VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by Giampa at 2012-07-24 17:17:47
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 171 GB (37%) free of 467 GB
Total RAM: 2045 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17.17.53, on 24/07/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VoiceRecorder 1.30\VoiceRecorder.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\Giampa\Desktop\RSIT.exe
C:\Program Files\trend micro\Giampa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?affID=17425
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: (no name) - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Eazel-IT - {ecdc465a-cf20-4b82-9a26-47c9dc52fa32} - C:\Program Files\Eazel-IT\prxtbEaz2.dll
O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\it\msntb.dll
O3 - Toolbar: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyB1.dll (file missing)
O3 - Toolbar: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
O3 - Toolbar: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD1.dll (file missing)
O3 - Toolbar: Eazel-IT Toolbar - {ecdc465a-cf20-4b82-9a26-47c9dc52fa32} - C:\Program Files\Eazel-IT\prxtbEaz2.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [MVS Splash] "C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKCU\..\Run: [WindowBlinds] C:\Program Files\AlienGUIse\wbload.exe auto
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Giampa\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [EADM] "C:\Program Files\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - Startup: Moo0 VoiceRecorder 1.30.lnk = Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VoiceRecorder 1.30\VoiceRecorder.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Giampa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Giampa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Visualizza o nasconde HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Basic) - file:///E:/nis/materials/ScriptX.cab
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/stati ... 0.27.0.cab
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll C:\Windows\System32\wbsys.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FsUsbExService - Unknown owner - C:\Windows\system32\FsUsbExService.Exe (file missing)
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Servizio di Google Update (gupdate1c9b92666e5ae50) (gupdate1c9b92666e5ae50) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Servizio di protezione antivirus e antispyware di McAfee (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe

--
End of file - 16486 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2574804596-1634237712-1245855245-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2574804596-1634237712-1245855245-1001UA.job
C:\Windows\tasks\RMSchedule.job
C:\Windows\tasks\SmartDefrag.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Giampa\AppData\Roaming\Mozilla\Firefox\Profiles\cdni27t4.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://search.babylon.com/home?affID=17425"
prefs.js - "extensions.enabledItems" - "{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.4.0.4, {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0, {3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20101113Wb1, smartwebprinting@hp.com:4.5, pixeasy@spointer.com:4.0.1938.5, {20a82645-c095-46ed-80e3-08825760534b}:0.0.0, offerboxffx@offerbox.com:2.1.3304.104, {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.4, firefox@tvunetworks.com:2, 5, 3, 1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.16"
prefs.js - "keyword.URL" - "http://www.danble.com/search/?ie=UTF-8& ... OzLy3Fh&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{3112ca9c-de6d-4884-a869-9855de68056c}"=C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
"offerboxffx@offerbox.com"=C:\Program Files\OfferBox\offerboxffx@offerbox.com
"pixeasy@spointer.com"=C:\Program Files\PixEasy\spointer\extensions\pixeasy@spointer.com
"support@predictad.com"=C:\Program Files\AutocompletePro\support@predictad.com
"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Plugin rilevatore iTunes
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@gamersfirst.com/LiveLauncher]
"Description"=GamersFirst LIVE! Web Launcher
"Path"=C:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nexon.net/NxGame]
"Description"=Nexon Game Controller 1.0.0.1
"Path"=C:\ProgramData\NexonUS\NGM\npNxGameUS.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller 1.0.0.1
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=13]
"Description"=Google Updater
"Path"=C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pages.tvunetworks.com/WebPlayer]
"Description"=TVU Web Player Plugin
"Path"=C:\Windows\system32\TVUAx\npTVUAx.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@rim.com/npappworld]
"Description"=
"Path"=C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
ffxtlbr@babylon.com
search@searchsettings.com
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{ecdc465a-cf20-4b82-9a26-47c9dc52fa32}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
libdivx.dll
np-mswmp.dll
npbittorrent.dll
npdivx32.dll
npdivx32.xpt
npDivxPlayerPlugin.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class
ssldivx.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
fast.png
fast.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Giampa\AppData\Roaming\Mozilla\Firefox\Profiles\cdni27t4.default\extensions\
bbrs_002@blabbers.com
DTToolbar@toolbarnet.com
engine@conduit.com
ffxtlbr@babylon.com
ffxtlbr@incredibar.com
firefox@tvunetworks.com
OneClickDownload@OneClickDownload.com
plugin@yontoo.com
{3112ca9c-de6d-4884-a869-9855de68056c}
{33e0daa6-3af3-d8b5-6752-10e949c61516}
{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}
{872b5b88-9db5-4310-bdd0-ac189557e5f5}
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}

C:\Users\Giampa\AppData\Roaming\Mozilla\Firefox\Profiles\cdni27t4.default\searchplugins\
bing.xml
conduit.xml
daemon-search.xml
fast-browser-search.xml
fissa.xml
MyStart Search.xml
sweetim.xml
Trova Rapido.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-03-20 803864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [2011-08-14 270960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
Web Assistant - C:\Program Files\Web Assistant\Extension32.dll [2012-05-08 162816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}]
Incredibar.com Helper Object - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll [2012-01-22 261632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}]
Babylon IE plugin - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll [2012-06-19 298136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-07-05 4018888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdc465a-cf20-4b82-9a26-47c9dc52fa32}]
Eazel-IT Toolbar - C:\Program Files\Eazel-IT\prxtbEaz2.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]
OfferBox - C:\Program Files\OfferBox\OfferBoxBHO.dll [2010-11-22 135000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files\Yontoo\YontooIEClient.dll [2012-05-16 194928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN Toolbar - C:\Program Files\MSN Toolbar\01.01.2607.0\it\msntb.dll [2005-02-07 203464]
{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - myBabylon English Toolbar - C:\Program Files\myBabylon_English\tbmyB1.dll []
{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - DVDVideoSoft Toolbar - C:\Program Files\DVDVideoSoft\tbDVD1.dll []
{ecdc465a-cf20-4b82-9a26-47c9dc52fa32} - Eazel-IT Toolbar - C:\Program Files\Eazel-IT\prxtbEaz2.dll [2011-01-17 175912]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll [2011-01-17 175912]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-03-20 803864]
{F9639E4A-801B-4843-AEE3-03D9DA199E77} - Incredibar Toolbar - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll [2012-01-22 270336]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [2011-08-14 237680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"dellsupportcenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2009-05-21 206064]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-05-14 4452352]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-04-11 56080]
"dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2008-03-11 16384]
"MVS Splash"=C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe [2009-10-23 472384]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-04-20 58656]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"NPSStartup"= []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-07-05 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-08-19 421736]
"RIMBBLaunchAgent.exe"=C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-11-02 90448]
"NeroCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"SSDMonitor"=C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2010-11-15 112600]
"Babylon Client"=C:\Program Files\Babylon\Babylon-Pro\Babylon.exe [2012-06-19 3466392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowBlinds"=C:\Program Files\AlienGUIse\wbload.exe [2005-05-12 437760]
"CursorFX"=C:\Program Files\Stardock\CursorFX\CursorFX.exe [2008-07-07 416768]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2012-06-22 3075936]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-09-09 68856]
"Steam"=C:\Program Files\Steam\Steam.exe [2011-09-06 1242448]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-07 102400]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Google Update"=C:\Users\Giampa\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-18 136176]
"EADM"=C:\Program Files\Origin\Origin.exe [2012-01-12 28201096]
"FileHippo.com"=C:\Program Files\FileHippo.com\UpdateChecker.exe [2012-03-26 306688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2008-09-26 2356088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2009-05-21 206064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2008-03-11 16384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
C:\Dell\E-Center\EULALauncher.exe [2008-02-29 17920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
C:\Program Files\Free Download Manager\fdm.exe [2009-03-02 3399727]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-09 29744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2008-03-31 166424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2008-03-31 141848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2011-08-19 421736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
C:\Windows\KHALMNPR.EXE [2007-04-11 56080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2008-08-14 565008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-08-14 2407184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2008-03-31 133656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2011-07-05 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2006-11-05 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2007-05-14 4452352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2012-06-05 17344176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-09-09 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LOGITE~1.EXE [2008-10-08 66864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2007-04-23 692224]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
GamersFirst LIVE!.lnk - C:\Program Files\GamersFirst\LIVE!\Live.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Moo0 VoiceRecorder 1.30.lnk - C:\Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VoiceRecorder 1.30\VoiceRecorder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll C:\Windows\System32\wbsys.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-03-31 200704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\GoToAssist]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"msacm.lhacm"=lhacm.acm
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-07-24 16:20:33 ----D---- C:\Program Files\FileHippo.com
2012-06-25 23:20:14 ----A---- C:\Windows\system32\wups2.dll
2012-06-25 23:20:14 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-25 23:20:13 ----A---- C:\Windows\system32\wucltux.dll
2012-06-25 23:20:13 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-25 23:19:33 ----A---- C:\Windows\system32\wups.dll
2012-06-25 23:19:33 ----A---- C:\Windows\system32\wudriver.dll
2012-06-25 23:19:33 ----A---- C:\Windows\system32\wuapi.dll
2012-06-25 23:18:38 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-25 23:18:38 ----A---- C:\Windows\system32\wuapp.exe

======List of files/folders modified in the last 1 month======

2012-07-24 17:17:50 ----D---- C:\Windows\temp
2012-07-24 17:17:49 ----D---- C:\Program Files\trend micro
2012-07-24 17:09:53 ----D---- C:\ProgramData\Babylon
2012-07-24 17:08:35 ----D---- C:\Downloads
2012-07-24 17:06:23 ----D---- C:\Program Files
2012-07-24 17:03:31 ----D---- C:\Users\Giampa\AppData\Roaming\Babylon
2012-07-24 17:02:46 ----SHD---- C:\System Volume Information
2012-07-24 16:59:58 ----HD---- C:\Program Files\InstallShield Installation Information
2012-07-24 16:58:37 ----D---- C:\Program Files\Image-Line
2012-07-24 16:57:11 ----RSD---- C:\Windows\Fonts
2012-07-24 16:56:43 ----D---- C:\Windows\System32
2012-07-24 16:56:43 ----D---- C:\ProgramData
2012-07-24 16:39:43 ----D---- C:\Windows\system32\drivers
2012-07-24 16:38:05 ----D---- C:\Windows\Prefetch
2012-07-24 16:33:34 ----D---- C:\Windows
2012-07-24 16:22:59 ----D---- C:\Program Files\CCleaner
2012-07-24 16:20:07 ----D---- C:\Windows\system32\catroot
2012-07-24 16:20:00 ----D---- C:\Windows\winsxs
2012-07-24 16:18:48 ----D---- C:\Windows\system32\catroot2
2012-07-24 16:10:10 ----SHD---- C:\Windows\Installer
2012-07-24 16:05:34 ----AD---- C:\ProgramData\TEMP
2012-07-24 16:02:57 ----D---- C:\ProgramData\Skype
2012-06-29 17:23:55 ----D---- C:\Users\Giampa\AppData\Roaming\Skype
2012-06-29 13:40:07 ----D---- C:\Windows\inf
2012-06-29 13:40:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-06-28 00:10:27 ----D---- C:\Users\Giampa\AppData\Roaming\uTorrent
2012-06-26 17:49:33 ----D---- C:\Program Files\Steam
2012-06-26 14:22:57 ----D---- C:\Windows\rescache
2012-06-26 13:52:05 ----D---- C:\Windows\system32\it-IT

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mfetdik;McAfee Inc. mfetdik; C:\Windows\system32\drivers\mfetdik.sys [2009-03-03 55208]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-07-26 43872]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-02 691696]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-03-03 213768]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2009-04-09 130424]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-07-24 5632]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-21 3928576]
R3 BCM43XX;Driver della scheda di rete 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-01-03 1044984]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2007-05-21 228224]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-14 1773536]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]
R3 LVPr2Mon;LVPr2Mon Driver; C:\Windows\system32\Drivers\LVPr2Mon.sys [2008-07-26 25624]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
R3 LVUVC;Logitech QuickCam E3500(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2008-07-26 4658584]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial.sys [2011-07-20 35328]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192]
R3 usbaudio;Driver audio USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 av4c6l69;av4c6l69; C:\Windows\system32\drivers\av4c6l69.sys []
S3 catchme;catchme; \??\C:\Users\Giampa\AppData\Local\Temp\catchme.sys []
S3 Dot4;Driver MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Driver classe Print per IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Decodificatore audio DRM del kernel Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-04-07 36608]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-11-08 101760]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-03-31 2016256]
S3 MfeAVFK;McAfee Inc. MfeAVFK; C:\Windows\system32\drivers\MfeAVFK.sys [2009-03-03 79880]
S3 MfeBOPK;McAfee Inc. MfeBOPK; C:\Windows\system32\drivers\MfeBOPK.sys [2009-03-03 35272]
S3 MfeRKDK;McAfee Inc. MfeRKDK; C:\Windows\system32\drivers\MfeRKDK.sys [2009-03-03 34216]
S3 MSKSSRV;Proxy di servizio di flusso Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy clock di flusso Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy di gestione qualità di flusso Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertitore a T/Sito a sito per flusso Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 ONDAusbmdm6k;ONDA Proprietary USB Driver; C:\Windows\system32\DRIVERS\ONDAusbmdm6k.sys [2008-04-03 104960]
S3 ONDAusbnet;ONDA USB-NDIS miniport; C:\Windows\system32\DRIVERS\ONDAusbnet.sys [2008-04-03 110080]
S3 ONDAusbnmea;ONDA NMEA Port; C:\Windows\system32\DRIVERS\ONDAusbnmea.sys [2008-04-03 104960]
S3 ONDAusbser6k;ONDA Diagnostic Port; C:\Windows\system32\DRIVERS\ONDAusbser6k.sys [2008-04-03 104960]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 qcusbser;Mobile Connector USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\cmusbser.sys [2007-10-16 97408]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-21 3928576]
S3 RimUsb;Smartphone BlackBerry; C:\Windows\System32\Drivers\RimUsb.sys [2011-07-25 64512]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\Windows\system32\drivers\ScreamingBAudio.sys [2009-04-06 23064]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-05-10 42496]
S3 usbscan;Driver scanner USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-11 27648]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-05-14 304920]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-08-21 700416]
R2 Bonjour Service; Servizio Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-07-12 387944]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Servizio di rilevamento dispositivi HP CUE; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-05-08 893112]
R2 myAgtSvc;Servizio di protezione antivirus e antispyware di McAfee; C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe [2009-10-23 282824]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-01-28 632792]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-09-04 75136]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-05 3048136]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-08-14 201968]
R2 Web Assistant Updater;Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-05-08 185856]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 iPod Service;Servizio iPod; C:\Program Files\iPod\bin\iPodService.exe [2011-08-19 821096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe []
S2 gupdate1c9b92666e5ae50;Servizio di Google Update (gupdate1c9b92666e5ae50); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-09 133104]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-05 159744]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-06-05 160944]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 GoogleDesktopManager-010708-104812;Google Desktop Manager 5.7.801.7324; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-09 29744]
S3 GoToAssist;GoToAssist; C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe [2008-09-30 16680]
S3 gupdatem;Servizio Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-09 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-29 183280]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2012-05-29 529232]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-07-11 69632]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

Zdravim a pekny vecer preji

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

OTL Extras logfile created on: 24/07/2012 19.53.36 - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Giampa\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,04 Gb Available Physical Memory | 52,09% Memory free
4,23 Gb Paging File | 3,19 Gb Available in Paging File | 75,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,68 Gb Total Space | 186,49 Gb Free Space | 40,93% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 9,91 Gb Free Space | 99,10% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: PC-GIAMPA | User Name: Giampa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E88B535-7FE2-4056-967D-232B03D104BB}" = lport=137 | protocol=17 | dir=in | app=system |
"{233982EE-40D5-43A6-8E8C-32B9229DD0AA}" = rport=445 | protocol=6 | dir=out | app=system |
"{4D3C10C1-E442-48D7-B59B-1994C406B2D1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4F8E7886-60A1-4D76-AC6C-56189C673812}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{5477A3E1-78EA-424E-905F-203E586BACB3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6F62F082-07FD-460B-BFE1-B7926E7C291F}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{72F37D97-4A4B-4E5C-8129-BD42E3B6688B}" = rport=138 | protocol=17 | dir=out | app=system |
"{84033AFC-875E-48F0-9EF4-BC1347C473F4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{84A65B40-A480-44A4-B2FF-704FDDFB39C4}" = lport=139 | protocol=6 | dir=in | app=system |
"{8A5D2790-E989-448F-BD02-E6D3B5DF4D9B}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{AB2EA696-FE53-492E-B7CF-3039F3AF69CB}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{AD3577DA-A71B-4038-9CFB-C24D203A5880}" = lport=138 | protocol=17 | dir=in | app=system |
"{BE92AE79-D81C-435F-A550-7459689B5890}" = lport=445 | protocol=6 | dir=in | app=system |
"{C8D81F0C-A5EA-4AD7-B7A5-D3EDA2A79552}" = rport=137 | protocol=17 | dir=out | app=system |
"{CCA22BF4-9AE0-4AED-A6E9-07FBEC50CD71}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EE3239F7-7234-47F0-98AE-9894AE7C04F7}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F8C29606-3721-4ECB-9F58-8BFCE8092B1C}" = rport=139 | protocol=6 | dir=out | app=system |
"{F99E2178-A593-4EDC-86E9-7CF86F380CDE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{FD2F4447-565D-4C46-808C-9BE15108E9D2}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00847966-423D-4A7B-9DE8-65743CE3D685}" = protocol=6 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"{01D01410-81D9-4CE2-8994-B5453ED2BEED}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{08A9AA6B-4BAC-4229-8F7F-D61C070B7418}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{08B54F6F-842F-4F3B-B6A4-128B50A69D7F}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{09D3084F-1B2E-4411-8B60-7AC4212455A1}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{0DF3CD60-75B3-481A-A297-4B9AA43A12C3}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{164AD276-B76B-454F-92FC-87D3243BCC18}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{1B324D2B-7CF3-4815-BC44-E1758F311EE4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{1D8588A1-F5CB-41C3-A413-0E4F777244A8}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{1DADFFCB-3F87-4946-ABC9-14716C7C4128}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{1F53DE2A-511D-43B9-B0BC-DCE894820A91}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{23A9A439-BEFB-4269-839B-1E190B4599B2}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{25BEBFBD-5C29-483A-8808-835604A4B7A4}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{285CF87E-6F5E-4689-8C57-DEE1DC076DA6}" = protocol=17 | dir=in | app=c:\program files\bittorrent_dna\dna.exe |
"{2A4C8A9D-C75B-4E55-932D-41E150097BEC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{2BDD4AC7-61BE-470D-81FC-09FD02701CA3}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{2BE579D5-C6D0-46A9-A6FF-D7D635E06A3E}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{359F8AE3-C544-43E2-8BFD-3702215180FB}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{372D095A-E1C5-4486-9AE6-03712D2E35A4}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{3BCB38C7-350A-4E29-A6A3-C9A1923286A7}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{3BD501F7-4D85-498C-B1FE-C36B0D6F876A}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{3C3DE861-4090-4874-95E9-A4D38987ABB4}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{3D0AA940-8CD5-4734-97D3-05DBEBD57D8C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{3E7561AB-7FD9-485D-8681-15EE9F55E5B7}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{492C999A-15E4-49F4-B213-AB9A371F15E0}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{5136354F-6219-4C93-8A38-5DDCBEB897E3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5142CD33-07E4-4E44-8616-190A5E9E3464}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{520760EB-6E7C-43E1-9989-C1C8C20982F7}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{579714DA-85DF-4891-9C7C-F3BD27CCCC74}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{5BA00BE8-7FB1-4AFC-92C3-FDC6E374CCD1}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{730241EF-94AE-4250-9E4F-DEF96B408ECC}" = protocol=17 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"{7686FD3B-23F0-4D0A-9265-E1A4D8FB4918}" = protocol=6 | dir=in | app=c:\program files\bittorrent_dna\dna.exe |
"{7CF4A267-0DF8-4C34-8DB8-4ADD0955667A}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{7D5A55A6-FAA1-49A4-956C-B3DF5EFF10AE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7E9E027A-B985-4FEA-A14E-9B668DD7EFA5}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{800E5C69-F35B-4E48-A6FB-7BE09498A00B}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{846DEDF9-F60B-444D-8996-67676FC9582D}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{87E94737-2C67-4D70-A863-847F07FBBECC}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{882473C4-FAF3-46A9-8CAD-AB43DCEFF91F}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{8D282617-C449-4CFD-8EE8-D35E83573CAE}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{926841D7-1E91-400A-AB04-6326FED5ED6E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{93C2173E-A3FF-4FFC-957B-C24957D2B164}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{97D33BE3-86A1-467E-B0B1-A99D1A8E5751}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{A4FFCA95-9984-4FC4-A90C-92932246593A}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{AB2F6AA4-9BA5-4E30-B102-BC875010D341}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{B1466C88-4095-42BB-99DB-710F35B70513}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{BA8C9E98-DDB3-43AE-B338-30F5BA2D50B7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BF5287B6-E8CA-424A-88AC-BB90390CE127}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{C9F45B19-27E7-4B4F-B9EA-075BDBB76A35}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{CAD64D91-6949-421F-A13C-CB5080A771A7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D25B60A9-ED1A-45FC-BF08-B53C63F6AABF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{D2F12A97-7C05-4817-8C19-8693105D6A7A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{D5DB3CCD-88CC-4E6F-9309-4D0BD28FE9ED}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{D68A4528-365F-4F94-B3FC-06F68A233C4C}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{DA65D334-6B63-47FE-86CF-A1941B752FCD}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DAAA3B9B-D248-418E-B2EE-805FA7BDA982}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DB7D0FC8-6919-4559-B05A-E1D1FC4BC78C}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{DC92E5BF-82A4-4210-9404-F42C0F755506}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E9BF0EF8-7EBB-4CBB-B949-3D9A9546D9B1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{F1CE6825-9AA7-408E-A66D-CFD5407799BE}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{FA0CBFA7-7DB0-4E2B-B2FB-28C2ED20C465}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{FCABC7B1-55AF-4882-8DC9-4E3ED076AF8C}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{15D1F35C-9EF2-4070-8432-142EB36D3FB1}C:\users\giampa\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\giampa\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{36FCF6EA-454E-48DC-81A0-7E03011E995B}C:\program files\fluendo\moovida\moovida.exe" = protocol=6 | dir=in | app=c:\program files\fluendo\moovida\moovida.exe |
"TCP Query User{8971A2B7-0EEB-47F4-8170-3BF0FA2D0E78}C:\users\giampa\temp\teamviewer\version5\teamviewer.exe" = protocol=6 | dir=in | app=c:\users\giampa\temp\teamviewer\version5\teamviewer.exe |
"TCP Query User{D997DEFD-EAD7-4822-8A4A-1D32032C278A}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{17CD8DDF-41A7-44FE-8B44-664E40160EFF}C:\program files\fluendo\moovida\moovida.exe" = protocol=17 | dir=in | app=c:\program files\fluendo\moovida\moovida.exe |
"UDP Query User{D20936C4-4D11-4041-8ADF-32E3E356B088}C:\users\giampa\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\giampa\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{D9FA50E3-2026-4789-8FFF-4FA0A7671B33}C:\users\giampa\temp\teamviewer\version5\teamviewer.exe" = protocol=17 | dir=in | app=c:\users\giampa\temp\teamviewer\version5\teamviewer.exe |
"UDP Query User{DB8BAFE9-1A8B-408E-B8CC-18DF20B1E2F3}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0876216B-8135-D74E-4B4F-8F4BCD4E7DE7}" = Catalyst Control Center HydraVision Full
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}" = Search Settings 1.2.2
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{0FB632A6-58A1-2EA9-F637-44A8BA3CA94A}" = Catalyst Control Center Localization German
"{124EFDF8-3E37-5FE5-B486-2A54C686ECA2}" = Catalyst Control Center Graphics Light
"{14396331-17EE-745B-C8FE-1C22972E325F}" = Catalyst Control Center Localization French
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{192E2132-E977-4D3E-90BA-9DBCE1B57F8C}" = Heroes of Might and Magic® IV
"{1E12EEEA-D4DB-4460-F301-092E201BE35D}" = CCC Help German
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FB04107-7BC2-449C-915A-530B29B5E0FE}" = UE3Redist
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3341697B-3E28-4C96-4F98-F269E21EB7E5}" = Skins
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.439
"{3AF8FCCD-F51A-4014-9002-F195E1CBC876}" = Logitech QuickCam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3F2FE970-A32F-5DE4-87FE-AAE7B8FE9098}" = CCC Help Thai
"{3F35D1A3-92AD-401B-ABE2-FA27682F4112}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{3FAB3594-0C12-2DB3-57E4-4AD2A13215CF}" = Catalyst Control Center Graphics Full Existing
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{41426667-29C0-5216-455A-F264290FF037}" = Catalyst Control Center Localization Japanese
"{41D6CED7-65E8-4EBB-BB1A-B45E2D8CF6D7}" = Windows Live Family Safety
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46D05AF9-80EE-CDD0-187F-669BBC4A75F0}" = CCC Help Chinese Traditional
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}" = Fissa
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{550A5CD6-3CFC-B328-E9A8-853E40858D99}" = Catalyst Control Center Graphics Full Existing
"{5546F4E9-B0F4-4F54-B949-2AB006C9284F}" = DJ_AIO_06_F2400_SW_Min
"{55CA4086-0D2C-30E3-A7B5-C76BA737CECE}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ita
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{589B2AA0-291A-9F9E-4838-6CEAA211F034}" = Catalyst Control Center Localization Polish
"{58B3E60F-8CB6-596E-273C-8FCD4A6F4262}" = ccc-utility
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B726C78-27A6-4CFC-C836-A4C3CBF4D213}" = Catalyst Control Center Localization Italian
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{6084C211-01A1-464E-97A0-09772E122B50}" = Moovida
"{60980D5C-0C56-7E59-746C-AA6CC50997E7}" = Catalyst Control Center Graphics Previews Common
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{694EF47E-F68D-ABD7-3375-953AA81477F3}" = Catalyst Control Center Localization Chinese Standard
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Supporto applicazioni Apple
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6C59EAF3-B76B-52B8-B517-E0E645B08DE5}" = Catalyst Control Center Graphics Light
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{742F6AD5-2130-7BD2-0CD5-08283CB4152D}" = Catalyst Control Center Localization Spanish
"{7603E267-9523-C5E5-8C14-B657B98EDF03}" = Catalyst Control Center Graphics Previews Vista
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.11.0
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites per Windows Live Toolbar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CC85B19-A43C-19DF-D59C-3CF62BE126F8}" = Catalyst Control Center Localization Thai
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{819CA3BC-2FF8-4811-B42F-421F7BFD3559}" = HP Deskjet F2400 All-in-One Driver 14.0 Rel. 6
"{81E04A8B-C804-4886-FA79-0AD2BE946A06}" = Catalyst Control Center InstallProxy
"{8215AC14-BFC2-4ECC-96D6-1030202F8BDF}" = Visual C++ 8.0 x86 Runtime Setup Package
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{879EDBCD-56D0-7248-3C31-F7C7D681B04B}" = Catalyst Control Center Graphics Full New
"{87C0C59B-8CF9-C398-E4C8-C2158035D447}" = Skins
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C94D6F5-6F75-7921-E9EF-93D7486DBB0E}" = CCC Help English
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DE03F6E-FCD2-4497-A8FF-F6C4430618B6}" = BlackBerry App World Browser Plugin
"{8F2DCD5C-275B-405E-8086-BFB1B3CE02FE}" = PixEasy
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_BASICR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_BASICR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_BASICR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_BASICR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_BASICR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_BASICR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_BASICR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_BASICR_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0013-0000-0000-0000000FF1CE}" = Microsoft Office Basic 2007
"{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95505417-7060-A8C9-8CBB-577670CC74DA}" = Catalyst Control Center Localization Portuguese
"{997704BD-64B1-303C-7A4E-84AB1EB63D82}" = ccc-core-static
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A837895-6987-0268-894B-BEFA91E9CC36}" = CCC Help Polish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FD829D4-673F-252A-32F4-5F7EACB5E1B5}" = CCC Help Chinese Standard
"{A1740D36-64B5-E7FF-D8F9-C0B827E42B67}" = Catalyst Control Center Graphics Full New
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A609DCAD-A00D-1820-E0BD-2A05D843B8A7}" = Catalyst Control Center Core Implementation
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB36AB42-2EC3-B02B-E9EC-294408E75819}" = ATI Catalyst Install Manager
"{AC0A04F7-2BBE-4323-B64C-1B71F2BDBF0D}" = Anteprima (Windows Live Toolbar)
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1040-7B44-A81300000003}" = Adobe Reader 8.1.4 - Italiano
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B1B5CA1D-4715-D96B-3FB9-B1EDE45D4CAA}" = CCC Help English
"{B1F54B28-3733-32EF-0B55-A9948A97B9F2}" = CCC Help French
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3EABECF-D820-4246-94B8-0CF300CA505A}" = Menu intelligenti (Windows Live Toolbar)
"{B418F434-15CD-4B68-A022-CFE0DB92A6F9}" = THE HOUSE OF THE DEAD 3
"{B676040B-E12E-98FF-D3FB-3685D9FAACF4}" = CCC Help Japanese
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7DD783E-EE11-4B68-AF39-71AE2C457015}" = Windows Live Sync
"{BD202930-5F70-4B35-B875-1E28604F328D}" = Logitech Communications Manager
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BFB51D90-90ED-2304-A5E7-A94A003EFE5C}" = CCC Help Portuguese
"{BFC2D769-8412-02A4-5B37-87880157C48B}" = ccc-utility
"{C1080852-065E-4991-9260-F3756E3CC182}" = CursorFX
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C79A37F3-C076-48BE-B290-F4C8676ABD74}" = Samsung PC Studio 3
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C9F3FAA4-CAFB-4F17-BF1B-4395EDF99554}" = StylePix
"{CA1C4B81-3C31-9C3E-87D5-AD1423E98F64}" = Catalyst Control Center Core Implementation
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD756FF3-8BFE-069C-9E6E-FD88D2CDDBD6}" = Catalyst Control Center Localization Korean
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE80D242-AF06-48E9-A5D1-96D9A8090515}" = Catalyst Control Center Localization Chinese Traditional
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D1ED0C75-28C3-BCF2-2B66-B993ECD65C41}" = CCC Help Italian
"{D2131BFA-A0D6-4FDE-8614-75B07A9B15EE}" = Windows Live UX Platform Language Pack
"{D372AF57-389D-6309-43B4-F9122E1BB1F3}" = CCC Help Spanish
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{DA94A899-F439-44D1-90B6-DB02A7341170}" = BlackBerry Desktop Software 7.0
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EBE030DD-D404-4D92-85E9-8C3624820808}_is1" = Light Image Resizer 4.1.1.5
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EDC0A25C-8F34-14A4-C49F-91983A556076}" = CCC Help Korean
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F03CB3EF-DC16-35CE-B3C1-C68EA09E5E97}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FB734B54-E410-7524-D73A-E283849BC911}" = Catalyst Control Center Graphics Previews Vista
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Pacchetto driver Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 6.0.1 CE" = Adobe Photoshop 6.0.1 CE
"AlienGUIse Theme Manager" = AlienGUIse Theme Manager
"Audacity_is1" = Audacity 1.2.6
"AutocompletePro2_is1" = AutocompletePro
"avast" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"Babylon" = Babylon
"BASICR" = Microsoft Office Basic 2007
"BlackBerry_Desktop" = BlackBerry Desktop Software 7.0
"BrowserCompanion" = BrowserCompanion
"CCleaner" = CCleaner
"conduitEngine" = Conduit Engine
"CursorFX" = CursorFX
"Defraggler" = Defraggler
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Easy Music CD Burner" = Easy Music CD Burner
"EVE10DeinstKey" = RealWorld Eve
"FileHippo.com" = FileHippo.com Update Checker
"fldbz" = Favorit
"Free Studio_is1" = Free Studio version 5.1.7
"Free Video Converter_is1" = Free Video Converter V 1.0
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"GoToAssist" = GoToAssist 8.0.0.514
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"ImTOO 3GP Video Converter" = ImTOO 3GP Video Converter
"incredibar" = Incredibar Toolbar on IE and Chrome
"InstallShield_{192E2132-E977-4D3E-90BA-9DBCE1B57F8C}" = Heroes of Might and Magic® IV
"InstallShield_{2FB04107-7BC2-449C-915A-530B29B5E0FE}" = UE3Redist
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.4.5 (Standard)
"lvdrivers_11.70" = Pacchetto di driver di Logitech QuickCam
"Microsoft .NET Framework 3.5 Language Pack SP1 - ita" = Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"MSN Toolbar" = MSN Toolbar
"myBabylon_English Toolbar" = myBabylon_English Toolbar
"Nero - Burning Rom!UninstallKey" = Ahead Nero 6 Demo
"Okoker Internet Accelerator_is1" = Okoker Internet Accelerator 1.0
"Origin" = Origin
"PROSetDX" = Intel(R) PRO Network Connections 12.1.11.0
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Security Task Manager" = Security Task Manager 1.8d
"Shop for HP Supplies" = Shop for HP Supplies
"Smart PC_is1" = Smart PC v4.5
"Steam App 550" = Left 4 Dead 2
"Steam App 630" = Alien Swarm
"UltraStar Deluxe" = UltraStar Deluxe
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 24/07/2012 11.21.51 | Computer Name = PC-Giampa | Source = Application Error | ID = 1000
Description = Applicazione che ha generato l'errore uninstbb.exe, versione 0.0.0.0,
timestamp 0x4fe090e7, modulo che ha generato l'errore uninstbb.exe, versione 0.0.0.0,
timestamp 0x4fe090e7, codice eccezione 0xc0000005, offset errore 0x00048c82, ID
processo 0x1734, data e ora di avvio dell'applicazione 0x01cd69b00c75f2f2.

Error - 24/07/2012 11.22.07 | Computer Name = PC-Giampa | Source = Application Error | ID = 1000
Description = Applicazione che ha generato l'errore uninstbb.exe, versione 0.0.0.0,
timestamp 0x4fe090e7, modulo che ha generato l'errore uninstbb.exe, versione 0.0.0.0,
timestamp 0x4fe090e7, codice eccezione 0xc0000005, offset errore 0x00048c82, ID
processo 0xd40, data e ora di avvio dell'applicazione 0x01cd69b0164d2cd2.

Error - 24/07/2012 11.24.13 | Computer Name = PC-Giampa | Source = VSS | ID = 8194
Description =

Error - 24/07/2012 11.25.27 | Computer Name = PC-Giampa | Source = VSS | ID = 8194
Description =

Error - 24/07/2012 11.38.35 | Computer Name = PC-Giampa | Source = WinMgmt | ID = 10
Description =

Error - 24/07/2012 11.43.04 | Computer Name = PC-Giampa | Source = Application Hang | ID = 1002
Description = Il programma iexplore.exe versione 9.0.8112.16446 non interagisce
più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni
sul problema, verificare la cronologia del problema in Segnalazioni di problemi
e soluzioni nel Pannello di controllo. ID processo: 13c8 Ora di avvio: 01cd69b2bbd95eab
Ora
di chiusura: 0

Error - 24/07/2012 12.00.52 | Computer Name = PC-Giampa | Source = VSS | ID = 8194
Description =

Error - 24/07/2012 12.02.24 | Computer Name = PC-Giampa | Source = Application Error | ID = 1000
Description = Applicazione che ha generato l'errore uninstbb.exe, versione 0.0.0.0,
timestamp 0x4fe090e7, modulo che ha generato l'errore uninstbb.exe, versione 0.0.0.0,
timestamp 0x4fe090e7, codice eccezione 0xc0000005, offset errore 0x00048c82, ID
processo 0x1388, data e ora di avvio dell'applicazione 0x01cd69b5b6b0151b.

Error - 24/07/2012 12.29.42 | Computer Name = PC-Giampa | Source = EventSystem | ID = 4621
Description =

Error - 24/07/2012 13.05.32 | Computer Name = PC-Giampa | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 24/07/2012 10.03.41 | Computer Name = PC-Giampa | Source = Service Control Manager | ID = 7009
Description =

Error - 24/07/2012 10.03.41 | Computer Name = PC-Giampa | Source = Service Control Manager | ID = 7000
Description =

Error - 24/07/2012 10.26.53 | Computer Name = PC-Giampa | Source = DCOM | ID = 10010
Description =

Error - 24/07/2012 10.35.19 | Computer Name = PC-Giampa | Source = Service Control Manager | ID = 7000
Description =

Error - 24/07/2012 10.37.49 | Computer Name = PC-Giampa | Source = DCOM | ID = 10010
Description =

Error - 24/07/2012 10.42.56 | Computer Name = PC-Giampa | Source = Service Control Manager | ID = 7000
Description =

Error - 24/07/2012 11.08.08 | Computer Name = PC-Giampa | Source = Service Control Manager | ID = 7000
Description =

Error - 24/07/2012 11.09.21 | Computer Name = PC-Giampa | Source = Service Control Manager | ID = 7009
Description =

Error - 24/07/2012 11.38.35 | Computer Name = PC-Giampa | Source = Service Control Manager | ID = 7000
Description =

Error - 24/07/2012 13.05.33 | Computer Name = PC-Giampa | Source = Service Control Manager | ID = 7000
Description =


< End of report >

Jeste poprosim o log OTL.txt

OTL logfile created on: 24/07/2012 19.53.36 - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Giampa\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,04 Gb Available Physical Memory | 52,09% Memory free
4,23 Gb Paging File | 3,19 Gb Available in Paging File | 75,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,68 Gb Total Space | 186,49 Gb Free Space | 40,93% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 9,91 Gb Free Space | 99,10% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: PC-GIAMPA | User Name: Giampa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012/07/24 19.51.20 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Giampa\Desktop\OTL.exe
PRC - [2012/07/05 18.41.46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/07/03 18.21.30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 18.21.29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/06/19 17.11.32 | 003,466,392 | ---- | M] (Babylon Ltd.) -- C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
PRC - [2012/05/08 15.13.28 | 000,185,856 | ---- | M] () -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
PRC - [2011/11/02 02.00.44 | 000,090,448 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2011/07/05 13.23.21 | 002,523,136 | ---- | M] (Moo0) -- C:\Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VoiceRecorder 1.30\VoiceRecorder.exe
PRC - [2009/10/23 00.55.38 | 000,282,824 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
PRC - [2009/05/21 11.13.58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/04/11 08.27.36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/07 10.22.06 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2008/08/14 18.11.48 | 000,565,008 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2008/08/14 00.04.44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/07/26 09.25.36 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/07/26 09.23.42 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2008/07/07 17.46.45 | 000,416,768 | ---- | M] (Stardock Corporation) -- C:\Program Files\Stardock\CursorFX\CursorFX.exe
PRC - [2008/01/21 04.23.32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/05/14 11.03.20 | 004,452,352 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/04/23 04.00.00 | 000,692,224 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2007/04/11 15.32.22 | 000,056,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/11 16.24.41 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/05/11 16.23.34 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/11 16.23.27 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2011/05/28 22.04.56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010/03/29 14.02.48 | 000,520,234 | ---- | M] () -- C:\ProgramData\Babylon\sqlite3.dll
MOD - [2008/08/21 04.13.04 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008/08/14 18.13.30 | 000,149,264 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiVOIPDevicePlugin.dll
MOD - [2008/08/14 18.13.08 | 000,165,136 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless4001.dll
MOD - [2008/08/14 18.13.08 | 000,138,000 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless.dll
MOD - [2008/08/14 18.12.10 | 000,167,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\EFVal.dll
MOD - [2008/08/14 18.11.48 | 000,565,008 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
MOD - [2008/08/14 18.11.48 | 000,345,872 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\DevMngr.dll
MOD - [2008/07/26 09.24.04 | 000,068,120 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll
MOD - [2008/03/12 22.00.32 | 000,059,904 | ---- | M] () -- C:\Program Files\Stardock\CursorFX\zlib1.dll
MOD - [2007/03/02 12.44.34 | 000,073,728 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Windows\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2012/07/24 19.14.15 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/05 18.41.46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/03 18.21.29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/06/05 15.17.44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/29 23.07.24 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/08 15.13.28 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV - [2009/10/23 00.55.38 | 000,282,824 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe -- (myAgtSvc)
SRV - [2008/09/30 16.14.55 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/08/14 00.04.44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter)
SRV - [2008/07/26 09.25.36 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/07/26 09.23.42 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2008/04/07 09.17.30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/01/21 04.23.32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ONDAusbser6k.sys -- (ONDAusbser6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ONDAusbnmea.sys -- (ONDAusbnmea)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ONDAusbnet.sys -- (ONDAusbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ONDAusbmdm6k.sys -- (ONDAusbmdm6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Giampa\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ad0n62rk)
DRV - [2012/07/03 18.21.54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 18.21.53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 18.21.53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 18.21.53 | 000,057,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/07/03 18.21.53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/07/03 18.21.53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/11/02 17.37.36 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009/07/24 23.30.58 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/04/07 09.39.44 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/04/06 13.19.46 | 000,023,064 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2009/03/03 12.24.42 | 000,055,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2009/03/03 12.24.24 | 000,034,216 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MfeRKDK.sys -- (MfeRKDK)
DRV - [2009/03/03 12.23.54 | 000,213,768 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/03/03 12.23.36 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MfeBOPK.sys -- (MfeBOPK)
DRV - [2009/03/03 12.23.30 | 000,079,880 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MfeAVFK.sys -- (MfeAVFK)
DRV - [2008/08/21 06.54.09 | 003,928,576 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2008/08/21 06.54.09 | 003,928,576 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/07/26 17.26.42 | 004,658,584 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2008/07/26 17.26.20 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/07/26 17.25.46 | 000,627,864 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2008/07/26 09.25.02 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007/10/16 11.40.50 | 000,097,408 | ---- | M] (Mobile Connector) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cmusbser.sys -- (qcusbser)
DRV - [2007/09/17 15.53.26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/07/03 17.58.20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 17.57.24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 17.54.24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2007/05/21 13.35.14 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/04/11 15.32.58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007/04/11 15.32.52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - SOFTWARE\Classes\CLSID\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\InprocServer32 File not found
IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... lz=1I7DAIT
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2269050


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?affID=17425
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0D 0E F0 DC BE CE CA 01 [binary data]
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\URLSearchHook: {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - No CLSID value found
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=WLETDF& ... -SearchBox
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTer ... 22152fa5b4
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{0F36E18A-6296-4333-9D99-269AAFE3D111}_Trova Rapido: "URL" = http://www.trovarapido.com/result.php?t ... earchTerms}
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{69ABAE4C-47BC-4EAD-A2B3-ED08ED617830}: "URL" = http://search.conduit.com/ResultsExt.as ... =ct3135048
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... 1I7GGLL_it
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{8597FAFB-128B-4407-873D-D7EF950EAD41}: "URL" = http://it.search.yahoo.com/search?fr=ch ... earchTerms}
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{AC854C16-CA1E-43f1-8513-0D2F36C726ED}: "URL" = http://www.danble.com/search/?q={search ... s=xOzLy3Fh
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{b41306c6-96d0-442a-bcc4-b0f621e82ce9}: "URL" = http://www.fissa.com/it/results/?s=b&c= ... earchTerms}
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{CD219514-EF55-4A7C-91DF-F27D40A86D4B}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2851640
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb128/?se ... OSKcx&i=26
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{D739AF54-0971-4604-81E3-1939E69C4967}: "URL" = http://www.fastbrowsersearch.com/result ... 33BC62592B}
IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Giampa\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Giampa\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2009/12/03 17.58.32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/08 17.44.27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\offerboxffx@offerbox.com: C:\Program Files\OfferBox\offerboxffx@offerbox.com [2010/12/08 16.31.23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\pixeasy@spointer.com: C:\Program Files\PixEasy\spointer\extensions\pixeasy@spointer.com [2011/02/27 15.27.48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@predictad.com: C:\Program Files\AutocompletePro\support@predictad.com [2011/04/17 11.26.46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/06/17 22.38.37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/08 17.44.27 | 000,000,000 | ---D | M]

[2012/07/24 17.35.19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Giampa\AppData\Roaming\mozilla\Extensions
[2010/12/08 17.31.13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Giampa\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com
[2009/02/23 17.36.59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Giampa\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2012/07/24 17.35.19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/07/24 16.02.50 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2009/04/09 23.14.39 | 000,000,000 | ---D | M] (Eazel-IT Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{ecdc465a-cf20-4b82-9a26-47c9dc52fa32}
[2012/06/22 18.32.26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2009/12/05 17.03.41 | 000,000,000 | ---D | M] (Search Settings Plugin) -- C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
[2008/09/04 02.11.24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2012/06/22 18.32.20 | 000,002,313 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2010/04/05 17.00.50 | 000,003,700 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.png
[2010/04/05 17.00.50 | 000,001,963 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.xml

========== Chrome ==========

CHR - homepage: http://www.google.it/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.it/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Giampa\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Giampa\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Giampa\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: (Enabled) = C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll
CHR - plugin: Interest Recognizer for Pixeasy (Enabled) = C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Extensions\poagplbogcmifmmjdlphdlglclpdkigg\4.0.1938.5_0\pixeasy_air_chrome.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: BitTorrent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: BlackBerry AppWorld (Enabled) = C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Windows\system32\TVUAx\npTVUAx.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Web Assistant = C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.439_0\
CHR - Extension: avast! WebRep = C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Ti\u00EBsto = C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnmeobddjkkgkglnogihcaejaleikhdh\2_0\

O1 HOSTS File: ([2010/03/05 16.57.10 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (OfferBox) - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll (Secure Digital Services Limited)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyB1.dll File not found
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\it\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\Toolbar\WebBrowser: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No CLSID value found.
O3 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\Toolbar\WebBrowser: (myBabylon English Toolbar) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - C:\Program Files\myBabylon_English\tbmyB1.dll File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe (Babylon Ltd.)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [NeroCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001..\Run: [CursorFX] C:\Program Files\Stardock\CursorFX\CursorFX.exe (Stardock Corporation)
O4 - Startup: C:\Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Moo0 VoiceRecorder 1.30.lnk = C:\Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VoiceRecorder 1.30\VoiceRecorder.exe (Moo0)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Giampa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Giampa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Translate this web page with Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8 - Extra context menu item: Translate with Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} file:///E:/nis/materials/ScriptX.cab (MeadCo ScriptX)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Reg Error: Key error.)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/stati ... 0.27.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D637545F-B3E6-4967-9058-35956626B426}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\myrm {4D034FC3-013F-4b95-B544-44D49ABE3E76} - C:\Program Files\McAfee\Managed VirusScan\Agent\MyRmProt5.0.0.648.dll (McAfee, Inc.)
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (C:\Windows\System32\wbsys.dll) - C:\Windows\System32\wbsys.dll (Stardock.Net, Inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WB: DllName - (C:\Program Files\AlienGUIse\fastload.dll) - C:\Program Files\AlienGUIse\fastload.dll (Stardock)
O24 - Desktop WallPaper: C:\Users\Giampa\AppData\Roaming\Microsoft\Windows Photo Gallery\Sfondo della Raccolta foto Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Giampa\AppData\Roaming\Microsoft\Windows Photo Gallery\Sfondo della Raccolta foto Windows.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23.43.36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2cc693a0-4f96-11df-94c4-0022152fa5b4}\Shell - "" = AutoRun
O33 - MountPoints2\{2cc693a0-4f96-11df-94c4-0022152fa5b4}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{6ff2de5d-11bb-11df-9d2e-0022152fa5b4}\Shell - "" = AutoRun
O33 - MountPoints2\{6ff2de5d-11bb-11df-9d2e-0022152fa5b4}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{7530a5af-4011-11df-9ff9-0022152fa5b4}\Shell - "" = AutoRun
O33 - MountPoints2\{7530a5af-4011-11df-9ff9-0022152fa5b4}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{85964fd3-4014-11df-9122-001d09a1cdce}\Shell - "" = AutoRun
O33 - MountPoints2\{85964fd3-4014-11df-9122-001d09a1cdce}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{865553db-261a-11df-bea0-001d09a1cdce}\Shell - "" = AutoRun
O33 - MountPoints2\{865553db-261a-11df-bea0-001d09a1cdce}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c0a4521f-2547-11df-b746-0022152fa5b4}\Shell - "" = AutoRun
O33 - MountPoints2\{c0a4521f-2547-11df-b746-0022152fa5b4}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk /p \??\F:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\LVCodec2.dll (Logitech Inc.)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012/07/24 19.51.21 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Giampa\Desktop\OTL.exe
[2012/07/24 19.14.13 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/07/24 18.36.59 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/07/24 18.33.07 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/07/24 18.33.06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/07/24 18.33.06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/07/24 18.33.04 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/07/24 18.33.03 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/07/24 18.33.03 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/07/24 18.33.01 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/07/24 17.52.00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/07/24 17.51.59 | 000,353,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/07/24 17.51.59 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/07/24 17.51.56 | 000,035,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012/07/24 17.51.55 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/07/24 17.51.52 | 000,721,000 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/07/24 17.51.52 | 000,057,656 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/07/24 17.51.04 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/07/24 17.51.01 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/07/24 17.50.36 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/07/24 17.50.36 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/07/24 16.20.33 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com
[2012/07/24 16.17.45 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012/07/24 20.04.44 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/24 19.58.07 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/07/24 19.51.20 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Giampa\Desktop\OTL.exe
[2012/07/24 19.19.50 | 000,052,224 | ---- | M] () -- C:\Users\Giampa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/24 19.14.13 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/07/24 19.14.13 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/07/24 19.11.30 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/24 19.10.00 | 000,001,164 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2574804596-1634237712-1245855245-1001UA.job
[2012/07/24 19.10.00 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/24 19.04.54 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/24 19.04.53 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/24 19.04.44 | 000,309,008 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/24 19.04.37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/24 19.03.00 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2012/07/24 18.29.02 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2012/07/24 17.52.00 | 000,001,791 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/07/24 17.51.52 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/07/24 17.30.36 | 000,011,444 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2012/07/24 17.25.41 | 000,000,063 | ---- | M] () -- C:\Windows\SIERRA.INI
[2012/07/24 16.53.20 | 000,781,383 | ---- | M] () -- C:\Users\Giampa\Desktop\RSIT.exe
[2012/07/24 16.23.00 | 000,000,766 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/24 16.20.34 | 000,001,716 | ---- | M] () -- C:\Users\Giampa\Desktop\Update Checker.lnk
[2012/07/24 16.10.23 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2574804596-1634237712-1245855245-1001Core.job
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/24 19.58.07 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/07/24 19.14.22 | 000,000,978 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/24 18.29.02 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2012/07/24 17.52.00 | 000,001,791 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/07/24 16.53.20 | 000,781,383 | ---- | C] () -- C:\Users\Giampa\Desktop\RSIT.exe
[2012/07/24 16.23.00 | 000,000,766 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/24 16.20.33 | 000,001,716 | ---- | C] () -- C:\Users\Giampa\Desktop\Update Checker.lnk
[2012/03/26 00.29.39 | 000,339,340 | ---- | C] () -- C:\Users\Giampa\AppData\Local\census.cache
[2012/03/26 00.29.16 | 000,273,591 | ---- | C] () -- C:\Users\Giampa\AppData\Local\ars.cache
[2012/03/26 00.08.42 | 000,000,036 | ---- | C] () -- C:\Users\Giampa\AppData\Local\housecall.guid.cache
[2011/09/16 15.05.18 | 000,000,680 | ---- | C] () -- C:\Users\Giampa\AppData\Local\d3d9caps.dat
[2011/07/05 13.22.00 | 000,000,308 | ---- | C] () -- C:\Windows\mp3007.INI
[2011/03/15 13.24.28 | 000,168,105 | ---- | C] () -- C:\Windows\hpoins44.dat.temp
[2011/03/15 13.24.28 | 000,000,586 | ---- | C] () -- C:\Windows\hpomdl44.dat.temp
[2010/11/02 18.32.26 | 000,002,591 | ---- | C] () -- C:\Users\Giampa\AppData\Roaming\mainhst.zgh
[2009/09/29 13.59.07 | 000,000,564 | ---- | C] () -- C:\Users\Giampa\AppData\Local\FSCache.dat
[2009/07/27 21.20.20 | 000,000,091 | ---- | C] () -- C:\Users\Giampa\AppData\Local\haoatgat.bat
[2009/05/21 19.35.47 | 000,138,056 | ---- | C] () -- C:\Users\Giampa\AppData\Roaming\PnkBstrK.sys
[2009/03/07 00.14.17 | 000,000,552 | ---- | C] () -- C:\Users\Giampa\AppData\Local\d3d8caps.dat
[2009/01/13 20.08.42 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2008/11/28 16.38.18 | 000,000,091 | ---- | C] () -- C:\Users\Giampa\AppData\Local\tiwcjxm.bat
[2008/09/19 14.56.23 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/09/13 15.41.08 | 000,052,224 | ---- | C] () -- C:\Users\Giampa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2012/07/24 19.27.22 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Babylon
[2012/05/29 19.54.56 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\BitTorrent
[2011/12/26 16.04.01 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Canneverbe Limited
[2012/03/26 00.01.00 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Complitly
[2009/01/10 13.22.51 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\CoSoSys
[2012/05/29 19.54.58 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\DAEMON Tools Lite
[2011/12/26 13.07.04 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\DVDVideoSoft
[2010/12/10 23.44.03 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/11/16 16.53.15 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Echidna LLC
[2010/12/08 16.34.22 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\FissaSearch
[2012/05/29 19.54.56 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Free Download Manager
[2010/02/14 15.38.03 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\GetRightToGo
[2010/04/24 13.22.40 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\InterTrust
[2010/11/21 21.46.54 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\IObit
[2008/09/13 15.48.56 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\LANGMaster
[2008/10/08 15.30.26 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Leadertech
[2011/05/17 16.49.13 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\LimeWire
[2009/07/27 21.20.44 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\live-player
[2008/10/26 19.32.04 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Messenger_for_Skype
[2012/06/04 00.37.56 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\moovida-1
[2011/04/17 11.32.18 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Music Editor Free
[2012/02/12 18.01.47 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\ObviousIdea
[2011/06/13 23.33.59 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\OfferBox
[2011/12/26 16.03.46 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\OpenCandy
[2011/11/13 19.35.10 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Origin
[2010/04/24 19.32.09 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\PC Suite
[2011/06/14 00.02.11 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\PriceGong
[2011/12/26 16.07.35 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Registry Mechanic
[2011/09/18 21.39.07 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Research In Motion
[2010/04/24 19.30.24 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Samsung
[2009/05/31 00.24.11 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Screaming Bee
[2009/12/05 20.04.56 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Search Settings
[2010/02/14 15.41.32 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Smart PC Solutions
[2011/03/30 23.47.58 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\TeamViewer
[2012/05/29 19.54.56 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\TS3Client
[2012/07/24 19.31.36 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\uTorrent
[2010/12/08 17.34.31 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\WalletBalance
[2011/02/17 17.54.06 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Windows Live Writer
[2010/11/02 18.32.42 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\ZipGenius
[2012/07/24 18.37.39 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/05/21 00.13.18 | 000,000,386 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job

========== Purity Check ==========



========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2008/09/09 21.13.11 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008/09/09 21.13.11 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009/04/11 08.32.26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009/04/11 08.32.26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 08.32.26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 08.32.26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 04.23.00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 04.23.00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11.49.36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/09/09 21.13.11 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/04/11 08.27.20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009/04/11 08.27.20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008/01/21 04.24.45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

< MD5 for: CDROM.SYS >
[2008/01/21 04.23.02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008/01/21 04.23.02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009/04/11 06.39.17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009/04/11 06.39.17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009/04/11 06.39.17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006/11/02 10.51.44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008/10/29 08.20.29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 08.29.41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 05.59.17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 08.27.36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009/04/11 08.27.36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 08.27.36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 04.15.02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 04.24.24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009/04/11 08.32.46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: SCECLI.DLL >
[2008/01/21 04.24.50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 08.28.24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009/04/11 08.28.24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 08.28.24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SVCHOST.EXE >
[2008/01/21 04.23.43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008/01/21 04.23.43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 04.23.43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008/04/26 10.08.16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009/04/11 08.33.02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011/09/20 23.02.55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009/12/08 22.52.30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009/08/15 23.30.53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009/08/14 19.01.55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011/06/17 22.13.55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2012/03/30 14.39.11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\System32\drivers\tcpip.sys
[2012/03/30 14.39.11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
[2010/02/18 13.51.51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010/02/18 16.49.38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009/08/14 16.24.47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009/12/08 22.15.00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010/02/18 16.07.16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010/02/18 14.05.37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009/12/08 22.37.09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010/06/16 17.55.58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009/08/14 18.27.34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011/06/17 22.13.55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010/06/16 18.39.32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010/06/16 17.59.54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011/09/20 23.02.55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2008/04/26 10.26.49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009/12/08 19.58.13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009/08/14 19.07.56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010/02/18 19.36.50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010/06/16 18.04.57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009/12/08 19.45.32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010/02/18 16.22.11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009/12/08 22.01.08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\ERDNT\cache\tcpip.sys
[2009/12/08 22.01.08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2012/03/30 14.39.11 | 000,914,304 | ---- | M] (Microsoft Corporation) MD5=EE7E10BED85C312C1D5D30C435BDDA9F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
[2008/01/21 04.25.03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009/08/14 18.33.50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008/01/21 04.24.49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008/01/21 04.24.49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 04.24.49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 08.28.13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009/04/11 08.28.13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 08.28.13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 04.24.49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[17 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\54a5aae0a97060e674b603a046171bbe\*.tmp files -> C:\Windows\SoftwareDistribution\Download\54a5aae0a97060e674b603a046171bbe\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08.03.18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010/04/05 00.01.18 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Adobe
[2011/09/01 12.51.30 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Apple Computer
[2008/09/13 13.43.18 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\ATI
[2009/10/13 17.09.19 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\AVS4YOU
[2012/07/24 19.27.22 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Babylon
[2012/05/29 19.54.56 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\BitTorrent
[2011/12/26 16.04.01 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Canneverbe Limited
[2012/03/26 00.01.00 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Complitly
[2009/01/10 13.22.51 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\CoSoSys
[2012/05/29 19.54.58 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\DAEMON Tools Lite
[2009/01/10 21.00.37 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\DivX
[2011/09/29 12.59.07 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\dvdcss
[2011/12/26 13.07.04 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\DVDVideoSoft
[2010/12/10 23.44.03 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/11/16 16.53.15 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Echidna LLC
[2010/12/08 16.34.22 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\FissaSearch
[2012/05/29 19.54.56 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Free Download Manager
[2010/02/14 15.38.03 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\GetRightToGo
[2009/01/11 14.08.52 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Google
[2010/04/05 17.06.57 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\HP
[2008/09/13 13.42.41 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Identities
[2012/06/06 13.11.20 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\InstallShield
[2010/04/24 13.22.40 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\InterTrust
[2010/11/21 21.46.54 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\IObit
[2008/09/13 15.48.56 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\LANGMaster
[2008/10/08 15.30.26 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Leadertech
[2011/05/17 16.49.13 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\LimeWire
[2009/07/27 21.20.44 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\live-player
[2008/09/14 12.53.50 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Logitech
[2008/09/18 22.34.57 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Macromedia
[2012/03/26 00.13.11 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Malwarebytes
[2009/11/13 13.47.36 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\McAfee
[2006/11/02 14.37.34 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Media Center Programs
[2009/04/10 12.43.20 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Media Player Classic
[2008/10/26 19.32.04 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Messenger_for_Skype
[2009/12/21 22.34.30 | 000,000,000 | --SD | M] -- C:\Users\Giampa\AppData\Roaming\Microsoft
[2012/06/04 00.37.56 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\moovida-1
[2008/10/22 19.04.13 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Mozilla
[2011/04/17 11.32.18 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Music Editor Free
[2012/02/12 18.01.47 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\ObviousIdea
[2011/06/13 23.33.59 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\OfferBox
[2011/12/26 16.03.46 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\OpenCandy
[2011/11/13 19.35.10 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Origin
[2010/04/24 19.32.09 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\PC Suite
[2011/06/14 00.02.11 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\PriceGong
[2011/12/26 16.07.35 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Registry Mechanic
[2011/09/18 21.39.07 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Research In Motion
[2008/09/13 19.56.45 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Roxio
[2010/04/24 19.30.24 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Samsung
[2009/05/31 00.24.11 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Screaming Bee
[2009/12/05 20.04.56 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Search Settings
[2012/07/24 17.45.48 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Skype
[2011/09/01 12.28.26 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\skypePM
[2010/02/14 15.41.32 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Smart PC Solutions
[2010/03/19 17.38.31 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\teamspeak2
[2011/03/30 23.47.58 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\TeamViewer
[2012/05/29 19.54.56 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\TS3Client
[2012/07/24 19.31.36 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\uTorrent
[2010/12/08 17.34.31 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\WalletBalance
[2011/02/17 17.54.06 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Windows Live Writer
[2010/11/02 17.12.55 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\WinRAR
[2009/03/17 22.40.18 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\Yahoo!
[2010/11/02 18.32.42 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\ZipGenius

< %APPDATA%\*.exe /s >
[2012/01/03 01.08.36 | 000,091,128 | ---- | M] () -- C:\Users\Giampa\AppData\Roaming\Complitly\KeepMeUpdated.exe
[2012/01/03 01.08.36 | 000,091,128 | ---- | M] () -- C:\Users\Giampa\AppData\Roaming\Complitly\64\KeepMeUpdated.exe
[2009/02/23 17.36.54 | 000,163,840 | ---- | M] (Mozilla Foundation) -- C:\Users\Giampa\AppData\Roaming\LimeWire\browser\xulrunner\crashreporter.exe
[2009/02/23 17.36.55 | 000,196,608 | ---- | M] (Mozilla Foundation) -- C:\Users\Giampa\AppData\Roaming\LimeWire\browser\xulrunner\updater.exe
[2009/02/23 17.36.55 | 000,014,848 | ---- | M] () -- C:\Users\Giampa\AppData\Roaming\LimeWire\browser\xulrunner\xpcshell.exe
[2009/02/23 17.36.55 | 000,077,824 | ---- | M] (Mozilla Foundation) -- C:\Users\Giampa\AppData\Roaming\LimeWire\browser\xulrunner\xpicleanup.exe
[2009/02/23 17.36.55 | 000,266,240 | ---- | M] (Mozilla Foundation) -- C:\Users\Giampa\AppData\Roaming\LimeWire\browser\xulrunner\xpidl.exe
[2009/02/23 17.36.55 | 000,018,432 | ---- | M] () -- C:\Users\Giampa\AppData\Roaming\LimeWire\browser\xulrunner\xpt_dump.exe
[2009/02/23 17.36.55 | 000,014,336 | ---- | M] () -- C:\Users\Giampa\AppData\Roaming\LimeWire\browser\xulrunner\xpt_link.exe
[2009/02/23 17.36.56 | 000,073,728 | ---- | M] (Mozilla Foundation) -- C:\Users\Giampa\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner-stub.exe
[2009/02/23 17.36.56 | 000,102,400 | ---- | M] (Mozilla Foundation) -- C:\Users\Giampa\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner.exe
[2012/03/25 23.56.24 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\Giampa\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
[2012/06/06 13.11.33 | 000,010,134 | R--- | M] () -- C:\Users\Giampa\AppData\Roaming\Microsoft\Installer\{56918C0C-0D87-4CA6-92BF-4975A43AC719}\ARPPRODUCTICON.exe
[2008/10/07 16.08.47 | 000,010,134 | R--- | M] () -- C:\Users\Giampa\AppData\Roaming\Microsoft\Installer\{81E04A8B-C804-4886-FA79-0AD2BE946A06}\ARPPRODUCTICON.exe
[2012/06/06 13.14.00 | 000,010,134 | R--- | M] () -- C:\Users\Giampa\AppData\Roaming\Microsoft\Installer\{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}\ARPPRODUCTICON.exe
[2011/10/06 20.15.25 | 000,010,134 | R--- | M] () -- C:\Users\Giampa\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2010/11/18 18.08.02 | 000,163,840 | ---- | M] (Igor Pavlov) -- C:\Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip\7z.exe
[2010/11/18 18.09.00 | 000,421,888 | ---- | M] (Igor Pavlov) -- C:\Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip\7zFM.exe
[2010/11/18 18.09.20 | 000,227,840 | ---- | M] (Igor Pavlov) -- C:\Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip\7zG.exe
[2011/07/10 21.43.40 | 000,058,641 | ---- | M] () -- C:\Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip\Uninstall.exe
[2011/07/05 13.23.21 | 001,335,296 | ---- | M] (Moo0) -- C:\Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VoiceRecorder 1.30\uninstaller.exe
[2011/07/05 13.23.21 | 002,523,136 | ---- | M] (Moo0) -- C:\Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VoiceRecorder 1.30\VoiceRecorder.exe
[2011/12/26 16.03.49 | 000,197,128 | ---- | M] () -- C:\Users\Giampa\AppData\Roaming\OpenCandy\18CF88092C4547C4ABECE9407DCCA85C\SymentecRegMech_It_p1v1.exe
[2012/05/17 17.27.38 | 002,959,376 | ---- | M] (Microsoft Corporation) -- C:\Users\Giampa\AppData\Roaming\Research In Motion\BlackBerry Desktop\Updates\33484803-750F-4154-A0A3-C0474F3BE1BE\dotnetfx35setup.exe
[2012/06/10 14.59.17 | 112,927,096 | ---- | M] () -- C:\Users\Giampa\AppData\Roaming\Research In Motion\BlackBerry Desktop\Updates\33484803-750F-4154-A0A3-C0474F3BE1BE\Extractor.exe
[2012/05/17 17.27.38 | 000,128,472 | ---- | M] (Macrovision Corporation) -- C:\Users\Giampa\AppData\Roaming\Research In Motion\BlackBerry Desktop\Updates\33484803-750F-4154-A0A3-C0474F3BE1BE\Helper.exe
[2012/05/17 17.27.38 | 004,216,840 | ---- | M] (Microsoft Corporation) -- C:\Users\Giampa\AppData\Roaming\Research In Motion\BlackBerry Desktop\Updates\33484803-750F-4154-A0A3-C0474F3BE1BE\vcredist_x86.exe
[2012/05/17 17.27.38 | 000,421,752 | ---- | M] (Research In Motion Limited) -- C:\Users\Giampa\AppData\Roaming\Research In Motion\BlackBerry Desktop\Updates\33484803-750F-4154-A0A3-C0474F3BE1BE\InstallerUtils\InstallerUtils.exe
[2012/05/17 17.27.38 | 000,080,248 | ---- | M] (Research In Motion Limited) -- C:\Users\Giampa\AppData\Roaming\Research In Motion\BlackBerry Desktop\Updates\33484803-750F-4154-A0A3-C0474F3BE1BE\InstallerUtils\Setup.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2012/07/24 20.05.21 | 000,000,978 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012/07/24 19.11.30 | 000,001,134 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/07/24 20.10.00 | 000,001,138 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/07/24 16.10.23 | 000,001,112 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2574804596-1634237712-1245855245-1001Core.job
[2012/07/24 20.10.01 | 000,001,164 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2574804596-1634237712-1245855245-1001UA.job
[2012/05/21 00.13.18 | 000,000,386 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010/11/02 17.37.36 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2008/01/21 05.14.18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/21 05.14.08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/21 05.14.18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 12.34.08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 12.34.08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012/07/24 19.04.53 | 000,003,616 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/24 19.04.54 | 000,003,616 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/24 17.30.36 | 000,011,444 | ---- | M] () -- C:\Windows\system32\Config.MPF
[2012/07/24 17.51.52 | 000,002,577 | ---- | M] () -- C:\Windows\system32\config.nt
[2012/07/24 20.05.18 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2012/07/24 20.05.17 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2012/07/24 19.04.44 | 000,309,008 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2012/07/24 18.33.48 | 057,442,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mrt.exe
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08.03.18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CursorFX" = "C:\Program Files\Stardock\CursorFX\CursorFX.exe" -- [2008/07/07 17.46.45 | 000,416,768 | ---- | M] (Stardock Corporation)
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008/01/21 04.25.11 | 000,125,952 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\Giampa\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010/03/18 19.07.59 | 000,136,176 | ---- | M] (Google Inc.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012/06/02 11.08.27 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=34B01BBD8F00B6B9C9248DC4F1E3CD01 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/07/24 19.58.07 | 000,000,512 | ---- | M] () MD5=FC8B2B59AC1B9A1103EA0C57F7CA1468 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2009/04/01 10.33.38 | 000,014,382 | ---- | M] () -- \Program Files\ImTOO\3GP Video Converter\script\crack.js
[2011/04/12 20.40.35 | 000,026,924 | ---- | M] () -- \Program Files\Steam\steamapps\common\alien swarm\swarm\sound\vo\crash\hackcrackhome.wav
[2007/07/20 16.01.36 | 000,349,680 | ---- | M] () -- \Program Files\WarRock\Texture\FM003\Decal_crack01_FM003.dds
[2007/07/09 17.46.18 | 000,174,720 | ---- | M] () -- \Program Files\WarRock\Texture\FM003\Decal_crack02_FM003.dds
[2007/07/06 14.29.44 | 000,349,312 | ---- | M] () -- \Program Files\WarRock\Texture\FM003\Decal_crack03_FM003.dds
[2008/08/21 21.42.16 | 000,174,720 | ---- | M] () -- \Program Files\WarRock\Texture\FMX01\D_Crackwall01.dds
[2007/07/20 16.47.30 | 000,349,680 | ---- | M] () -- \Program Files\WarRock\Texture\Santo\Decal_crack01_FM003.dds
[2010/12/02 16.26.20 | 018,938,760 | ---- | M] () -- \Users\Giampa\Downloads\PES2011_ONLY_CRACK (1).rar
[2010/12/02 16.21.11 | 018,938,760 | ---- | M] () -- \Users\Giampa\Downloads\PES2011_ONLY_CRACK.rar
[2010/01/31 18.26.48 | 003,986,315 | ---- | M] () -- \Users\Giampa\Downloads\Voices-v1.0-Cracked.ipa
[2009/12/24 20.28.30 | 080,684,815 | ---- | M] () -- \Users\Giampa\Music\iTunes\Mobile Applications\Real.Racing.v1.21.iPhone.iPod.Touch.Cracked.READ.NFO-COREPDA[1].ipa

< *keygen* /s >

< *loader* /s >
[2012/05/02 14.50.42 | 000,607,376 | ---- | M] () -- \Poker\Poker Snai\data\loader.dll
[2012/05/02 14.50.41 | 000,002,737 | ---- | M] () -- \Poker\Poker Snai\data\loader.gam
[2012/01/10 19.49.01 | 000,002,608 | ---- | M] () -- \Poker\Poker Snai\widgetbar\widgets\themecloud\resources\html\img\ajax-loader.gif
[1999/11/04 15.06.48 | 000,113,664 | ---- | M] () -- \Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2011/08/22 21.37.42 | 002,816,112 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\Dll\DVSVideoDownloader.dll
[2011/08/22 21.37.44 | 001,901,168 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\Dll\HttpVideoDownloader.dll
[2006/10/26 14.40.34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 14.40.34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012/05/17 14.12.38 | 010,842,488 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\Loader.exe
[2012/05/17 14.12.42 | 000,633,720 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderClient.dll
[2012/05/17 14.12.42 | 000,874,872 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes1025.dll
[2012/05/17 14.12.44 | 000,827,256 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes1028.dll
[2012/05/17 14.12.44 | 000,887,160 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes1029.dll
[2012/05/17 14.12.44 | 000,906,616 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes1031.dll
[2012/05/17 14.12.46 | 000,907,640 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes1032.dll
[2012/05/17 14.12.46 | 000,908,664 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes1034.dll
[2012/05/17 14.12.48 | 000,907,640 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes1036.dll
[2012/05/17 14.12.48 | 000,864,120 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes1037.dll
[2012/05/17 14.12.50 | 000,894,840 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes1038.dll
[2012/05/17 14.12.50 | 000,903,544 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes1040.dll
[2012/05/17 14.12.52 | 000,846,712 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes1041.dll
[2012/05/17 14.12.52 | 000,843,128 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes1042.dll
[2012/05/17 14.12.54 | 000,895,864 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes1043.dll
[2012/05/17 14.12.54 | 000,897,912 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes1045.dll
[2012/05/17 14.12.56 | 000,896,376 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes1046.dll
[2012/05/17 14.12.56 | 000,892,280 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes1049.dll
[2012/05/17 14.12.58 | 000,886,136 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes1055.dll
[2012/05/17 14.12.58 | 000,891,256 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes1057.dll
[2012/05/17 14.13.00 | 000,823,160 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes2052.dll
[2012/05/17 14.13.00 | 000,903,544 | ---- | M] () -- \Program Files\Common Files\Research In Motion\AppLoader\LoaderRes2070.dll
[2006/11/05 11.27.46 | 000,053,511 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\themeloader_default_chapter.jpg
[2006/11/05 11.27.46 | 000,053,511 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Generic\Images\themeloader_default_menu.jpg
[2006/11/05 11.27.52 | 000,006,379 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\9.0\Common Resources\Shared\Locale\1040\Strings\RCMFormatLoaderStrings.xml
[2006/11/05 11.58.02 | 000,204,800 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll
[2006/11/05 11.56.38 | 000,077,824 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFormatLoaderBMP.dll
[2006/11/05 12.01.48 | 000,065,536 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFormatLoaderECDC.dll
[2006/11/05 12.00.54 | 000,086,016 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFormatLoaderGIF.dll
[2006/11/05 11.57.46 | 000,196,608 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFormatLoaderJPG2.dll
[2006/11/05 11.57.52 | 000,065,536 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFormatLoaderMDC.dll
[2006/11/05 11.56.54 | 000,126,976 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFormatLoaderPNG.dll
[2006/11/05 11.56.46 | 000,098,304 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFormatLoaderTIFF.dll
[2006/11/05 11.55.48 | 000,135,168 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll
[2011/03/29 10.30.38 | 000,033,859 | ---- | M] () -- \Program Files\Fluendo\Moovida\libpixbufloader-jpeg.dll
[2011/03/29 10.30.34 | 000,002,727 | ---- | M] () -- \Program Files\Fluendo\Moovida\etc\gtk-2.0\gdk-pixbuf.loaders
[2009/05/21 20.38.08 | 000,007,507 | ---- | M] () -- \Program Files\HP\Digital Imaging\HelpViewer\Resources\Loader.swf
[2009/05/21 21.54.18 | 000,030,776 | ---- | M] () -- \Program Files\HP\Digital Imaging\smart web printing\RsrcLoaderLib.dll
[2009/05/21 21.54.18 | 000,002,713 | ---- | M] () -- \Program Files\HP\Digital Imaging\smart web printing\MozillaAddOn3\xre\components\uriloader.xpt
[2008/12/04 11.20.58 | 000,245,760 | ---- | M] () -- \Program Files\ImTOO\3GP Video Converter\vcloader.exe
[2009/02/10 07.29.46 | 000,077,824 | ---- | M] () -- \Program Files\ImTOO\3GP Video Converter\xcDownloader.dll
[2010/01/29 06.43.52 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2010/11/22 17.57.10 | 000,002,608 | ---- | M] () -- \Program Files\OfferBox\res\loader.gif
[2011/06/07 08.06.16 | 000,000,500 | ---- | M] () -- \Program Files\Research In Motion\BlackBerry Desktop\DataUploaderConfig.xml
[2006/09/21 00.02.10 | 000,126,976 | ---- | M] () -- \Program Files\Roxio\VideoCore 9\VOBLoader.ax
[2006/09/20 01.24.28 | 000,159,744 | ---- | M] () -- \Program Files\Roxio\VideoUI 9\DSThemeLoader.dll
[2006/11/05 13.04.14 | 000,106,496 | ---- | M] () -- \Program Files\Roxio\VideoUI 9\DVDFormatLoaderPlugIn.dll
[2006/11/05 12.46.00 | 000,053,511 | R--- | M] () -- \Program Files\Roxio\VideoUI 9\Skins\Default\Generic\Images\themeloader_default_chapter.jpg
[2006/11/05 12.46.00 | 000,053,511 | R--- | M] () -- \Program Files\Roxio\VideoUI 9\Skins\Default\Generic\Images\themeloader_default_menu.jpg
[2006/11/05 12.46.00 | 000,040,000 | R--- | M] () -- \Program Files\Roxio\VideoUI 9\Skins\Default\Generic\Images\themeloader_hourglass.jpg
[2009/04/07 09.55.04 | 000,287,232 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\NPSAndroidDownloader.dll
[2009/04/07 09.55.04 | 000,285,184 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\NPSLinuxMitsDownloader.dll
[2009/04/07 10.10.24 | 000,208,896 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\Symbian_Downloader_DLL.dll
[2009/04/07 10.20.20 | 000,258,048 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader.dll
[2008/11/25 16.52.24 | 000,266,240 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader2.dll
[2007/04/03 12.05.20 | 000,018,944 | ---- | M] () -- \Program Files\Samsung\Samsung PC Studio 3\CMLoader.dll
[2012/01/02 10.00.38 | 000,002,602 | ---- | M] () -- \ProgramData\Babylon\LocalUI\img\controls\b9_preloader.gif
[2011/04/05 13.30.42 | 000,002,602 | ---- | M] () -- \ProgramData\Babylon\LocalUI\img-ie6\controls\b9_preloader.gif
[2008/11/27 12.29.42 | 000,043,008 | ---- | M] () -- \ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
[2008/11/27 12.29.42 | 000,043,008 | ---- | M] () -- \ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metricsloader.dll
[2011/09/07 12.56.57 | 000,001,294 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free Uploader for Facebook.lnk
[2011/09/07 12.56.57 | 000,001,239 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free YouTube Uploader.lnk
[2010/04/04 23.58.07 | 000,001,016 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
[2012/03/26 00.53.23 | 000,000,100 | ---- | M] () -- \ProgramData\SecTaskMan\_jsloader26990
[2012/03/26 00.45.00 | 000,011,767 | ---- | M] () -- \ProgramData\SecTaskMan\_jsloader26997133
[2012/02/29 09.49.32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/02/29 09.49.32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012/01/02 10.00.38 | 000,002,602 | ---- | M] () -- \Users\All Users\Babylon\LocalUI\img\controls\b9_preloader.gif
[2011/04/05 13.30.42 | 000,002,602 | ---- | M] () -- \Users\All Users\Babylon\LocalUI\img-ie6\controls\b9_preloader.gif
[2008/11/27 12.29.42 | 000,043,008 | ---- | M] () -- \Users\All Users\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
[2008/11/27 12.29.42 | 000,043,008 | ---- | M] () -- \Users\All Users\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metricsloader.dll
[2011/09/07 12.56.57 | 000,001,294 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free Uploader for Facebook.lnk
[2011/09/07 12.56.57 | 000,001,239 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free YouTube Uploader.lnk
[2010/04/04 23.58.07 | 000,001,016 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
[2012/03/26 00.53.23 | 000,000,100 | ---- | M] () -- \Users\All Users\SecTaskMan\_jsloader26990
[2012/03/26 00.45.00 | 000,011,767 | ---- | M] () -- \Users\All Users\SecTaskMan\_jsloader26997133
[2012/02/29 09.49.32 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/02/29 09.49.32 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2010/11/02 17.38.35 | 000,057,728 | ---- | M] () -- \Users\Giampa\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2010/11/02 17.38.35 | 000,057,728 | ---- | M] () -- \Users\Giampa\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2010/11/02 17.38.35 | 000,057,728 | ---- | M] () -- \Users\Giampa\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2009/02/23 17.36.54 | 000,002,713 | ---- | M] () -- \Users\Giampa\AppData\Roaming\LimeWire\browser\xulrunner\components\uriloader.xpt
[2011/12/26 12.27.00 | 000,002,718 | ---- | M] () -- \Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Poker\Poker Snai\data\loader.gam
[2011/12/26 12.30.00 | 000,000,281 | ---- | M] () -- \Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nuova cartella (2)\C\Program Files\DVDVideoSoft\Free Studio\Free Uploader for Facebook\FreeUploaderForFacebook.xml
[2011/12/26 12.30.00 | 000,000,336 | ---- | M] () -- \Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nuova cartella (2)\C\Program Files\DVDVideoSoft\Free Studio\Free YouTube Uploader\FreeYouTubeUploader.xml
[2011/12/26 12.31.00 | 000,002,727 | ---- | M] () -- \Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nuova cartella (2)\C\Program Files\Fluendo\Moovida\etc\gtk-2.0\gdk-pixbuf.loaders
[2011/12/26 12.31.00 | 000,006,820 | ---- | M] () -- \Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nuova cartella (2)\C\Program Files\GamersFirst\LIVE!\Content\ajax-loader.gif
[2008/01/21 04.23.37 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2007/07/03 02.00.00 | 000,077,824 | ---- | M] () -- \Windows\System32\UMLoader.dll
[1 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2012/07/24 16.18.58 | 000,003,158 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader
[2008/01/21 08.27.19 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_it-it_0343832fae2ec3f8.manifest
[2008/01/21 08.27.19 | 000,028,160 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_it-it_0343832fae2ec3f8_winload.exe.mui_3bc5b827
[2008/01/21 08.27.19 | 000,020,480 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_it-it_0343832fae2ec3f8_winresume.exe.mui_ff8b5358
[2009/09/25 15.31.32 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2009/09/25 15.31.32 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2009/09/25 15.31.32 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2008/01/21 04.26.48 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008/01/21 04.26.48 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008/09/09 21.13.51 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2008/09/09 21.13.50 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2008/09/09 21.13.48 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2008/09/09 21.13.50 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2008/09/09 21.13.48 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2008/09/09 21.13.49 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2008/09/09 21.13.52 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2008/09/09 21.13.51 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2008/09/09 21.13.50 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2008/09/09 21.13.48 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2008/09/09 21.13.50 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2008/09/09 21.13.48 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2008/09/09 21.13.49 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2008/09/09 21.13.52 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008/01/21 08.12.40 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_it-it_0343832fae2ec3f8.manifest
[2008/09/09 21.13.52 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2008/09/09 21.13.52 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008/01/21 04.20.53 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008/09/09 21.13.50 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2008/09/09 21.13.50 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009/04/11 00.12.44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006/11/02 12.13.06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008/01/21 04.19.11 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008/01/21 04.23.37 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008/01/21 04.23.37 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll

========== Files - Unicode (All) ==========
[2010/02/02 19.24.57 | 000,010,202 | ---- | M] ()(C:\Users\Giampa\Documents\??D.docx) -- C:\Users\Giampa\Documents\ΞΞD.docx
[2010/02/02 19.24.56 | 000,010,202 | ---- | C] ()(C:\Users\Giampa\Documents\??D.docx) -- C:\Users\Giampa\Documents\ΞΞD.docx

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Users\Giampa\Documents\My Art:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Giampa\Documents\LimeWire:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Giampa\Documents\File ricevuti:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Giampa\Documents\CallBurner:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Giampa\Desktop\Screen Shot WR:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Giampa\Desktop\DivX:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Giampa\Desktop\CANZONI:Roxio EMC Stream
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:58E127A5

< End of report >

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  SRV - File not found [Auto | Stopped] -- C:\Windows\system32\FsUsbExService.Exe -- (FsUsbExService)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ONDAusbser6k.sys -- (ONDAusbser6k)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ONDAusbnmea.sys -- (ONDAusbnmea)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ONDAusbnet.sys -- (ONDAusbnet)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ONDAusbmdm6k.sys -- (ONDAusbmdm6k)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
  DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
  DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
  DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Giampa\AppData\Local\Temp\catchme.sys -- (catchme)
  DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ad0n62rk)
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
  IE - HKLM\..\URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - SOFTWARE\Classes\CLSID\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\InprocServer32 File not found
  IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
  IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DAIT
  IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?affID=17425
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0D 0E F0 DC BE CE CA 01 [binary data]
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\URLSearchHook: {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - No CLSID value found
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=17425&babsrc=SP_def&mntrId=fc699c7d0000000000000022152fa5b4
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{0F36E18A-6296-4333-9D99-269AAFE3D111}_Trova Rapido: "URL" = http://www.trovarapido.com/result.php?t ... &keywords={searchTerms}
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{69ABAE4C-47BC-4EAD-A2B3-ED08ED617830}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=ct3135048
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_it
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{8597FAFB-128B-4407-873D-D7EF950EAD41}: "URL" = http://it.search.yahoo.com/search?fr=ch ... =867034&p={searchTerms}
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{AC854C16-CA1E-43f1-8513-0D2F36C726ED}: "URL" = http://www.danble.com/search/?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&rls=xOzLy3Fh
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{b41306c6-96d0-442a-bcc4-b0f621e82ce9}: "URL" = http://www.fissa.com/it/results/?s=b&c= ... =5&pid=&q={searchTerms}
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{CD219514-EF55-4A7C-91DF-F27D40A86D4B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851640
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb128/?search={searchTerms}&loc=IB_DS&a=6R8wiOSKcx&i=26
  IE - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\SearchScopes\{D739AF54-0971-4604-81E3-1939E69C4967}: "URL" = http://www.fastbrowsersearch.com/result ... ts.aspx?q={searchTerms}&c=web&s=DSP&v=18&tid={2C95835E-5634-43cb-82DA-6633BC62592B}
  [2009/12/05 17.03.41 | 000,000,000 | ---D | M] (Search Settings Plugin) -- C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
  [2008/09/04 02.11.24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
  O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
  O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
  O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
  O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
  O3 - HKLM\..\Toolbar: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
  O3 - HKLM\..\Toolbar: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyB1.dll File not found
  O3 - HKLM\..\Toolbar: (MSN Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\it\msntb.dll (Microsoft Corporation)
  O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
  O3 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\Toolbar\WebBrowser: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No CLSID value found.
  O3 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
  O3 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
  O3 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
  O3 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..\Toolbar\WebBrowser: (myBabylon English Toolbar) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - C:\Program Files\myBabylon_English\tbmyB1.dll File not found
  O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
  O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
  O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
  O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
  O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
  O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
  O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
  O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
  O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
  O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
  O15 - HKU\.DEFAULT\..Trusted Ranges: GD ([http] in Local intranet)
  O15 - HKU\S-1-5-18\..Trusted Ranges: GD ([http] in Local intranet)
  O15 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
  O15 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
  O15 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
  O15 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
  O15 - HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\..Trusted Ranges: GD ([http] in Local intranet)
  O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} file:///E:/nis/materials/ScriptX.cab (MeadCo ScriptX)
  O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Reg Error: Key error.)
  O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
  O33 - MountPoints2\{2cc693a0-4f96-11df-94c4-0022152fa5b4}\Shell - "" = AutoRun
  O33 - MountPoints2\{6ff2de5d-11bb-11df-9d2e-0022152fa5b4}\Shell - "" = AutoRun
  O33 - MountPoints2\{7530a5af-4011-11df-9ff9-0022152fa5b4}\Shell - "" = AutoRun
  O33 - MountPoints2\{85964fd3-4014-11df-9122-001d09a1cdce}\Shell - "" = AutoRun
  O33 - MountPoints2\{865553db-261a-11df-bea0-001d09a1cdce}\Shell - "" = AutoRun
  O33 - MountPoints2\{c0a4521f-2547-11df-b746-0022152fa5b4}\Shell - "" = AutoRun
  O34 - HKLM BootExecute: (autocheck autochk /p \??\F:)
  [2008/11/28 16.38.18 | 000,000,091 | ---- | C] () -- C:\Users\Giampa\AppData\Local\tiwcjxm.bat
  [2010/11/21 21.46.54 | 000,000,000 | ---D | M] -- C:\Users\Giampa\AppData\Roaming\IObit
  [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  [17 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
  [2 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
  [1 C:\Windows\SoftwareDistribution\Download\54a5aae0a97060e674b603a046171bbe\*.tmp files -> C:\Windows\SoftwareDistribution\Download\54a5aae0a97060e674b603a046171bbe\*.tmp -> ]
  [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
  [1 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]
  [1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]
  [2012/07/24 20.05.21 | 000,000,978 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
  [2012/07/24 19.11.30 | 000,001,134 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  [2012/07/24 20.10.00 | 000,001,138 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  [2012/07/24 16.10.23 | 000,001,112 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2574804596-1634237712-1245855245-1001Core.job
  [2012/07/24 20.10.01 | 000,001,164 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2574804596-1634237712-1245855245-1001UA.job
  [2012/05/21 00.13.18 | 000,000,386 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job
  @Alternate Data Stream - 76 bytes -> C:\Users\Giampa\Documents\My Art:Roxio EMC Stream
  @Alternate Data Stream - 76 bytes -> C:\Users\Giampa\Documents\LimeWire:Roxio EMC Stream
  @Alternate Data Stream - 76 bytes -> C:\Users\Giampa\Documents\File ricevuti:Roxio EMC Stream
  @Alternate Data Stream - 76 bytes -> C:\Users\Giampa\Documents\CallBurner:Roxio EMC Stream
  @Alternate Data Stream - 76 bytes -> C:\Users\Giampa\Desktop\Screen Shot WR:Roxio EMC Stream
  @Alternate Data Stream - 76 bytes -> C:\Users\Giampa\Desktop\DivX:Roxio EMC Stream
  @Alternate Data Stream - 76 bytes -> C:\Users\Giampa\Desktop\CANZONI:Roxio EMC Stream
  @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
  @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:58E127A5
  
  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "MVS Splash"=-
  "HP Software Update"=-
  "NPSStartup"=-
  "QuickTime Task"=-
  "iTunesHelper"=-
  "NeroCheck"=-
  "Babylon Client"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "ccleaner"=-
  "swg"=-
  "Steam"=-
  "AutoStartNPSAgent"=-
  "ehTray.exe"=-
  "Google Update"=-
  "FileHippo.com"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
  
  :services
  gupdate
  gupdatem
  gusvc
  
  :files
  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit ci Run Fix
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Program se vzdy sekne u O34 - HKLM BootExecute: (autocheck autochk /p \??\F:)

Pouzijte tedy tento (upraveny) skript

All processes killed
========== OTL ==========
Error: No service named FsUsbExService was found to stop!
Service\Driver key FsUsbExService not found.
File C:\Windows\system32\FsUsbExService.Exe not found.
Error: No service named ONDAusbser6k was found to stop!
Service\Driver key ONDAusbser6k not found.
File system32\DRIVERS\ONDAusbser6k.sys not found.
Error: No service named ONDAusbnmea was found to stop!
Service\Driver key ONDAusbnmea not found.
File system32\DRIVERS\ONDAusbnmea.sys not found.
Error: No service named ONDAusbnet was found to stop!
Service\Driver key ONDAusbnet not found.
File system32\DRIVERS\ONDAusbnet.sys not found.
Error: No service named ONDAusbmdm6k was found to stop!
Service\Driver key ONDAusbmdm6k not found.
File system32\DRIVERS\ONDAusbmdm6k.sys not found.
Error: No service named NwlnkFwd was found to stop!
Service\Driver key NwlnkFwd not found.
File system32\DRIVERS\nwlnkfwd.sys not found.
Error: No service named NwlnkFlt was found to stop!
Service\Driver key NwlnkFlt not found.
File system32\DRIVERS\nwlnkflt.sys not found.
Error: No service named IpInIp was found to stop!
Service\Driver key IpInIp not found.
File system32\DRIVERS\ipinip.sys not found.
Error: No service named hwdatacard was found to stop!
Service\Driver key hwdatacard not found.
File system32\DRIVERS\ewusbmdm.sys not found.
Error: No service named EagleXNt was found to stop!
Service\Driver key EagleXNt not found.
File C:\Windows\system32\drivers\EagleXNt.sys not found.
Error: No service named EagleNT was found to stop!
Service\Driver key EagleNT not found.
File C:\Windows\system32\drivers\EagleNT.sys not found.
Error: No service named catchme was found to stop!
Service\Driver key catchme not found.
File C:\Users\Giampa\AppData\Local\Temp\catchme.sys not found.
Error: No service named ad0n62rk was found to stop!
Service\Driver key ad0n62rk not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully!
HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKU\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}\ not found.
HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0F36E18A-6296-4333-9D99-269AAFE3D111}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F36E18A-6296-4333-9D99-269AAFE3D111}\ not found.
Registry key HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\SearchScopes\{69ABAE4C-47BC-4EAD-A2B3-ED08ED617830}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69ABAE4C-47BC-4EAD-A2B3-ED08ED617830}\ not found.
Registry key HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\SearchScopes\{8597FAFB-128B-4407-873D-D7EF950EAD41}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8597FAFB-128B-4407-873D-D7EF950EAD41}\ not found.
Registry key HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AC854C16-CA1E-43f1-8513-0D2F36C726ED}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AC854C16-CA1E-43f1-8513-0D2F36C726ED}\ not found.
Registry key HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found.
Registry key HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\SearchScopes\{b41306c6-96d0-442a-bcc4-b0f621e82ce9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b41306c6-96d0-442a-bcc4-b0f621e82ce9}\ not found.
Registry key HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CD219514-EF55-4A7C-91DF-F27D40A86D4B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CD219514-EF55-4A7C-91DF-F27D40A86D4B}\ not found.
Registry key HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\SearchScopes\{D739AF54-0971-4604-81E3-1939E69C4967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D739AF54-0971-4604-81E3-1939E69C4967}\ not found.
Folder C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\ not found.
File C:\Program Files\mozilla firefox\plugins\npbittorrent.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}\ not found.
File C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ not found.
File C:\Program Files\Yontoo\YontooIEClient.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found.
File C:\Program Files\MSN Toolbar\01.01.2607.0\it\msntb.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{F9639E4A-801B-4843-AEE3-03D9DA199E77} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}\ not found.
File C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll not found.
Registry value HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\ not found.
Registry value HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found.
Registry value HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Google Sidewiki...\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//about.htm/\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Exclude.htm/\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//FWEvent.htm/\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//LanguageSelection.htm/\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Message.htm/\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyAgttryCmd.htm/\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyAgttryNag.htm/\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyNotification.htm/\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//NOCLessUpdate.htm/\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//quarantine.htm/\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//ScanNow.htm/\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//strings.vbs/\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Template.htm/\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Update.htm/\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//VirFound.htm/\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\*\ not found.
Invalid CLSID key: *
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\*\ not found.
Invalid CLSID key: *
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\betavscan\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\betavscan\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\vs\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\vs\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\www\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\www\ not found.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http not found.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http not found.
Registry key HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ not found.
Registry key HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ not found.
Registry key HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ not found.
Registry key HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ not found.
Registry value HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http not found.
File d61-23eb-11d2-b92f-008048fdd814} file:///E:/nis/materials/ScriptX.cab not found.
Starting removal of ActiveX control {1663ed61-23eb-11d2-b92f-008048fdd814}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1663ed61-23eb-11d2-b92f-008048fdd814}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1663ed61-23eb-11d2-b92f-008048fdd814}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{1663ed61-23eb-11d2-b92f-008048fdd814}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1663ed61-23eb-11d2-b92f-008048fdd814}\ not found.
Starting removal of ActiveX control {166B1BCA-3F9C-11CF-8075-444553540000}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2cc693a0-4f96-11df-94c4-0022152fa5b4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2cc693a0-4f96-11df-94c4-0022152fa5b4}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6ff2de5d-11bb-11df-9d2e-0022152fa5b4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ff2de5d-11bb-11df-9d2e-0022152fa5b4}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7530a5af-4011-11df-9ff9-0022152fa5b4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530a5af-4011-11df-9ff9-0022152fa5b4}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{85964fd3-4014-11df-9122-001d09a1cdce}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85964fd3-4014-11df-9122-001d09a1cdce}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{865553db-261a-11df-bea0-001d09a1cdce}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{865553db-261a-11df-bea0-001d09a1cdce}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c0a4521f-2547-11df-b746-0022152fa5b4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c0a4521f-2547-11df-b746-0022152fa5b4}\ not found.
C:\Users\Giampa\AppData\Local\tiwcjxm.bat moved successfully.
C:\Users\Giampa\AppData\Roaming\IObit\IObit SmartDefrag folder moved successfully.
C:\Users\Giampa\AppData\Roaming\IObit folder moved successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2B53.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3303.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5082.tmp\System.Data.Entity.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5082.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C42.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6E5B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6F7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB846.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBF29.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD0E5.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD1BF.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD7C8.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF0B6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF189.tmp folder deleted successfully.
C:\Windows\Installer\MSI2FC0.tmp deleted successfully.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltB6CA.tmp deleted successfully.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltF81D.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\54a5aae0a97060e674b603a046171bbe\BIT1660.tmp deleted successfully.
C:\Windows\System32\ConduitEngine.tmp deleted successfully.
C:\Windows\temp\SKY99DE.tmp deleted successfully.
C:\Windows\twain_32\hpqgnds2.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2574804596-1634237712-1245855245-1001Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2574804596-1634237712-1245855245-1001UA.job moved successfully.
C:\Windows\Tasks\SmartDefrag.job moved successfully.
ADS C:\Users\Giampa\Documents\My Art:Roxio EMC Stream deleted successfully.
ADS C:\Users\Giampa\Documents\LimeWire:Roxio EMC Stream deleted successfully.
ADS C:\Users\Giampa\Documents\File ricevuti:Roxio EMC Stream deleted successfully.
ADS C:\Users\Giampa\Documents\CallBurner:Roxio EMC Stream deleted successfully.
ADS C:\Users\Giampa\Desktop\Screen Shot WR:Roxio EMC Stream deleted successfully.
ADS C:\Users\Giampa\Desktop\DivX:Roxio EMC Stream deleted successfully.
Unable to delete ADS C:\Users\Giampa\Desktop\CANZONI:Roxio EMC Stream .
ADS C:\ProgramData\TEMP:D1B5B4F1 deleted successfully.
ADS C:\ProgramData\TEMP:58E127A5 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MVS Splash not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Babylon Client deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ccleaner not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AutoStartNPSAgent not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ehTray.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\FileHippo.com not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk\ deleted successfully.
========== SERVICES/DRIVERS ==========
Error: No service named gupdate was found to stop!
Service\Driver key gupdate not found.
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== FILES ==========
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Giampa
->Temp folder emptied: 17352393 bytes
->Temporary Internet Files folder emptied: 5957908 bytes
->Java cache emptied: 28892048 bytes
->Google Chrome cache emptied: 30779661 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 822 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 127245 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 79,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Giampa
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Giampa
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.54.1 log created on 07252012_140049

Files\Folders moved on Reboot...
File\Folder C:\Users\Giampa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content(19).IE5\QM72DBGA\fault;sz=300x250;klg=it;kt=K;kga=-1;kw=Disaster+Movie+-+Final+fuck+song+ita;kgg=-1;kcr=it;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcopt=ist;ord=6914397710612695[1] not found!
File\Folder C:\Users\Giampa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content(19).IE5\9HWP4340\z=300x250;klg=it;kt=K;kga=-1;kr=F;kw=Disaster+Movie+-+Final+fuck+song+ita;kgg=-1;kcr=it;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcopt=ist;ord=4095327577450331[1].5 not found!
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.

PendingFileRenameOperations files...
File C:\Users\Giampa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content(19).IE5\QM72DBGA\fault;sz=300x250;klg=it;kt=K;kga=-1;kw=Disaster+Movie+-+Final+fuck+song+ita;kgg=-1;kcr=it;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcopt=ist;ord=6914397710612695[1] not found!
File C:\Users\Giampa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content(19).IE5\9HWP4340\z=300x250;klg=it;kt=K;kga=-1;kr=F;kw=Disaster+Movie+-+Final+fuck+song+ita;kgg=-1;kcr=it;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcopt=ist;ord=4095327577450331[1].5 not found!
[2012/07/25 14.05.48 | 000,000,000 | ---- | M] () C:\Windows\temp\_avast_\Webshlock.txt : Unable to obtain MD5
[2008/07/26 09.25.24 | 000,109,080 | ---- | M] (Logitech Inc.) C:\Windows\temp\logishrd\LVPrcInj01.dll : Unable to obtain MD5

Registry entries deleted on Reboot...

Jak se chova nas pacient

prijde mi ze porad stejne... mozna se o neco rychleji nacita...

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

ok dekuji Vam

Nemate zac, rad jsem pomohl Zase nekdy