VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by Chambo at 2012-09-12 22:28:43
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 26 GB (11%) free of 240 GB
Total RAM: 6107 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:28:46, on 12. 9. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files (x86)\QIP 2012\qip.exe
C:\Users\USER\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\SaveSnap\SaveSnap.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Razer\Copperhead\razerhid.exe
C:\Program Files (x86)\Razer\Tarantula\razerhid.exe
C:\Program Files (x86)\Razer\Copperhead\razerofa.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Razer\Tarantula\razertra.exe
C:\Users\USER\Desktop\SRDownloader.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\Chambo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\USER\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\USER\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [razer] C:\Program Files (x86)\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [Copperhead] C:\Program Files (x86)\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [Tarantula] C:\Program Files (x86)\Razer\Tarantula\razerhid.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [InnoSetupRegFile.0000000001] "C:\Windows\is-294RI.exe" /REG /REGSVRMODE
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files (x86)\WhatPulse\WhatPulse.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [VistaSwitcher] "C:\Program Files\VistaSwitcher\vswitch64.exe" /startup
O4 - HKCU\..\Run: [\\http://10.0.0.138:631\Epson] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEE.EXE /FU "C:\Windows\TEMP\E_S2818.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3703004486-2740870591-47259584-1007\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3703004486-2740870591-47259584-1007\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Dropbox.lnk = USER\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: SaveSnap.lnk = C:\Program Files (x86)\SaveSnap\SaveSnap.exe
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\USER\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Stiahnuť s Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: JMB36X - Unknown owner - C:\Windows\SysWOW64\XSrvSetup.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC Service (SamsungAllShare) - Unknown owner - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\WiselinkPro.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15544 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"taskhost.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
C:\Windows\SysWOW64\XSrvSetup.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe"
"C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe" -Embedding
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\WiselinkPro.exe"
"C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe"
\??\C:\Windows\system32\conhost.exe "-16625302451156413351-92489759-851266496767345703-4443583521261359332-672499231
"c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2784
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-db1b4111-ea04-4a23-aba4-a45ca4f9b998 -SystemEventPortName:HostProcess-5b4853ac-6e57-4531-a4f1-57df3693ea87 -IoCancelEventPortName:HostProcess-ee7cfb52-fce2-4c15-85b5-667b07946330 -NonStateChangingEventPortName:HostProcess-f9269b02-5e44-4171-8a2d-c6367ad745a7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e83b1386-d744-440d-a961-d8702f0aea22
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Steam\steam.exe" -silent
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"C:\Program Files\VistaSwitcher\vswitch64.exe" /startup
"C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
"C:\Users\USER\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\SaveSnap\SaveSnap.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Razer\Copperhead\razerhid.exe"
"C:\Program Files (x86)\Razer\Tarantula\razerhid.exe"
"C:\Program Files (x86)\Razer\Copperhead\razerofa.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Razer\Tarantula\razertra.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Users\USER\Desktop\SRDownloader.exe" C:\Users\USER\Desktop\mafia_2-q60znzl4b7ujo.dlc
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\wuauclt.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Opera\opera.exe"
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Windows\system32\wuauclt.exe" /RunHandlerComServer
C:\Windows\system32\msiexec.exe /V
"C:\Windows\SoftwareDistribution\Download\Install\Windows-KB890830-x64-V4.12-delta.exe" /Q /W
d:\27a54ef6c8ce9108e129b7ee2af77456\mrtstub.exe /Q /W
"C:\Windows\system32\MRT.exe" /Q /W
"C:\Users\USER\AppData\Local\Opera\Opera\temporary_downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3703004486-2740870591-47259584-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3703004486-2740870591-47259584-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3703004486-2740870591-47259584-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3703004486-2740870591-47259584-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\0aq5f070.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://hattrick.org/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {9d1f059c-cada-4111-9696-41a62d64e3ba}:0.6.1, {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.1.1.2, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.48, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15, {e213bb8f-8ebd-11db-96b7-005056c00008}:3.0.0.91, {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91, david@dkjensen.com:0.0.5"
prefs.js - "keyword.URL" - "http://search.qip.ru/search?from=FF&query="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.265 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.0]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35]
"Description"=
"Path"=C:\Windows\SysWOW64\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.265 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\0aq5f070.default\extensions\
david@dkjensen.com
{07b2a769-ed19-4483-87ce-c643914c81bb}
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
{e213bb8f-8ebd-11db-96b7-005056c00008}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-09-05 75656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-08-28 329712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\USER\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2011-06-27 141184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-08-28 59376]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-01-19 9996320]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-09-22 4035152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2012-08-16 1353080]
"WhatPulse"=C:\Program Files (x86)\WhatPulse\WhatPulse.exe [2011-11-15 3990528]
"ISUSPM"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-05-16 213936]
"AdobeBridge"= []
"VistaSwitcher"=C:\Program Files\VistaSwitcher\vswitch64.exe [2010-11-24 230408]
""= []
"\\http://10.0.0.138:631\Epson"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEE.EXE [2007-04-12 213504]
"Infium"=C:\Program Files (x86)\QIP 2012\qip.exe [2012-01-12 7320528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent]
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [2011-02-18 250768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Coach770]
C:\Users\USER\AppData\Local\Coach770\Coach770Launcher.exe [2012-09-09 308155]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX8400 Series]
C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEE.EXE [2007-04-12 213504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\USER\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-03 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-07 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-03-12 49208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-06-08 21432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2012-06-08 3521464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-03-20 1312256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Air Mouse.lnk]
C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk]
C:\PROGRA~1\GAMEPA~1\gpcl.exe [2011-07-29 442880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^USER^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk]
C:\PROGRA~2\Evernote\Evernote\EVERNO~2.EXE [2011-08-08 977408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^USER^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FIFA 11 Registration.lnk]
C:\PROGRA~2\EASPOR~1\FIFA11~1\Support\EAREGI~1.EXE []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-08-04 346320]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-10-21 106496]
"razer"=C:\Program Files (x86)\Razer\Copperhead\razerhid.exe [2009-11-19 135168]
"Copperhead"=C:\Program Files (x86)\Razer\Copperhead\razerhid.exe [2009-11-19 135168]
"Tarantula"=C:\Program Files (x86)\Razer\Tarantula\razerhid.exe [2007-05-07 159744]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2011-11-11 205336]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
""= []
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2012-09-07 766536]
"InnoSetupRegFile.0000000001"=C:\Windows\is-294RI.exe [2012-09-10 711240]

C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\USER\AppData\Roaming\Dropbox\bin\Dropbox.exe
SaveSnap.lnk - C:\Program Files (x86)\SaveSnap\SaveSnap.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"wave7"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer9"=wdmaud.drv
"midi9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2012-09-12 22:28:03 ----D---- C:\Windows\system32\MpEngineStore
2012-09-11 13:07:43 ----D---- C:\Program Files (x86)\2K Games
2012-09-11 00:14:54 ----D---- C:\Users\USER\AppData\Roaming\Mipony
2012-09-10 23:44:31 ----A---- C:\Windows\is-294RI.exe
2012-09-10 12:14:41 ----D---- C:\Program Files (x86)\TeamViewer
2012-09-10 12:14:41 ----A---- C:\Windows\system32\drivers\teamviewervpn.sys
2012-09-10 12:01:24 ----A---- C:\Windows\system32\vncmirror.dll
2012-09-10 12:01:24 ----A---- C:\Windows\system32\drivers\vncmirror.sys
2012-09-10 11:52:57 ----HD---- C:\Program Files (x86)\InstallJammer Registry
2012-09-08 03:04:30 ----A---- C:\Windows\isRS-000.tmp
2012-08-31 18:06:39 ----A---- C:\Windows\system32\nvvsvc.exe
2012-08-31 18:06:39 ----A---- C:\Windows\system32\nvsvcr.dll
2012-08-31 18:06:39 ----A---- C:\Windows\system32\nvsvc64.dll
2012-08-31 18:06:39 ----A---- C:\Windows\system32\nvshext.dll
2012-08-31 18:06:39 ----A---- C:\Windows\system32\nvmctray.dll
2012-08-31 18:06:39 ----A---- C:\Windows\system32\nvcpl.dll
2012-08-31 18:06:18 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2012-08-31 18:06:18 ----A---- C:\Windows\system32\OpenCL.dll
2012-08-31 18:06:14 ----D---- C:\ProgramData\NVIDIA Corporation
2012-08-31 18:05:46 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2012-08-31 18:05:46 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2012-08-31 18:05:46 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2012-08-31 18:05:46 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2012-08-31 18:05:46 ----A---- C:\Windows\SYSWOW64\nvdecodemft.dll
2012-08-31 18:05:46 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2012-08-31 18:05:46 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2012-08-31 18:05:46 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2012-08-31 18:05:46 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2012-08-31 18:05:46 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2012-08-31 18:05:46 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2012-08-31 18:05:46 ----A---- C:\Windows\system32\nvwgf2umx.dll
2012-08-31 18:05:46 ----A---- C:\Windows\system32\nvumdshimx.dll
2012-08-31 18:05:46 ----A---- C:\Windows\system32\nvoglv64.dll
2012-08-31 18:05:46 ----A---- C:\Windows\system32\nvinitx.dll
2012-08-31 18:05:46 ----A---- C:\Windows\system32\nvhdap64.dll
2012-08-31 18:05:46 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2012-08-31 18:05:46 ----A---- C:\Windows\system32\nvgenco64.dll
2012-08-31 18:05:46 ----A---- C:\Windows\system32\nvdispco64.dll
2012-08-31 18:05:46 ----A---- C:\Windows\system32\nvdecodemft.dll
2012-08-31 18:05:46 ----A---- C:\Windows\system32\nvd3dumx.dll
2012-08-31 18:05:46 ----A---- C:\Windows\system32\nvcuvid.dll
2012-08-31 18:05:46 ----A---- C:\Windows\system32\nvcuvenc.dll
2012-08-31 18:05:46 ----A---- C:\Windows\system32\nvcuda.dll
2012-08-31 18:05:46 ----A---- C:\Windows\system32\nvcompiler.dll
2012-08-31 18:05:46 ----A---- C:\Windows\system32\nvapi64.dll
2012-08-31 18:05:46 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2012-08-31 18:05:46 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2012-08-31 12:37:54 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-08-31 12:37:54 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-08-31 12:37:54 ----A---- C:\Windows\SYSWOW64\java.exe
2012-08-21 19:08:19 ----D---- C:\Users\USER\AppData\Roaming\.minecraft
2012-08-16 03:06:58 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-08-16 03:06:58 ----A---- C:\Windows\system32\mshtmled.dll
2012-08-16 03:06:57 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-08-16 03:06:57 ----A---- C:\Windows\SYSWOW64\url.dll
2012-08-16 03:06:57 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-08-16 03:06:57 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-08-16 03:06:57 ----A---- C:\Windows\system32\urlmon.dll
2012-08-16 03:06:57 ----A---- C:\Windows\system32\url.dll
2012-08-16 03:06:57 ----A---- C:\Windows\system32\ieui.dll
2012-08-16 03:06:57 ----A---- C:\Windows\system32\iertutil.dll
2012-08-16 03:06:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-08-16 03:06:56 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-08-16 03:06:56 ----A---- C:\Windows\system32\jscript9.dll
2012-08-16 03:06:56 ----A---- C:\Windows\system32\ieUnatt.exe
2012-08-16 03:06:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-08-16 03:06:55 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-08-16 03:06:55 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-08-16 03:06:55 ----A---- C:\Windows\system32\wininet.dll
2012-08-16 03:06:55 ----A---- C:\Windows\system32\jsproxy.dll
2012-08-16 03:06:55 ----A---- C:\Windows\system32\jscript.dll
2012-08-16 03:06:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-08-16 03:06:54 ----A---- C:\Windows\system32\mshtml.dll
2012-08-16 03:06:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-08-16 03:06:53 ----A---- C:\Windows\system32\ieframe.dll
2012-08-15 21:13:12 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-08-15 21:13:12 ----A---- C:\Windows\system32\win32spl.dll
2012-08-15 21:13:12 ----A---- C:\Windows\system32\spoolsv.exe
2012-08-15 21:13:12 ----A---- C:\Windows\splwow64.exe
2012-08-15 21:13:11 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-08-15 21:13:11 ----A---- C:\Windows\system32\srcore.dll
2012-08-15 21:13:09 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-08-15 21:13:09 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-08-15 21:13:09 ----A---- C:\Windows\system32\netapi32.dll
2012-08-15 21:13:09 ----A---- C:\Windows\system32\browser.dll
2012-08-15 21:13:09 ----A---- C:\Windows\system32\browcli.dll
2012-08-15 21:13:08 ----A---- C:\Windows\system32\win32k.sys
2012-08-15 21:13:07 ----A---- C:\Windows\system32\localspl.dll

======List of files/folders modified in the last 1 month======

2012-09-12 22:28:46 ----D---- C:\Windows\Temp
2012-09-12 22:28:46 ----D---- C:\Windows\Prefetch
2012-09-12 22:28:45 ----D---- C:\Program Files\trend micro
2012-09-12 22:28:03 ----D---- C:\Windows\System32
2012-09-12 22:27:07 ----D---- C:\Windows\debug
2012-09-12 22:27:06 ----A---- C:\Windows\system32\MRT.exe
2012-09-12 22:27:02 ----SHD---- C:\Windows\Installer
2012-09-12 22:26:55 ----D---- C:\ProgramData\Microsoft Help
2012-09-12 22:26:18 ----SHD---- C:\System Volume Information
2012-09-12 22:25:59 ----D---- C:\Windows\system32\config
2012-09-12 21:06:36 ----D---- C:\Users\USER\AppData\Roaming\vlc
2012-09-12 19:21:15 ----D---- C:\Users\USER\AppData\Roaming\Dropbox
2012-09-12 15:28:56 ----D---- C:\Program Files (x86)\SwiftKit
2012-09-12 15:25:15 ----D---- C:\Windows\system32\catroot
2012-09-12 15:25:14 ----D---- C:\Windows\system32\catroot2
2012-09-12 15:25:13 ----D---- C:\Windows\winsxs
2012-09-11 23:48:56 ----D---- C:\Users\USER\AppData\Roaming\Skype
2012-09-11 20:16:20 ----D---- C:\Users\USER\AppData\Roaming\NVIDIA
2012-09-11 13:25:33 ----RSD---- C:\Windows\assembly
2012-09-11 13:25:08 ----D---- C:\Windows
2012-09-11 13:24:12 ----D---- C:\Windows\Logs
2012-09-11 13:07:43 ----RD---- C:\Program Files (x86)
2012-09-11 11:30:15 ----A---- C:\Windows\SYSWOW64\log.txt
2012-09-11 00:20:19 ----D---- C:\Users\USER\AppData\Roaming\DAEMON Tools Lite
2012-09-11 00:13:13 ----D---- C:\Program Files (x86)\Opera
2012-09-10 23:44:31 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-09-10 23:43:24 ----D---- C:\Windows\system32\drivers
2012-09-10 23:04:04 ----D---- C:\Program Files (x86)\Steam
2012-09-10 13:30:36 ----D---- C:\ProgramData\Adobe
2012-09-10 13:30:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-09-10 13:22:22 ----D---- C:\Windows\system32\logishrd
2012-09-10 13:22:20 ----D---- C:\Windows\SYSWOW64\logishrd
2012-09-10 13:22:15 ----D---- C:\ProgramData\NVIDIA
2012-09-10 13:21:48 ----RD---- C:\Program Files
2012-09-10 12:14:43 ----D---- C:\Windows\inf
2012-09-10 12:14:42 ----D---- C:\Windows\system32\DriverStore
2012-09-10 12:08:37 ----D---- C:\Temp
2012-09-07 11:46:43 ----D---- C:\Windows\SysWOW64
2012-09-07 11:46:37 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-09-07 00:23:38 ----D---- C:\Users\USER\AppData\Roaming\Winamp
2012-09-06 16:02:46 ----D---- C:\Windows\pss
2012-09-06 13:07:06 ----D---- C:\Windows\Minidump
2012-08-31 18:07:20 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2012-08-31 18:06:52 ----RD---- C:\Users
2012-08-31 18:06:50 ----D---- C:\Program Files\NVIDIA Corporation
2012-08-31 18:06:14 ----HD---- C:\ProgramData
2012-08-31 13:39:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-08-31 12:37:52 ----D---- C:\Program Files (x86)\Java
2012-08-28 20:24:56 ----A---- C:\Windows\SYSWOW64\npdeployJava1.dll
2012-08-28 20:24:53 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-08-28 00:47:24 ----D---- C:\Windows\Downloaded Program Files
2012-08-23 02:18:13 ----D---- C:\Users\USER\AppData\Roaming\Mozilla
2012-08-22 23:49:58 ----D---- C:\Windows\system32\NDF
2012-08-19 00:46:24 ----D---- C:\ProgramData\Skype
2012-08-19 00:46:21 ----RD---- C:\Program Files (x86)\Skype
2012-08-16 03:24:07 ----RSD---- C:\Windows\Fonts
2012-08-16 03:24:07 ----D---- C:\Windows\SYSWOW64\migration
2012-08-16 03:24:07 ----D---- C:\Program Files (x86)\Internet Explorer
2012-08-16 03:24:06 ----D---- C:\Windows\system32\migration
2012-08-16 03:24:06 ----D---- C:\Program Files\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2009-10-29 115824]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-02 834544]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2010-03-01 20520]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
R1 MpKsl1ebf0d28;MpKsl1ebf0d28; \??\C:\Windows\system32\MpEngineStore\MpKsl1ebf0d28.sys [2012-09-12 35664]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2011-08-04 187632]
R3 Abyssus;Razer Abyssus; C:\Windows\system32\drivers\Abyssus.sys [2009-10-30 10880]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-01-19 2242720]
R3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-09-07 25928]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2009-10-26 75264]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2009-10-26 176640]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-11-27 295424]
R3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2006-09-27 29984]
R3 TarFltr;Razer Tarantula USB Keyboard; C:\Windows\system32\drivers\UsbFltr.sys [2007-04-11 49664]
R3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2012-08-07 35112]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
S3 connctfy;Connectify Service; C:\Windows\system32\DRIVERS\connctfy.sys []
S3 connctfyMP;connctfyMP; C:\Windows\system32\DRIVERS\connctfy.sys []
S3 copperhd;Razer Copperhead Driver; C:\Windows\system32\drivers\copperhd.sys [2009-11-10 14336]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-05-21 99384]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 lvpopf64;Logitech POP Suppression Filter; C:\Windows\system32\DRIVERS\lvpopf64.sys [2010-05-15 271712]
S3 LVPr2Mon;LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]
S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
S3 LVUVC64;Logitech HD Webcam C270(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-05-18 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-05-18 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2011-05-18 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-05-21 203320]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-05-18 9216]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-05-18 9216]
S3 vncmirror;vncmirror; C:\Windows\system32\DRIVERS\vncmirror.sys [2012-08-15 4608]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\Windows\System32\DRIVERS\vserial.sys []
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 BcmSqlStartupSvc;Spúšacia služba produktu Business Contact Manager SQL Server; C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2009-02-23 30312]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-22 974944]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 JMB36X;JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [2009-08-06 65536]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 268824]
R2 LVPrcS64;Process Monitor; C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 197976]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-05-15 889664]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-06-10 76888]
R2 SamsungAllShare;Samsung AllShare PC Service; C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\WiselinkPro.exe [2011-02-18 7233952]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-24 2735528]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2320920]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-09-09 529744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 136176]
S2 SimpleSlideShowServer;SimpleSlideShowServer; C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2011-02-18 22464]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 136176]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-05 129976]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-03 1255736]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]

-----------------EOF-----------------

diky za kontrolu

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku[

[/list]

OTL logfile created on: 15. 9. 2012 19:30:55 - Run 1
OTL by OldTimer - Version 3.2.61.4 Folder = C:\Users\USER\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

5,96 Gb Total Physical Memory | 3,89 Gb Available Physical Memory | 65,16% Memory free
11,93 Gb Paging File | 9,72 Gb Available in Paging File | 81,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 234,28 Gb Total Space | 19,38 Gb Free Space | 8,27% Space Free | Partition Type: NTFS
Drive D: | 697,14 Gb Total Space | 79,54 Gb Free Space | 11,41% Space Free | Partition Type: NTFS

Computer Name: CHAMBO | User Name: Chambo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012/09/15 19:27:44 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\USER\Desktop\OTL.exe
PRC - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/08/30 21:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/08/30 15:29:36 | 000,874,896 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2012/08/30 10:40:00 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/08/24 13:01:41 | 007,533,992 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
PRC - [2012/08/24 13:01:41 | 002,735,528 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/08/24 12:55:10 | 000,106,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
PRC - [2012/08/16 03:26:55 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe
PRC - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/06/10 19:07:22 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/05/24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\USER\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/01/18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2012/01/12 13:35:12 | 007,320,528 | ---- | M] (QIP) -- C:\Program Files (x86)\QIP 2012\qip.exe
PRC - [2011/09/22 13:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2011/02/18 16:30:32 | 007,233,952 | ---- | M] () -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\WiselinkPro.exe
PRC - [2011/02/18 16:30:26 | 000,428,088 | ---- | M] () -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe
PRC - [2010/09/04 16:44:21 | 001,264,128 | ---- | M] () -- C:\Program Files (x86)\SaveSnap\SaveSnap.exe
PRC - [2010/05/07 19:47:32 | 000,114,008 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2009/11/19 18:43:14 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Razer\Copperhead\razerhid.exe
PRC - [2009/10/21 06:12:50 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009/09/30 14:02:50 | 002,320,920 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 14:02:48 | 000,268,824 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/08/06 07:51:20 | 000,065,536 | R--- | M] () -- C:\Windows\SysWOW64\XSrvSetup.exe
PRC - [2009/08/04 17:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009/08/04 17:29:52 | 000,346,320 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2009/02/23 20:04:46 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/05/07 10:52:12 | 000,159,744 | ---- | M] (Razer USA Ltd.) -- C:\Program Files (x86)\Razer\Tarantula\razerhid.exe
PRC - [2007/03/05 18:17:56 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Razer\Tarantula\razertra.exe
PRC - [2007/01/09 09:48:58 | 000,147,456 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Copperhead\razerofa.exe

========== Modules (No Company Name) ==========

MOD - [2012/09/10 13:30:05 | 009,813,704 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
MOD - [2012/09/09 13:49:08 | 020,317,008 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/09/09 13:49:08 | 001,099,616 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/09/09 13:49:08 | 000,902,480 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/09/09 13:49:08 | 000,190,816 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/09/09 13:49:08 | 000,123,232 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/08/30 15:29:42 | 000,316,928 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2012/08/30 15:29:42 | 000,276,480 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2012/08/30 15:29:42 | 000,168,448 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2012/08/30 15:29:42 | 000,078,336 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2012/08/30 15:29:42 | 000,064,000 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2012/08/30 15:29:42 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2012/08/30 15:29:42 | 000,045,568 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2012/08/30 15:29:41 | 000,783,360 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
MOD - [2012/08/30 15:29:41 | 000,099,840 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2012/08/30 15:29:41 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2012/08/30 15:29:41 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2012/08/30 15:29:41 | 000,076,800 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2012/08/30 15:29:41 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2012/01/12 13:35:34 | 000,956,880 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\Social\Social.dll
MOD - [2012/01/12 13:35:32 | 000,049,104 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\MRA\pics.dll
MOD - [2012/01/12 13:35:30 | 001,641,424 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\MRA\mra.dll
MOD - [2012/01/12 13:35:26 | 002,523,600 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\InfICQ\inficq.dll
MOD - [2012/01/12 13:35:22 | 000,824,784 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\qipradio\qipradio.dll
MOD - [2012/01/12 13:35:22 | 000,175,056 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\ogorod\ogorod.dll
MOD - [2012/01/12 13:35:22 | 000,140,240 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\cards\cards.dll
MOD - [2012/01/12 13:35:22 | 000,058,832 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\Win7Helper\Win7Helper.dll
MOD - [2012/01/12 13:35:16 | 004,660,176 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Core\voip.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/09/04 16:44:21 | 001,264,128 | ---- | M] () -- C:\Program Files (x86)\SaveSnap\SaveSnap.exe
MOD - [2009/11/19 18:43:14 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Razer\Copperhead\razerhid.exe
MOD - [2009/07/30 18:15:32 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
MOD - [2007/03/05 18:17:56 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Razer\Tarantula\razertra.exe
MOD - [2005/08/17 13:23:16 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Razer\Copperhead\download.dll

========== Services (SafeList) ==========

SRV:64bit: - [2011/09/22 13:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010/05/07 19:45:16 | 000,197,976 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/09/09 13:49:08 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/09/07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/08/30 21:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/08/30 10:40:00 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/08/24 13:01:41 | 002,735,528 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/10 19:07:22 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/05/05 00:35:51 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/01/18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/06/08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/02/18 16:30:32 | 007,233,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\WiselinkPro.exe -- (SamsungAllShare)
SRV - [2011/02/18 16:30:22 | 000,022,464 | ---- | M] (Samsung Electronics) [Auto | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/09/30 14:02:50 | 002,320,920 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/09/30 14:02:48 | 000,268,824 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/08/06 07:51:20 | 000,065,536 | R--- | M] () [Auto | Running] -- C:\Windows\SysWOW64\XSrvSetup.exe -- (JMB36X)
SRV - [2009/08/04 17:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/23 20:04:46 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/01/11 04:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/08/15 20:34:40 | 000,004,608 | ---- | M] (RealVNC Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vncmirror.sys -- (vncmirror)
DRV:64bit: - [2012/08/07 12:36:00 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2012/07/03 17:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/05/21 04:09:00 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/05/21 04:09:00 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/18 08:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 08:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/08/17 11:04:34 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011/08/09 15:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011/08/04 10:20:38 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2011/08/04 10:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2011/08/04 10:20:38 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2011/08/04 10:20:38 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2011/05/18 10:14:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011/05/18 10:14:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011/05/18 10:14:16 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011/05/18 10:14:12 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011/05/18 10:09:48 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/10/02 11:05:49 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/05/15 00:00:28 | 000,271,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvpopf64.sys -- (lvpopf64)
DRV:64bit: - [2010/05/07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010/05/07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010/03/01 10:35:20 | 000,020,520 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2009/11/27 11:45:06 | 000,295,424 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/11/10 15:50:18 | 000,014,336 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\copperhd.sys -- (copperhd)
DRV:64bit: - [2009/10/30 11:53:50 | 000,010,880 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Abyssus.sys -- (Abyssus)
DRV:64bit: - [2009/10/29 10:14:38 | 000,115,824 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009/10/26 17:19:48 | 000,176,640 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2009/10/26 17:19:46 | 000,075,264 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/10/05 17:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/09/17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/08 15:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2008/08/28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007/04/11 16:23:48 | 000,049,664 | ---- | M] (Razer USA Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UsbFltr.sys -- (TarFltr)
DRV:64bit: - [2006/09/27 00:17:48 | 000,029,984 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006/09/27 14:48:04 | 000,044,800 | ---- | M] (Waytech Development, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\UsbFltr.sys -- (TarFltr)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {95289393-33EA-4F8D-B952-483415B9C955}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D6 05 F8 57 8F 51 CB 01 [binary data]
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\USER\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\SearchScopes\{5793B2E4-B8F9-457d-9C23-2EB1C7526F3D}: "URL" = http://search.yahoo.com/search?p={searc ... type=STDVM
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\SearchScopes\{935817FB-E05C-4fe6-BDF1-BA34C8C94052}: "URL" = http://www.bing.com/search?q={searchTer ... R2&pc=SPLH
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\SearchScopes\{F0FAB549-B181-43ef-8777-795448291944}: "URL" = http://www.google.com/cse?cx=partner-pu ... 4067623346
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://hattrick.org/"
FF - prefs.js..extensions.enabledAddons: {9d1f059c-cada-4111-9696-41a62d64e3ba}:0.8
FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledAddons: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.18
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {9d1f059c-cada-4111-9696-41a62d64e3ba}:0.6.1
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.1.1.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.48
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {e213bb8f-8ebd-11db-96b7-005056c00008}:3.0.0.91
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91
FF - prefs.js..extensions.enabledItems: david@dkjensen.com:0.0.5
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
FF - prefs.js..network.proxy.type: 2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\USER\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\USER\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\USER\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\USER\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\USER\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\USER\AppData\Local\Facebook\Messenger\2.1.4623.0\npFbDesktopPlugin.dll (Facebook, Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2011/11/27 14:48:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/09/07 21:34:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/08/21 16:04:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/05/05 00:35:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/16 03:29:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011/11/27 14:48:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/08/21 16:04:35 | 000,000,000 | ---D | M]

[2010/09/04 13:59:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\Extensions
[2012/09/14 17:45:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions
[2010/09/05 19:00:21 | 000,000,000 | ---D | M] (Vista-aero) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
[2011/07/24 16:21:34 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2012/09/14 17:45:28 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2010/12/15 19:14:30 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/09/05 19:00:02 | 000,000,000 | ---D | M] (myFireFox) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\{e213bb8f-8ebd-11db-96b7-005056c00008}
[2012/05/04 20:54:54 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/03/11 23:49:36 | 000,000,000 | ---D | M] (Fopra) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\david@dkjensen.com
[2012/09/14 17:45:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\staged
[2010/09/05 19:00:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}\chrome\mozapps\extensions
[2010/09/05 19:00:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\{e213bb8f-8ebd-11db-96b7-005056c00008}\chrome\mozapps\extensions
[2011/03/11 23:49:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\david@dkjensen.com\chrome\mozapps\extensions
[2012/01/27 01:20:39 | 001,621,887 | ---- | M] () (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\firefox\profiles\0aq5f070.default\extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba}.xpi
[2012/01/27 01:20:40 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\firefox\profiles\0aq5f070.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2008/03/20 14:43:48 | 000,001,502 | ---- | M] () (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\firefox\profiles\0aq5f070.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}\chrome\mozapps\xpinstall\xpinstallConfirm.css
[2008/03/26 13:50:46 | 000,001,362 | ---- | M] () (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\firefox\profiles\0aq5f070.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}\chrome\mozapps\xpinstall\xpinstallItemGeneric.png
[2008/03/20 14:43:48 | 000,001,502 | ---- | M] () (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\firefox\profiles\0aq5f070.default\extensions\{e213bb8f-8ebd-11db-96b7-005056c00008}\chrome\mozapps\xpinstall\xpinstallConfirm.css
[2008/03/26 13:50:46 | 000,001,362 | ---- | M] () (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\firefox\profiles\0aq5f070.default\extensions\{e213bb8f-8ebd-11db-96b7-005056c00008}\chrome\mozapps\xpinstall\xpinstallItemGeneric.png
[2010/08/06 20:55:02 | 000,704,656 | ---- | M] () (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\firefox\profiles\0aq5f070.default\extensions\david@dkjensen.com\fopra_0.0.5.xpi
[2009/11/02 15:41:32 | 000,001,502 | ---- | M] () (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\firefox\profiles\0aq5f070.default\extensions\david@dkjensen.com\chrome\mozapps\xpinstall\xpinstallConfirm.css
[2009/11/02 14:50:46 | 000,001,362 | ---- | M] () (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\firefox\profiles\0aq5f070.default\extensions\david@dkjensen.com\chrome\mozapps\xpinstall\xpinstallItemGeneric.png
[2012/09/14 17:45:28 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\firefox\profiles\0aq5f070.default\extensions\staged\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/08/31 12:37:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/04 09:32:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
[2012/06/16 12:29:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/08/31 12:37:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/05/05 00:35:52 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/05/05 00:35:50 | 000,001,583 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\atlas-sk.xml
[2012/05/05 00:35:49 | 000,001,380 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\azet-sk.xml
[2012/05/05 00:35:49 | 000,001,479 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\dunaj-sk.xml
[2012/05/05 00:35:49 | 000,001,473 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slovnik-sk.xml
[2012/05/05 00:35:49 | 000,001,104 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sk.xml
[2012/05/05 00:35:49 | 000,000,830 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\zoznam-sk.xml

========== Chrome ==========

CHR - homepage: http://qip.ru/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://qip.ru/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\USER\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\USER\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\USER\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\USER\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Qip Authorizer Web Plugin (Enabled) = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdefnbcpjeflgggkipfemfckjicceiii\1.0_0\npqipauth.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\USER\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\USER\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\USER\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - Extension: YouTube = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Autoplayer for Mafia Wars (Facebook) = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgagpckjofhomehafhognmangbjdiaap\3.0.109_0\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: eRepublik Advanced = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebeenikkcpgaekfgbnflbaaihalfifkk\4.1.0.0_0\
CHR - Extension: AdBlock = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.42_0\
CHR - Extension: Unfriend Finder = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\kddnblacojpnmjdlpnndlcamnmmkfina\40_0\
CHR - Extension: QIP Authorizer = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdefnbcpjeflgggkipfemfckjicceiii\1.0_0\
CHR - Extension: eRepublik Advanced = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\mncnfflkhadffpmcaahmdbggcamfmfip\2.6.3_0\
CHR - Extension: Runescape Toolbar For Google Chrome = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\omkoedpgiabakfkoefehjfmnlkpepfmp\1.5.2_0\
CHR - Extension: Gmail = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/05/24 17:47:49 | 000,000,021 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\USER\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [Copperhead] C:\Program Files (x86)\Razer\Copperhead\razerhid.exe ()
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [razer] C:\Program Files (x86)\Razer\Copperhead\razerhid.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Tarantula] C:\Program Files (x86)\Razer\Tarantula\razerhid.exe (Razer USA Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3703004486-2740870591-47259584-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-3703004486-2740870591-47259584-1000..\Run: [\\http://10.0.0.138:631\Epson] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEE.EXE /FU "C:\Windows\TEMP\E_S2818.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-3703004486-2740870591-47259584-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3703004486-2740870591-47259584-1000..\Run: [Infium] C:\Program Files (x86)\QIP 2012\qip.exe (QIP)
O4 - HKU\S-1-5-21-3703004486-2740870591-47259584-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3703004486-2740870591-47259584-1000..\Run: [VistaSwitcher] C:\Program Files\VistaSwitcher\vswitch64.exe (NTWind Software)
O4 - HKU\S-1-5-21-3703004486-2740870591-47259584-1000..\Run: [WhatPulse] C:\Program Files (x86)\WhatPulse\WhatPulse.exe (WhatPulse.org)
O4 - HKU\S-1-5-21-3703004486-2740870591-47259584-1007..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3703004486-2740870591-47259584-1007..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\USER\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SaveSnap.lnk = C:\Program Files (x86)\SaveSnap\SaveSnap.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\USER\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Stiahnuť s Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm File not found
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\USER\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Stiahnuť s Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.0.0)
O16:64bit: - DPF: {AEA3991E-3109-4C98-989E-33994FEB1A91} http://content.systemrequirementslab.co ... .3.1.0.cab (SysInfo Class)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://195.28.70.134/kapor2/lib/mgaxctrl.cab (Autodesk MapGuide ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0E47C114-916B-4770-8292-239128FE2580}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2B163AF-66EB-403F-A6FC-DBF8FA4FFE7D}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b143697a-fb39-11e1-804a-1c6f652249e7}\Shell - "" = AutoRun
O33 - MountPoints2\{b143697a-fb39-11e1-804a-1c6f652249e7}\Shell\AutoRun\command - "" = M:\Autorun\autorun.exe
O33 - MountPoints2\{d92d0f42-ce04-11df-88c2-1c6f652249e7}\Shell - "" = AutoRun
O33 - MountPoints2\{d92d0f42-ce04-11df-88c2-1c6f652249e7}\Shell\AutoRun\command - "" = K:\Autorun\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012/09/15 19:27:44 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Users\USER\Desktop\OTL.exe
[2012/09/15 15:29:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2012/09/15 15:28:56 | 000,000,000 | ---D | C] -- C:\Users\USER\Documents\FIFA 13
[2012/09/15 15:28:45 | 000,000,000 | ---D | C] -- C:\Users\USER\Documents\FIFA 13 Demo
[2012/09/15 12:05:59 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Origin
[2012/09/15 12:05:58 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Origin
[2012/09/15 12:04:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012/09/15 12:04:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2012/09/14 17:50:36 | 000,000,000 | ---D | C] -- C:\WinRozvrhy
[2012/09/14 08:28:55 | 026,228,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012/09/14 08:28:55 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012/09/14 08:28:55 | 019,828,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012/09/14 08:28:55 | 018,229,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012/09/14 08:28:55 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012/09/14 08:28:55 | 015,291,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012/09/14 08:28:55 | 012,465,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012/09/14 08:28:55 | 009,066,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012/09/14 08:28:55 | 007,626,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012/09/14 08:28:55 | 007,397,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012/09/14 08:28:55 | 006,109,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012/09/14 08:28:55 | 002,745,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012/09/14 08:28:55 | 002,573,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012/09/14 08:28:55 | 002,422,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012/09/14 08:28:55 | 002,216,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012/09/14 08:28:55 | 001,866,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012/09/14 08:28:55 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012/09/14 08:28:55 | 000,830,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012/09/14 08:28:55 | 000,247,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2012/09/14 08:28:55 | 000,202,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2012/09/14 08:28:55 | 000,189,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2012/09/14 08:28:55 | 000,031,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2012/09/12 15:25:21 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rndismpx.sys
[2012/09/12 15:25:21 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012/09/12 15:25:20 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/09/12 15:25:18 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/09/12 15:25:18 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012/09/11 20:16:16 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\2K Games
[2012/09/11 13:07:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2012/09/11 00:14:54 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Mipony
[2012/09/10 13:23:40 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Coach770
[2012/09/10 12:14:41 | 000,035,112 | ---- | C] (TeamViewer GmbH) -- C:\Windows\SysNative\drivers\teamviewervpn.sys
[2012/09/10 12:14:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2012/09/10 12:01:24 | 000,026,112 | ---- | C] (RealVNC Ltd.) -- C:\Windows\SysNative\vncmirror.dll
[2012/09/10 12:01:24 | 000,004,608 | ---- | C] (RealVNC Ltd.) -- C:\Windows\SysNative\drivers\vncmirror.sys
[2012/09/10 11:52:57 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallJammer Registry
[2012/09/10 11:52:51 | 000,000,000 | ---D | C] -- C:\Users\USER\Application Data
[2012/09/10 11:52:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GmoteServer
[2011/03/22 22:15:44 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\USER\AppData\Roaming\pcouffin.sys
[2010/11/24 23:19:34 | 004,316,160 | ---- | C] (Gabest) -- C:\Users\USER\mplayerc.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012/09/15 19:33:41 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/09/15 19:28:11 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/15 19:28:11 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/15 19:27:44 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\USER\Desktop\OTL.exe
[2012/09/15 19:26:58 | 000,796,196 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/15 19:26:58 | 000,665,644 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/15 19:26:58 | 000,124,778 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/15 19:20:27 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/15 19:20:20 | 000,000,202 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012/09/15 19:20:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/15 19:20:05 | 508,157,951 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/15 18:56:27 | 000,000,024 | ---- | M] () -- C:\Users\USER\random.dat
[2012/09/15 18:39:00 | 000,000,040 | ---- | M] () -- C:\Users\USER\jagex_cl_runescape_LIVE.dat
[2012/09/15 15:10:46 | 000,001,308 | ---- | M] () -- C:\Users\Public\Desktop\FIFA 13 Demo.lnk
[2012/09/14 01:51:44 | 192,405,919 | ---- | M] () -- C:\Users\USER\Desktop\skola.rar
[2012/09/12 22:41:25 | 000,001,336 | ---- | M] () -- C:\Users\USER\AppData\Local\SRDownloader.nast
[2012/09/11 13:24:09 | 000,002,058 | ---- | M] () -- C:\Users\USER\Desktop\MAFIA II .lnk
[2012/09/10 20:23:32 | 000,032,470 | ---- | M] () -- C:\Users\USER\AppData\Local\SRDownloader.err
[2012/09/10 13:30:05 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/09/10 13:30:05 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/09/10 12:14:48 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/15 19:33:41 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/09/15 15:10:46 | 000,001,308 | ---- | C] () -- C:\Users\Public\Desktop\FIFA 13 Demo.lnk
[2012/09/14 01:40:22 | 192,405,919 | ---- | C] () -- C:\Users\USER\Desktop\skola.rar
[2012/09/11 13:24:09 | 000,002,058 | ---- | C] () -- C:\Users\USER\Desktop\MAFIA II .lnk
[2012/09/10 12:14:48 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2012/09/10 12:14:48 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[2012/08/30 10:40:14 | 000,429,416 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/08/28 14:42:39 | 000,000,017 | ---- | C] () -- C:\Users\USER\AppData\Local\resmon.resmoncfg
[2012/06/28 17:52:25 | 000,000,044 | ---- | C] () -- C:\Users\USER\jagex_cl_runescape_LIVE1.dat
[2012/06/26 17:54:06 | 000,000,048 | ---- | C] () -- C:\Users\USER\jagex_cl_runescape_LIVE_BETA.dat
[2012/06/26 17:54:06 | 000,000,024 | ---- | C] () -- C:\Users\USER\random.dat
[2012/01/18 08:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/01/18 08:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/01/18 08:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012/01/03 09:28:06 | 002,570,286 | ---- | C] () -- C:\Windows\SysWow64\abgx360.exe
[2011/10/31 10:21:01 | 000,000,040 | ---- | C] () -- C:\Users\USER\jagex_cl_runescape_LIVE.dat
[2011/09/05 15:15:55 | 000,010,373 | ---- | C] () -- C:\Users\USER\.TransferManager.db
[2011/07/31 14:11:55 | 000,277,302 | ---- | C] () -- C:\Users\USER\Armani FlipFont_v1.0.apk
[2011/07/31 14:11:49 | 000,057,863 | ---- | C] () -- C:\Users\USER\com.monotype.android.font.Verdana.apk
[2011/06/01 18:56:23 | 000,034,816 | ---- | C] () -- C:\Users\USER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/29 17:42:59 | 000,001,456 | ---- | C] () -- C:\Users\USER\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/04/27 14:19:32 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/04/27 14:19:30 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011/04/27 14:19:30 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/04/27 14:19:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/04/27 14:19:30 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/04/08 19:04:44 | 000,000,132 | ---- | C] () -- C:\Users\USER\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/03/22 22:15:44 | 000,099,384 | ---- | C] () -- C:\Users\USER\AppData\Roaming\inst.exe
[2011/03/22 22:15:44 | 000,007,859 | ---- | C] () -- C:\Users\USER\AppData\Roaming\pcouffin.cat
[2011/03/22 22:15:44 | 000,001,167 | ---- | C] () -- C:\Users\USER\AppData\Roaming\pcouffin.inf
[2011/03/22 22:09:01 | 000,001,185 | ---- | C] () -- C:\Users\USER\AppData\Roaming\vso_ts_preview.xml
[2011/03/17 12:21:58 | 000,145,192 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/03/05 13:01:50 | 000,010,752 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2011/02/24 15:33:28 | 000,282,472 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/02/24 15:33:25 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/02/24 15:33:21 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2011/01/05 16:28:07 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/01/05 16:28:06 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/01/03 19:15:29 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2010/12/01 00:22:54 | 678,539,420 | ---- | C] () -- C:\Users\USER\beatles.nrg
[2010/11/27 14:39:02 | 000,000,220 | ---- | C] () -- C:\Windows\iepreview.ini
[2010/10/02 11:08:58 | 000,001,336 | ---- | C] () -- C:\Users\USER\AppData\Local\SRDownloader.nast
[2010/10/01 00:33:41 | 000,032,470 | ---- | C] () -- C:\Users\USER\AppData\Local\SRDownloader.err
[2010/09/29 21:27:56 | 000,662,523 | ---- | C] () -- C:\Users\USER\AppData\Roaming\default.rss
[2010/09/29 21:20:51 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/09/04 14:53:55 | 000,000,000 | ---- | C] () -- C:\Users\USER\jagex__preferences3.dat
[2010/09/04 14:53:38 | 000,000,129 | ---- | C] () -- C:\Users\USER\jagex_runescape_preferences2.dat
[2010/09/04 14:50:11 | 000,000,046 | ---- | C] () -- C:\Users\USER\jagex_runescape_preferences.dat

========== LOP Check ==========

[2012/08/21 19:22:16 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\.minecraft
[2012/02/16 16:41:46 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\abgx360
[2012/02/18 13:04:56 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\aignes
[2011/03/14 17:27:30 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Allstar
[2011/06/10 20:19:28 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\AnvSoft
[2012/07/21 16:21:35 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Applied Recognition Inc
[2012/03/18 19:14:05 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\avidemux
[2011/03/17 12:18:02 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/07/21 16:21:32 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\com.appliedrec.Fotobounce
[2012/09/11 00:20:19 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\DAEMON Tools Lite
[2012/09/15 19:20:48 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Dropbox
[2011/12/17 10:51:59 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Duplicate & Same Files Searcher
[2010/12/15 19:14:30 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/09/04 10:49:40 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\ESET
[2012/05/15 19:26:38 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\FileZilla
[2012/01/24 16:46:20 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\ImgBurn
[2011/05/10 14:21:59 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\IrfanView
[2010/12/16 16:32:33 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\JAM Software
[2010/10/02 11:20:54 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Leadertech
[2012/09/11 00:16:48 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Mipony
[2010/09/07 21:37:24 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Nokia
[2011/03/06 18:47:04 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\ooVoo Details
[2012/06/14 11:51:52 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Opera
[2012/09/15 12:09:02 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Origin
[2011/07/02 12:25:21 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\PC Suite
[2011/11/20 17:05:05 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\QIP
[2011/06/15 23:46:20 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Samsung
[2011/03/05 01:01:12 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Screaming Bee
[2011/08/01 15:29:12 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Snippage.B28FB424FD6880E47B18D7D649F6CC93BDE9B29B.1
[2012/04/29 23:05:42 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\StreamTorrent
[2011/12/04 19:34:20 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\TeamViewer
[2012/06/21 14:23:41 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Temp
[2012/01/07 18:27:48 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Thinstall
[2012/08/10 09:44:55 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\uTorrent
[2011/03/22 22:15:45 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Vso
[2011/03/19 18:46:43 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\wargaming.net
[2012/05/13 13:58:57 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\WhatPulse
[2011/03/22 22:30:41 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\WinAVI
[2011/03/13 02:12:46 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\ytbSoft
[2012/09/15 19:20:20 | 000,000,202 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2012/09/03 13:23:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3703004486-2740870591-47259584-1000Core.job
[2012/09/03 16:23:00 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3703004486-2740870591-47259584-1000UA.job
[2012/09/12 21:49:00 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010/11/20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2012/09/07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011/09/29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011/06/21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010/06/14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2012/03/30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011/04/25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012/03/30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012/08/22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010/06/14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/06/21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011/09/29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012/03/30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011/04/25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/06/21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011/06/21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011/09/29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2012/08/22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\SysNative\drivers\tcpip.sys
[2012/08/22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011/09/29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/09/07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3d4cee726037d4498d7166a5dfab7d73\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3d4cee726037d4498d7166a5dfab7d73\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012/08/21 19:22:16 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\.minecraft
[2012/02/16 16:41:46 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\abgx360
[2012/08/10 00:44:04 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Adobe
[2010/10/11 21:12:45 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Ahead
[2012/02/18 13:04:56 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\aignes
[2011/03/14 17:27:30 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Allstar
[2011/06/10 20:19:28 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\AnvSoft
[2012/07/21 16:21:35 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Applied Recognition Inc
[2012/03/18 19:14:05 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\avidemux
[2011/03/17 12:18:02 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/07/21 16:21:32 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\com.appliedrec.Fotobounce
[2012/09/11 00:20:19 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\DAEMON Tools Lite
[2012/09/15 19:20:48 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Dropbox
[2011/12/17 10:51:59 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Duplicate & Same Files Searcher
[2010/12/15 19:14:30 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/09/04 10:49:40 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\ESET
[2012/05/15 19:26:38 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\FileZilla
[2011/05/10 07:38:33 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\GRETECH
[2011/06/30 00:27:12 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\HpUpdate
[2010/09/03 09:21:54 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Identities
[2012/01/24 16:46:20 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\ImgBurn
[2010/09/04 11:35:28 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\InstallShield
[2011/05/10 14:21:59 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\IrfanView
[2010/12/16 16:32:33 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\JAM Software
[2010/10/02 11:20:54 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Leadertech
[2011/02/26 04:03:28 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Logitech
[2010/09/04 10:21:27 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Macromedia
[2011/02/02 16:37:35 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Malwarebytes
[2009/07/14 09:54:32 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Media Center Programs
[2012/08/10 00:44:04 | 000,000,000 | --SD | M] -- C:\Users\USER\AppData\Roaming\Microsoft
[2012/09/11 00:16:48 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Mipony
[2011/03/16 18:33:14 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\mIRC
[2012/08/23 02:18:13 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Mozilla
[2010/10/11 16:50:00 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Nero
[2010/09/07 21:37:24 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Nokia
[2012/09/11 20:16:20 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\NVIDIA
[2011/03/06 18:47:04 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\ooVoo Details
[2012/06/14 11:51:52 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Opera
[2012/09/15 12:09:02 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Origin
[2011/07/02 12:25:21 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\PC Suite
[2011/11/20 17:05:05 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\QIP
[2011/06/15 23:46:20 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Samsung
[2011/03/05 01:01:12 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Screaming Bee
[2010/09/23 22:33:24 | 000,000,000 | RH-D | M] -- C:\Users\USER\AppData\[/color]

Roaming\SecuROM
[2012/09/15 19:18:29 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Skype
[2011/07/11 17:10:41 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\skypePM
[2011/08/01 15:29:12 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Snippage.B28FB424FD6880E47B18D7D649F6CC93BDE9B29B.1
[2012/04/29 23:05:42 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\StreamTorrent
[2010/12/12 13:31:53 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Sun
[2011/12/04 19:34:20 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\TeamViewer
[2012/06/21 14:23:41 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Temp
[2012/01/07 18:27:48 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Thinstall
[2012/08/10 09:44:55 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\uTorrent
[2012/09/15 12:16:00 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\vlc
[2011/03/22 22:15:45 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Vso
[2011/03/19 18:46:43 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\wargaming.net
[2012/05/13 13:58:57 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\WhatPulse
[2012/09/07 00:23:38 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Winamp
[2011/03/22 22:30:41 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\WinAVI
[2010/09/06 19:08:11 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\WinRAR
[2011/03/13 02:12:46 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\ytbSoft

< %APPDATA%\*.exe /s >
[2011/03/22 22:15:44 | 000,099,384 | ---- | M] () -- C:\Users\USER\AppData\Roaming\inst.exe
[2010/10/21 03:00:02 | 000,695,296 | ---- | M] (AnjoCaido) -- C:\Users\USER\AppData\Roaming\.minecraft\Minecraft Updater.exe
[2012/08/01 15:53:52 | 000,263,186 | ---- | M] () -- C:\Users\USER\AppData\Roaming\.minecraft\Minecraft.exe
[2012/08/21 19:08:20 | 000,300,562 | ---- | M] () -- C:\Users\USER\AppData\Roaming\.minecraft\Uninstall.exe
[2012/05/24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\USER\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012/05/24 20:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Users\USER\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012/05/24 20:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\USER\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012/07/21 16:20:56 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\USER\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011/02/26 04:23:51 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\USER\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2009/06/25 19:07:56 | 000,333,541 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Nero\Uninstall.exe
[2012/02/18 13:53:17 | 000,106,408 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentInstaller.exe
[2012/02/18 13:53:18 | 000,101,288 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentUpdate.exe
[2012/02/18 13:53:18 | 000,021,416 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\KiesPDLR.exe
[2012/02/03 10:50:16 | 000,943,504 | ---- | M] (Samsung) -- C:\Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\Kies.exe
[2012/02/03 10:50:20 | 000,278,928 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesDriverInstaller.exe
[2012/02/01 10:17:02 | 000,308,224 | ---- | M] (Samsung) -- C:\Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesLogger.exe
[2012/02/03 10:50:18 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesTrayAgent.exe
[2012/01/31 11:16:12 | 000,140,800 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\ConnectionManager.exe
[2012/01/31 11:16:12 | 000,290,816 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceDataService.exe
[2012/01/31 11:16:12 | 000,693,248 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceManager.exe
[2012/02/03 10:50:22 | 000,067,472 | ---- | M] (Samsung) -- C:\Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\Kies_Tutorial.exe
[2012/02/18 13:53:17 | 000,106,408 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentInstaller.exe
[2012/02/18 13:53:18 | 000,101,288 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentUpdate.exe
[2012/02/03 10:50:26 | 000,131,984 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012/02/18 13:53:18 | 000,021,416 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\KiesPDLR.exe
[2012/02/03 10:50:28 | 003,570,312 | ---- | M] (Freeware) -- C:\Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\MediaModules\MyFreeCodecPack.exe
[2012/01/31 11:15:38 | 024,123,656 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012/02/03 10:50:30 | 000,371,088 | ---- | M] (ml) -- C:\Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012/06/08 13:02:14 | 000,371,128 | ---- | M] (ml) -- C:\Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2012/01/07 18:28:02 | 000,008,704 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Thinstall\HyperCam 2 Upload3r\400000de00002i\HyCam2.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll

< %systemroot%\Tasks\*.job >
[2012/09/15 19:20:20 | 000,000,202 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2012/09/03 13:23:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3703004486-2740870591-47259584-1000Core.job
[2012/09/03 16:23:00 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3703004486-2740870591-47259584-1000UA.job
[2012/09/15 19:20:27 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/08/16 03:00:29 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/07/12 00:08:00 | 000,000,894 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3703004486-2740870591-47259584-1000Core.job
[2012/07/12 03:08:00 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3703004486-2740870591-47259584-1000UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012/09/15 19:20:30 | 000,000,044 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Steam" = "C:\Program Files (x86)\Steam\steam.exe" -silent -- [2012/08/16 03:26:55 | 001,353,080 | ---- | M] (Valve Corporation)
"WhatPulse" = C:\Program Files (x86)\WhatPulse\WhatPulse.exe -- [2011/11/15 15:13:22 | 003,990,528 | ---- | M] (WhatPulse.org)
"ISUSPM" = "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler -- [2006/05/16 12:58:18 | 000,213,936 | ---- | M] (Macrovision Corporation)
"AdobeBridge" =
"VistaSwitcher" = "C:\Program Files\VistaSwitcher\vswitch64.exe" /startup -- [2010/11/24 16:06:36 | 000,230,408 | ---- | M] (NTWind Software)
"" =
"\\http://10.0.0.138:631\Epson" = C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEE.EXE /FU "C:\Windows\TEMP\E_S2818.tmp" /EF "HKCU"
"Infium" = "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun -- [2012/01/12 13:35:12 | 007,320,528 | ---- | M] (QIP)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012/05/05 00:35:52 | 000,924,600 | ---- | M] (Mozilla Corporation) MD5=4F69AABB5D82AA4EF6DFF7871212ADF6 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012/06/29 03:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=93569D46D79F9756ED077156496AFE23 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012/08/30 15:29:36 | 000,874,896 | ---- | M] (Opera Software) MD5=E9B8F06429A1727D9FD9D4CE023EDCEB -- C:\Program Files (x86)\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/09/15 19:33:41 | 000,000,512 | ---- | M] () MD5=00EFA1B0DE5B34F8776A668500B7372B -- C:\PhysicalMBR.bin
[1 C:\*.tmp files -> C:\*.tmp -> ]

< >

< *crack* /s >
[2012/07/12 13:31:01 | 000,213,474 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\animations\bonus_crack\crack_intro.swf
[2012/07/12 13:31:45 | 000,028,809 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\bonus\win_msg\bonus_crackpink_txt.png
[2012/07/12 13:32:01 | 000,002,094 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\sounds\bonus\crack_the_pink_bonus\crack_mouse_over.mp3
[2012/07/12 13:32:01 | 000,025,082 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\sounds\bonus\crack_the_pink_bonus\crack_open_door_2.mp3
[2012/07/12 13:32:02 | 000,122,884 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\sounds\bonus\crack_the_pink_bonus\crack_open_door_bomb.mp3
[2012/07/12 13:32:02 | 000,109,927 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\sounds\bonus\crack_the_pink_bonus\crack_pending_eff.mp3
[2010/11/09 16:09:33 | 040,868,256 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\call of duty black ops\zone\Common\mp_cracked.ff
[2010/11/09 16:13:22 | 000,019,296 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\call of duty black ops\zone\English\en_mp_cracked.ff
[2011/11/21 17:17:06 | 000,000,088 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\crackberry.com.idx
[2010/09/06 18:31:25 | 000,000,201 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\crackserial.sk.idx
[2011/11/21 17:15:35 | 000,000,290 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\forums.crackberry.com.idx
[2012/01/26 15:35:09 | 000,001,008 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\http%3A%2F%2F0.tqn.com%2Fd%2Fxbox%2F1%2F0%2Fs%2FM%2Fcrackdownbox.png
[2011/11/21 17:08:26 | 000,000,696 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fcdn.crackberry.com%2Fthemes%2Fcrackberry3%2Ffavicon.png
[2011/11/21 17:08:24 | 000,000,696 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fcrackberry.com%2Fthemes%2Fcrackberry3%2Ffavicon.png
[2010/08/03 12:08:06 | 000,000,086 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fcrackserial.sk%2Fimages%2Ffavicon.ico
[2010/02/21 12:46:48 | 000,001,150 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\http%3A%2F%2Floadcrack.com%2Ffavicon.ico
[2011/07/21 08:41:19 | 000,000,793 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\http%3A%2F%2Ft0.gstatic.com%2Fimages%3Fq=tbn%3AANd9GcRaCK_JyYcfSrh3GU_QSRhLQJII8pmTGeWSuqbObnJMqQ82Rd.png
[2010/02/21 12:46:36 | 000,005,430 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.crackdb.cd%2Ffavicon.ico
[2010/06/17 20:26:46 | 000,000,894 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.cracked.com%2Ffavicon.ico
[2008/06/13 22:10:28 | 000,000,568 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.hentaicrack.com%2Ffavicon.ico
[2009/09/29 17:26:26 | 000,003,362 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.rarpasswordcracker.com%2Ffavicon.ico
[2010/02/21 12:46:48 | 000,000,191 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\loadcrack.com.idx
[2010/02/21 12:47:14 | 000,000,349 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\www.crackdb.cd.idx
[2010/06/17 20:56:14 | 000,000,067 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\www.cracked.com.idx
[2008/06/13 22:10:28 | 000,000,075 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\www.hentaicrack.com.idx
[2009/09/29 17:26:26 | 000,000,089 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\www.rarpasswordcracker.com.idx
[2012/04/04 09:29:10 | 000,003,178 | ---- | M] () -- \Users\USER\sgs2\TOTAL BACKUP\internal\Android\data\pixlr.OMatic\files\.effects\border\grunge_1\thumb\crack_multiply_stretch.jpg

< *keygen* /s >
[2010/02/21 12:47:52 | 000,000,318 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fkeygens.nl%2Ffavicon.ico
[2010/02/21 12:47:52 | 000,000,070 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\keygens.nl.idx

< *loader* /s >
[2012/08/27 17:58:00 | 000,609,424 | ---- | M] () -- \Poker\Poker 770\data\loader.dll
[2012/07/12 13:15:30 | 000,002,707 | ---- | M] () -- \Poker\Poker 770\data\loader.gam
[2012/07/12 13:16:44 | 000,005,265 | ---- | M] () -- \Poker\Poker 770\data\mgames\[en]\as2\movies\shared\loader.swf
[2012/07/12 13:15:30 | 000,002,608 | ---- | M] () -- \Poker\Poker 770\widgetbar\widgets\themecloud\resources\html\img\ajax-loader.gif
[2010/08/24 17:23:59 | 000,071,008 | ---- | M] () -- \Program Files (x86)\2K Games\Mafia II\pc\PhysXLoader.dll
[2010/03/09 05:28:40 | 005,297,608 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010/03/09 02:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010/03/09 02:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010/03/09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010/03/09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010/03/09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010/03/09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010/03/09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010/03/09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010/03/09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010/03/09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010/03/09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010/03/09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010/03/09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010/03/09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010/03/09 02:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010/03/09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2010/12/07 13:34:02 | 001,812,992 | ---- | M] () -- \Program Files (x86)\Common Files\DVDVideoSoft\Dll\HttpVideoDownloader.dll
[2010/10/07 04:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010/10/07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011/02/15 08:22:28 | 000,335,872 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Service Layer\A\nsl_loader.dll
[2011/04/14 11:35:32 | 000,131,072 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2006/10/24 10:05:10 | 000,014,184 | ---- | M] () -- \Program Files (x86)\Microsoft Small Business\Small Business Loader\ILoader.dll
[2006/10/24 10:06:52 | 000,047,976 | ---- | M] () -- \Program Files (x86)\Microsoft Small Business\Small Business Loader\Loader.dll
[2005/10/14 02:49:48 | 000,017,624 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\90\Tools\Binn\SqlResourceLoader.dll
[2005/10/14 02:49:48 | 000,017,624 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SqlResourceLoader.dll
[2011/08/04 09:50:26 | 000,017,976 | ---- | M] () -- \Program Files (x86)\Nokia\Nokia Ovi Suite\OviSuiteDownloader.dll
[2009/01/21 15:29:56 | 000,003,072 | ---- | M] () -- \Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\MapLoader_slk.NLR
[2012/05/03 18:38:36 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012/05/03 18:39:16 | 000,063,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012/05/21 04:03:06 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012/05/21 04:03:06 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2008/07/23 23:29:12 | 000,052,021 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\Flash\loader_TIKUEDGE_INTEL_1.adl
[2008/07/23 23:29:12 | 000,052,021 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\Flash\loader_TIKUEDGE_SAMSUNG_1.adl
[2008/07/23 23:29:12 | 000,051,783 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\Flash\loader_TIKU_INTEL_2.adl
[2008/07/23 23:29:12 | 000,051,783 | ---- | M] () -- \Program Files (x86)\ODEON\JAF\Flash\loader_TIKU_SAMSUNG_2.adl
[2012/06/04 07:57:14 | 000,069,120 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2012/06/08 13:02:10 | 000,183,736 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012/06/27 23:57:10 | 000,185,296 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\GT-I9300\BinaryLoaderMgr.exe
[2012/06/27 23:57:10 | 000,302,032 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\GT-I9300\FirmwareUpdate.Downloader.dll
[2010/10/07 04:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010/10/07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011/09/05 14:15:56 | 000,002,941 | ---- | M] () -- \Program Files\Java\jdk1.7.0\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2011/09/05 14:15:56 | 000,000,411 | ---- | M] () -- \Program Files\Java\jdk1.7.0\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2011/09/05 14:15:57 | 001,138,236 | ---- | M] () -- \Program Files\Java\jdk1.7.0\lib\visualvm\platform\modules\org-openide-loaders.jar
[2011/09/05 14:15:57 | 000,007,002 | ---- | M] () -- \Program Files\Java\jdk1.7.0\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2011/09/05 14:15:57 | 000,006,658 | ---- | M] () -- \Program Files\Java\jdk1.7.0\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2011/09/05 14:15:57 | 000,000,457 | ---- | M] () -- \Program Files\Java\jdk1.7.0\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2010/03/15 11:27:18 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012/06/18 12:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/06/18 12:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012/06/18 12:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/06/18 12:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012/09/10 20:23:32 | 000,032,470 | ---- | M] () -- \Users\USER\AppData\Local\SRDownloader.err
[2012/09/12 22:41:25 | 000,001,336 | ---- | M] () -- \Users\USER\AppData\Local\SRDownloader.nast
[2010/10/02 11:08:25 | 000,057,728 | ---- | M] () -- \Users\USER\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2010/10/02 11:08:25 | 000,057,728 | ---- | M] () -- \Users\USER\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2010/10/02 11:08:25 | 000,057,728 | ---- | M] () -- \Users\USER\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2012/01/19 16:15:24 | 000,001,006 | ---- | M] () -- \Users\USER\AppData\Local\Microsoft\Windows Sidebar\Gadgets\UEFAinfo-gguuggoo.gadget\images\loaderFly.gif
[2012/01/19 16:15:24 | 000,003,003 | ---- | M] () -- \Users\USER\AppData\Local\Microsoft\Windows Sidebar\Gadgets\UEFAinfo-gguuggoo.gadget\images\loaderMain.gif
[2012/09/15 18:18:46 | 000,105,903 | ---- | M] () -- \Users\USER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7JG94ZF6\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012/09/15 18:18:46 | 000,000,753 | ---- | M] () -- \Users\USER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JD8097E9\AdLoader[1].htm
[2010/12/15 21:44:11 | 000,000,847 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\http%3A%2F%2Feslstatic.net%2Fskins%2Fv2008_base%2Fmenu%2Fajax-loader-userbar.gif
[2012/09/11 00:12:49 | 000,000,914 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fjdownloader.org%2Flib%2Ftpl%2Farctic%2Fimages%2Ffavicon.png
[2010/12/27 17:29:06 | 000,001,150 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fmdownloader.codeplex.com%2Ffavicon.ico
[2011/05/10 11:45:20 | 000,001,406 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fuploader.imghost.sk%2Fcss%2Fimages%2Ffavicon.ico
[2011/10/02 22:23:40 | 000,000,413 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fuploader.imghost.sk%2Fimagehosting%2F58eb4ceh0scuuzxoz8g.png
[2011/01/03 04:18:48 | 000,015,086 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwiki.jdownloader.org%2Flib%2Ftpl%2Farctic%2Fimages%2Ffavicon.ico
[2012/07/10 16:32:18 | 000,000,853 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.arsenalinsider.com%2Fwp-content%2Fplugins%2Fgenesis-favicon-uploader%2Ffavicons%2Ffavicon.png
[2012/09/11 00:12:49 | 000,000,097 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\jdownloader.org.idx
[2010/12/27 17:29:12 | 000,000,233 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\mdownloader.codeplex.com.idx
[2011/10/02 22:23:40 | 000,000,268 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\uploader.imghost.sk.idx
[2011/01/03 04:18:57 | 000,000,407 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\icons\wiki.jdownloader.org.idx
[2009/04/04 23:47:50 | 003,647,238 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\profile\cache4\temporary_download\DUploader123.exe
[2009/07/23 19:59:22 | 000,644,703 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\profile\cache4\temporary_download\NokiaMaploaderSetupENU (1).exe
[2010/12/18 18:34:40 | 000,015,808 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\widgets\fastesttube-youtube-video-downloader-1.1-1.oex
[2011/07/10 12:21:51 | 000,010,154 | ---- | M] () -- \Users\USER\AppData\Local\Opera\Opera\widgets\youtube-mp3-downloader-1.3-1.oex
[2012/05/26 00:53:09 | 000,000,121 | ---- | M] () -- \Users\USER\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9BHRAYYF\service.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[2012/07/25 16:14:30 | 000,000,121 | ---- | M] () -- \Users\USER\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9BHRAYYF\se-sportsnewmedia.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[2008/02/09 13:41:26 | 000,004,546 | ---- | M] () -- \Users\USER\AppData\Roaming\Opera\Opera\profile\widgets\FLV Downloader_5958_1.0.zip
[2012/02/03 10:47:14 | 000,069,120 | ---- | M] () -- \Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2012/02/03 10:50:26 | 000,131,984 | ---- | M] () -- \Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012/06/21 13:53:40 | 000,028,640 | ---- | M] () -- \Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\CabFile\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll.cab
[2012/06/21 13:53:21 | 000,077,026 | ---- | M] () -- \Users\USER\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\CabFile\External\FirmwareUpdate\BinaryLoaderMgr.exe.cab
[2012/09/02 13:41:29 | 000,905,216 | ---- | M] () -- \Users\USER\Desktop\SRDownloader.exe
[2008/02/09 13:41:26 | 000,004,546 | ---- | M] () -- \Users\USER\Documents\apps\opera\Opera\Opera\profile\widgets\FLV Downloader_5958_1.0.zip
[2008/02/09 13:41:26 | 000,004,546 | ---- | M] () -- \Users\USER\Documents\apps\opera\Opera\operaZAL\profile\widgets\FLV Downloader_5958_1.0.zip
[2008/02/09 13:41:26 | 000,004,546 | ---- | M] () -- \Users\USER\Documents\apps\operaZAL\profile\widgets\FLV Downloader_5958_1.0.zip
[2008/12/01 17:37:58 | 000,003,719 | ---- | M] () -- \Users\USER\Downloads\prestashop_1.4.7.0\prestashop\img\loader.gif
[2011/07/25 02:39:48 | 000,011,314 | ---- | M] () -- \Users\USER\Downloads\prestashop_1.4.7.0\prestashop\img\admin\ajax-loader-big.gif
[2009/11/09 16:41:38 | 000,000,673 | ---- | M] () -- \Users\USER\Downloads\prestashop_1.4.7.0\prestashop\img\admin\ajax-loader.gif
[2011/07/21 12:34:44 | 000,000,847 | ---- | M] () -- \Users\USER\Downloads\prestashop_1.4.7.0\prestashop\img\admin\jquery-treeview\ajax-loader.gif
[2011/07/22 17:15:38 | 000,011,314 | ---- | M] () -- \Users\USER\Downloads\prestashop_1.4.7.0\prestashop\install\img\ajax-loader.gif
[2011/07/22 17:15:38 | 000,000,109 | ---- | M] () -- \Users\USER\Downloads\prestashop_1.4.7.0\prestashop\install\img\bg_loaderSpace.png
[2011/05/23 10:11:44 | 000,001,720 | ---- | M] () -- \Users\USER\Downloads\prestashop_1.4.7.0\prestashop\js\cropper\loader.js
[2011/11/29 10:44:14 | 000,003,719 | ---- | M] () -- \Users\USER\Downloads\prestashop_1.4.7.0\prestashop\modules\carriercompare\loader.gif
[2011/06/01 17:01:46 | 000,000,847 | ---- | M] () -- \Users\USER\Downloads\prestashop_1.4.7.0\prestashop\modules\mondialrelay\images\loader.gif
[2011/01/24 16:27:20 | 000,001,849 | ---- | M] () -- \Users\USER\Downloads\prestashop_1.4.7.0\prestashop\modules\shopimporter\img\ajax-loader.gif
[2011/04/07 13:09:20 | 000,004,176 | ---- | M] () -- \Users\USER\Downloads\prestashop_1.4.7.0\prestashop\modules\twenga\ajax-loader.gif
[2011/03/02 17:50:00 | 000,003,208 | ---- | M] () -- \Users\USER\Downloads\prestashop_1.4.7.0\prestashop\themes\prestashop\img\ajax-loader.gif
[2011/05/23 10:11:44 | 000,000,910 | ---- | M] () -- \Users\USER\Downloads\prestashop_1.4.7.0\prestashop\tools\swift\Swift\ClassLoader.php
[2010/03/27 23:07:42 | 000,587,776 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\Downloader.dll
[2011/05/16 12:11:33 | 000,005,900 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2 - kópia\ROFS2\private\20001f63\places\s60html\img\loader.gif
[2011/05/16 12:11:38 | 000,000,085 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2 - kópia\ROFS2\resource\midp2downloader.rsc
[2011/05/16 12:11:37 | 000,000,397 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2 - kópia\ROFS2\resource\effects\themeloader.kml
[2011/05/16 12:11:37 | 000,017,990 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2 - kópia\ROFS2\resource\effects\themeloader.png
[2011/05/16 12:11:37 | 000,001,139 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2 - kópia\ROFS2\resource\effects\themeloader2.kml
[2011/05/16 12:11:38 | 000,001,843 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2 - kópia\ROFS2\sys\bin\aknlistloadertfx.dll
[2011/05/16 12:11:38 | 000,000,939 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2 - kópia\ROFS2\sys\bin\commonuimpengineapiloader.dll
[2011/05/16 12:11:38 | 000,000,882 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2 - kópia\ROFS2\sys\bin\commonuinpdapiloader.dll
[2011/05/16 12:11:39 | 000,041,831 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2 - kópia\ROFS2\sys\bin\downloader.exe
[2011/05/16 12:11:40 | 000,024,316 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2 - kópia\ROFS2\sys\bin\midp2downloader.dll
[2011/05/16 12:11:41 | 000,001,330 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2 - kópia\ROFS2\sys\bin\podmploader.dll
[2011/05/16 12:11:41 | 000,001,003 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2 - kópia\ROFS2\sys\bin\pslnbrowserlaunchloader.dll
[2011/05/16 12:11:41 | 000,000,933 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2 - kópia\ROFS2\sys\bin\pslnprofilesettingsloader.dll
[2011/05/16 12:11:41 | 000,000,879 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2 - kópia\ROFS2\sys\bin\pslnwallpaperutilsloader.dll
[2011/05/16 16:27:40 | 000,005,900 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2\ROFS2\private\20001f63\places\s60html\img\loader.gif
[2011/05/16 16:27:47 | 000,000,085 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2\ROFS2\resource\midp2downloader.rsc
[2011/05/16 16:27:46 | 000,000,397 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2\ROFS2\resource\effects\themeloader.kml
[2011/05/16 16:27:46 | 000,017,990 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2\ROFS2\resource\effects\themeloader.png
[2011/05/16 16:27:46 | 000,001,139 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2\ROFS2\resource\effects\themeloader2.kml
[2011/05/16 16:27:48 | 000,001,843 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2\ROFS2\sys\bin\aknlistloadertfx.dll
[2011/05/16 16:27:49 | 000,000,939 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2\ROFS2\sys\bin\commonuimpengineapiloader.dll
[2011/05/16 16:27:49 | 000,000,882 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2\ROFS2\sys\bin\commonuinpdapiloader.dll
[2011/05/16 16:27:49 | 000,041,831 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2\ROFS2\sys\bin\downloader.exe
[2011/05/16 16:27:50 | 000,024,316 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2\ROFS2\sys\bin\midp2downloader.dll
[2011/05/16 16:27:51 | 000,001,330 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2\ROFS2\sys\bin\podmploader.dll
[2011/05/16 16:27:51 | 000,001,003 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2\ROFS2\sys\bin\pslnbrowserlaunchloader.dll
[2011/05/16 16:27:51 | 000,000,933 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2\ROFS2\sys\bin\pslnprofilesettingsloader.dll
[2011/05/16 16:27:51 | 000,000,879 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-504_32.0.007_PRD.ROFS2\ROFS2\sys\bin\pslnwallpaperutilsloader.dll
[2011/05/16 16:24:23 | 000,000,397 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-612_20.0.042_PRD.ROFS2\ROFS2\resource\effects\themeloader.kml
[2011/05/16 16:24:23 | 000,030,320 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-612_20.0.042_PRD.ROFS2\ROFS2\resource\effects\themeloader.png
[2011/05/16 16:24:23 | 000,001,139 | ---- | M] () -- \Users\USER\nokia\app\NFEstd_0.3\NFEstd\RM-612_20.0.042_PRD.ROFS2\ROFS2\resource\effects\themeloader2.kml
[2011/06/01 21:31:40 | 000,003,208 | ---- | M] () -- \Users\USER\Pictures\mobil\loader-1.gif
[2011/06/01 21:31:40 | 000,003,208 | ---- | M] () -- \Users\USER\Pictures\mobil\loader.gif
[2011/06/01 23:31:40 | 000,003,208 | ---- | M] () -- \Users\USER\sgs2\backupp\openfeint\webui\images\loader.gif
[2011/09/04 14:09:56 | 000,270,892 | ---- | M] () -- \Users\USER\sgs2\Batista70_3.7.5_By_SnakeS\system\app\MediaUploader.apk
[2011/09/04 14:10:32 | 000,005,548 | ---- | M] () -- \Users\USER\sgs2\Batista70_3.7.5_By_SnakeS\system\bin\macloader
[2011/09/04 14:10:06 | 000,010,064 | ---- | M] () -- \Users\USER\sgs2\Batista70_3.7.5_By_SnakeS\system\bin\mfgloader
[2011/09/11 02:00:58 | 000,006,014 | ---- | M] () -- \Users\USER\sgs2\TitaniumBackup\com.google.android.apps.uploader-20110911-000058.properties
[2011/09/11 02:00:58 | 000,000,130 | ---- | M] () -- \Users\USER\sgs2\TitaniumBackup\com.google.android.apps.uploader-20110911-000058.tar.gz
[2011/10/07 16:31:26 | 000,005,968 | ---- | M] () -- \Users\USER\sgs2\TitaniumBackup\com.google.android.apps.uploader-20111007-143125.properties
[2011/10/07 16:31:25 | 000,000,130 | ---- | M] () -- \Users\USER\sgs2\TitaniumBackup\com.google.android.apps.uploader-20111007-143125.tar.gz
[2011/09/08 15:32:16 | 000,188,428 | ---- | M] () -- \Users\USER\sgs2\TitaniumBackup\com.google.android.apps.uploader-edd589df6e0fe087998d6ac5262bdf83.apk.gz
[2012/03/21 08:19:32 | 000,187,072 | ---- | M] () -- \Users\USER\sgs2\TOTAL BACKUP\internal\TitaniumBackup\com.google.android.apps.uploader-0614693995561a7422fce59a30b2fb8e.apk.gz
[2012/05/02 02:04:24 | 000,006,059 | ---- | M] () -- \Users\USER\sgs2\TOTAL BACKUP\internal\TitaniumBackup\com.google.android.apps.uploader-20120502-000424.properties
[2012/05/02 02:04:24 | 000,000,130 | ---- | M] () -- \Users\USER\sgs2\TOTAL BACKUP\internal\TitaniumBackup\com.google.android.apps.uploader-20120502-000424.tar.gz
[2012/06/21 13:32:24 | 000,006,044 | ---- | M] () -- \Users\USER\sgs2\TOTAL BACKUP\internal\TitaniumBackup\com.google.android.apps.uploader-20120621-113225.properties
[2012/06/21 13:32:24 | 000,000,130 | ---- | M] () -- \Users\USER\sgs2\TOTAL BACKUP\internal\TitaniumBackup\com.google.android.apps.uploader-20120621-113225.tar.gz
[2012/06/21 13:32:24 | 000,188,064 | ---- | M] () -- \Users\USER\sgs2\TOTAL BACKUP\internal\TitaniumBackup\com.google.android.apps.uploader-c85157eef4c9800f35611f1c09710676.apk.gz
[2010/09/03 09:43:56 | 000,014,184 | ---- | M] () -- \Windows\assembly\GAC_32\ILoader\2.0.5201.0__31bf3856ad364e35\ILoader.dll
[2010/09/03 09:43:56 | 000,047,976 | ---- | M] () -- \Windows\assembly\GAC_32\Loader\2.0.5201.0__31bf3856ad364e35\Loader.dll
[2012/05/11 03:24:22 | 000,021,504 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\ILoader\658b954dac816051e753159c77fd903d\ILoader.ni.dll
[2010/03/24 21:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 21:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 21:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 21:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/10/07 04:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010/10/07 04:36:40 | 000,265,552 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 08:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 09:44:39 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 09:44:39 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009/07/14 09:44:39 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009/07/14 09:44:39 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009/07/14 09:44:39 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2011/04/13 21:31:27 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/04/13 21:31:27 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011/04/13 21:31:27 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011/04/13 21:31:27 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011/04/13 21:31:27 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009/07/14 09:43:41 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011/02/05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011/02/05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010/11/20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

OTL Extras logfile created on: 15. 9. 2012 19:30:55 - Run 1
OTL by OldTimer - Version 3.2.61.4 Folder = C:\Users\USER\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

5,96 Gb Total Physical Memory | 3,89 Gb Available Physical Memory | 65,16% Memory free
11,93 Gb Paging File | 9,72 Gb Available in Paging File | 81,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 234,28 Gb Total Space | 19,38 Gb Free Space | 8,27% Space Free | Partition Type: NTFS
Drive D: | 697,14 Gb Total Space | 79,54 Gb Free Space | 11,41% Space Free | Partition Type: NTFS

Computer Name: CHAMBO | User Name: Chambo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C0F943-6747-4302-BE50-36CB68CE220F}" = lport=139 | protocol=6 | dir=in | app=system |
"{061C5D8C-107E-48C6-B60C-0FDF921AB137}" = lport=2869 | protocol=6 | dir=in | app=system |
"{45F937F4-2693-446D-9772-923DBF5EC012}" = rport=10243 | protocol=6 | dir=out | app=system |
"{47B80798-139A-4943-A251-3965CA2BFC18}" = rport=138 | protocol=17 | dir=out | app=system |
"{52F4A070-57AE-49D0-BDB1-20064C022FA0}" = lport=138 | protocol=17 | dir=in | app=system |
"{5356FBAD-38BE-40B9-8AF6-E6024DC353ED}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{558D2816-60F5-450E-9AA5-9F79DAADB63A}" = lport=137 | protocol=17 | dir=in | app=system |
"{55E54A97-9F08-4DA4-BFE2-022DB2B48C01}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{6DB6BDD6-679E-4A34-B687-46F967049F46}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{700796FD-E64B-4F1F-ABFD-049EDE3C2EAD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{74B7F445-20D3-4A74-9A0B-10B6F4414C85}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{82F12866-2A5B-4968-9F51-D3D300EB861F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{8A09CC43-2216-4F2E-A9EB-7A94022E8CC4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{91140E51-4042-4EDC-8289-AC2F2AFBDD9D}" = lport=445 | protocol=6 | dir=in | app=system |
"{B281C954-8C0A-4716-8D07-5DD206754802}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B9B098CE-EFDE-451E-B8E0-4958F24B3157}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C26A3B9C-20CD-4169-85CA-78C626A9B800}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C7E01D8C-F1DA-494B-9B83-1FAB5A7ACBD8}" = rport=445 | protocol=6 | dir=out | app=system |
"{CAA8F59C-AB82-4F82-B7A1-16AEBE7949FB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CCA93491-00C6-419E-89DE-F109BC166AD5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E0C48A4A-94CF-4723-84F0-78F59B82C75B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E73CC055-B702-447B-8A9F-9085EF94F5AE}" = rport=137 | protocol=17 | dir=out | app=system |
"{ECC303FA-7AA2-455C-967C-F2B4B37B5D6C}" = rport=139 | protocol=6 | dir=out | app=system |
"{F2BFF3F0-A0F5-4684-BC3C-BF74A9431932}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F8502D83-FF9A-47FE-A06C-650A15E3ACBE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F9CF353D-8581-4FBC-BE6F-9E229BB67DF8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05C392A3-8CE3-45E5-888C-03235727DE7A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{071C4532-71EB-4017-803A-CF28C22C26B6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{08866A11-E595-4D9F-9988-922BB8110E12}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\http_ss_win_pro.exe |
"{0D33EABC-DF02-4798-BCEC-1A609F0051EC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0FB1307D-84F7-445C-81F3-1A1915A5CEDA}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{152611C1-A55F-414B-A161-3034396D2D02}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{16310501-3F9F-4594-9F6D-234E0CB9C719}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{188E92FF-BEF2-4708-AED8-8A74EE41AA3B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{1C8A4077-34AA-4621-AAD7-88102C20A4C4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{206C457C-FE65-4E3F-B320-DA99C9DCC5C8}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\http_ss_win_pro.exe |
"{22914507-A10A-435D-8675-82F39407502A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2394572E-BC87-4E4E-9B5B-7BD258E1E2E1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{31A9CC2A-600E-4F99-B5F1-23870EC4E1CB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{340E7F37-5EDD-4848-95C4-D70C181E306C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{34405DDF-FB01-42F3-88BF-B2D3EF286C0C}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshare.exe |
"{372B8494-6CD1-4853-8399-ACBCC5F1BEA5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{393D9529-DD7D-44B3-BA40-7506F4BDC688}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{3E795C51-4705-4767-92D4-6DBBF43F22AE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{3F071262-0528-47A7-B021-C5275BEA909A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{3F46676E-B6DE-4A9C-8A14-044FD9013DFB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3F598B3E-1A1D-471F-91F8-4E7F8FD7A871}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\http_ss_win_pro.exe |
"{3F5C9303-84FF-4B14-8669-37739454A5EB}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\wiselinkpro.exe |
"{4063D90D-53E3-41BC-BA36-417A1D3639FE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{41CA4A71-28ED-4880-8BB3-826F328367BB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{43162D39-89E0-4118-8670-B990159AF39F}" = protocol=17 | dir=in | app=c:\users\user\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{4D91B42A-0023-43AD-BACA-457771EB9C1E}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\wiselinkpro.exe |
"{56D1219B-B8E8-4A27-8E4F-31FE1E0A5A7C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{58FFE945-2D1F-4A36-A381-0C6DDE2D44E5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{5ECF1018-0C53-43F7-95B1-80D6E4C1961E}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"{5F850E38-56AC-4F80-8F73-098865A2CF19}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{6211D787-F8E6-4F29-A766-1B644B19AA7C}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\http_ss_win_pro.exe |
"{62F587D5-877B-4572-BC58-8851DE2FC610}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\fifa 13 demo\game\fifa13_demo.exe |
"{63A66590-ED67-4640-89DD-9D7F700864C3}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{659A91AF-0208-405A-A86E-496A41D7A916}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6650B4C9-96FA-4002-99F3-634DB0E6DBC0}" = protocol=17 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"{6ED0616D-F3BD-4269-B1A1-42B7EBE00381}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{73283D76-EBDB-47A5-BB6D-CDB24CF4BD1E}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{74564DF0-F874-44CA-A28B-F178E80E146F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{765047F2-2479-4197-AE9B-593CE3BAE635}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{76710B6C-4FFB-4047-8019-9EB89CACA387}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{769D8370-468F-4A38-9CC6-11D131B65090}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{76B3752F-5A85-4B69-8654-C73F0A5AAA57}" = dir=in | app=c:\users\user\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{798333C6-0EAC-4AA3-8B0A-7CE9DDFFD9F8}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{7C3336DB-CBC5-4C2F-919A-387B9B5AAF89}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\fifa 13 demo\game\fifa13_demo.exe |
"{7C877E70-6ED9-4FD3-A986-19F99D79C738}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareslideshowservice.exe |
"{7D5A5369-44BE-4F11-8108-C77434378C84}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{80C4D7FC-B259-48F1-8AB9-59E14CCFBD37}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{812B9CE1-9892-44F0-B1F4-DCEDF7ED0302}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{854AA5E7-8B0F-4A53-BB8B-9389C08FBF1C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{880EE4CE-01B8-4BE2-AF08-56A7694A3E98}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{8B179FCB-7783-47FB-A6B8-09ECB4848937}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8E12992F-F882-4EFE-8106-11906655F602}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{90570235-A35B-427C-94B2-27D91364D2E4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{948BFA39-4704-4434-BBCF-21483FB1BBBB}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{98C3EAF4-0064-472E-9B99-C0AF2CBDF1AF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{992497A4-16C9-465A-9DE1-6BBE45058E78}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\http_ss_win_pro.exe |
"{9A273DF2-9954-4E23-A81C-76437EC9A6CE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{9D8E2B4F-9B8F-4C97-AAE4-B7547898EC17}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{A08366E7-3DB9-40E6-8859-5A5F7B007799}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A1F6C451-811B-441A-A543-31339D4A66D9}" = protocol=17 | dir=in | app=c:\users\user\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{AC1565CA-EB62-4A04-A63D-C02AFB241E6E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{AEEAA069-8820-4274-BB67-FD1B50A352CF}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\wiselinkpro.exe |
"{B005BFE8-61C1-4D16-B572-F8DDF44A34E1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B0981191-596C-4775-8994-B0AD3746F9D9}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B65A2AA2-7BB7-4779-87B1-CB34E16115E3}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"{B6FFAC19-51D3-4FB0-9549-6B639A3B8ACD}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{B7ABF2FD-5F50-4154-869F-B5675D650D2E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{B9514FAD-1571-483A-A931-BAF1F89E6FFE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BA5E5067-93B0-4970-BA26-61B86B3CB816}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BEDCACCF-0D9A-478F-9C7F-6EF6B092B935}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BF9D7AE6-2A68-44A9-846A-83AF15903755}" = protocol=6 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"{C0D9EAC1-4B3C-473B-8A27-98A2F5038E15}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C4378B39-849F-4F22-BD30-D1FCD2C7ADD2}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{C6020E6F-192A-493F-B704-9612F855D802}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C973AC01-5931-48EA-B596-06CB365BAF42}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\wiselinkpro.exe |
"{C98F866E-997D-4434-B190-AF54D13FCAE5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{CBFE7B19-BABB-4C7D-BEDF-E07CC166C56B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{CC54441B-32A5-4D17-9CC6-61AC9928B6A1}" = protocol=6 | dir=in | app=c:\users\user\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{CE2CAB72-58FF-42D6-8FC6-C7373A27BED7}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{CF993285-5E97-455E-B923-E5C03A3FEF02}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D10FCEEE-927A-45DB-8324-1F94E7C1D8FE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D29CC7BA-5213-4ED1-ABD7-1F79AD0BBF2E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D3CECCCA-D256-438D-B7B2-F99C0136520A}" = protocol=6 | dir=in | app=c:\users\user\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{D500D9AC-1FFB-46A2-8779-C1180AF4E839}" = protocol=6 | dir=out | app=system |
"{D739CE15-54CB-42CD-BD9A-BA6EF43EF341}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{DC2312B7-5616-4A89-BFCA-87425824A0B2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{DE4EF8B6-5131-474D-8092-166F1AB8A197}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{E0038882-49E5-414C-A5F5-730C4B477E6E}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{E0EA25A7-718A-453D-B7BC-A8FABC6AFEE7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E3D4666A-A60A-4097-9096-383CBF878919}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{E604C446-69FB-439B-A6E3-E91EED1CD64E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E77B7911-1DA0-44D0-8B11-A54A22487FE4}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareagent.exe |
"{EA3E0A90-30ED-40F4-9D01-7D2B63A369C8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EB32FD75-E35F-47F1-832E-1F279652238A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EBFA384F-47C3-4279-A8F1-478112F69D44}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{EDA7E0E9-26DC-4361-8B7A-CB0519A5361D}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{EDDF5E2F-9496-4051-9031-D224308CB352}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\wiselinkpro.exe |
"{EFA2F9A5-E12D-49E6-AF34-7307547FB092}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{F0B70DD9-12CB-45EC-B4CD-91ADACC81728}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{F3CB5349-D4C9-4CC9-898E-CEC9B1112C1A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FB5F0EF4-2B8D-44F6-83E2-180AC83581AA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FD15ED16-0B0B-4BD4-8569-DB93F71AB9CD}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{FE942F24-A996-4EE1-B36F-D6DD394C3B91}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit)
"{3135CE0D-06E9-40B6-98EE-8FFFB9B8A924}" = System Requirements Lab CYRI (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1" = GamePark klient 2.0.9.0
"{5306F716-92A6-4311-9059-61AF6E744CC5}" = ESET Smart Security
"{64A3A4F4-B792-11D6-A78A-00B0D0170000}" = Java(TM) SE Development Kit 7 (64-bit)
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovládač 3D Vision 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision radič ovládača 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Softvér systému s podporou technológie PhysX 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizácie NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovládač zvuku HD 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"D978F69D5F15B845BD6BC6F8BF9BCD36982A2087" = Windows Driver Package - Nokia Modem (02/24/2009 4.0)
"E7F682214B951640C9C539C41FDA1A7F836FF7B6" = Windows Driver Package - Nokia Modem (02/23/2009 7.01.0.2)
"EPSON Printer and Utilities" = Softvér tlačiarne EPSON
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Logitech WebCam Driver" = Logitech WebCam Driver
"MediaInfo" = MediaInfo 0.7.43
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Recuva" = Recuva
"Speccy" = Speccy
"Windows Movie Maker" = Windows Movie Maker
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07D77970-B205-460C-84E4-263F30455597}" = Nokia Ovi Suite
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C432DEB-FBF2-A5E0-FDB7-4B39F7FAF0D4}" = Adobe Community Help
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{216E21F4-0489-4311-92D6-20D1FB950FCE}" = Sci-Fi Voice Pack
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 35
"{28A946E1-E83B-4662-BC7C-23451851489E}" = Razer Copperhead
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Cinfigurer
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0301.1
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F499657-766A-4A5F-AEE9-A1F8D295A4CE}" = FIFA 13 Demo
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000B8302}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Zem
"{5B363E1D-8C36-4458-BAE4-D5081999E094}" = Browser Configuration Utility
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5F2C7928-68CC-4886-8919-BCEAE3AF75FE}" = Windows Internet Explorer Platform Preview
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{655B9514-3963-490B-9EE1-431E80444889}" = Razer Tarantula
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}" = Nokia PC Suite
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7fdab897-38ab-4a51-b2bf-e6374b1cc04f}" = Business Contact Manager for Outlook 2007 SP2
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90140000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0015-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0016-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0018-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-0019-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001A-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001B-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-040E-0000-0000000FF1CE}_Office14.PROPLUSR_{71431694-851E-4BC7-92A9-4BB9D196E24F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{6AD0855C-A3FC-4B71-907A-D4372C6F75DB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-002C-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{93F2D01D-F7E6-46E5-9A7C-316262461F9F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-0044-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-006E-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{56405E5D-9583-4644-B183-AFB3E19D80B3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00A1-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{90140000-00BA-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90A4041B-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{96334581-5554-3E5F-8BC9-924C3C3AC5BE}" = Google Talk Plugin
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Súčasti Microsoft Office Small Business Connectivity
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1051-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Slovak
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{BAC8C2FD-1FF8-4615-B827-9042248121CB}" = Mobile Mouse Server
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{CBD6B23A-B54F-476A-9527-C262F469CACF}" = Razer Abyssus
"{CE67883D-6A00-4E71-9139-3310EE07C521}" = Facebook Messenger 2.1.4623.0
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6D5CFB3-7095-4073-B6B7-B7E909838C57}" = Razer Copperhead
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DBECFA83-42DC-4585-A970-A764AB01A956}" = Call Of Duty(R) 2
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DE9A39C2-533A-4AE1-B6B3-EC67814A967E}" = Male Voice Pack
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E4DA04B6-3EC4-4DFD-A14E-44959EF36D5B}" = Feed Viewer for Windows SideShow
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEA080A7-4331-4593-A071-D0862A8178B9}" = ASUS nVidia Driver
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.5
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"abgx360" = abgx360 v1.0.6
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"aignesamdeadlink_is1" = AM-DeadLink 4.4
"Any Video Converter_is1" = Any Video Converter 3.2.3
"AppInventor Setup" = AppInventor Setup
"Applian FLV Player2.0.24" = Applian FLV Player
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"FIFA 12 (c) EA_is1" = FIFA 12 (c) EA version 1
"FileZilla Client" = FileZilla Client 3.5.3
"Fraps" = Fraps (remove only)
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.31
"GameParkClient_is1" = GamePark
"GOM Player" = GOM Player
"Hattrick Organizer" = Hattrick Organizer (remove only)
"HyperCam 2" = HyperCam 2
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"ImgBurn" = ImgBurn
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"IrfanView" = IrfanView (remove only)
"JAFSetup" = JAF Setup
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verzia 1.65.0.1400
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Minecraft Cracked" = Minecraft Cracked
"Mozilla Firefox 12.0 (x86 sk)" = Mozilla Firefox 12.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Opera 12.02.1578" = Opera 12.02
"Origin" = Origin
"Picasa 3" = Picasa 3
"Plus500" = Plus500
"Poker 770" = Poker 770
"PokerStars" = PokerStars
"PSPad editor_is1" = PSPad editor
"PunkBusterSvc" = PunkBuster Services
"SaveSnap" = SaveSnap
"SopCast" = SopCast 3.4.0
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"StreamTorrent 1.0" = StreamTorrent 1.0
"TeamViewer 7" = TeamViewer 7
"TreeSize Free_is1" = TreeSize Free V2.5
"Uninstall_is1" = Uninstall 1.0.0.0
"VistaSwitcher" = VistaSwitcher
"VLC media player" = VLC media player 2.0.2
"WhatPulse" = WhatPulse 1.7.1
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"XdN Tweaker" = XdN Tweaker 0.9.2.6
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Android Screencast" = Android Screencast
"Coach770" = Coach770
"Dropbox" = Dropbox
"FIFA 12 FAST START V.1.0 BY DOCTOR+ PRODUCTIONS" = FIFA 12 FAST START V.1.0 BY DOCTOR+ PRODUCTIONS
"Google Chrome" = Google Chrome
"Magnets and Electromagnets" = Magnets and Electromagnets
"QIP 2012" = QIP 2012 4.0.7102
"Stay Secure" = Stay Secure
"SwiftKit" = SwiftKit

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10. 9. 2012 7:22:55 | Computer Name = Chambo | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: WhatPulse.exe, verzia: 1.7.0.0, časová značka:
0x4ec26572 Názov chybového modulu: WhatPulse.exe, verzia: 1.7.0.0, časová značka:
0x4ec26572 Kód výnimky: 0x40000015 Odstup chyby: 0x00140f77 Identifikácia chybného
procesu: 0xe8c Čas spustenia chybnej aplikácie: 0x01cd8f469df895f6 Cesta chybnej
aplikácie: C:\Program Files (x86)\WhatPulse\WhatPulse.exe Cesta chybného modulu:
C:\Program Files (x86)\WhatPulse\WhatPulse.exe Identifikácia hlásenia: dd4d1447-fb39-11e1-804a-1c6f652249e7

Error - 12. 9. 2012 16:43:36 | Computer Name = Chambo | Source = Service1 | ID = 0
Description = Service cannot be started. System.IndexOutOfRangeException: Index
was outside the bounds of the array. at AllShareSlideShowService.SlideShowService.OnStart(String[]
args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error - 12. 9. 2012 16:43:59 | Computer Name = Chambo | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: WhatPulse.exe, verzia: 1.7.0.0, časová značka:
0x4ec26572 Názov chybového modulu: WhatPulse.exe, verzia: 1.7.0.0, časová značka:
0x4ec26572 Kód výnimky: 0x40000015 Odstup chyby: 0x00140f77 Identifikácia chybného
procesu: 0xf90 Čas spustenia chybnej aplikácie: 0x01cd912755604620 Cesta chybnej
aplikácie: C:\Program Files (x86)\WhatPulse\WhatPulse.exe Cesta chybného modulu:
C:\Program Files (x86)\WhatPulse\WhatPulse.exe Identifikácia hlásenia: 9396258d-fd1a-11e1-828d-1c6f652249e7

Error - 12. 9. 2012 16:49:30 | Computer Name = Chambo | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 12. 9. 2012 16:49:31 | Computer Name = Chambo | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 15. 9. 2012 6:04:10 | Computer Name = Chambo | Source = Windows Installer 3.1 | ID = 921877
Description =

Error - 15. 9. 2012 13:20:52 | Computer Name = Chambo | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: WhatPulse.exe, verzia: 1.7.0.0, časová značka:
0x4ec26572 Názov chybového modulu: WhatPulse.exe, verzia: 1.7.0.0, časová značka:
0x4ec26572 Kód výnimky: 0x40000015 Odstup chyby: 0x00140f77 Identifikácia chybného
procesu: 0xa24 Čas spustenia chybnej aplikácie: 0x01cd93666b929720 Cesta chybnej
aplikácie: C:\Program Files (x86)\WhatPulse\WhatPulse.exe Cesta chybného modulu:
C:\Program Files (x86)\WhatPulse\WhatPulse.exe Identifikácia hlásenia: b2e8c50f-ff59-11e1-a859-1c6f652249e7

Error - 15. 9. 2012 13:20:57 | Computer Name = Chambo | Source = Service1 | ID = 0
Description = Service cannot be started. System.IndexOutOfRangeException: Index
was outside the bounds of the array. at AllShareSlideShowService.SlideShowService.OnStart(String[]
args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error - 15. 9. 2012 13:26:58 | Computer Name = Chambo | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 15. 9. 2012 13:26:58 | Computer Name = Chambo | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

[ System Events ]
Error - 12. 9. 2012 15:49:03 | Computer Name = Chambo | Source = Service Control Manager | ID = 7031
Description = Služba Windows Management Instrumentation sa neočakávane ukončila.
Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca
opravná akcia: Reštartovať službu.

Error - 12. 9. 2012 15:49:03 | Computer Name = Chambo | Source = Service Control Manager | ID = 7031
Description = Služba Windows Update sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať
službu.

Error - 12. 9. 2012 15:50:03 | Computer Name = Chambo | Source = Service Control Manager | ID = 7032
Description = Správca riadenia služieb sa po neočakávanom ukončení služby Server
pokúsil vykonať opravnú akciu (Reštartovať službu), ale táto činnosť zlyhala s
nasledujúcou chybou: %%1056

Error - 12. 9. 2012 15:50:07 | Computer Name = Chambo | Source = Microsoft-Windows-TaskScheduler | ID = 413
Description = Službe Plánovač úloh sa nepodarilo načítať úlohy pri spúšťaní služby.
Ďalšie údaje: Hodnota chyby: 2147549183.

Error - 12. 9. 2012 15:51:03 | Computer Name = Chambo | Source = Service Control Manager | ID = 7032
Description = Správca riadenia služieb sa po neočakávanom ukončení služby Computer
Browser pokúsil vykonať opravnú akciu (Reštartovať službu), ale táto činnosť zlyhala
s nasledujúcou chybou: %%1056

Error - 12. 9. 2012 15:51:03 | Computer Name = Chambo | Source = Service Control Manager | ID = 7032
Description = Správca riadenia služieb sa po neočakávanom ukončení služby IKE and
AuthIP IPsec Keying Modules pokúsil vykonať opravnú akciu (Reštartovať službu),
ale táto činnosť zlyhala s nasledujúcou chybou: %%1056

Error - 12. 9. 2012 15:51:03 | Computer Name = Chambo | Source = Service Control Manager | ID = 7032
Description = Správca riadenia služieb sa po neočakávanom ukončení služby Windows
Management Instrumentation pokúsil vykonať opravnú akciu (Reštartovať službu),
ale táto činnosť zlyhala s nasledujúcou chybou: %%1056

Error - 12. 9. 2012 16:43:11 | Computer Name = Chambo | Source = Microsoft-Windows-TaskScheduler | ID = 413
Description = Službe Plánovač úloh sa nepodarilo načítať úlohy pri spúšťaní služby.
Ďalšie údaje: Hodnota chyby: 2147549183.

Error - 15. 9. 2012 12:10:12 | Computer Name = Chambo | Source = bowser | ID = 8003
Description =

Error - 15. 9. 2012 13:20:18 | Computer Name = Chambo | Source = Microsoft-Windows-TaskScheduler | ID = 413
Description = Službe Plánovač úloh sa nepodarilo načítať úlohy pri spúšťaní služby.
Ďalšie údaje: Hodnota chyby: 2147549183.

< End of report >

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {95289393-33EA-4F8D-B952-483415B9C955}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
- HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D6 05 F8 57 8F 51 CB 01 [binary data]
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\USER\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\SearchScopes\{5793B2E4-B8F9-457d-9C23-2EB1C7526F3D}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=STDVM
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\SearchScopes\{935817FB-E05C-4fe6-BDF1-BA34C8C94052}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLBR2&pc=SPLH
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-3703004486-2740870591-47259584-1000\..\SearchScopes\{F0FAB549-B181-43ef-8777-795448291944}: "URL" = http://www.google.com/cse?cx=partner-pu ... e=UTF-8&q={searchTerms}&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4067623346
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
FF - prefs.js..network.proxy.type: 2
[2011/07/24 16:21:34 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
CHR - homepage: http://qip.ru/
CHR - homepage: http://qip.ru/
CHR - plugin: Qip Authorizer Web Plugin (Enabled) = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdefnbcpjeflgggkipfemfckjicceiii\1.0_0\npqipauth.dll
CHR - Extension: QIP Authorizer = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdefnbcpjeflgggkipfemfckjicceiii\1.0_0\
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\USER\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{b143697a-fb39-11e1-804a-1c6f652249e7}\Shell - "" = AutoRun
O33 - MountPoints2\{d92d0f42-ce04-11df-88c2-1c6f652249e7}\Shell - "" = AutoRun
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3d4cee726037d4498d7166a5dfab7d73\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3d4cee726037d4498d7166a5dfab7d73\*.tmp -> ]
[2012/09/15 19:20:20 | 000,000,202 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2012/09/03 13:23:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3703004486-2740870591-47259584-1000Core.job
[2012/09/03 16:23:00 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3703004486-2740870591-47259584-1000UA.job
[2012/09/15 19:20:27 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/08/16 03:00:29 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/07/12 00:08:00 | 000,000,894 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3703004486-2740870591-47259584-1000Core.job
[2012/07/12 03:08:00 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3703004486-2740870591-47259584-1000UA.job

:services
gupdate
gupdatem

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=-
"AdobeBridge"=-
""=-
"Infium"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Coach770]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^USER^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^USER^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FIFA 11 Registration.lnk]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCU"=-
"SwitchBoard"=-
""=-
"AdobeCS5ServiceManager"=-
"Adobe ARM"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"=-
"InnoSetupRegFile.0000000001"=-

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

hotovo

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKU\S-1-5-21-3703004486-2740870591-47259584-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3703004486-2740870591-47259584-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3703004486-2740870591-47259584-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
C:\Users\USER\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-3703004486-2740870591-47259584-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}\ deleted successfully.
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll moved successfully.
HKEY_USERS\S-1-5-21-3703004486-2740870591-47259584-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3703004486-2740870591-47259584-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3703004486-2740870591-47259584-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5793B2E4-B8F9-457d-9C23-2EB1C7526F3D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5793B2E4-B8F9-457d-9C23-2EB1C7526F3D}\ not found.
Registry key HKEY_USERS\S-1-5-21-3703004486-2740870591-47259584-1000\Software\Microsoft\Internet Explorer\SearchScopes\{935817FB-E05C-4fe6-BDF1-BA34C8C94052}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{935817FB-E05C-4fe6-BDF1-BA34C8C94052}\ not found.
Registry key HKEY_USERS\S-1-5-21-3703004486-2740870591-47259584-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry key HKEY_USERS\S-1-5-21-3703004486-2740870591-47259584-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_USERS\S-1-5-21-3703004486-2740870591-47259584-1000\Software\Microsoft\Internet Explorer\SearchScopes\{F0FAB549-B181-43ef-8777-795448291944}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0FAB549-B181-43ef-8777-795448291944}\ not found.
Prefs.js: "QIP Search" removed from browser.search.defaultenginename
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "http://search.qip.ru/search?from=FF&query=" removed from keyword.URL
Prefs.js: 2 removed from network.proxy.type
C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults\preferences folder moved successfully.
C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults folder moved successfully.
C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components folder moved successfully.
C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\skin folder moved successfully.
C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale\en-US folder moved successfully.
C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale folder moved successfully.
C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\content folder moved successfully.
C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome folder moved successfully.
C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\0aq5f070.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89} folder moved successfully.
Use Chrome's Settings page to change the HomePage.
Use Chrome's Settings page to change the HomePage.
C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdefnbcpjeflgggkipfemfckjicceiii\1.0_0\npqipauth.dll moved successfully.
C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdefnbcpjeflgggkipfemfckjicceiii\1.0_0 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
File C:\Users\USER\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap11\ deleted successfully.
File Protocol\Handler\mso-offdap11 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b143697a-fb39-11e1-804a-1c6f652249e7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b143697a-fb39-11e1-804a-1c6f652249e7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d92d0f42-ce04-11df-88c2-1c6f652249e7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d92d0f42-ce04-11df-88c2-1c6f652249e7}\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7521.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEA7D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6F85.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBA0B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBDA3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEC03.tmp folder deleted successfully.
C:\Windows\Installer\MSIE228.tmp deleted successfully.
C:\Windows\Installer\MSIF17D.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\3d4cee726037d4498d7166a5dfab7d73\BIT8346.tmp deleted successfully.
C:\Windows\Tasks\AutoKMS.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3703004486-2740870591-47259584-1000Core.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3703004486-2740870591-47259584-1000UA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3703004486-2740870591-47259584-1000Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3703004486-2740870591-47259584-1000UA.job moved successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Infium deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Coach770\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^USER^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FIFA 11 Registration.lnk\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\BCU deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce\\Malwarebytes Anti-Malware not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce\\InnoSetupRegFile.0000000001 not found.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Chambo

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56478 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56478 bytes

User: USER
->Temp folder emptied: 18860254 bytes
->Temporary Internet Files folder emptied: 18844041 bytes
->Java cache emptied: 585169573 bytes
->FireFox cache emptied: 86013989 bytes
->Google Chrome cache emptied: 291209668 bytes
->Opera cache emptied: 326591937 bytes
->Flash cache emptied: 147916 bytes

%systemdrive% .tmp files removed: 4030 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 29851642 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50453 bytes
RecycleBin emptied: 490993531 bytes

Total Files Cleaned = 1 762,00 mb

[EMPTYFLASH]

User: All Users

User: Chambo

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Flash cache emptied: 0 bytes

User: USER
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Chambo

User: Default

User: Default User

User: Public

User: UpdatusUser

User: USER
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.61.4 log created on 09172012_005414

Files\Folders moved on Reboot...
C:\Users\USER\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

OTL udelalo co melo, jak se chova PC

pc ide v pohode, este rozmyslam ci ho neprebehnem mbam-om.?

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222

Provedte aktualizaci
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

tu je log, prvy subor nepoznam, hypercam uz dlho nemam, druhy subor poznam, ten bol iba na preskocenie vsetkych intier pri hre, ale uz ju nehravam, tak moze ist prec

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Verzia databázy: v2012.09.18.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Chambo :: CHAMBO [administrátor]

18. 9. 2012 20:36:41
mbam-log-2012-09-18 (22-20-08).txt

Typ kontroly: Úplná kontrola (C:\|D:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 583881
Uplynutý čas: 1 hod, 7 min, 24 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 2
C:\Users\USER\AppData\Roaming\Thinstall\HyperCam 2 Upload3r\400000de00002i\HyCam2.exe (Rootkit.Dropper) -> Žiadna úloha nevykonaná.
C:\Users\USER\fifa\FIFA 12 FAST START 1.0 by Doctor+ Pub\FIFA 12 FAST START 1.0 by Doctor+ Pub\FIFA 12 FAST START V.1.0 BY DOCTOR+.exe (Adware.Onlinegames) -> Žiadna úloha nevykonaná.

(koniec)

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

C:\Users\USER\AppData\Roaming\Thinstall\HyperCam 2 Upload3r\400000de00002i\HyCam2.exe
Kliknete na Choose file
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Scan It
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

https://www.virustotal.com/file/5211f9e ... 348072893/

Oba nalezy tedy smazte, po nich se objevi log, ten rad uvidim

VIRY.CZ

prosba o kontrolu po dlhsej dobe :)

prosba o kontrolu po dlhsej dobe :)

Re: prosba o kontrolu po dlhsej dobe :)

Re: prosba o kontrolu po dlhsej dobe :)

Re: prosba o kontrolu po dlhsej dobe :)

Re: prosba o kontrolu po dlhsej dobe :)

Re: prosba o kontrolu po dlhsej dobe :)

Re: prosba o kontrolu po dlhsej dobe :)

Re: prosba o kontrolu po dlhsej dobe :)

Re: prosba o kontrolu po dlhsej dobe :)

Re: prosba o kontrolu po dlhsej dobe :)

Re: prosba o kontrolu po dlhsej dobe :)

Re: prosba o kontrolu po dlhsej dobe :)

Re: prosba o kontrolu po dlhsej dobe :)

Re: prosba o kontrolu po dlhsej dobe :)

Re: prosba o kontrolu po dlhsej dobe :)