C:\Windows\system32\en-US
2011-07-29 12:48:48 ----D---- C:\Windows\SoftwareDistribution
2011-07-29 12:17:09 ----D---- C:\Program Files (x86)\MSBuild
2011-07-29 12:16:01 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-07-29 12:13:08 ----D---- C:\ProgramData\Adobe
2011-07-29 12:03:32 ----D---- C:\ProgramData\Norton
2011-07-22 09:04:50 ----D---- C:\Program Files\Windows Sidebar
2011-07-22 09:04:50 ----D---- C:\Program Files\DVD Maker
2011-07-22 09:04:49 ----D---- C:\Program Files\Windows Photo Viewer
2011-07-22 09:04:49 ----D---- C:\Program Files\Windows Defender
2011-07-22 09:04:49 ----D---- C:\Program Files\Common Files\System
2011-07-22 09:04:49 ----D---- C:\Program Files (x86)\Windows Sidebar
2011-07-22 09:04:48 ----D---- C:\Windows\servicing
2011-07-22 09:04:48 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2011-07-22 09:04:48 ----D---- C:\Program Files (x86)\Windows Defender
2011-07-22 09:04:47 ----D---- C:\Windows\SYSWOW64\winrm
2011-07-22 09:04:47 ----D---- C:\Windows\SYSWOW64\sysprep
2011-07-22 09:04:47 ----D---- C:\Windows\SYSWOW64\slmgr
2011-07-22 09:04:47 ----D---- C:\Windows\SYSWOW64\Setup
2011-07-22 09:04:47 ----D---- C:\Windows\SYSWOW64\oobe
2011-07-22 09:04:47 ----D---- C:\Windows\SYSWOW64\migwiz
2011-07-22 09:04:40 ----D---- C:\Windows\SYSWOW64\drivers\UMDF
2011-07-22 09:04:34 ----D---- C:\Windows\SYSWOW64\WCN
2011-07-22 09:04:34 ----D---- C:\Windows\SYSWOW64\MUI
2011-07-22 09:04:34 ----D---- C:\Windows\SYSWOW64\DriverStore
2011-07-22 09:04:34 ----D---- C:\Windows\SYSWOW64\Dism
2011-07-22 09:04:33 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2011-07-22 09:04:32 ----D---- C:\Windows\SYSWOW64\wbem
2011-07-22 09:04:32 ----D---- C:\Windows\SYSWOW64\com
2011-07-22 09:04:31 ----D---- C:\Windows\system32\winrm
2011-07-22 09:04:31 ----D---- C:\Windows\system32\sysprep
2011-07-22 09:04:31 ----D---- C:\Windows\system32\slmgr
2011-07-22 09:04:31 ----D---- C:\Windows\system32\Setup
2011-07-22 09:04:31 ----D---- C:\Windows\system32\oobe
2011-07-22 09:04:31 ----D---- C:\Windows\system32\migwiz
2011-07-22 09:04:31 ----D---- C:\Windows\en-US
2011-07-22 09:04:13 ----D---- C:\Windows\system32\MUI
2011-07-22 09:04:13 ----D---- C:\Windows\system32\drivers\UMDF
2011-07-22 09:04:12 ----D---- C:\Windows\system32\WCN
2011-07-22 09:04:12 ----D---- C:\Windows\system32\Dism
2011-07-22 09:04:06 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2011-07-22 09:04:02 ----D---- C:\Windows\system32\wbem
2011-07-22 09:04:02 ----D---- C:\Windows\system32\com
2011-07-22 08:51:31 ----SHD---- C:\$Recycle.Bin
2011-07-22 08:51:22 ----RD---- C:\Users
2011-07-22 08:51:18 ----D---- C:\Windows\rescache
2011-07-22 08:51:06 ----D---- C:\Program Files\Windows NT
2011-07-22 08:37:18 ----D---- C:\Windows\Panther

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 141264]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 170640]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-12-21 170640]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-12-21 50624]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-06-22 6856704]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-06-22 264192]
R3 BCM43XX;Driver della scheda di rete Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-05-31 3063360]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-12-21 34144]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-13 2291616]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2010-06-22 10342240]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-07-06 25912]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-04-16 319536]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
S3 BthEnum;Driver blocco richieste Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Dispositivo Bluetooth (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Driver della porta Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2010-07-23 552448]
S3 BTHUSB;Driver USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2010-07-23 80384]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-06-22 10342240]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RFCOMM;Dispositivo Bluetooth (RFCOMM protocollo TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-09-23 225280]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-05-31 333928]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 zntport;NTPort Library Driver; C:\Windows\System32\Drivers\zntport.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-06-22 203264]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-01-12 810144]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-06-30 121344]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-07-02 27192]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-05-19 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
R2 RtVOsdService;RtVOsdService Installer; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-06-17 315392]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-05-14 230968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-01-12 42360]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-15 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Zdravím

Odinstalovat Easybits GO

Eset je zakoupená licence?

U Malwarebytes vypnout ochranu v reálném čase

Otevřeme si Poznámkový blok Obrázek

(stiskneme klávesovou kombinaci WIN+R a napíšeme ,,notepad,, bez úvozovek a dáme enter)

Vložíme do něj následující script:

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=-
"Persistence"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=-
"StartCCC"=-
"HP Quick Launch"=-
"Adobe ARM"=-
"Adobe Reader Speed Launcher"=-
"BCSSync"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=-

Soubor uložíme jako oprava.reg (při ukládání nastavte Uložit jako typ:Všechny soubory)
Poté tento soubor spustíme a potvrdíme

TFC

Stáhneme a spustíme program
Klikneme na Start a potvrdíme OK
Program začne uklízet,poté restartuje pc
po použití program smažte

Údržba PC:

1)Čištění dočasných složek + neplatné registry

Ccleaner

Stáhneme a nainstalujeme program
Spustíme program
ČISTIČ
Windows zde necháme vše jak je (pokud používáme IE,tak odškrkneme jeho položky) a zaškrkneme položky Start Menu zástupci a Zástupci na ploše
Aplikace - necháme jak je,ale pokud používáme nějaký prohlížeč (Google chrome,Firefox,Opera..) tak odškrkneme jeho položky
>Stiskeneme tlačítko Analyzovat a poté Spustit Cleaner
Registry
>Stiskneme tlačítko Hledej problémy,program začne hledat neplatné registry..podé zvolíme Opravit vybrané problémy..
>Program se zeptá,zda chceme vytvořit zálohu registrů,zvolíme ano a uložíme si někde zálohu(kdyby byli po opravení registru s něčím problémy,tak zálohu obnovíme tak,že spustíme uloženou zálohu a potvrdíme ano),dále zvolíme Opravit všechny problémy a Zavřít
>opakujte dokud nebude registr bez problémů
Program používáme 1x 14dní (záleží na používání pc,můžeme i jednou týdně)

2)Defragmentace disku

Defraggler

Stáhneme a nainstalujeme program
Spustíme program
Vybereme disk ( C:,D:..prostě který používáme)
Pokud je ve sloupci Fragmentace více než 5% dejte Defragmentovat
Proveďte se všemi používanými disky
Provádíme 1x za měsíc

3)Aktualizace programů

FileHippo.com Update Checker

Stáhneme a nainstalujeme program(Při instalaci odškrkneme volbu Run at Startup )
Spustíme program
Program vyhledá nainstalované programy v PC a zjistí dostupné aktualizace
Poté se vám otevře internetová stránka,kde budou nabídnuté aplikace k aktualizování
>X Updates Detected..to jsou dostupné aktualizace..
> klikneme na zelenou šipečku a stáhneme program,poté nainstalujeme jeho aktuální verzi
> X Beta Updates Detected..tyto aktualizace nestahujte,jedná se o betaverze,které jsou ve vývoji a jsou nestabilní
Provádíme 1x za 14 dní nebo jednou za měsíc

Jak se chová PC

+ nový RSIT

PC sa chova ako novy (ma iba dva tyzdne) ale doteraz fungoval bez ochrany preto som siahol po kontrole.Dakujem za pomoc.Včera som dal skusobnu verziu ESET,u Malwarebytes som nenašiel kde sa dá vypnut ochranu v reálnom čase tak som to odinštaloval,dúfam ze to nebola chyba.

novy log

Logfile of random's system information tool 1.09 (written by random/random)
Run by ntb at 2011-08-16 13:07:35
Microsoft Windows 7 Home Premium
System drive C: has 248 GB (86%) free of 288 GB
Total RAM: 3894 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:07:38, on 16. 8. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\ntb.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/6
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/6
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON/6
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Obrazovková spinka a spúšťač programu OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9076 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\WLANExt.exe 34248160
\??\C:\Windows\system32\conhost.exe "-1186318889211301110175456614-879511174-1537486544-1415683631-65759818712667588
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
taskeng.exe {B18E07D1-8DC9-4EE4-9B2B-14258D732311}
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe"
"C:\Program Files\Realtek\RtVOsd\RtVOsd.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Wireless Assistant</Title><Text>WLAN: On</Text><IconPath>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WA_tray_32_on.ico</IconPath><ID>514833827</ID><Path>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe</Path><Parameters></Parameters></Toast></hpNotification>"
"C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" mode=windowless
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2204.b170c80.1432769773 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" "Mozilla.Firefox.5.0.1" -omnijar C:\Program Files (x86)\Mozilla Firefox\omni.jar 2204 \\.\pipe\gecko-crash-server-pipe.2204 plugin
"C:\Users\ntb\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\AutoKMS.job

=========Mozilla firefox=========

ProfilePath - C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\ggd59uhi.default

prefs.js - "browser.startup.homepage" - "http://www.google.sk/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-22 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-07-22 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-04-16 2095400]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2010-03-13 6234144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-06-22 386584]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-06-18 8192]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-01-12 2918656]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [2010-02-09 1712184]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-05-19 2736128]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2010-05-07 26211624]

C:\Users\ntb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Obrazovková spinka a spúšťač programu OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-06-22 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-07-22 52920]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-08-15 22:02:24 ----A---- C:\Windows\system32\MRT.exe
2011-08-15 18:58:37 ----D---- C:\rsit
2011-08-15 18:58:37 ----D---- C:\Program Files\trend micro
2011-08-15 18:08:14 ----D---- C:\Users\ntb\AppData\Roaming\ESET
2011-08-15 18:06:36 ----D---- C:\ProgramData\ESET
2011-08-15 18:06:36 ----D---- C:\Program Files\ESET
2011-08-15 17:46:18 ----D---- C:\Users\ntb\AppData\Roaming\Malwarebytes
2011-08-15 17:45:51 ----D---- C:\ProgramData\Malwarebytes
2011-08-15 17:45:48 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-08-15 17:23:46 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-08-15 17:23:45 ----A---- C:\Windows\SYSWOW64\esent.dll
2011-08-15 17:23:45 ----A---- C:\Windows\system32\esent.dll
2011-08-15 17:23:45 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-08-15 17:23:45 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-08-15 17:23:45 ----A---- C:\Windows\system32\drivers\amdsata.sys
2011-08-15 17:23:44 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2011-08-15 17:23:44 ----A---- C:\Windows\system32\fsutil.exe
2011-08-15 17:23:44 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-08-15 17:23:44 ----A---- C:\Windows\system32\drivers\storport.sys
2011-08-15 17:23:44 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-08-15 17:23:44 ----A---- C:\Windows\system32\drivers\amdxata.sys
2011-08-15 17:23:35 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2011-08-15 17:23:35 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-08-15 17:23:35 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-08-15 17:23:35 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-08-15 17:23:35 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-08-15 17:23:35 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-08-15 17:23:35 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-08-15 17:22:54 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2011-08-15 17:22:54 ----A---- C:\Windows\system32\drivers\bthport.sys
2011-08-15 12:06:52 ----D---- C:\Windows\SYSWOW64\Wat
2011-08-15 12:06:52 ----D---- C:\Windows\system32\Wat
2011-08-15 11:41:14 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2011-08-15 11:41:14 ----A---- C:\Windows\system32\wcncsvc.dll
2011-08-15 11:32:27 ----A---- C:\Windows\system32\browserchoice.exe
2011-08-15 07:50:05 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2011-08-15 07:50:05 ----A---- C:\Windows\system32\xmllite.dll
2011-08-15 07:50:04 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2011-08-15 07:50:04 ----A---- C:\Windows\system32\kerberos.dll
2011-08-15 07:50:03 ----A---- C:\Windows\system32\odbccu32.dll
2011-08-15 07:50:03 ----A---- C:\Windows\system32\odbccr32.dll
2011-08-15 07:50:02 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2011-08-15 07:50:02 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2011-08-15 07:50:02 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2011-08-15 07:50:02 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2011-08-15 07:50:02 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2011-08-15 07:50:02 ----A---- C:\Windows\system32\odbctrac.dll
2011-08-15 07:50:02 ----A---- C:\Windows\system32\odbccp32.dll
2011-08-15 07:50:01 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-08-15 07:50:00 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-08-15 07:50:00 ----A---- C:\Windows\system32\tzres.dll
2011-08-15 07:49:52 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2011-08-15 07:49:52 ----A---- C:\Windows\system32\poqexec.exe
2011-08-15 07:49:51 ----A---- C:\Windows\SYSWOW64\explorer.exe
2011-08-15 07:49:51 ----A---- C:\Windows\explorer.exe
2011-08-15 07:49:50 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-08-15 07:49:50 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2011-08-15 07:49:50 ----A---- C:\Windows\system32\sbe.dll
2011-08-15 07:49:50 ----A---- C:\Windows\system32\EncDec.dll
2011-08-15 07:49:50 ----A---- C:\Windows\system32\CPFilters.dll
2011-08-15 07:49:49 ----A---- C:\Windows\SYSWOW64\sbe.dll
2011-08-15 07:49:48 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2011-08-15 07:49:48 ----A---- C:\Windows\system32\t2embed.dll
2011-08-15 07:49:47 ----A---- C:\Windows\system32\ole32.dll
2011-08-15 07:49:46 ----A---- C:\Windows\SYSWOW64\ole32.dll
2011-08-15 07:49:46 ----A---- C:\Windows\system32\taskschd.dll
2011-08-15 07:49:46 ----A---- C:\Windows\system32\schedsvc.dll
2011-08-15 07:49:45 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2011-08-15 07:49:45 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2011-08-15 07:49:45 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2011-08-15 07:49:45 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2011-08-15 07:49:45 ----A---- C:\Windows\system32\wmicmiplugin.dll
2011-08-15 07:49:45 ----A---- C:\Windows\system32\taskeng.exe
2011-08-15 07:49:45 ----A---- C:\Windows\system32\taskcomp.dll
2011-08-15 07:49:45 ----A---- C:\Windows\system32\schtasks.exe
2011-08-15 07:49:43 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2011-08-15 07:49:43 ----A---- C:\Windows\system32\tquery.dll
2011-08-15 07:49:43 ----A---- C:\Windows\system32\mssrch.dll
2011-08-15 07:49:42 ----A---- C:\Windows\SYSWOW64\tquery.dll
2011-08-15 07:49:42 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-08-15 07:49:42 ----A---- C:\Windows\system32\mssph.dll
2011-08-15 07:49:41 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2011-08-15 07:49:41 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2011-08-15 07:49:41 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2011-08-15 07:49:41 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2011-08-15 07:49:41 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2011-08-15 07:49:41 ----A---- C:\Windows\SYSWOW64\mssph.dll
2011-08-15 07:49:41 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2011-08-15 07:49:41 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-08-15 07:49:41 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-08-15 07:49:41 ----A---- C:\Windows\system32\mssvp.dll
2011-08-15 07:49:41 ----A---- C:\Windows\system32\mssphtb.dll
2011-08-15 07:49:41 ----A---- C:\Windows\system32\msscntrs.dll
2011-08-15 07:49:39 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2011-08-15 07:49:39 ----A---- C:\Windows\system32\StructuredQuery.dll
2011-08-15 07:49:37 ----A---- C:\Windows\system32\drivers\afd.sys
2011-08-15 07:49:36 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-08-15 07:49:36 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-15 07:49:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-08-15 07:49:35 ----A---- C:\Windows\system32\shell32.dll
2011-08-15 07:49:34 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-08-15 07:49:31 ----A---- C:\Windows\system32\msdri.dll
2011-08-15 07:49:27 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-08-15 07:49:27 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-08-15 07:49:24 ----A---- C:\Windows\SYSWOW64\schannel.dll
2011-08-15 07:49:24 ----A---- C:\Windows\system32\schannel.dll
2011-08-15 07:49:23 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2011-08-15 07:49:23 ----A---- C:\Windows\system32\comctl32.dll
2011-08-15 07:49:22 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-08-15 07:49:22 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-08-15 07:49:22 ----A---- C:\Windows\system32\vbscript.dll
2011-08-15 07:49:22 ----A---- C:\Windows\system32\jscript.dll
2011-08-15 07:49:19 ----A---- C:\Windows\SYSWOW64\upnp.dll
2011-08-15 07:49:19 ----A---- C:\Windows\system32\upnp.dll
2011-08-15 07:49:19 ----A---- C:\Windows\system32\msxml6.dll
2011-08-15 07:49:19 ----A---- C:\Windows\system32\msxml3.dll
2011-08-15 07:49:18 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2011-08-15 07:49:18 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2011-08-15 07:49:18 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2011-08-15 07:49:18 ----A---- C:\Windows\SYSWOW64\slwga.dll
2011-08-15 07:49:18 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2011-08-15 07:49:18 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2011-08-15 07:49:18 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2011-08-15 07:49:18 ----A---- C:\Windows\system32\wscsvc.dll
2011-08-15 07:49:18 ----A---- C:\Windows\system32\wscapi.dll
2011-08-15 07:49:18 ----A---- C:\Windows\system32\winhttp.dll
2011-08-15 07:49:18 ----A---- C:\Windows\system32\WebClnt.dll
2011-08-15 07:49:18 ----A---- C:\Windows\system32\slwga.dll
2011-08-15 07:49:18 ----A---- C:\Windows\system32\davclnt.dll
2011-08-15 07:49:14 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-08-15 07:49:14 ----A---- C:\Windows\system32\XpsPrint.dll
2011-08-15 07:49:12 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2011-08-15 07:49:12 ----A---- C:\Windows\system32\rtutils.dll
2011-08-15 07:49:11 ----A---- C:\Windows\system32\mfc42u.dll
2011-08-15 07:49:10 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2011-08-15 07:49:10 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2011-08-15 07:49:10 ----A---- C:\Windows\system32\mfc42.dll
2011-08-15 07:49:04 ----A---- C:\Windows\system32\spoolsv.exe
2011-08-15 07:49:03 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-08-15 07:49:03 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-08-15 07:49:03 ----A---- C:\Windows\system32\atmlib.dll
2011-08-15 07:49:03 ----A---- C:\Windows\system32\atmfd.dll
2011-08-15 07:49:02 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2011-08-15 07:49:02 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-08-15 07:49:02 ----A---- C:\Windows\system32\WMVDECOD.DLL
2011-08-15 07:49:02 ----A---- C:\Windows\system32\DWrite.dll
2011-08-15 07:49:02 ----A---- C:\Windows\system32\d3d10warp.dll
2011-08-15 07:49:02 ----A---- C:\Windows\system32\d2d1.dll
2011-08-15 07:49:01 ----A---- C:\Windows\SYSWOW64\mf.dll
2011-08-15 07:49:01 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-08-15 07:49:01 ----A---- C:\Windows\system32\mf.dll
2011-08-15 07:49:01 ----A---- C:\Windows\system32\FntCache.dll
2011-08-15 07:49:00 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2011-08-15 07:49:00 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2011-08-15 07:49:00 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2011-08-15 07:49:00 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2011-08-15 07:49:00 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-08-15 07:49:00 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-08-15 07:49:00 ----A---- C:\Windows\system32\mfps.dll
2011-08-15 07:49:00 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-08-15 07:49:00 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-08-15 07:49:00 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-08-15 07:49:00 ----A---- C:\Windows\system32\cdd.dll
2011-08-15 07:48:53 ----A---- C:\Windows\system32\webio.dll
2011-08-15 07:48:52 ----A---- C:\Windows\SYSWOW64\webio.dll
2011-08-15 07:48:52 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2011-08-15 07:48:52 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-08-15 07:48:50 ----A---- C:\Windows\system32\drivers\fvevol.sys
2011-08-15 07:48:28 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2011-08-15 07:48:28 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2011-08-15 07:48:28 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-08-15 07:48:28 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-08-15 07:48:28 ----A---- C:\Windows\system32\dnsapi.dll
2011-08-15 07:48:17 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2011-08-15 07:48:17 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2011-08-15 07:48:17 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-08-15 07:48:17 ----A---- C:\Windows\system32\wmpmde.dll
2011-08-15 07:48:17 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-08-15 07:48:17 ----A---- C:\Windows\system32\d3d10_1.dll
2011-08-15 07:48:16 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-08-15 07:48:16 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-08-15 07:48:16 ----A---- C:\Windows\system32\drivers\srv.sys
2011-08-15 07:48:09 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2011-08-15 07:48:09 ----A---- C:\Windows\system32\ntdll.dll
2011-08-15 07:45:40 ----A---- C:\Windows\system32\winresume.exe
2011-08-15 07:45:40 ----A---- C:\Windows\system32\winload.exe
2011-08-15 07:45:40 ----A---- C:\Windows\system32\kdusb.dll
2011-08-15 07:45:40 ----A---- C:\Windows\system32\kdcom.dll
2011-08-15 07:45:40 ----A---- C:\Windows\system32\kd1394.dll
2011-08-15 07:45:39 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-08-15 07:45:39 ----A---- C:\Windows\system32\oleaut32.dll
2011-08-15 07:45:38 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2011-08-15 07:45:38 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2011-08-15 07:45:37 ----A---- C:\Windows\system32\KernelBase.dll
2011-08-15 07:45:37 ----A---- C:\Windows\system32\kernel32.dll
2011-08-15 07:45:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-15 07:45:36 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-15 07:45:36 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-08-15 07:45:36 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-08-15 07:45:36 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-08-15 07:45:36 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2011-08-15 07:45:36 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-08-15 07:45:36 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-08-15 07:45:36 ----A---- C:\Windows\system32\wow64win.dll
2011-08-15 07:45:36 ----A---- C:\Windows\system32\wow64cpu.dll
2011-08-15 07:45:36 ----A---- C:\Windows\system32\wow64.dll
2011-08-15 07:45:36 ----A---- C:\Windows\system32\winsrv.dll
2011-08-15 07:45:36 ----A---- C:\Windows\system32\ntvdm64.dll
2011-08-15 07:45:36 ----A---- C:\Windows\system32\conhost.exe
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-15 07:45:35 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-15 07:45:35 ----A---- C:\Windows\SYSWOW64\user.exe
2011-08-15 07:45:31 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-08-15 07:45:30 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2011-08-15 07:45:30 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2011-08-15 07:45:30 ----A---- C:\Windows\SYSWOW64\devobj.dll
2011-08-15 07:45:30 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2011-08-15 07:45:13 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2011-08-15 07:45:13 ----A---- C:\Windows\system32\mstscax.dll
2011-08-15 07:45:12 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2011-08-15 07:45:12 ----A---- C:\Windows\system32\mstsc.exe
2011-08-15 07:45:11 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2011-08-15 07:45:11 ----A---- C:\Windows\system32\odbc32.dll
2011-08-15 07:45:02 ----A---- C:\Windows\system32\mshtml.dll
2011-08-15 07:45:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-08-15 07:44:59 ----A---- C:\Windows\system32\ieframe.dll
2011-08-15 07:44:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-08-15 07:44:58 ----A---- C:\Windows\system32\iertutil.dll
2011-08-15 07:44:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-08-15 07:44:56 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-08-15 07:44:56 ----A---- C:\Windows\system32\urlmon.dll
2011-08-15 07:44:56 ----A---- C:\Windows\system32\mstime.dll
2011-08-15 07:44:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-08-15 07:44:55 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-08-15 07:44:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-08-15 07:44:55 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-08-15 07:44:55 ----A---- C:\Windows\system32\wininet.dll
2011-08-15 07:44:55 ----A---- C:\Windows\system32\msfeeds.dll
2011-08-15 07:44:55 ----A---- C:\Windows\system32\iedkcs32.dll
2011-08-15 07:44:54 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-08-15 07:44:54 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-08-15 07:44:54 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-08-15 07:44:54 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-15 07:44:54 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-08-15 07:44:54 ----A---- C:\Windows\system32\licmgr10.dll
2011-08-15 07:44:54 ----A---- C:\Windows\system32\iepeers.dll
2011-08-15 07:44:53 ----A---- C:\Windows\SYSWOW64\url.dll
2011-08-15 07:44:53 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-08-15 07:44:53 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-08-15 07:44:53 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-08-15 07:44:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-08-15 07:44:53 ----A---- C:\Windows\system32\url.dll
2011-08-15 07:44:53 ----A---- C:\Windows\system32\msfeedssync.exe
2011-08-15 07:44:53 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-15 07:44:53 ----A---- C:\Windows\system32\ieui.dll
2011-08-15 07:44:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-15 07:44:37 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-08-15 07:44:37 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-08-15 07:43:22 ----A---- C:\Windows\system32\win32k.sys
2011-08-15 07:43:20 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-15 07:43:17 ----A---- C:\Windows\system32\wmp.dll
2011-08-15 07:43:16 ----A---- C:\Windows\SYSWOW64\wmp.dll
2011-08-15 07:43:15 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2011-08-15 07:43:14 ----A---- C:\Windows\system32\wmploc.DLL
2011-08-15 07:43:06 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2011-08-15 07:43:06 ----A---- C:\Windows\system32\prevhost.exe
2011-08-15 07:43:05 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-08-15 07:43:05 ----A---- C:\Windows\system32\consent.exe
2011-08-15 07:43:04 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-08-15 07:43:04 ----A---- C:\Windows\system32\inetcomm.dll
2011-08-15 07:30:22 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-08-15 07:28:37 ----A---- C:\Windows\SYSWOW64\sscore.dll
2011-08-15 07:28:37 ----A---- C:\Windows\system32\srvsvc.dll
2011-08-14 20:48:41 ----A---- C:\Windows\system32\drivers\ks.sys
2011-08-14 20:41:17 ----D---- C:\Users\ntb\AppData\Roaming\skypePM
2011-08-14 19:05:17 ----A---- C:\Windows\system32\drivers\revoflt.sys
2011-08-14 19:05:16 ----D---- C:\Program Files\VS Revo Group
2011-08-14 18:25:01 ----D---- C:\Program Files\CCleaner
2011-08-14 18:02:17 ----A---- C:\Windows\nsreg.dat
2011-08-14 18:02:16 ----D---- C:\Users\ntb\AppData\Roaming\Mozilla
2011-08-14 18:02:05 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-08-14 17:47:46 ----N---- C:\Windows\system32\MpSigStub.exe
2011-08-03 11:09:58 ----D---- C:\Users\ntb\AppData\Roaming\funkitron
2011-08-03 09:59:41 ----D---- C:\ProgramData\Wild Tangent
2011-08-02 20:47:10 ----D---- C:\Users\ntb\AppData\Roaming\PlayFirst
2011-08-02 20:47:10 ----D---- C:\ProgramData\PlayFirst
2011-08-01 21:04:49 ----D---- C:\Users\ntb\AppData\Roaming\iWin
2011-07-30 17:27:19 ----A---- C:\Windows\popcinfo.dat
2011-07-30 15:03:22 ----D---- C:\Users\ntb\AppData\Roaming\Skype
2011-07-30 15:03:17 ----RD---- C:\Program Files (x86)\Skype
2011-07-30 15:03:14 ----D---- C:\ProgramData\Skype
2011-07-30 14:37:30 ----D---- C:\Users\ntb\AppData\Roaming\Macromedia
2011-07-30 14:37:30 ----A---- C:\Windows\SYSWOW64\win_utilman.exe
2011-07-30 14:37:27 ----D---- C:\Users\ntb\AppData\Roaming\_MDLogs
2011-07-29 12:53:30 ----D---- C:\Windows\AutoKMS
2011-07-29 12:51:09 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-07-29 12:48:39 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2011-07-29 12:48:39 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2011-07-29 12:48:39 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2011-07-29 12:48:39 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2011-07-29 12:48:39 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2011-07-29 12:48:39 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2011-07-29 12:48:39 ----A---- C:\Windows\system32\PresentationHost.exe
2011-07-29 12:48:39 ----A---- C:\Windows\system32\netfxperf.dll
2011-07-29 12:48:39 ----A---- C:\Windows\system32\mscoree.dll
2011-07-29 12:48:39 ----A---- C:\Windows\system32\dfshim.dll
2011-07-29 12:16:56 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2011-07-29 12:16:40 ----D---- C:\Windows\PCHEALTH
2011-07-29 12:16:40 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-07-29 12:16:40 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2011-07-29 12:16:40 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-07-29 12:14:28 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-07-29 12:14:15 ----D---- C:\Program Files\Microsoft Office
2011-07-29 12:14:07 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2011-07-29 12:14:04 ----D---- C:\Windows\SHELLNEW
2011-07-29 12:13:52 ----D---- C:\ProgramData\Microsoft Help
2011-07-29 12:13:52 ----D---- C:\Program Files (x86)\Microsoft Office
2011-07-29 12:13:44 ----RHD---- C:\MSOCache
2011-07-29 12:10:44 ----D---- C:\Program Files (x86)\TC PowerPack
2011-07-29 12:09:46 ----D---- C:\Users\ntb\AppData\Roaming\Adobe
2011-07-29 12:08:17 ----D---- C:\Users\ntb\AppData\Roaming\CyberLink
2011-07-29 12:06:44 ----D---- C:\Program Files (x86)\Nero
2011-07-29 12:02:16 ----A---- C:\Windows\SYSWOW64\unrar.dll
2011-07-29 12:02:16 ----A---- C:\Windows\avisplitter.ini
2011-07-29 12:02:15 ----A---- C:\Windows\SYSWOW64\yv12vfw.dll
2011-07-29 12:02:15 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2011-07-29 12:02:15 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2011-07-29 12:02:15 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2011-07-29 12:02:13 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2011-07-29 12:01:28 ----D---- C:\Users\ntb\AppData\Roaming\AIMP
2011-07-22 09:04:47 ----D---- C:\Windows\SYSWOW64\en
2011-07-22 09:04:47 ----D---- C:\Windows\SYSWOW64\0409
2011-07-22 09:04:40 ----D---- C:\Windows\SYSWOW64\drivers\sk-SK
2011-07-22 09:04:40 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2011-07-22 09:04:32 ----D---- C:\Windows\sk-SK
2011-07-22 09:04:31 ----D---- C:\Windows\system32\en
2011-07-22 09:04:31 ----D---- C:\Windows\system32\0409
2011-07-22 09:04:13 ----D---- C:\Windows\system32\drivers\sk-SK
2011-07-22 09:04:13 ----D---- C:\Windows\system32\drivers\en-US
2011-07-22 08:58:29 ----D---- C:\1vistalizatorw7
2011-07-22 08:53:00 ----D---- C:\Users\ntb\AppData\Roaming\ATI
2011-07-22 08:52:19 ----D---- C:\Users\ntb\AppData\Roaming\Intel Corporation
2011-07-22 08:52:05 ----D---- C:\Users\ntb\AppData\Roaming\Hewlett-Packard
2011-07-22 08:52:00 ----D---- C:\Users\ntb\AppData\Roaming\hpqLog
2011-07-22 08:51:35 ----D---- C:\Users\ntb\AppData\Roaming\Identities
2011-07-22 08:51:22 ----SD---- C:\Users\ntb\AppData\Roaming\Microsoft
2011-07-22 08:51:22 ----D---- C:\Users\ntb\AppData\Roaming\Media Center Programs
2011-07-22 08:51:06 ----SHD---- C:\Programmi
2011-07-22 08:51:06 ----SHD---- C:\ProgramData\Preferiti
2011-07-22 08:51:06 ----SHD---- C:\ProgramData\Modelli
2011-07-22 08:51:06 ----SHD---- C:\ProgramData\Menu Avvio
2011-07-22 08:51:06 ----SHD---- C:\ProgramData\Documenti
2011-07-22 08:51:06 ----SHD---- C:\ProgramData\Dati applicazioni
2011-07-22 08:51:06 ----SHD---- C:\Program Files\File comuni

======List of files/folders modified in the last 1 month======

2011-08-16 13:07:37 ----D---- C:\Windows\Temp
2011-08-16 13:06:34 ----D---- C:\Windows\debug
2011-08-16 13:06:34 ----D---- C:\Windows
2011-08-16 12:55:16 ----D---- C:\Windows\system32\config
2011-08-16 12:52:03 ----A---- C:\Windows\SYSWOW64\log.txt
2011-08-16 12:51:45 ----D---- C:\Program Files (x86)
2011-08-16 12:37:01 ----D---- C:\Windows\SYSWOW64\drivers
2011-08-16 12:36:40 ----SHD---- C:\System Volume Information
2011-08-16 12:28:39 ----HD---- C:\ProgramData
2011-08-16 12:19:37 ----RSD---- C:\Windows\assembly
2011-08-16 12:19:37 ----D---- C:\Windows\Microsoft.NET
2011-08-16 12:11:46 ----D---- C:\Windows\Prefetch
2011-08-16 12:11:33 ----D---- C:\Windows\winsxs
2011-08-16 12:09:25 ----D---- C:\Windows\SYSWOW64\it-IT
2011-08-16 12:09:25 ----D---- C:\Windows\SYSWOW64\en-US
2011-08-16 12:09:25 ----D---- C:\Windows\SysWOW64
2011-08-16 12:09:25 ----D---- C:\Windows\system32\it-IT
2011-08-16 12:09:25 ----D---- C:\Windows\system32\en-US
2011-08-16 12:09:25 ----D---- C:\Windows\system32\drivers
2011-08-16 12:09:25 ----D---- C:\Windows\System32
2011-08-16 12:09:24 ----D---- C:\Windows\system32\DriverStore
2011-08-15 18:58:37 ----RD---- C:\Program Files
2011-08-15 18:08:05 ----SHD---- C:\Windows\Installer
2011-08-15 18:07:59 ----D---- C:\Windows\system32\catroot
2011-08-15 18:07:59 ----D---- C:\Windows\inf
2011-08-15 17:58:16 ----D---- C:\ProgramData\WildTangent
2011-08-15 17:22:23 ----D---- C:\Windows\system32\catroot2
2011-08-15 16:03:50 ----D---- C:\Windows\AppPatch
2011-08-15 12:07:03 ----D---- C:\Windows\SYSWOW64\sk-SK
2011-08-15 12:07:03 ----D---- C:\Windows\system32\sk-SK
2011-08-15 12:07:02 ----D---- C:\Program Files\Internet Explorer
2011-08-15 12:07:02 ----D---- C:\Program Files (x86)\Internet Explorer
2011-08-15 12:07:00 ----D---- C:\Windows\ehome
2011-08-15 12:07:00 ----D---- C:\Program Files\Windows Mail
2011-08-15 12:07:00 ----D---- C:\Program Files (x86)\Windows Mail
2011-08-15 12:06:59 ----RSD---- C:\Windows\Fonts
2011-08-15 12:06:49 ----D---- C:\Windows\system32\Boot
2011-08-15 12:06:45 ----D---- C:\Program Files\Windows Media Player
2011-08-15 12:06:45 ----D---- C:\Program Files (x86)\Windows Media Player
2011-08-15 12:06:42 ----D---- C:\Windows\SYSWOW64\migration
2011-08-15 12:06:42 ----D---- C:\Windows\system32\migration
2011-08-15 11:26:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-14 20:38:27 ----D---- C:\Windows\Logs
2011-08-14 19:57:50 ----D---- C:\Windows\Tasks
2011-08-14 19:35:12 ----D---- C:\Windows\system32\LogFiles
2011-08-14 19:28:21 ----SD---- C:\ProgramData\Microsoft
2011-08-06 16:07:52 ----D---- C:\Windows\system32\wdi
2011-07-30 15:03:21 ----D---- C:\Windows\system32\Tasks
2011-07-30 15:03:18 ----D---- C:\Program Files (x86)\Common Files
2011-07-30 14:27:57 ----D---- C:\ProgramData\CyberLink
2011-07-29 12:57:08 ----A---- C:\Windows\win.ini
2011-07-29 12:48:48 ----D---- C:\Windows\SoftwareDistribution
2011-07-29 12:17:09 ----D---- C:\Program Files (x86)\MSBuild
2011-07-29 12:16:01 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-07-29 12:13:08 ----D---- C:\ProgramData\Adobe
2011-07-29 12:03:32 ----D---- C:\ProgramData\Norton
2011-07-22 09:04:50 ----D---- C:\Program Files\Windows Sidebar
2011-07-22 09:04:50 ----D---- C:\Program Files\DVD Maker
2011-07-22 09:04:49 ----D---- C:\Program Files\Windows Photo Viewer
2011-07-22 09:04:49 ----D---- C:\Program Files\Windows Defender
2011-07-22 09:04:49 ----D---- C:\Program Files\Common Files\System
2011-07-22 09:04:49 ----D---- C:\Program Files (x86)\Windows Sidebar
2011-07-22 09:04:48 ----D---- C:\Windows\servicing
2011-07-22 09:04:48 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2011-07-22 09:04:48 ----D---- C:\Program Files (x86)\Windows Defender
2011-07-22 09:04:47 ----D---- C:\Windows\SYSWOW64\winrm
2011-07-22 09:04:47 ----D---- C:\Windows\SYSWOW64\sysprep
2011-07-22 09:04:47 ----D---- C:\Windows\SYSWOW64\slmgr
2011-07-22 09:04:47 ----D---- C:\Windows\SYSWOW64\Setup
2011-07-22 09:04:47 ----D---- C:\Windows\SYSWOW64\oobe
2011-07-22 09:04:47 ----D---- C:\Windows\SYSWOW64\migwiz
2011-07-22 09:04:40 ----D---- C:\Windows\SYSWOW64\drivers\UMDF
2011-07-22 09:04:34 ----D---- C:\Windows\SYSWOW64\WCN
2011-07-22 09:04:34 ----D---- C:\Windows\SYSWOW64\MUI
2011-07-22 09:04:34 ----D---- C:\Windows\SYSWOW64\DriverStore
2011-07-22 09:04:34 ----D---- C:\Windows\SYSWOW64\Dism
2011-07-22 09:04:33 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2011-07-22 09:04:32 ----D---- C:\Windows\SYSWOW64\wbem
2011-07-22 09:04:32 ----D---- C:\Windows\SYSWOW64\com
2011-07-22 09:04:31 ----D---- C:\Windows\system32\winrm
2011-07-22 09:04:31 ----D---- C:\Windows\system32\sysprep
2011-07-22 09:04:31 ----D---- C:\Windows\system32\slmgr
2011-07-22 09:04:31 ----D---- C:\Windows\system32\Setup
2011-07-22 09:04:31 ----D---- C:\Windows\system32\oobe
2011-07-22 09:04:31 ----D---- C:\Windows\system32\migwiz
2011-07-22 09:04:31 ----D---- C:\Windows\en-US
2011-07-22 09:04:13 ----D---- C:\Windows\system32\MUI
2011-07-22 09:04:13 ----D---- C:\Windows\system32\drivers\UMDF
2011-07-22 09:04:12 ----D---- C:\Windows\system32\WCN
2011-07-22 09:04:12 ----D---- C:\Windows\system32\Dism
2011-07-22 09:04:06 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2011-07-22 09:04:02 ----D---- C:\Windows\system32\wbem
2011-07-22 09:04:02 ----D---- C:\Windows\system32\com
2011-07-22 08:51:31 ----SHD---- C:\$Recycle.Bin
2011-07-22 08:51:22 ----RD---- C:\Users
2011-07-22 08:51:18 ----D---- C:\Windows\rescache
2011-07-22 08:51:06 ----D---- C:\Program Files\Windows NT
2011-07-22 08:37:18 ----D---- C:\Windows\Panther

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 141264]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 170640]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-12-21 170640]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-12-21 50624]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-06-22 6856704]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-06-22 264192]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
R3 BCM43XX;Driver della scheda di rete Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-05-31 3063360]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-12-21 34144]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-13 2291616]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2010-06-22 10342240]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-04-16 319536]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Dispositivo Bluetooth (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552448]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-06-22 10342240]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RFCOMM;Dispositivo Bluetooth (RFCOMM protocollo TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-09-23 225280]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-05-31 333928]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 zntport;NTPort Library Driver; C:\Windows\System32\Drivers\zntport.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-06-22 203264]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-01-12 810144]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-06-30 121344]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-07-02 27192]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-05-19 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
R2 RtVOsdService;RtVOsdService Installer; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-06-17 315392]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-05-14 230968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-01-12 42360]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-15 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Aktualizace Service Pack 1 + IE 9

Doporučuji osobně raději avast,než crackovat později ESET,protože vidím crack na Office,takže pochybuji,že si koupíte ESET

Spustíme si HijackThis

Kód: Vybrat vše

C:\Program Files\trend micro\ntb.exe

(Pokud nenajdeme nebo nemáme,tak stáhneme ZDE )

Dále klikneme na tlačítko Do a system scan only

Najdeme a označíme následující položky:

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/6
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/6
0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON/6

klikneme na položku Fix checked a potvrdíme tlačítkem Ano

Dakujem za pomoc ak je to všetko a doporučim znamim(pristroj nie je môj) oficiálne verzie ESET a Office, ešte sa chcem spytať,majú tu ešte jeden starý notebook ktorý je velmi pomaly a občas mrzne ci mozem vlozit jeho log sem alebo je treba zaloziť novu tému.

Nemáte za co,rád jsem pomohl..na nový stoj nový topic

pokud dáte do předmětu můj nick,tak se ho ujmu já

dobrou noc

VIRY.CZ

Preventivka

Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka