VIRY.CZ

Pěkný nový rok přeji, plný pohody, klidu a radosti...a hned prvního musím poprosit o kontrolu logu...mám pomalý PC, vyskakující okno v google chrome...a přes adaware jsem našel nějakou havěť...tak prosím o kontrolu a předem děkuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Nikos at 2013-01-01 09:14:03
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 13 GB (16%) free of 82 GB
Total RAM: 2046 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:14:13, on 1.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\PROGRA~1\AD-AWA~1\AdAware.exe
C:\Users\Nikos\Desktop\Antivíry\RSIT.exe
C:\Program Files\trend micro\Nikos.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.soft-quick.info/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.soft-quick.info/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Nikos\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: continuetosave - {B6CD0FE8-3D38-3FC9-2EAC-719A63666601} - C:\ProgramData\continuetosave\50db362d8ce63.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\contin~1\sprote~1.dll c:\progra~1\softqu~1\sprote~1.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

--
End of file - 8103 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://websearch.soft-quick.info/"
prefs.js - "extensions.enabledItems" - "firegestures@xuldev.org:1.6.5, wrc@avast.com:7.0.1466, support@mask-myip.com:1.0, {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31, {687578b9-7132-4a7a-80e4-30ee31099e03}:3.12.0.8, {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.2.1, {87934c42-161d-45bc-8cef-ef18abe2a30c}:2.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - "http://websearch.soft-quick.info/?l=1&q="

"Cetrumcz@igeared"=C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
"50db362d8cc9e@50db362d8ccd7.com"=C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\50db362d8cc9e@50db362d8ccd7.com

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.135 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
np32dsw.dll
npnul32.dll
NPOFF12.DLL
nppdf32.dll
ShockwavePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
adawaretb.xml
Cetrumcz_igeared.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\
50db362d8cc9e@50db362d8ccd7.com
firegestures@xuldev.org
jid1-yZwVFzbsyfMrqQ@jetpack
support@mask-myip.com
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{687578b9-7132-4a7a-80e4-30ee31099e03}
{87934c42-161d-45bc-8cef-ef18abe2a30c}

C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\searchplugins\
askcom.xml
conduit.xml
daemon-search.xml
qip-search.xml
WebSearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-04 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Nikos\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2011-10-12 142288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6CD0FE8-3D38-3FC9-2EAC-719A63666601}]
continuetosave - C:\ProgramData\continuetosave\50db362d8ce63.dll [2012-12-26 118272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-04 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-10-30 4297136]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
"Ad-Aware Antivirus"=C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher --windows-run []
"Ad-Aware Browsing Protection"=C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [2011-10-21 198032]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2012-12-09 969104]
"Spybot-S&D Cleaning"=C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [2012-11-13 3713032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe [2007-06-29 1373480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\contin~1\sprote~1.dll c:\progra~1\softqu~1\sprote~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SBAMSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.l3fhg"=mp3fhg.acm
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -

======List of files/folders created in the last 3 months======

2013-01-01 09:07:57 ----D---- C:\rsit
2012-12-31 15:00:23 ----A---- C:\Windows\system32\SBRC.dat
2012-12-31 10:09:33 ----D---- C:\ProgramData\Ad-Aware Browsing Protection
2012-12-31 10:09:20 ----A---- C:\Windows\system32\drivers\sbhips.sys
2012-12-31 10:09:15 ----D---- C:\Windows\system32\drivers\VDD
2012-12-31 10:08:00 ----A---- C:\Windows\system32\sdnclean.exe
2012-12-31 10:07:46 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2012-12-27 12:07:50 ----D---- C:\Windows\FltMgr
2012-12-27 12:07:47 ----D---- C:\Program Files\PogiSys
2012-12-26 18:20:36 ----D---- C:\ProgramData\WoW Worldwide Software LTD
2012-12-26 18:20:36 ----D---- C:\Program Files\SoftQuick
2012-12-26 18:20:17 ----D---- C:\Program Files\ContinueToSave
2012-12-26 18:20:11 ----D---- C:\ProgramData\continuetosave
2012-12-26 18:19:49 ----D---- C:\ProgramData\InstallMate
2012-12-23 11:45:24 ----A---- C:\Windows\system32\drivers\PnkBstrK.sys
2012-12-23 11:45:23 ----A---- C:\Users\Nikos\AppData\Roaming\PnkBstrK.sys
2012-12-23 11:44:47 ----A---- C:\Windows\system32\PnkBstrB.exe
2012-12-23 11:44:33 ----A---- C:\Windows\system32\PnkBstrA.exe
2012-12-23 11:30:59 ----D---- C:\Program Files\EA Games
2012-12-21 20:35:10 ----A---- C:\Windows\system32\atmfd.dll
2012-12-21 20:35:09 ----A---- C:\Windows\system32\atmlib.dll
2012-12-21 08:44:30 ----A---- C:\Windows\system32\drivers\USBDrv.sys
2012-12-12 21:23:39 ----A---- C:\Windows\system32\vbscript.dll
2012-12-12 21:23:39 ----A---- C:\Windows\system32\mshtmled.dll
2012-12-12 21:23:38 ----A---- C:\Windows\system32\jsproxy.dll
2012-12-12 21:23:38 ----A---- C:\Windows\system32\ieui.dll
2012-12-12 21:23:37 ----A---- C:\Windows\system32\msfeeds.dll
2012-12-12 21:23:37 ----A---- C:\Windows\system32\ieUnatt.exe
2012-12-12 21:23:36 ----A---- C:\Windows\system32\wininet.dll
2012-12-12 21:23:36 ----A---- C:\Windows\system32\jscript.dll
2012-12-12 21:23:35 ----A---- C:\Windows\system32\url.dll
2012-12-12 21:23:35 ----A---- C:\Windows\system32\jscript9.dll
2012-12-12 21:23:34 ----A---- C:\Windows\system32\iertutil.dll
2012-12-12 21:23:33 ----A---- C:\Windows\system32\urlmon.dll
2012-12-12 21:23:32 ----A---- C:\Windows\system32\ieframe.dll
2012-12-12 21:23:29 ----A---- C:\Windows\system32\mshtml.dll
2012-12-12 10:47:20 ----A---- C:\Windows\system32\win32k.sys
2012-12-12 10:47:00 ----A---- C:\Windows\system32\KernelBase.dll
2012-12-12 10:46:58 ----A---- C:\Windows\system32\kernel32.dll
2012-12-12 10:46:57 ----A---- C:\Windows\system32\winsrv.dll
2012-12-12 10:46:57 ----A---- C:\Windows\system32\conhost.exe
2012-12-12 10:46:51 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-12 10:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-12-12 10:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-12-12 10:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-12 10:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-12-12 10:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-12 10:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-12 10:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-12 10:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-12-12 10:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-12-12 10:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-12-12 10:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-12 10:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-12 10:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-12-12 10:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-12 10:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-12-12 10:46:48 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-12-12 10:46:48 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-12 10:46:48 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-12-12 10:46:48 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-12-12 10:46:48 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-12-12 10:46:46 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-12-12 10:46:46 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-12-12 10:46:46 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-12-12 10:46:46 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-12-12 10:46:45 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-12 10:46:45 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-12-12 10:46:45 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-12-12 10:46:24 ----A---- C:\Windows\system32\dpnet.dll
2012-12-12 10:46:01 ----A---- C:\Windows\system32\tzres.dll
2012-12-09 17:17:48 ----D---- C:\ProgramData\tmp
2012-12-09 17:17:46 ----D---- C:\ProgramData\hps
2012-12-09 17:16:18 ----D---- C:\Program Files\dm
2012-12-02 20:13:51 ----HD---- C:\Program Files\Common Files\EAInstaller
2012-12-02 20:12:38 ----A---- C:\Windows\system32\d3dx10_40.dll
2012-12-02 20:12:38 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2012-12-02 20:12:37 ----A---- C:\Windows\system32\D3DX9_40.dll
2012-12-02 20:12:36 ----A---- C:\Windows\system32\XAudio2_3.dll
2012-12-02 20:12:36 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2012-12-02 20:12:36 ----A---- C:\Windows\system32\xactengine3_3.dll
2012-12-02 20:12:36 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2012-12-02 20:12:35 ----A---- C:\Windows\system32\d3dx10_39.dll
2012-12-02 20:12:35 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2012-12-02 20:12:34 ----A---- C:\Windows\system32\D3DX9_39.dll
2012-12-01 19:20:34 ----A---- C:\Windows\system32\XAudio2_7.dll
2012-12-01 19:20:34 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2012-12-01 19:20:33 ----A---- C:\Windows\system32\xactengine3_7.dll
2012-12-01 19:20:32 ----A---- C:\Windows\system32\D3DX9_43.dll
2012-12-01 19:20:32 ----A---- C:\Windows\system32\d3dx11_43.dll
2012-12-01 19:20:32 ----A---- C:\Windows\system32\d3dx10_43.dll
2012-12-01 19:20:32 ----A---- C:\Windows\system32\d3dcsx_43.dll
2012-12-01 19:20:32 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2012-12-01 19:20:31 ----A---- C:\Windows\system32\XAudio2_6.dll
2012-12-01 19:20:31 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2012-12-01 19:20:30 ----A---- C:\Windows\system32\XAudio2_5.dll
2012-12-01 19:20:30 ----A---- C:\Windows\system32\xactengine3_6.dll
2012-12-01 19:20:30 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2012-12-01 19:20:29 ----A---- C:\Windows\system32\xactengine3_5.dll
2012-12-01 19:20:28 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2012-12-01 19:20:27 ----A---- C:\Windows\system32\d3dx11_42.dll
2012-12-01 19:20:27 ----A---- C:\Windows\system32\d3dcsx_42.dll
2012-12-01 19:20:26 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2012-12-01 19:20:25 ----A---- C:\Windows\system32\D3DX9_41.dll
2012-12-01 19:20:25 ----A---- C:\Windows\system32\d3dx10_41.dll
2012-12-01 19:20:24 ----A---- C:\Windows\system32\XAudio2_4.dll
2012-12-01 19:20:24 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2012-12-01 19:20:23 ----A---- C:\Windows\system32\xactengine3_4.dll
2012-12-01 19:20:23 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2012-12-01 19:20:21 ----A---- C:\Windows\system32\XAudio2_2.dll
2012-12-01 19:20:21 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2012-12-01 19:20:16 ----A---- C:\Windows\system32\xactengine3_2.dll
2012-12-01 19:17:26 ----D---- C:\Windows\system32\directx
2012-11-16 07:29:34 ----A---- C:\Windows\system32\Wdfres.dll
2012-11-16 07:29:34 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-11-16 07:29:34 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-11-16 07:28:34 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-11-16 07:28:34 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-11-16 07:28:33 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-11-16 07:28:33 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-11-16 07:28:30 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-11-16 07:28:29 ----A---- C:\Windows\system32\WUDFHost.exe
2012-11-16 07:28:28 ----A---- C:\Windows\system32\WUDFx.dll
2012-11-16 06:36:24 ----A---- C:\Windows\system32\nlasvc.dll
2012-11-16 06:36:24 ----A---- C:\Windows\system32\netcorehc.dll
2012-11-16 06:36:24 ----A---- C:\Windows\system32\ncsi.dll
2012-11-16 06:36:24 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-11-16 06:36:24 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-11-16 06:36:23 ----A---- C:\Windows\system32\nlaapi.dll
2012-11-16 06:36:23 ----A---- C:\Windows\system32\netevent.dll
2012-11-16 06:36:23 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2012-11-16 06:36:20 ----A---- C:\Windows\system32\synceng.dll
2012-11-16 06:36:16 ----A---- C:\Windows\system32\dhcpcore6.dll
2012-11-16 06:36:15 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2012-11-10 07:34:01 ----D---- C:\Users\Nikos\AppData\Roaming\Camfrog
2012-11-10 07:33:52 ----D---- C:\Program Files\Camfrog
2012-10-11 10:56:36 ----A---- C:\Windows\system32\wintrust.dll
2012-10-11 10:56:04 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-11 10:56:04 ----A---- C:\Windows\system32\crypt32.dll
2012-10-11 10:56:03 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-11 10:55:58 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-11 10:55:56 ----A---- C:\Windows\system32\kerberos.dll
2012-10-11 10:55:52 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-11 10:55:52 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-10-04 08:12:15 ----D---- C:\Program Files\Common Files\Java
2012-10-04 08:11:33 ----A---- C:\Windows\system32\javaws.exe
2012-10-04 08:11:25 ----A---- C:\Windows\system32\WindowsAccessBridge.dll

======List of files/folders modified in the last 3 months======

2013-01-01 09:14:12 ----D---- C:\Program Files\trend micro
2013-01-01 09:14:10 ----D---- C:\Windows\Temp
2013-01-01 09:13:47 ----D---- C:\Windows\Prefetch
2013-01-01 09:09:11 ----D---- C:\Users\Nikos\AppData\Roaming\uTorrent
2013-01-01 08:05:42 ----D---- C:\Windows\system32\config
2013-01-01 07:53:36 ----SHD---- C:\System Volume Information
2012-12-31 15:00:23 ----D---- C:\Windows\System32
2012-12-31 14:13:57 ----D---- C:\Windows
2012-12-31 10:47:23 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-12-31 10:17:43 ----D---- C:\Program Files\Ad-Aware Antivirus
2012-12-31 10:15:19 ----D---- C:\Users\Nikos\AppData\Roaming\Ad-Aware Antivirus
2012-12-31 10:09:39 ----SHD---- C:\Windows\Installer
2012-12-31 10:09:33 ----HD---- C:\ProgramData
2012-12-31 10:09:26 ----D---- C:\Windows\system32\drivers
2012-12-31 10:08:30 ----D---- C:\Windows\system32\Tasks
2012-12-31 10:08:14 ----SD---- C:\ProgramData\Microsoft
2012-12-31 10:07:46 ----RD---- C:\Program Files
2012-12-27 17:27:18 ----D---- C:\Windows\inf
2012-12-27 17:27:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-12-27 09:16:05 ----D---- C:\Program Files\Common Files\InstallShield
2012-12-27 09:15:30 ----HD---- C:\Program Files\InstallShield Installation Information
2012-12-26 18:23:59 ----D---- C:\Games
2012-12-25 18:08:31 ----D---- C:\Users\Nikos\AppData\Roaming\Skype
2012-12-23 11:44:31 ----D---- C:\Windows\system32\LogFiles
2012-12-23 07:34:32 ----D---- C:\Program Files\Opera
2012-12-22 08:03:51 ----D---- C:\Windows\winsxs
2012-12-21 20:35:37 ----D---- C:\Windows\system32\catroot
2012-12-21 20:35:22 ----D---- C:\Windows\system32\catroot2
2012-12-21 20:01:38 ----D---- C:\Windows\system32\DriverStore
2012-12-21 09:27:33 ----D---- C:\ProgramData\Sony Ericsson
2012-12-21 09:26:58 ----D---- C:\Program Files\Sony Ericsson
2012-12-13 17:33:32 ----D---- C:\Windows\rescache
2012-12-13 13:54:14 ----D---- C:\Windows\system32\ja-JP
2012-12-13 13:54:14 ----D---- C:\Windows\system32\en-US
2012-12-13 13:54:14 ----D---- C:\Windows\system32\cs-CZ
2012-12-13 13:54:13 ----D---- C:\Windows\system32\migration
2012-12-13 13:54:13 ----D---- C:\Program Files\Internet Explorer
2012-12-12 21:23:27 ----D---- C:\ProgramData\Microsoft Help
2012-12-12 21:20:23 ----A---- C:\Windows\system32\MRT.exe
2012-12-11 20:57:20 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-12-08 20:35:16 ----D---- C:\Rossmann FOTOSHOP
2012-12-02 20:13:51 ----D---- C:\Program Files\Common Files
2012-12-02 20:12:21 ----RSD---- C:\Windows\assembly
2012-12-01 18:58:33 ----A---- C:\Windows\Hired Guns Setup Log.txt
2012-11-28 22:15:43 ----D---- C:\Windows\AppPatch
2012-11-19 17:20:35 ----D---- C:\ProgramData\Adobe
2012-11-16 22:15:49 ----D---- C:\Windows\Microsoft.NET
2012-11-16 13:20:41 ----RSD---- C:\Windows\Fonts
2012-11-16 13:20:39 ----D---- C:\Windows\PolicyDefinitions
2012-11-16 13:20:38 ----D---- C:\Windows\system32\wbem
2012-11-16 13:20:38 ----D---- C:\Windows\system32\drivers\ja-JP
2012-11-16 13:20:38 ----D---- C:\Windows\system32\drivers\en-US
2012-11-16 13:20:38 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-11-16 07:26:58 ----A---- C:\Windows\win.ini
2012-10-30 23:50:59 ----A---- C:\Windows\system32\aswBoot.exe
2012-10-23 18:18:50 ----D---- C:\Users\Nikos\AppData\Roaming\BSplayer
2012-10-04 08:11:18 ----A---- C:\Windows\system32\javaw.exe
2012-10-04 08:11:17 ----A---- C:\Windows\system32\npDeployJava1.dll
2012-10-04 08:11:17 ----A---- C:\Windows\system32\java.exe
2012-10-04 08:11:17 ----A---- C:\Windows\system32\deployJava1.dll
2012-10-04 08:11:15 ----D---- C:\Program Files\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-03 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [2011-10-26 101112]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R2 sbapifs;sbapifs; C:\Windows\system32\DRIVERS\sbapifs.sys [2011-11-29 77816]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2011-05-18 40320]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-01-15 70144]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 ao5p4hbd;ao5p4hbd; C:\Windows\system32\drivers\ao5p4hbd.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-08-02 12400]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-08-02 25200]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\Windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sbhips;sbhips; C:\Windows\system32\drivers\sbhips.sys [2011-12-19 93816]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\drivers\usb8023x.sys [2009-07-14 15872]
S3 usbUDisc;usbUDisc; C:\Windows\system32\DRIVERS\USBDrv.sys [2012-12-21 7040]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ad-Aware Service;Ad-Aware Service; C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe [2012-07-12 1239952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-10-30 44808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-12-23 76888]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SBAMSvc;Ad-Aware; C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-12-08 1527104]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-01 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-06-07 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-11 250808]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-01 136176]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-07 1343400]

Zdravim

Odinstalujte vse od Ad-Aware a Spybot - Search & Destroy. Krom toho, ze tyto programy maji svou slavu davno za sebou, mohou se tlouct s Avastem.

Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze

Děkuji za odpověď....ad-aware a spybot je odinstalován s co se týká Windows, mám normální legální verzi, je to multiuse ud kamaráda z jedné reklamní firmy kde sem tam brigádně pomáhám...takže windows jsem osobně nekupoval ale mám ji řekněme z práce...

a jaké programy by jste mi doporučil místo ad-aware a spybot....nebo avast pro domácí použití uplně stačí?

díky...jo a jak vypadá log?

OK

Avast staci. Na obcasnou kontrolu doporucuji SuperAntiSpyware free.

V logu je spousta smeti.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

OTL logfile created on: 1.1.2013 14:24:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nikos\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 42,70% Memory free
4,00 Gb Paging File | 2,37 Gb Available in Paging File | 59,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 80,08 Gb Total Space | 12,16 Gb Free Space | 15,18% Space Free | Partition Type: NTFS
Drive D: | 99,61 Gb Total Space | 17,05 Gb Free Space | 17,12% Space Free | Partition Type: NTFS
Drive G: | 53,20 Gb Total Space | 27,96 Gb Free Space | 52,57% Space Free | Partition Type: NTFS

Computer Name: NIKOS-PC | User Name: Nikos | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.01.01 14:21:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nikos\Desktop\OTL.exe
PRC - [2012.12.09 06:31:37 | 000,969,104 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2012.12.05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.12.08 17:37:18 | 000,671,552 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
PRC - [2011.12.08 17:34:58 | 001,527,104 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
PRC - [2011.10.21 10:09:36 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.08.18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.08.18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe

========== Modules (No Company Name) ==========

MOD - [2012.12.05 02:15:15 | 012,456,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
MOD - [2012.12.05 02:15:15 | 000,460,904 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll
MOD - [2012.12.05 02:15:14 | 004,008,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
MOD - [2012.12.05 02:14:29 | 000,587,880 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\libglesv2.dll
MOD - [2012.12.05 02:14:28 | 000,124,520 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\libegl.dll
MOD - [2012.12.05 02:14:21 | 000,157,304 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avutil-51.dll
MOD - [2012.12.05 02:14:20 | 000,275,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avformat-54.dll
MOD - [2012.12.05 02:14:19 | 002,168,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll
MOD - [2012.10.11 15:53:04 | 000,425,984 | ---- | M] () -- c:\Program Files\SoftQuick\sprotector.dll
MOD - [2012.10.11 15:52:24 | 000,425,984 | ---- | M] () -- c:\Program Files\ContinueToSave\sprotector.dll
MOD - [2010.03.15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

========== Services (SafeList) ==========

SRV - [2012.12.11 20:57:21 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.06.07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.18 13:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011.12.08 17:34:58 | 001,527,104 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.12.08 17:31:34 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.11.07 22:28:23 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009.08.18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.05.31 16:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 16:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ae1nou8d)
DRV - [2012.12.21 08:48:09 | 000,007,040 | ---- | M] (Scott) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBDrv.sys -- (usbUDisc)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.10.15 17:59:28 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.08.02 18:15:20 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.08.02 18:15:20 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2011.05.18 08:09:04 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.11.03 15:39:10 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010.10.07 13:34:32 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.08.18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2008.03.04 02:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007.04.23 12:54:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s115mgmt.sys -- (s115mgmt)
DRV - [2007.04.23 12:54:50 | 000,098,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s115obex.sys -- (s115obex)
DRV - [2007.04.23 12:54:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s115mdm.sys -- (s115mdm)
DRV - [2007.04.23 12:54:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s115mdfl.sys -- (s115mdfl)
DRV - [2007.04.23 12:54:46 | 000,083,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s115bus.sys -- (s115bus)
DRV - [2007.01.15 14:28:20 | 000,070,144 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2005.09.23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.soft-quick.info/
IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKLM\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT1750559
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.soft-quick.info/?l=1&q={searchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3453027719-967907754-1008735648-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-3453027719-967907754-1008735648-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-3453027719-967907754-1008735648-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3453027719-967907754-1008735648-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-3453027719-967907754-1008735648-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKU\S-1-5-21-3453027719-967907754-1008735648-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.soft-quick.info/
IE - HKU\S-1-5-21-3453027719-967907754-1008735648-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3453027719-967907754-1008735648-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3453027719-967907754-1008735648-1001\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKU\S-1-5-21-3453027719-967907754-1008735648-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3453027719-967907754-1008735648-1001\..\SearchScopes\{067EEE88-00C3-4905-BFBA-9DAFE8EB00D4}: "URL" = http://websearch.ask.com/redirect?clien ... 8CE833367E
IE - HKU\S-1-5-21-3453027719-967907754-1008735648-1001\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://safesearchr.lavasoft.com/?source ... earchTerms}
IE - HKU\S-1-5-21-3453027719-967907754-1008735648-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-3453027719-967907754-1008735648-1001\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-3453027719-967907754-1008735648-1001\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-3453027719-967907754-1008735648-1001\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.soft-quick.info/?l=1&q={searchTerms}
IE - HKU\S-1-5-21-3453027719-967907754-1008735648-1001\..\SearchScopes\{C651879F-DC83-45B9-B76E-77B28873590F}: "URL" = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
IE - HKU\S-1-5-21-3453027719-967907754-1008735648-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://websearch.soft-quick.info/?l=1&q="
FF - prefs.js..browser.search.selectedEngine: "WebSearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://websearch.soft-quick.info/"
FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.6.5
FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1466
FF - prefs.js..extensions.enabledItems: support@mask-myip.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..extensions.enabledItems: {687578b9-7132-4a7a-80e4-30ee31099e03}:3.12.0.8
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.2.1
FF - prefs.js..extensions.enabledItems: {87934c42-161d-45bc-8cef-ef18abe2a30c}:2.1
FF - prefs.js..keyword.URL: "http://websearch.soft-quick.info/?l=1&q="
FF - prefs.js..network.proxy.ftp: "198.36.222.8"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.gopher: "198.36.222.8"
FF - prefs.js..network.proxy.gopher_port: 3128
FF - prefs.js..network.proxy.http: "198.36.222.8"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.type: 1
FF - prefs.js..browser.search.order.1: "WebSearch"
FF - prefs.js..browser.search.defaultenginename: "WebSearch"
FF - prefs.js..browser.search.order.1,S: S", "WebSearch"
FF - prefs.js..browser.search.defaultenginename,S: S", "WebSearch"
FF - prefs.js..browser.search.selectedEngine,S: S", "WebSearch"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Nikos\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\Cetrumcz@igeared: C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012.11.16 06:29:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\50db362d8cc9e@50db362d8ccd7.com: C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\50db362d8cc9e@50db362d8ccd7.com [2012.12.26 18:20:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.01 08:49:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.05 08:22:09 | 000,000,000 | ---D | M]

[2010.11.02 21:14:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nikos\AppData\Roaming\Mozilla\Extensions
[2012.12.26 18:20:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions
[2012.08.15 16:49:32 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2012.05.06 11:12:00 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012.07.20 18:50:35 | 000,000,000 | ---D | M] (Ad-Aware Security Toolbar) -- C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
[2012.12.26 18:20:11 | 000,000,000 | ---D | M] (continuetosave) -- C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\50db362d8cc9e@50db362d8ccd7.com
[2011.09.13 15:08:18 | 000,000,000 | ---D | M] (FireGestures) -- C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\firegestures@xuldev.org
[2012.07.20 16:37:39 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2011.10.09 07:25:14 | 000,000,000 | ---D | M] (Mask My IP) -- C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\support@mask-myip.com
[2012.08.15 17:08:05 | 000,002,324 | ---- | M] () -- C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\searchplugins\askcom.xml
[2010.01.20 12:13:52 | 000,000,921 | ---- | M] () -- C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\searchplugins\conduit.xml
[2010.11.03 15:39:30 | 000,002,059 | ---- | M] () -- C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\searchplugins\daemon-search.xml
[2012.08.15 16:49:40 | 000,002,062 | ---- | M] () -- C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\searchplugins\qip-search.xml
[2012.12.26 18:20:36 | 000,000,553 | ---- | M] () -- C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\searchplugins\WebSearch.xml
[2012.03.11 08:03:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.11.10 19:12:03 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.03.11 08:03:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012.11.16 06:29:49 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2012.07.20 18:54:39 | 000,000,616 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\adawaretb.xml
[2010.03.26 07:34:16 | 000,001,425 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Cetrumcz_igeared.xml
[2010.11.27 16:00:04 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.11.27 16:00:04 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2010.11.27 16:00:04 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.11.27 16:00:04 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.11.27 16:00:04 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_1\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeaoofnhgocdbnbeljkmbjdmhbcokfdb\1.9.5.6_0\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_1\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm\1.5_0\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm\1.5_1\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_1\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\jokidimojepnnmokgkejhdemceogapfi\3.9_0\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\kheikdbkbpgjphjhmhghgabdhcldfcpg\1.0_0\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\kheikdbkbpgjphjhmhghgabdhcldfcpg\1.0_1\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_1\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_1\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfngdachcmmioepljkfoippkhncdjbkf\1.0_0\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.1_0\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.80.5_0\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohfccapgabfcjcibgpglbanpniciclk\1.1_0\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: No name found = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Nikos\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (continuetosave) - {B6CD0FE8-3D38-3FC9-2EAC-719A63666601} - C:\ProgramData\continuetosave\50db362d8ce63.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-3453027719-967907754-1008735648-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-3453027719-967907754-1008735648-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C291C63-8B78-434E-B851-8CA473CB98B1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E75F4732-626B-4D53-8ED6-AAF31A8361EB}: DhcpNameServer = 192.168.137.1
O18 - Protocol\Handler\centrumcztoolbar - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O20 - AppInit_DLLs: (c:\progra~1\contin~1\sprote~1.dll) - c:\Program Files\ContinueToSave\sprotector.dll ()
O20 - AppInit_DLLs: (c:\progra~1\softqu~1\sprote~1.dll) - c:\Program Files\SoftQuick\sprotector.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0b5f6c8c-e7c6-11df-a6cd-0016d38adf33}\Shell - "" = AutoRun
O33 - MountPoints2\{0b5f6c8c-e7c6-11df-a6cd-0016d38adf33}\Shell\AutoRun\command - "" = F:\Installer.exe
O33 - MountPoints2\{d9de0fb1-1369-11e1-995d-0016d38adf33}\Shell - "" = AutoRun
O33 - MountPoints2\{d9de0fb1-1369-11e1-995d-0016d38adf33}\Shell\AutoRun\command - "" = H:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.01.01 14:20:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Nikos\Desktop\OTL.exe
[2013.01.01 09:07:57 | 000,000,000 | ---D | C] -- C:\rsit
[2012.12.31 10:09:35 | 000,000,000 | ---D | C] -- C:\Users\Nikos\AppData\Local\adaware
[2012.12.31 10:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2012.12.31 10:07:46 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2012.12.31 10:07:29 | 000,000,000 | ---D | C] -- C:\Users\Nikos\AppData\Local\Programs
[2012.12.28 16:28:22 | 000,000,000 | ---D | C] -- C:\Users\Nikos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Camfrog Video Chat 6.4
[2012.12.27 12:07:50 | 000,000,000 | ---D | C] -- C:\Windows\FltMgr
[2012.12.27 12:07:47 | 000,000,000 | ---D | C] -- C:\Program Files\PogiSys
[2012.12.26 18:20:36 | 000,000,000 | ---D | C] -- C:\ProgramData\WoW Worldwide Software LTD
[2012.12.26 18:20:36 | 000,000,000 | ---D | C] -- C:\Program Files\SoftQuick
[2012.12.26 18:20:17 | 000,000,000 | ---D | C] -- C:\Program Files\ContinueToSave
[2012.12.26 18:20:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\continuetosave
[2012.12.26 18:20:11 | 000,000,000 | ---D | C] -- C:\ProgramData\continuetosave
[2012.12.26 18:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012.12.23 12:10:04 | 000,000,000 | ---D | C] -- C:\Users\Nikos\AppData\Local\PunkBuster
[2012.12.23 11:56:23 | 000,000,000 | ---D | C] -- C:\Users\Nikos\Documents\Battlefield Play4Free
[2012.12.23 11:30:59 | 000,000,000 | ---D | C] -- C:\Program Files\EA Games
[2012.12.21 20:35:10 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.21 20:35:09 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.21 08:44:30 | 000,007,040 | ---- | C] (Scott) -- C:\Windows\System32\drivers\USBDrv.sys
[2012.12.21 08:44:06 | 000,000,000 | ---D | C] -- C:\Users\Nikos\tab
[2012.12.12 21:23:40 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.12.12 21:23:38 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.12.12 21:23:38 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.12.12 21:23:37 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.12.12 21:23:37 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.12.12 21:23:35 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.12.12 21:23:35 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.12.12 21:23:33 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.12.12 10:47:20 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.12.12 10:46:57 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012.12.12 10:46:57 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.12.12 10:46:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.12 10:46:50 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012.12.12 10:46:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.12 10:46:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012.12.12 10:46:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.12 10:46:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.12 10:46:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012.12.12 10:46:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.12 10:46:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012.12.12 10:46:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012.12.12 10:46:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.12 10:46:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012.12.12 10:46:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.12 10:46:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.12 10:46:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012.12.12 10:46:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012.12.12 10:46:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.12 10:46:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.12 10:46:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.12 10:46:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012.12.12 10:46:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.12 10:46:46 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012.12.12 10:46:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.12 10:46:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012.12.12 10:46:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012.12.12 10:46:45 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.12 10:46:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012.12.12 10:46:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012.12.12 10:46:24 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012.12.12 10:46:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.12.09 17:52:32 | 000,000,000 | ---D | C] -- C:\Users\Nikos\Documents\pro otce_mcf-Dateien
[2012.12.09 17:33:47 | 000,000,000 | ---D | C] -- C:\Users\Nikos\Documents\restore
[2012.12.09 17:17:48 | 000,000,000 | ---D | C] -- C:\ProgramData\tmp
[2012.12.09 17:17:46 | 000,000,000 | ---D | C] -- C:\ProgramData\hps
[2012.12.09 17:17:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dm paradies foto 3
[2012.12.09 17:16:18 | 000,000,000 | ---D | C] -- C:\Program Files\dm
[2012.12.02 20:13:51 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\EAInstaller
[2012.12.02 20:12:38 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2012.12.02 20:12:38 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2012.12.02 20:12:37 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2012.12.02 20:12:36 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2012.12.02 20:12:36 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2012.12.02 20:12:36 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2012.12.02 20:12:36 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2012.12.02 20:12:35 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2012.12.02 20:12:35 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2012.12.02 20:12:34 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.01.01 14:27:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.01.01 14:21:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nikos\Desktop\OTL.exe
[2013.01.01 14:13:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.01 13:54:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.01 11:13:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.01 10:53:30 | 000,020,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.01 10:53:30 | 000,020,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.01 10:46:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.01 10:46:00 | 1609,375,744 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.31 15:00:23 | 000,000,000 | ---- | M] () -- C:\Windows\System32\SBRC.dat
[2012.12.28 16:28:22 | 000,002,153 | ---- | M] () -- C:\Users\Nikos\Application Data\Microsoft\Internet Explorer\Quick Launch\Camfrog Video Chat 6.4.lnk
[2012.12.28 16:28:22 | 000,002,129 | ---- | M] () -- C:\Users\Nikos\Desktop\Camfrog.lnk
[2012.12.28 12:20:11 | 000,007,602 | ---- | M] () -- C:\Users\Nikos\AppData\Local\Resmon.ResmonCfg
[2012.12.27 17:27:18 | 000,631,548 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.12.27 17:27:18 | 000,616,242 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.27 17:27:18 | 000,388,752 | ---- | M] () -- C:\Windows\System32\perfh011.dat
[2012.12.27 17:27:18 | 000,122,156 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.12.27 17:27:18 | 000,106,622 | ---- | M] () -- C:\Windows\System32\perfc011.dat
[2012.12.27 17:27:18 | 000,106,622 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.26 14:57:15 | 000,139,424 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012.12.26 14:57:04 | 000,282,104 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2012.12.26 14:55:50 | 000,234,768 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2012.12.23 11:45:24 | 000,138,056 | ---- | M] () -- C:\Users\Nikos\AppData\Roaming\PnkBstrK.sys
[2012.12.22 08:03:27 | 000,553,480 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.21 10:40:31 | 001,358,887 | ---- | M] () -- C:\Users\Nikos\Desktop\20121206092228.pdf
[2012.12.21 09:20:32 | 000,001,972 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2012.12.21 08:48:09 | 000,007,040 | ---- | M] (Scott) -- C:\Windows\System32\drivers\USBDrv.sys
[2012.12.21 08:48:09 | 000,001,375 | ---- | M] () -- C:\Windows\System32\drivers\USBDrv.inf
[2012.12.16 15:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.16 15:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.13 14:20:58 | 000,002,320 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.12.11 20:57:20 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.12.11 20:57:20 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.12.09 17:52:32 | 000,012,099 | ---- | M] () -- C:\Users\Nikos\Documents\pro otce.mcf
[2012.12.09 17:17:42 | 000,001,208 | ---- | M] () -- C:\Users\Public\Desktop\CEWE prezentace fotografií.lnk
[2012.12.09 17:17:42 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\dm paradies foto 3.lnk
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.01.01 14:27:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.12.31 15:00:23 | 000,000,000 | ---- | C] () -- C:\Windows\System32\SBRC.dat
[2012.12.28 16:28:22 | 000,002,153 | ---- | C] () -- C:\Users\Nikos\Application Data\Microsoft\Internet Explorer\Quick Launch\Camfrog Video Chat 6.4.lnk
[2012.12.28 16:28:22 | 000,002,129 | ---- | C] () -- C:\Users\Nikos\Desktop\Camfrog.lnk
[2012.12.28 12:20:11 | 000,007,602 | ---- | C] () -- C:\Users\Nikos\AppData\Local\Resmon.ResmonCfg
[2012.12.23 12:11:46 | 000,282,104 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2012.12.23 11:45:24 | 000,139,424 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012.12.23 11:45:23 | 000,138,056 | ---- | C] () -- C:\Users\Nikos\AppData\Roaming\PnkBstrK.sys
[2012.12.23 11:44:47 | 000,282,104 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012.12.23 11:44:47 | 000,234,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.ex0
[2012.12.23 11:44:33 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012.12.21 10:40:31 | 001,358,887 | ---- | C] () -- C:\Users\Nikos\Desktop\20121206092228.pdf
[2012.12.21 08:44:30 | 000,001,375 | ---- | C] () -- C:\Windows\System32\drivers\USBDrv.inf
[2012.12.09 17:52:31 | 000,012,099 | ---- | C] () -- C:\Users\Nikos\Documents\pro otce.mcf
[2012.12.09 17:17:42 | 000,001,208 | ---- | C] () -- C:\Users\Public\Desktop\CEWE prezentace fotografií.lnk
[2012.12.09 17:17:42 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\dm paradies foto 3.lnk
[2012.12.02 19:59:57 | 014,383,616 | ---- | C] () -- C:\Users\Nikos\Desktop\gta_sa.exe
[2012.01.08 10:11:44 | 000,127,078 | ---- | C] () -- C:\Users\Nikos\Zarlivost.pdf
[2011.07.17 06:29:14 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2011.07.17 06:29:14 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2011.07.17 06:29:13 | 000,631,548 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2011.07.17 06:29:13 | 000,122,156 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2011.07.17 06:12:20 | 000,141,988 | ---- | C] () -- C:\Windows\System32\perfi011.dat
[2011.07.17 06:12:19 | 000,388,752 | ---- | C] () -- C:\Windows\System32\perfh011.dat
[2011.07.17 06:12:19 | 000,106,622 | ---- | C] () -- C:\Windows\System32\perfc011.dat
[2011.07.17 06:12:19 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd011.dat
[2011.06.09 07:04:48 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.06.09 07:03:19 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.05.15 15:55:29 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.05.15 15:55:29 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.05.12 16:18:04 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2011.05.12 16:18:04 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2011.05.12 16:18:04 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.12.17 16:59:20 | 000,090,944 | ---- | C] () -- C:\Users\Nikos\web_ka.pdf
[2010.12.10 07:46:41 | 000,043,237 | ---- | C] () -- C:\Users\Nikos\koulisianis-cv-eng.pdf
[2010.12.10 07:46:26 | 000,043,804 | ---- | C] () -- C:\Users\Nikos\koulisianis-cv-cze.pdf
[2010.11.03 15:34:52 | 000,005,632 | ---- | C] () -- C:\Users\Nikos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.02 19:44:14 | 000,011,668 | ---- | C] () -- C:\Users\Nikos\ffdshow.reg

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010.11.12 22:48:27 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\2K Sports
[2012.12.31 10:15:19 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Ad-Aware Antivirus
[2012.10.23 18:18:50 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\BSplayer
[2010.11.02 19:39:53 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\BSplayer Pro
[2012.11.25 08:17:32 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Camfrog
[2010.11.07 06:55:50 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\DAEMON Tools Lite
[2010.12.26 08:18:14 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Leadertech
[2011.10.09 07:24:11 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\MaskMyIP
[2012.08.15 16:55:40 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Miranda
[2011.08.13 07:36:12 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Opera
[2012.06.23 11:06:00 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\pdfforge
[2012.08.15 16:49:34 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\QIP
[2012.08.15 17:10:45 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Trillian
[2012.03.03 15:57:42 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\TuneUp Software
[2011.10.29 12:33:34 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Unity
[2011.07.03 06:42:32 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Utherverse
[2013.01.01 14:36:40 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\uTorrent

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 05:53:46 | 000,032,576 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.04.14 17:41:52 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.09.14 14:13:30 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.09.14 14:13:32 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 05:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2012.04.24 05:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012.04.24 05:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\System32\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012.06.02 05:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.06.02 05:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012.04.24 05:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: IASTORV.SYS >
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys

< MD5 for: LSASS.EXE >
[2011.11.17 08:09:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=05F38CB7CAB3CE8E9A1812D517DA93EF -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe
[2011.11.17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\System32\lsass.exe
[2011.11.17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2011.11.17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe
[2012.06.02 05:40:31 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A6034689ACF9D14973F8384AD5A5451E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_a6eb42a4d70be51e\lsass.exe
[2011.11.17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe
[2011.11.17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_a656d407bdf6641e\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2012.06.02 05:51:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FA7B950E4CA6AA260C4EABA19E03644D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe
[2011.11.17 06:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe

< MD5 for: NDIS.SYS >
[2012.08.22 18:05:16 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=15B74B6283CEBCCE3054C1001CA01B5E -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_aa0491cf93ad1c31\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2012.08.22 18:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\System32\drivers\ndis.sys
[2012.08.22 18:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_a9bdfee47a5cd154\ndis.sys
[2010.11.20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010.11.20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2011.03.11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\drivers\nvraid.sys
[2011.03.11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2011.03.11 06:28:10 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
[2011.03.11 06:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
[2011.03.11 06:52:25 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=FCD5C3542A85EEBA7D0833B7E5086C10 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012.08.22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2012.03.30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012.03.30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011.06.21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2012.08.22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\System32\drivers\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[9 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.11.12 22:48:27 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\2K Sports
[2012.12.31 10:15:19 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Ad-Aware Antivirus
[2010.11.06 08:56:34 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Adobe
[2010.12.08 19:48:16 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Ahead
[2012.10.23 18:18:50 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\BSplayer
[2010.11.02 19:39:53 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\BSplayer Pro
[2012.11.25 08:17:32 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Camfrog
[2010.11.07 06:55:50 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\DAEMON Tools Lite
[2010.12.08 18:39:42 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\DivX
[2010.10.31 20:59:12 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Identities
[2010.12.26 08:18:14 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Leadertech
[2010.11.03 17:47:52 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Macromedia
[2011.10.09 07:24:11 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\MaskMyIP
[2009.07.14 08:48:45 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Media Center Programs
[2010.11.18 18:21:03 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Media Player Classic
[2012.09.16 20:05:51 | 000,000,000 | --SD | M] -- C:\Users\Nikos\AppData\Roaming\Microsoft
[2012.08.15 16:55:40 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Miranda
[2010.11.02 21:14:27 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Mozilla
[2011.08.13 07:36:12 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Opera
[2012.06.23 11:06:00 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\pdfforge
[2012.08.15 16:49:34 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\QIP
[2011.07.17 07:09:41 | 000,000,000 | RH-D | M] -- C:\Users\Nikos\AppData\Roaming\SecuROM
[2012.12.25 18:08:31 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Skype
[2012.08.15 17:10:45 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Trillian
[2012.03.03 15:57:42 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\TuneUp Software
[2011.10.29 12:33:34 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Unity
[2011.07.03 06:42:32 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Utherverse
[2013.01.01 15:16:41 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\uTorrent
[2010.11.02 18:56:32 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Winamp
[2010.12.13 19:03:01 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2009.08.11 20:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Nikos\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 20:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Nikos\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 13:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Nikos\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012.10.11 08:01:20 | 001,175,371 | ---- | M] () -- C:\Users\Nikos\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 09:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Nikos\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 09:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Nikos\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 09:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Nikos\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 14:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Nikos\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2010.12.08 18:21:23 | 000,029,926 | R--- | M] () -- C:\Users\Nikos\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
[2012.04.11 21:08:20 | 000,255,376 | ---- | M] (Visicom Media Inc.) -- C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\dtUser.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.11.03 15:39:10 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.01.01 10:53:30 | 000,020,576 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.01 10:53:30 | 000,020,576 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.31 15:00:23 | 000,000,000 | ---- | M] () -- C:\Windows\system32\SBRC.dat

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 13:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
"uTorrent" = "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED -- [2012.12.09 06:31:37 | 000,969,104 | ---- | M] (BitTorrent, Inc.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.01.01 14:27:59 | 000,000,512 | ---- | M] () MD5=088466A8E1F630FED29B153FA48DB6FE -- C:\PhysicalMBR.bin
[1 C:\*.tmp files -> C:\*.tmp -> ]

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2007.06.27 19:03:00 | 000,177,448 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010.12.14 10:54:22 | 000,166,400 | ---- | M] () -- \Program Files\dm\dm paradies foto 3\CWImageLoader0.dll
[2010.11.25 20:22:36 | 000,048,315 | ---- | M] () -- \Program Files\Full Tilt Poker.Net\Graphics\Cashier\WebDialog\cashier_loader.mng
[2010.11.25 20:22:38 | 000,015,895 | ---- | M] () -- \Program Files\Full Tilt Poker.Net\Graphics\Lobby\Backgrounds\LoaderChip.gif
[2010.09.14 09:16:16 | 000,166,912 | ---- | M] () -- \Program Files\Schlecker\FOTOSVET Schlecker 3\CWImageLoader0.dll
[2012.12.06 12:32:14 | 000,001,702 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\licenses\loaderbinarylegal.txt
[2009.09.25 14:00:00 | 000,001,849 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\Integrator\images\panel6\loader.gif
[2009.09.25 14:00:00 | 000,001,849 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\TuneUpUtilities.gadget\images\loader.gif
[2009.09.25 14:00:00 | 000,001,849 | ---- | M] () -- \Program Files\Windows Sidebar\Shared Gadgets\TuneUpUtilities.gadget\images\loader.gif
[2010.03.15 11:28:24 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2012.02.15 13:28:30 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.15 13:28:30 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.02.15 13:28:30 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.15 13:28:30 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2011.07.31 08:29:53 | 000,052,284 | ---- | M] () -- \Users\Nikos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y8GEU82O\PitsiLoader[1].swf
[2012.04.17 23:39:24 | 000,010,145 | ---- | M] () -- \Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\conduitCommon\modules\3.12.0.8\ExternalLibraryLoader.jsm
[2012.04.17 23:39:24 | 000,010,145 | ---- | M] () -- \Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\modules\ExternalLibraryLoader.jsm
[2012.03.22 14:09:48 | 000,005,379 | ---- | M] () -- \Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources\api-utils\lib\content\loader.js
[2012.03.22 14:09:48 | 000,004,163 | ---- | M] () -- \Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources\api-utils\lib\windows\loader.js
[2011.04.15 17:58:34 | 000,003,048 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\design\standard\javascript\lib\ezjslibimagepreloader.js
[2011.03.14 19:06:34 | 000,003,208 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\2.8.1\build\assets\skins\sam\ajax-loader.gif
[2011.03.14 19:06:34 | 000,003,208 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\2.8.1\build\carousel\assets\ajax-loader.gif
[2011.03.14 19:06:34 | 000,003,208 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\2.8.1\build\carousel\assets\skins\sam\ajax-loader.gif
[2011.04.15 17:55:54 | 000,019,061 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\2.8.1\build\imageloader\imageloader-debug.js
[2011.04.15 17:55:54 | 000,005,269 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\2.8.1\build\imageloader\imageloader-min.js
[2011.04.15 17:55:54 | 000,018,262 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\2.8.1\build\imageloader\imageloader.js
[2011.04.15 17:55:56 | 000,040,076 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\2.8.1\build\uploader\uploader-debug.js
[2011.04.15 17:55:56 | 000,011,362 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\2.8.1\build\uploader\uploader-min.js
[2011.04.15 17:55:56 | 000,039,839 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\2.8.1\build\uploader\uploader.js
[2011.03.14 19:06:34 | 000,007,141 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\2.8.1\build\uploader\assets\uploader.swf
[2011.03.14 19:06:34 | 000,125,392 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\2.8.1\build\yuiloader\yuiloader-debug.js
[2011.03.14 19:06:34 | 000,029,500 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\2.8.1\build\yuiloader\yuiloader-min.js
[2011.03.14 19:06:34 | 000,125,392 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\2.8.1\build\yuiloader\yuiloader.js
[2011.04.15 17:55:56 | 000,060,328 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\2.8.1\build\yuiloader-dom-event\yuiloader-dom-event.js
[2011.04.15 17:55:56 | 000,028,282 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\3.3.0\build\imageloader\imageloader-debug.js
[2011.04.15 17:55:56 | 000,004,406 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\3.3.0\build\imageloader\imageloader-min.js
[2011.04.15 17:55:56 | 000,026,638 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\3.3.0\build\imageloader\imageloader.js
[2011.03.14 19:06:34 | 000,068,508 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\3.3.0\build\loader\loader-base-debug.js
[2011.04.15 17:55:56 | 000,014,626 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\3.3.0\build\loader\loader-base-min.js
[2011.03.14 19:06:34 | 000,066,439 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\3.3.0\build\loader\loader-base.js
[2011.03.14 19:06:34 | 000,115,685 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\3.3.0\build\loader\loader-debug.js
[2011.04.15 17:55:56 | 000,032,415 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\3.3.0\build\loader\loader-min.js
[2011.03.14 19:06:34 | 000,003,607 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\3.3.0\build\loader\loader-rollup-debug.js
[2011.04.15 17:55:56 | 000,000,953 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\3.3.0\build\loader\loader-rollup-min.js
[2011.03.14 19:06:34 | 000,003,395 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\3.3.0\build\loader\loader-rollup.js
[2011.03.14 19:06:34 | 000,043,799 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\3.3.0\build\loader\loader-yui3-debug.js
[2011.04.15 17:55:56 | 000,017,080 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\3.3.0\build\loader\loader-yui3-min.js
[2011.03.14 19:06:34 | 000,043,799 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\3.3.0\build\loader\loader-yui3.js
[2011.03.14 19:06:34 | 000,113,404 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\3.3.0\build\loader\loader.js
[2011.04.15 17:55:56 | 000,018,703 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\3.3.0\build\uploader\uploader-debug.js
[2011.04.15 17:55:56 | 000,003,128 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\3.3.0\build\uploader\uploader-min.js
[2011.04.15 17:55:56 | 000,018,618 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\3.3.0\build\uploader\uploader.js
[2011.03.14 19:06:34 | 000,006,671 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezjscore\design\standard\lib\yui\3.3.0\build\uploader\assets\uploader.swf
[2011.04.15 17:55:56 | 000,011,955 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezoe\design\standard\javascript\classes\dom\ScriptLoader.js
[2010.01.08 16:27:48 | 000,001,395 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\lib\ezc\Template\src\structs\autoloader_definition.php
[2011.04.15 17:58:38 | 000,003,496 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\lib\ezutils\classes\ezwizardbaseclassloader.php
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.20 08:34:54 | 000,070,936 | ---- | M] () -- \Windows\System32\PhysXLoader.dll
[2007.04.30 15:43:12 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2011.07.17 06:27:46 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2011.07.17 06:27:46 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2011.07.17 06:27:46 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009.07.14 05:56:40 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.14 05:56:40 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009.07.14 05:56:40 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2011.07.17 06:09:55 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_a53f5860029d6b44.manifest
[2011.07.17 06:09:55 | 000,029,264 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_a53f5860029d6b44_winload.exe.mui_3bc5b827
[2011.07.17 06:09:55 | 000,026,704 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_a53f5860029d6b44_winresume.exe.mui_ff8b5358
[2011.06.12 18:07:24 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011.06.12 18:07:24 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011.06.12 18:07:24 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.13 17:54:50 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 03:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.13 20:07:04 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_a53f5860029d6b44.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >
[2011.04.15 17:58:36 | 000,004,627 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezfind\classes\ezfindresultnode.php
[2011.04.15 17:58:34 | 000,002,420 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\kernel\private\classes\ezptopologicalsortnode.php

< *AutoKMS* /s >

< *activator* /s >
[2011.12.08 17:41:04 | 000,325,952 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\ProgramDeactivator.exe
[2011.12.08 17:37:20 | 000,104,256 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe
[2009.09.25 14:00:00 | 000,003,006 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\deinstallation_programDeactivator_40x40.png
[2009.09.25 14:00:00 | 000,001,534 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\icon_ProgramDeactivator_16.png
[2009.09.25 14:00:00 | 000,003,100 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\icon_ProgramDeactivator_32.png
[2009.09.25 14:00:00 | 000,004,597 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\icon_ProgramDeactivator_48.png
[2009.09.25 14:00:00 | 000,006,373 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\icon_ProgramDeactivator_64.png
[2009.09.25 14:00:00 | 000,001,534 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\Integrator\images\panel6\ProgramDeactivator_16x16.png
[2009.09.25 14:00:00 | 000,006,368 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\Integrator\images\tab2\ProgramDeactivator_64x64-hover.png
[2009.09.25 14:00:00 | 000,006,373 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\Integrator\images\tab2\ProgramDeactivator_64x64.png
[2009.09.25 14:00:00 | 000,003,100 | ---- | M] () -- \Program Files\TuneUp Utilities 2011\data\ProgramDeactivator\icon_ProgramDeactivator_32.png
[2012.03.03 15:57:54 | 000,002,407 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011\All functions\TuneUp Program Deactivator.lnk
[2012.03.03 15:57:54 | 000,002,407 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011\All functions\TuneUp Program Deactivator.lnk
[2010.10.27 18:26:16 | 000,321,856 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\65263042BDFB3DC4EBA83A6D61F0E261\10.0.2011\ProgramDeactivator.exe

< *serial* /s >
[2012.04.11 00:15:28 | 000,434,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll
[2012.05.17 19:01:16 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll
[2011.11.17 19:36:08 | 000,005,687 | ---- | M] () -- \Program Files\PokerStars\gx\tokenserial.jpg
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.04 16:53:40 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010.11.04 17:00:20 | 000,110,592 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\System.RunTime.Serialization.Resources.dll
[2012.12.06 12:29:58 | 000,026,802 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.serialio.win32.x86_2.12.12.1.jar
[2012.12.06 12:29:58 | 000,049,528 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.serialio_2.12.15.18.jar
[2012.12.06 12:32:34 | 000,006,316 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.sonyericsson.cs.serialcommunication_2.12.15.18.jar
[2012.08.18 06:42:58 | 000,000,135 | ---- | M] () -- \Tri Synergy\Hired Guns\serialreg.txt
[2012.11.24 15:38:07 | 000,000,464 | ---- | M] () -- \Users\Nikos\AppData\Roaming\Microsoft\Windows\Recent\bf2_serials.lnk
[2011.04.15 17:55:56 | 000,050,623 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\extension\ezoe\design\standard\javascript\classes\dom\Serializer.js
[2011.04.15 17:58:38 | 000,020,473 | ---- | M] () -- \Users\Nikos\Downloads\ezpublish_community_project-4.2011-with_ezc\ezpublish_community_project-4.2011-with_ezc\kernel\classes\ezserializedobjectnamelist.php
[2008.09.04 09:06:40 | 000,079,120 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\HfxSerial.exe
[2008.09.04 09:07:02 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-CHS.dll
[2008.09.04 09:07:04 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-DEU.dll
[2008.09.04 09:07:04 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ESP.dll
[2008.09.04 09:07:06 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-FRA.dll
[2008.09.04 09:07:10 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ITA.dll
[2008.09.04 09:07:14 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-JPN.dll
[2008.09.04 09:07:14 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-KOR.dll
[2008.09.04 09:07:16 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-NLD.dll
[2009.06.10 13:14:16 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 13:14:58 | 000,012,800 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_ja_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.08 09:38:48 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2009.06.08 09:48:36 | 000,110,592 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_ja_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.11.16 13:25:39 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a67380b6387234a8a9032ccd5c3dbf4e\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.11.16 22:08:28 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\fecb0ca59057e9d190318551d40feb22\System.Runtime.Serialization.ni.dll
[2012.11.16 22:12:41 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\b347108b7fd646ef7394352a242da23b\System.Runtime.Serialization.ni.dll
[2012.11.16 22:12:47 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e99f2bf7ebbb7bd39f49f0dd2e64a4cf\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.11.16 22:15:21 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\d82a91beb8bc33e78416d0745365761b\System.Xml.Serialization.ni.dll
[2012.11.16 07:37:31 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.11.16 07:37:29 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.11.16 07:37:35 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.04 16:53:34 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.04 16:59:44 | 000,012,800 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\JA\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.13 17:38:14 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.13 17:39:44 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.14 03:09:30 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2009.07.13 19:01:14 | 000,006,656 | ---- | M] () -- \Windows\System32\drivers\ja-JP\serial.sys.mui
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009.07.13 19:31:02 | 000,004,608 | ---- | M] () -- \Windows\System32\ja-JP\serialui.dll.mui
[2009.07.14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2011.07.17 06:27:42 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 05:56:40 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2011.07.17 06:09:57 | 000,004,608 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_c067cb47e93eb5ab_serialui.dll.mui_7d29d2a3
[2009.07.14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 04:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2009.07.13 17:54:22 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 03:28:14 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2009.07.13 20:03:52 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_ja-jp_729b5548551d8762.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 04:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009.07.14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 04:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 13:14:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 13:14:58 | 000,012,800 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_ja-jp_14094f28ab029ff6\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2009.06.08 09:38:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.06.08 09:48:36 | 000,110,592 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_ja-jp_729b5548551d8762\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009.06.10 13:14:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 13:14:58 | 000,012,800 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_322954a9b0ea044d\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.04 16:53:34 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.04 16:59:44 | 000,012,800 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_ja-jp_345a6871add887e7\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.13 17:38:14 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009.07.13 19:31:02 | 000,004,608 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_c067cb47e93eb5ab\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.06.08 09:38:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2009.06.08 09:48:36 | 000,110,592 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_cf70fc475812ca8a\System.RunTime.Serialization.Resources.dll
[2010.11.04 16:53:40 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.04 17:00:20 | 000,110,592 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_ja-jp_d1a2100f55014e24\System.RunTime.Serialization.Resources.dll
[2009.07.13 17:39:44 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 03:09:30 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_07e2c405948a55f4\serial.sys.mui
[2009.07.13 19:01:14 | 000,006,656 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_36b30c3c51d05554\serial.sys.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

OTL Extras logfile created on: 1.1.2013 14:24:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nikos\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 42,70% Memory free
4,00 Gb Paging File | 2,37 Gb Available in Paging File | 59,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 80,08 Gb Total Space | 12,16 Gb Free Space | 15,18% Space Free | Partition Type: NTFS
Drive D: | 99,61 Gb Total Space | 17,05 Gb Free Space | 17,12% Space Free | Partition Type: NTFS
Drive G: | 53,20 Gb Total Space | 27,96 Gb Free Space | 52,57% Space Free | Partition Type: NTFS

Computer Name: NIKOS-PC | User Name: Nikos | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.scr [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-3453027719-967907754-1008735648-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE prezentace fotografií] -- "C:\Program Files\dm\dm paradies foto 3\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [dm paradies foto 3] -- "C:\Program Files\dm\dm paradies foto 3\dm paradies foto 3.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{023923B2-4359-411A-A3EF-18DF149B4C0E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{073EFF34-636C-4D23-A222-1D85E360C01E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{09EF3677-FFE3-4EE8-9481-7959266B3907}" = rport=445 | protocol=6 | dir=out | app=system |
"{103BD69C-8A13-45D1-A0DF-FEF7D7FBE825}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{157A7AF4-4084-450E-8503-5C19E0317242}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{218054DE-185C-455D-93A8-395ED3A393A8}" = rport=139 | protocol=6 | dir=out | app=system |
"{29B91116-6C0D-4AE3-AE55-AAB0EDC151F4}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2CE35FFA-3AAC-4E2D-86E6-A92791D87301}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{2FF02E75-4755-48BC-BAAF-1F9C70DFEDC4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{33B01B45-3CB1-42E3-9BDD-F244E33CF184}" = rport=137 | protocol=17 | dir=out | app=system |
"{3531200E-20E9-49C9-BB8A-D8B4E9D56583}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{36010BDE-CAAE-4F1E-8AB2-96EFB4F21F4A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{383DCB12-39DA-4507-A0C9-BBF1EEB9B75B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{396D6301-47B3-47A5-8B1B-DE37E2236E0B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5BF6F002-8370-49F4-900B-4EFEB67BCB8A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{61CE0CCA-0313-43EF-8749-E40F0CAC90BC}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{68EF95A5-0B4D-48DA-800D-AE8B6F969042}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6BE453A6-AED0-4D3B-B73A-392993CA6B3E}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{6D3D60BB-7165-4A41-A160-73662713146C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6F4D5E14-A108-4B22-AC7E-04A9FF48D0D7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{702C5F7C-B44E-4224-BFBD-8F868B072E56}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{71B90EFB-0B0D-49E4-8EF9-8F5DF9BF624D}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{8323CA89-BE2D-495D-8656-D832E917ED25}" = rport=138 | protocol=17 | dir=out | app=system |
"{83A5E5CA-7424-4755-B0BC-055616E9D5BE}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{8408409B-09E2-4EDD-A270-578CE90CB15E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{85E3CD5F-2E24-4C42-AA9A-9E1297FCEFDA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B9FE6A8-78CE-4242-82CE-31F3B576615C}" = lport=445 | protocol=6 | dir=in | app=system |
"{92037221-1F4A-4701-A3C1-83185348405C}" = lport=137 | protocol=17 | dir=in | app=system |
"{9509556C-6C81-4B24-A8C1-8D27FB850651}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9C61EC89-B81C-4574-BA85-70CC48DD1A8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{A7C2A99A-AC2F-4920-85A9-7E0BBDE49119}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A95C208C-43F6-4085-93F7-A87E7DB79765}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{B623AD47-54FB-43B1-B74A-94F0F7C7B63B}" = lport=139 | protocol=6 | dir=in | app=system |
"{B711424E-B4E6-418D-8090-9DE22135D93D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BD278C4D-F6A1-4B8D-B0F7-F96BD9AE4452}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C7DF9E08-87A5-4D8B-8F2A-FDEB4DD587C5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CA744097-57AE-416D-B2DA-6B76A6020522}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CEAF3BDC-ACFC-4439-AF1A-946DE3F52AD5}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{DE335FC9-684F-40A3-8120-E07F40FCEB10}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E21AB06B-D2C0-4FE1-9D9B-E9C14D633571}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EA048B27-D269-4B90-8E05-E05F1846AE9A}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EA1D7732-98F5-4FFA-B331-848CC8FE1A76}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F63F9463-435E-4D83-A459-88C2CD171E5B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{FC5305C8-75A3-4F75-97DE-45DE1FA91BCD}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0286A419-F745-40DD-95D1-C0C6F19818FA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{09EFCADD-5119-45E1-B830-E7681323E409}" = protocol=6 | dir=in | app=c:\program files\adawaretb\dtuser.exe |
"{0AC3A3FF-4825-4B91-9BAA-678E5EAF3A4C}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{189D9D51-69D1-4C18-BD9E-543DBD504D3B}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1D0B6569-7912-4DD3-8DF7-5BCD089DB49C}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{24B0D774-9105-4CD4-BDF3-2C7D8A5AE417}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{2A7BA62D-B4F2-4634-9302-5EE6B04703D3}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{30B01697-508D-473F-987A-013FF586288F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{36D82B9B-0427-4D59-AD37-A1DB8F93C545}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3764DDFE-CB6A-4141-8429-784F1F210D0F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{397F1645-8A5A-4829-B29E-4887CED4637E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3BEDDAEF-7579-42E5-A057-F53978793D1A}" = protocol=17 | dir=in | app=c:\program files\adawaretb\dtuser.exe |
"{3F55DB70-2704-4C15-9904-652E52D47CD9}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\rm.exe |
"{4478D656-BA21-4E7A-AF40-868AB073F29A}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{466D59DC-54B7-4427-AF8A-2B1AE1F01423}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4822B06F-103A-4001-B544-AEDA5250F957}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\studio.exe |
"{495CA9D1-C331-41EC-9DE4-7AC25CE18498}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4A2BC6C1-EAD7-4676-B88F-E2F4EED85450}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{6645FD71-7D93-4AEF-95A0-1641619B0132}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6C58A259-5FF5-49A8-BA1B-75BE4995A816}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{6E7DF1C7-A245-41D8-BD45-F29CB93292F6}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6EC4E9BD-4A56-484A-A354-7FB67BB3915B}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{71A4EFEA-A270-416D-B3F3-6A22B6286A53}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{77215CD9-86F3-47A6-89AD-2CD9A79D36A4}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{7D6967F0-71CD-4181-8643-6C905F08135E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{80EC29B4-9D42-4B1F-A182-533E0A786618}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{85264015-0F1A-49A2-AC50-922045644488}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8B6AC3F3-F3EA-493D-9B31-7399C3C5A309}" = protocol=17 | dir=in | app=g:\battlefield 2\bf2.exe |
"{8D5F369C-9FF9-4F71-80D0-7F080ADF167B}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\umi.exe |
"{905BCBEF-8090-4F58-9FC3-646D55CCB8B9}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{90DF62CC-B54E-4188-ADE2-49FE730F128C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{98E52AB4-E029-4D9C-9B85-6E5640FEBBE0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A1D5DB2B-DBE5-4B51-BABE-F35F47938E71}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\rm.exe |
"{A3952651-71AE-4FCA-AD9E-436E6570408F}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A447EE5B-898B-4A6F-8950-A64407D13A7E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AFF258AF-D8C8-44C3-BBF6-6CF57A5C48A1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B017E8D2-3AEE-4B06-A967-6FCB128922FB}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{B6367BA0-189D-42E0-BC09-891A35A09919}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B9140C6F-E4C8-4F9C-8B8D-9AA3C6E07DB0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BF3FFBDF-EF19-4E4C-9FA4-43BF6FE5B7BF}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{C37A912D-3719-46E8-A470-CBCB0F5EA6C4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C9A006B2-9CF2-4033-A12C-457480F8EE6A}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CB0DB87C-26D4-4516-9AF9-FA2AC4F73BF2}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{CC24EBE2-59A3-4120-B473-7FFB23A9E1B2}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{D52DBC6B-3900-4305-BCE6-05A85B9CCFAB}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\umi.exe |
"{D5C9CE14-7487-4390-943D-1794B6134704}" = protocol=6 | dir=in | app=g:\battlefield 2\bf2.exe |
"{D6000C4C-AC87-4135-985E-703AAF87C65B}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{D654E921-6717-4311-8E28-643D6F2B8506}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{D8A24742-E109-4CD2-B594-70C8D89347DE}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{DDDF220C-D7C3-4160-9020-8CE783C90937}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\studio.exe |
"{EE541F56-9826-405F-8948-9B72E79625E2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EE879174-3854-4672-8920-436B67A4F42A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FB63B95E-E10A-4CE6-923B-88F0C8CDC4B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FF002977-6D93-4120-80E2-5145FF4F38C6}" = protocol=6 | dir=out | app=system |
"TCP Query User{4375CB9A-AA68-446E-A95D-E5E8EA6BCA40}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=6 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe |
"TCP Query User{490B205A-2085-46C9-926B-0A0C9753D2F5}D:\games\counter-strike 1.6 + half-life\counter-strike 1.6 + half-life\hl.exe" = protocol=6 | dir=in | app=d:\games\counter-strike 1.6 + half-life\counter-strike 1.6 + half-life\hl.exe |
"TCP Query User{55F6929D-3944-4E31-BAC7-D0914CA0C9E3}C:\program files\asus\rt-g32 b1 wireless router utilities\discovery\discovery.exe" = protocol=6 | dir=in | app=c:\program files\asus\rt-g32 b1 wireless router utilities\discovery\discovery.exe |
"TCP Query User{6E18D506-FD61-44BC-B48F-094D4D74B96B}C:\program files\ea games\battlefield play4free\bfp4f.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield play4free\bfp4f.exe |
"TCP Query User{7DB88152-BCB0-40AE-AF88-BF08F248ED4C}C:\program files\qip 2012\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip 2012\qip.exe |
"TCP Query User{90AA3B22-2428-4E72-8A7A-7B23A51E1AF0}C:\program files\utherverse digital inc\utherverse vww client\utherverse.exe" = protocol=6 | dir=in | app=c:\program files\utherverse digital inc\utherverse vww client\utherverse.exe |
"TCP Query User{941FE799-22FC-4071-8179-4737EAFCBF8E}D:\hry\call of duty 1\call of duty 1\codmp.exe" = protocol=6 | dir=in | app=d:\hry\call of duty 1\call of duty 1\codmp.exe |
"TCP Query User{BC19B83B-290B-4EB1-8082-3A764E8B1FC9}F:\left4dead.exe" = protocol=6 | dir=in | app=f:\left4dead.exe |
"TCP Query User{C00ACBCB-BB59-4B58-9E09-B99F33445B81}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{0CD0CAF5-CCB5-48F3-AB1F-31A168648777}D:\hry\call of duty 1\call of duty 1\codmp.exe" = protocol=17 | dir=in | app=d:\hry\call of duty 1\call of duty 1\codmp.exe |
"UDP Query User{24837999-75D2-46F6-90FD-0D408FBF2E55}C:\program files\asus\rt-g32 b1 wireless router utilities\discovery\discovery.exe" = protocol=17 | dir=in | app=c:\program files\asus\rt-g32 b1 wireless router utilities\discovery\discovery.exe |
"UDP Query User{2AACD1EB-B176-4218-8568-7E8DC1A88FF4}D:\games\counter-strike 1.6 + half-life\counter-strike 1.6 + half-life\hl.exe" = protocol=17 | dir=in | app=d:\games\counter-strike 1.6 + half-life\counter-strike 1.6 + half-life\hl.exe |
"UDP Query User{6E441C5F-3D79-46D2-A43C-96F0C52333EB}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{73D0B9CB-A27A-4447-954C-F7D0DC31A7EE}C:\program files\ea games\battlefield play4free\bfp4f.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield play4free\bfp4f.exe |
"UDP Query User{90DDE72E-1372-4859-8730-C88BF98FF924}C:\program files\utherverse digital inc\utherverse vww client\utherverse.exe" = protocol=17 | dir=in | app=c:\program files\utherverse digital inc\utherverse vww client\utherverse.exe |
"UDP Query User{E19AC370-98A1-4B1C-89F5-24498E11512A}C:\program files\qip 2012\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip 2012\qip.exe |
"UDP Query User{E44675E4-E8A0-40F5-8264-D73B3AF174B5}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=17 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe |
"UDP Query User{F400A7C0-740D-4140-A351-E224D8787684}F:\left4dead.exe" = protocol=17 | dir=in | app=f:\left4dead.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{14ECAABB-C8B9-4A09-92F7-CDF1A45B6DDE}" = Google Drive
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60644BDE-BDE7-4B37-B1C4-9B2E3BD9318C}_is1" = Denní hlídka
"{6833245E-DD86-479A-882A-8360D62C8194}" = NVIDIA PhysX
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{795C38C0-A8DB-A4AA-4641-E0F9A2BF1A36}" = ContinueToSave
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{94894501-EC12-432B-B8E2-AA8470CC6266}" = UEFA EURO 2008™
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E171988-C35B-4DFC-BA73-18BBA68778AF}" = ASUS Wireless Router RT-G32 Utilities v2.0.13.0(EU)
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.1 - Czech
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C1C6816E-CBB3-A748-85F9-A8B47B68985B}" =
"{CF097717-F174-4144-954A-FBC4BF301029}" = Nero 7 Ultra Edition
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{E07B7A31-E160-466D-A003-3BB7B8989D52}" = Full Tilt Poker.Net
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.115
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2B5A2A7-2DF9-4361-8BD5-362714528B51}" = NHL® 09
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F5C372A1-40F3-49DA-A049-F75CDE9177DC}" = Pinnacle Studio Ultimate Collection Plugins
"{F88EA069-2AB0-4FD7-AECE-E61B66078498}" = F.E.A.R
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"ACE-HIGH MP3 WAV WMA OGG Converter" = ACE-HIGH MP3 WAV WMA OGG Converter
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"avast" = avast! Free Antivirus
"BS_Player Toolbar" = BS_Player Toolbar
"BSPlayerf" = BS.Player FREE
"Camfrog 6.4" = Camfrog Video Chat 6.4
"CNXT_AUDIO_HDA" = Conexant HD Audio
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Delta Force - Black Hawk Down" = Delta Force - Black Hawk Down
"dm paradies foto 3" = dm paradies foto 3
"Google Chrome" = Google Chrome
"Hired Guns1.07.000" = Hired Guns
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.2.0
"Knoll Light Factory EZ Studio" = Knoll Light Factory EZ Studio
"Magic Bullet Looks Studio" = Magic Bullet Looks Studio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Opera 12.12.1707" = Opera 12.12
"PokerStars" = PokerStars
"PROPLUS" = Microsoft Office Professional Plus 2007
"PunkBusterSvc" = PunkBuster Services
"Red Giant ToonIt Studio" = Red Giant ToonIt Studio
"Red Light Center 3D Client" = Red Light Center 3D Client
"Rossmann Foto-Shop Software" = Rossmann Foto-Shop Software 4.9
"SP_09b71135" =
"SP_562fe2da" = Search Assistant SoftQuick 1.66
"Trapcode 3DStroke Studio" = Trapcode 3DStroke Studio
"Trapcode Particular Studio" = Trapcode Particular Studio
"Trapcode Shine Studio" = Trapcode Shine Studio
"Trillian" = Trillian
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"Update Engine" = Sony Ericsson Update Engine
"uTorrent" = µTorrent
"Winamp" = Winamp
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3453027719-967907754-1008735648-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 20.7.2012 19:36:50 | Computer Name = Nikos-PC | Source = VSS | ID = 8193
Description =

Error - 20.7.2012 19:46:26 | Computer Name = Nikos-PC | Source = VSS | ID = 13
Description =

Error - 20.7.2012 19:46:26 | Computer Name = Nikos-PC | Source = VSS | ID = 8193
Description =

Error - 20.7.2012 19:59:20 | Computer Name = Nikos-PC | Source = VSS | ID = 13
Description =

Error - 20.7.2012 19:59:20 | Computer Name = Nikos-PC | Source = VSS | ID = 8193
Description =

Error - 20.7.2012 20:10:43 | Computer Name = Nikos-PC | Source = SideBySide | ID = 16842827
Description = Selhalo generování kontextu aktivace pro: C:\Program Files\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe. Chyba v souboru manifestu nebo zásad C:\Program
Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe na řádku 2. V manifestu
není povoleno více prvků requestedPrivileges.

Error - 20.7.2012 20:30:53 | Computer Name = Nikos-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\spybot - search
& destroy\DelZip179.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\spybot - search & destroy\DelZip179.dll na řádku 8. Hodnota * atributu language
v prvku assemblyIdentity je neplatná.

Error - 20.7.2012 20:33:02 | Computer Name = Nikos-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Sony\sony pc companion\Drivers\DPInst64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 22.7.2012 5:04:30 | Computer Name = Nikos-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Sony\sony pc companion\Drivers\DPInst64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 23.7.2012 3:30:05 | Computer Name = Nikos-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Sony\sony pc companion\Drivers\DPInst64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

[ System Events ]
Error - 1.1.2013 2:46:57 | Computer Name = Nikos-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (15:48:16, ?31.?12.?2012) bylo neočekávané.

Error - 1.1.2013 2:46:55 | Computer Name = Nikos-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 1.1.2013 2:46:55 | Computer Name = Nikos-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 1.1.2013 2:48:13 | Computer Name = Nikos-PC | Source = Service Control Manager | ID = 7001
Description = Služba HomeGroup Provider závisí na službě Function Discovery Provider
Host, která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 1.1.2013 5:46:02 | Computer Name = Nikos-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 1.1.2013 5:46:02 | Computer Name = Nikos-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 1.1.2013 5:46:20 | Computer Name = Nikos-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SBRE

Error - 1.1.2013 5:46:41 | Computer Name = Nikos-PC | Source = Service Control Manager | ID = 7001
Description = Služba HomeGroup Provider závisí na službě Function Discovery Provider
Host, která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 1.1.2013 6:17:34 | Computer Name = Nikos-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 1.1.2013 6:17:34 | Computer Name = Nikos-PC | Source = atikmdag | ID = 43029
Description = Display is not active

< End of report >

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Search a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

Pěkné ráno...zde je log z adwcleaner

# AdwCleaner v2.104 - Logfile created 01/02/2013 at 08:12:28
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Nikos - NIKOS-PC
# Boot Mode : Normal
# Running from : C:\Users\Nikos\Desktop\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\.autoreg
File Found : C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml
File Found : C:\Users\Nikos\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
File Found : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\searchplugins\Askcom.xml
File Found : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\searchplugins\Conduit.xml
File Found : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\searchplugins\daemon-search.xml
File Found : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\searchplugins\qip-search.xml
File Found : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\searchplugins\WebSearch.xml
Folder Found : C:\Program Files\BS_Player
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\DAEMON Tools Toolbar
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\ProgramData\Trymedia
Folder Found : C:\Users\Nikos\AppData\Local\APN
Folder Found : C:\Users\Nikos\AppData\Local\Conduit
Folder Found : C:\Users\Nikos\AppData\LocalLow\adawaretb
Folder Found : C:\Users\Nikos\AppData\LocalLow\BS_Player
Folder Found : C:\Users\Nikos\AppData\LocalLow\Conduit
Folder Found : C:\Users\Nikos\AppData\LocalLow\uTorrentControl2
Folder Found : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\adawaretb
Folder Found : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\Conduit
Folder Found : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\ConduitCommon
Folder Found : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\CT3072253
Folder Found : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
Folder Found : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
Folder Found : C:\Users\Nikos\AppData\Roaming\pdfforge

***** [Registry] *****

Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~1\contin~1\sprote~1.dll
Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~1\softqu~1\sprote~1.dll
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\BS_Player
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\uTorrentControl2
Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\PIP
Key Found : HKLM\Software\BS_Player
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{825D1D42-3E65-4CAB-BC5C-F716C35375C3}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6114ECC-2E12-4A4E-92C3-36328423367B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F605E9A8-5BD9-46B5-AF68-331B44FF02C9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\SProtector
Key Found : HKLM\Software\uTorrentControl2
Key Found : HKU\S-1-5-21-3453027719-967907754-1008735648-1001\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKU\S-1-5-21-3453027719-967907754-1008735648-1001\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKU\S-1-5-21-3453027719-967907754-1008735648-1001\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKU\S-1-5-21-3453027719-967907754-1008735648-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKU\S-1-5-21-3453027719-967907754-1008735648-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.soft-quick.info/
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.qip.ru/ie
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.soft-quick.info/

-\\ Mozilla Firefox v3.6.13 (cs)

File : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\prefs.js

Found : user_pref("CT1750559.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT1750559.CTID", "CT1750559");
Found : user_pref("CT1750559.CurrentServerDate", "2-11-2010");
Found : user_pref("CT1750559.DialogsAlignMode", "LTR");
Found : user_pref("CT1750559.FirstServerDate", "2-11-2010");
Found : user_pref("CT1750559.FirstTime", true);
Found : user_pref("CT1750559.FixPageNotFoundErrors", true);
Found : user_pref("CT1750559.GroupingServerCheckInterval", 1440);
Found : user_pref("CT1750559.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT1750559.Initialize", true);
Found : user_pref("CT1750559.InitializeCommonPrefs", true);
Found : user_pref("CT1750559.InstalledDate", "Tue Nov 02 2010 20:17:40 GMT+0100 (Central Europe Standard Tim[...]
Found : user_pref("CT1750559.InvalidateCache", false);
Found : user_pref("CT1750559.IsGrouping", false);
Found : user_pref("CT1750559.IsMulticommunity", false);
Found : user_pref("CT1750559.IsOpenThankYouPage", true);
Found : user_pref("CT1750559.IsOpenUninstallPage", true);
Found : user_pref("CT1750559.LanguagePackLastCheckTime", "Tue Nov 02 2010 20:17:47 GMT+0100 (Central Europe [...]
Found : user_pref("CT1750559.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT1750559.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT1750559.LastLogin_2.5.6.0", "Tue Nov 02 2010 20:17:44 GMT+0100 (Central Europe Standard[...]
Found : user_pref("CT1750559.LatestVersion", "2.7.2.0");
Found : user_pref("CT1750559.Locale", "en-us");
Found : user_pref("CT1750559.LoginCache", 4);
Found : user_pref("CT1750559.MCDetectTooltipHeight", "83");
Found : user_pref("CT1750559.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT1750559.MCDetectTooltipWidth", "295");
Found : user_pref("CT1750559.RadioIsPodcast", false);
Found : user_pref("CT1750559.RadioLastCheckTime", "Tue Nov 02 2010 20:17:44 GMT+0100 (Central Europe Standar[...]
Found : user_pref("CT1750559.RadioLastUpdateIPServer", "3");
Found : user_pref("CT1750559.RadioLastUpdateServer", "128929877726170000");
Found : user_pref("CT1750559.RadioMediaID", "11237206");
Found : user_pref("CT1750559.RadioMediaType", "Media Player");
Found : user_pref("CT1750559.RadioMenuSelectedID", "EBRadioMenu_CT175055911237206");
Found : user_pref("CT1750559.RadioStationName", "1.FM%20Dance");
Found : user_pref("CT1750559.RadioStationURL", "hxxp://dance.1.fm/energydance128k?MSWMExt=.asf");
Found : user_pref("CT1750559.SHRINK_TOOLBAR", 1);
Found : user_pref("CT1750559.SavedHomepage", "resource:/browserconfig.properties");
Found : user_pref("CT1750559.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT1750559.SearchFromAddressBarIsInit", true);
Found : user_pref("CT1750559.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT175[...]
Found : user_pref("CT1750559.SearchInNewTabEnabled", true);
Found : user_pref("CT1750559.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT1750559.SearchInNewTabLastCheckTime", "Tue Nov 02 2010 20:17:44 GMT+0100 (Central Europ[...]
Found : user_pref("CT1750559.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT1750559.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT1750559.SettingsCheckIntervalMin", 120);
Found : user_pref("CT1750559.SettingsLastCheckTime", "Tue Nov 02 2010 20:17:38 GMT+0100 (Central Europe Stan[...]
Found : user_pref("CT1750559.SettingsLastUpdate", "1285580322");
Found : user_pref("CT1750559.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT1750559.ThirdPartyComponentsLastCheck", "Tue Nov 02 2010 19:40:28 GMT+0100 (Central Eur[...]
Found : user_pref("CT1750559.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT1750559.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Found : user_pref("CT1750559.UserID", "UN46092715866543355");
Found : user_pref("CT1750559.WeatherNetwork", "");
Found : user_pref("CT1750559.WeatherPollDate", "Tue Nov 02 2010 20:17:43 GMT+0100 (Central Europe Standard T[...]
Found : user_pref("CT1750559.WeatherUnit", "C");
Found : user_pref("CT1750559.alertChannelId", "31130");
Found : user_pref("CT1750559.clientLogIsEnabled", false);
Found : user_pref("CT1750559.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT1750559.myStuffEnabled", true);
Found : user_pref("CT1750559.myStuffPublihserMinWidth", 400);
Found : user_pref("CT1750559.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT1750559.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT1750559.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT1750559.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CT3072253.HasUserGlobalKeys", true);
Found : user_pref("CT3072253.ServiceMapLastCheckTime", "Sat Nov 10 2012 16:28:39 GMT+0100");
Found : user_pref("CT3072253.autoDisableScopes", -1);
Found : user_pref("CT3072253.testingCtid", "");
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Nikos\\AppData\\Roaming\\Mozilla\\F[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.0.8");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT1750559");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT1750559");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Tue Nov 02 2010 20:17:44 GMT+0100 (Cen[...]
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT1750559");
Found : user_pref("CommunityToolbar.notifications.locale", "");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 0);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Nov 10 2012 16:28:19 GMT+0100");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "");
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.userId", "9fc56bac-a0fe-4152-aebd-eba94803dfc5");
Found : user_pref("browser.search.defaultengine", "Ask.com");
Found : user_pref("browser.search.defaultthis.engineName", "BS Player Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://websearch.soft-quick.info/?l=1&q=");
Found : user_pref("browser.search.selectedEngine", "WebSearch");
Found : user_pref("browser.startup.homepage", "hxxp://websearch.soft-quick.info/");
Found : user_pref("keyword.URL", "hxxp://websearch.soft-quick.info/?l=1&q=");
Found : user_pref("browser.search.order.1", "WebSearch");
Found : user_pref("browser.search.defaultenginename", "WebSearch");
Found : user_pref("browser.search.order.1,S", "WebSearch");
Found : user_pref("browser.search.defaultenginename,S", "WebSearch");
Found : user_pref("browser.search.selectedEngine,S", "WebSearch");

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.12.1707.0

File : C:\Users\Nikos\AppData\Roaming\Opera\Opera\operaprefs.ini

Found : Home URL=hxxp://qip.ru

*************************

AdwCleaner[R1].txt - [15566 octets] - [02/01/2013 08:12:28]

########## EOF - C:\AdwCleaner[R1].txt - [15627 octets] ##########

Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Delete
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner [S1].txt ). Ten mi sem zase zkopirujte.

# AdwCleaner v2.104 - Logfile created 01/02/2013 at 12:57:09
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Nikos - NIKOS-PC
# Boot Mode : Normal
# Running from : C:\Users\Nikos\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\.autoreg
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml
File Deleted : C:\Users\Nikos\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
File Deleted : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\searchplugins\daemon-search.xml
File Deleted : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\searchplugins\qip-search.xml
File Deleted : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\searchplugins\WebSearch.xml
Folder Deleted : C:\Program Files\BS_Player
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\Nikos\AppData\Local\APN
Folder Deleted : C:\Users\Nikos\AppData\Local\Conduit
Folder Deleted : C:\Users\Nikos\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\Nikos\AppData\LocalLow\BS_Player
Folder Deleted : C:\Users\Nikos\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Nikos\AppData\LocalLow\uTorrentControl2
Folder Deleted : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\adawaretb
Folder Deleted : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\Conduit
Folder Deleted : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\ConduitCommon
Folder Deleted : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\CT3072253
Folder Deleted : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
Folder Deleted : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
Folder Deleted : C:\Users\Nikos\AppData\Roaming\pdfforge

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~1\contin~1\sprote~1.dll
Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~1\softqu~1\sprote~1.dll
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl2
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKLM\Software\BS_Player
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{825D1D42-3E65-4CAB-BC5C-F716C35375C3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6114ECC-2E12-4A4E-92C3-36328423367B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F605E9A8-5BD9-46B5-AF68-331B44FF02C9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\uTorrentControl2
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.qip.ru --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.soft-quick.info/ --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://qip.ru --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.qip.ru/ie --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.soft-quick.info/ --> hxxp://www.google.com

-\\ Mozilla Firefox v3.6.13 (cs)

File : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\prefs.js

C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\user.js ... Deleted !

Deleted : user_pref("CT1750559.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT1750559.CTID", "CT1750559");
Deleted : user_pref("CT1750559.CurrentServerDate", "2-11-2010");
Deleted : user_pref("CT1750559.DialogsAlignMode", "LTR");
Deleted : user_pref("CT1750559.FirstServerDate", "2-11-2010");
Deleted : user_pref("CT1750559.FirstTime", true);
Deleted : user_pref("CT1750559.FixPageNotFoundErrors", true);
Deleted : user_pref("CT1750559.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT1750559.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT1750559.Initialize", true);
Deleted : user_pref("CT1750559.InitializeCommonPrefs", true);
Deleted : user_pref("CT1750559.InstalledDate", "Tue Nov 02 2010 20:17:40 GMT+0100 (Central Europe Standard Tim[...]
Deleted : user_pref("CT1750559.InvalidateCache", false);
Deleted : user_pref("CT1750559.IsGrouping", false);
Deleted : user_pref("CT1750559.IsMulticommunity", false);
Deleted : user_pref("CT1750559.IsOpenThankYouPage", true);
Deleted : user_pref("CT1750559.IsOpenUninstallPage", true);
Deleted : user_pref("CT1750559.LanguagePackLastCheckTime", "Tue Nov 02 2010 20:17:47 GMT+0100 (Central Europe [...]
Deleted : user_pref("CT1750559.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT1750559.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT1750559.LastLogin_2.5.6.0", "Tue Nov 02 2010 20:17:44 GMT+0100 (Central Europe Standard[...]
Deleted : user_pref("CT1750559.LatestVersion", "2.7.2.0");
Deleted : user_pref("CT1750559.Locale", "en-us");
Deleted : user_pref("CT1750559.LoginCache", 4);
Deleted : user_pref("CT1750559.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT1750559.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT1750559.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT1750559.RadioIsPodcast", false);
Deleted : user_pref("CT1750559.RadioLastCheckTime", "Tue Nov 02 2010 20:17:44 GMT+0100 (Central Europe Standar[...]
Deleted : user_pref("CT1750559.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT1750559.RadioLastUpdateServer", "128929877726170000");
Deleted : user_pref("CT1750559.RadioMediaID", "11237206");
Deleted : user_pref("CT1750559.RadioMediaType", "Media Player");
Deleted : user_pref("CT1750559.RadioMenuSelectedID", "EBRadioMenu_CT175055911237206");
Deleted : user_pref("CT1750559.RadioStationName", "1.FM%20Dance");
Deleted : user_pref("CT1750559.RadioStationURL", "hxxp://dance.1.fm/energydance128k?MSWMExt=.asf");
Deleted : user_pref("CT1750559.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT1750559.SavedHomepage", "resource:/browserconfig.properties");
Deleted : user_pref("CT1750559.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT1750559.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT1750559.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT175[...]
Deleted : user_pref("CT1750559.SearchInNewTabEnabled", true);
Deleted : user_pref("CT1750559.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT1750559.SearchInNewTabLastCheckTime", "Tue Nov 02 2010 20:17:44 GMT+0100 (Central Europ[...]
Deleted : user_pref("CT1750559.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT1750559.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT1750559.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT1750559.SettingsLastCheckTime", "Tue Nov 02 2010 20:17:38 GMT+0100 (Central Europe Stan[...]
Deleted : user_pref("CT1750559.SettingsLastUpdate", "1285580322");
Deleted : user_pref("CT1750559.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT1750559.ThirdPartyComponentsLastCheck", "Tue Nov 02 2010 19:40:28 GMT+0100 (Central Eur[...]
Deleted : user_pref("CT1750559.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT1750559.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Deleted : user_pref("CT1750559.UserID", "UN46092715866543355");
Deleted : user_pref("CT1750559.WeatherNetwork", "");
Deleted : user_pref("CT1750559.WeatherPollDate", "Tue Nov 02 2010 20:17:43 GMT+0100 (Central Europe Standard T[...]
Deleted : user_pref("CT1750559.WeatherUnit", "C");
Deleted : user_pref("CT1750559.alertChannelId", "31130");
Deleted : user_pref("CT1750559.clientLogIsEnabled", false);
Deleted : user_pref("CT1750559.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT1750559.myStuffEnabled", true);
Deleted : user_pref("CT1750559.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT1750559.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT1750559.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT1750559.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT1750559.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CT3072253.HasUserGlobalKeys", true);
Deleted : user_pref("CT3072253.ServiceMapLastCheckTime", "Sat Nov 10 2012 16:28:39 GMT+0100");
Deleted : user_pref("CT3072253.autoDisableScopes", -1);
Deleted : user_pref("CT3072253.testingCtid", "");
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Nikos\\AppData\\Roaming\\Mozilla\\F[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.0.8");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT1750559");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT1750559");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Tue Nov 02 2010 20:17:44 GMT+0100 (Cen[...]
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT1750559");
Deleted : user_pref("CommunityToolbar.notifications.locale", "");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 0);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Nov 10 2012 16:28:19 GMT+0100");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "");
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.userId", "9fc56bac-a0fe-4152-aebd-eba94803dfc5");
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultthis.engineName", "BS Player Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.soft-quick.info/?l=1&q=");
Deleted : user_pref("browser.search.selectedEngine", "WebSearch");
Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.soft-quick.info/");
Deleted : user_pref("keyword.URL", "hxxp://websearch.soft-quick.info/?l=1&q=");
Deleted : user_pref("browser.search.order.1", "WebSearch");
Deleted : user_pref("browser.search.defaultenginename", "WebSearch");
Deleted : user_pref("browser.search.order.1,S", "WebSearch");
Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.12.1707.0

File : C:\Users\Nikos\AppData\Roaming\Opera\Opera\operaprefs.ini

Deleted : Home URL=hxxp://qip.ru

*************************

AdwCleaner[R1].txt - [15697 octets] - [02/01/2013 08:12:28]
AdwCleaner[S1].txt - [15562 octets] - [02/01/2013 12:57:09]

########## EOF - C:\AdwCleaner[S1].txt - [15623 octets] ##########

Udelejte !!!uplnou!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Omlouvám se za zpoždění....tady je log

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.01.05.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Nikos :: NIKOS-PC [administrátor]

5.1.2013 12:09:41
MBAM-log-2013-01-05 (14-07-06).txt

Typ: Kompletní kontrola (C:\|D:\|G:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 455097
Uplynulý čas: 1 hodin, 33 minut, 29 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\Users\Nikos\Downloads\DownloadManagerSetup.exe (Adware.Agent) -> Nebyla provedena žádná instrukce.
D:\Zoner Photo\Zoner Photo Studio Professional 11.0.1.9. [CORE-Keygen] [ENG] [Arx]\keygen\CORE10k.EXE (Dont.Steal.Our.Software) -> Nebyla provedena žádná instrukce.

(konec)

Nalezy nechte odstranit, pak MBAM odinstalujte.

Dejte novy log z RSIT

Zopakujte krok s OTL (tentokrat uz vznikne jen jeden log a ten prve chci videt), pak budem mazat.

MBAM odinstalováno

zde je RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Nikos at 2013-01-05 15:57:40
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 12 GB (15%) free of 82 GB
Total RAM: 2046 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:57:55, on 5.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Nikos\Desktop\Antivíry\RSIT.exe
C:\Program Files\trend micro\Nikos.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
O2 - BHO: continuetosave - {B6CD0FE8-3D38-3FC9-2EAC-719A63666601} - C:\ProgramData\continuetosave\50db362d8ce63.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

--
End of file - 6387 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 7265e1a6-8e8f-4f2f-aa0b-197e3408008b.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task c5387644-9715-435f-876d-921df2a91af2.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "extensions.enabledItems" - "firegestures@xuldev.org:1.6.5, wrc@avast.com:7.0.1466, support@mask-myip.com:1.0, {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31, {687578b9-7132-4a7a-80e4-30ee31099e03}:3.12.0.8, {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.2.1, {87934c42-161d-45bc-8cef-ef18abe2a30c}:2.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"

"Cetrumcz@igeared"=C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
"50db362d8cc9e@50db362d8ccd7.com"=C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\50db362d8cc9e@50db362d8ccd7.com

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.135 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
np32dsw.dll
npnul32.dll
NPOFF12.DLL
nppdf32.dll
ShockwavePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
Cetrumcz_igeared.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\x04zy9eq.default\extensions\
50db362d8cc9e@50db362d8ccd7.com
firegestures@xuldev.org
jid1-yZwVFzbsyfMrqQ@jetpack
support@mask-myip.com
{87934c42-161d-45bc-8cef-ef18abe2a30c}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-04 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6CD0FE8-3D38-3FC9-2EAC-719A63666601}]
continuetosave - C:\ProgramData\continuetosave\50db362d8ce63.dll [2012-12-26 118272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-04 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-10-30 4297136]
"Ad-Aware Browsing Protection"=C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [2011-10-21 198032]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2012-12-09 969104]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-11-01 4763008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe [2007-06-29 1373480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.l3fhg"=mp3fhg.acm
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2013-01-05 15:55:42 ----A---- C:\Windows\system32\drivers\whbt.sys
2013-01-05 11:49:57 ----D---- C:\Users\Nikos\AppData\Roaming\Malwarebytes
2013-01-05 11:49:22 ----D---- C:\ProgramData\Malwarebytes
2013-01-02 12:57:09 ----A---- C:\AdwCleaner[S1].txt
2013-01-02 08:12:28 ----A---- C:\AdwCleaner[R1].txt
2013-01-01 16:02:01 ----D---- C:\Users\Nikos\AppData\Roaming\SUPERAntiSpyware.com
2013-01-01 16:01:48 ----D---- C:\Program Files\SUPERAntiSpyware
2013-01-01 16:01:47 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2013-01-01 09:07:57 ----D---- C:\rsit
2012-12-31 15:00:23 ----A---- C:\Windows\system32\SBRC.dat
2012-12-31 10:09:33 ----D---- C:\ProgramData\Ad-Aware Browsing Protection
2012-12-31 10:07:46 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2012-12-27 12:07:50 ----D---- C:\Windows\FltMgr
2012-12-27 12:07:47 ----D---- C:\Program Files\PogiSys
2012-12-26 18:20:36 ----D---- C:\ProgramData\WoW Worldwide Software LTD
2012-12-26 18:20:36 ----D---- C:\Program Files\SoftQuick
2012-12-26 18:20:17 ----D---- C:\Program Files\ContinueToSave
2012-12-26 18:20:11 ----D---- C:\ProgramData\continuetosave
2012-12-23 11:45:24 ----A---- C:\Windows\system32\drivers\PnkBstrK.sys
2012-12-23 11:45:23 ----A---- C:\Users\Nikos\AppData\Roaming\PnkBstrK.sys
2012-12-23 11:44:47 ----A---- C:\Windows\system32\PnkBstrB.exe
2012-12-23 11:44:33 ----A---- C:\Windows\system32\PnkBstrA.exe
2012-12-23 11:30:59 ----D---- C:\Program Files\EA Games
2012-12-21 20:35:10 ----A---- C:\Windows\system32\atmfd.dll
2012-12-21 20:35:09 ----A---- C:\Windows\system32\atmlib.dll
2012-12-21 08:44:30 ----A---- C:\Windows\system32\drivers\USBDrv.sys
2012-12-12 21:23:39 ----A---- C:\Windows\system32\vbscript.dll
2012-12-12 21:23:39 ----A---- C:\Windows\system32\mshtmled.dll
2012-12-12 21:23:38 ----A---- C:\Windows\system32\jsproxy.dll
2012-12-12 21:23:38 ----A---- C:\Windows\system32\ieui.dll
2012-12-12 21:23:37 ----A---- C:\Windows\system32\msfeeds.dll
2012-12-12 21:23:37 ----A---- C:\Windows\system32\ieUnatt.exe
2012-12-12 21:23:36 ----A---- C:\Windows\system32\wininet.dll
2012-12-12 21:23:36 ----A---- C:\Windows\system32\jscript.dll
2012-12-12 21:23:35 ----A---- C:\Windows\system32\url.dll
2012-12-12 21:23:35 ----A---- C:\Windows\system32\jscript9.dll
2012-12-12 21:23:34 ----A---- C:\Windows\system32\iertutil.dll
2012-12-12 21:23:33 ----A---- C:\Windows\system32\urlmon.dll
2012-12-12 21:23:32 ----A---- C:\Windows\system32\ieframe.dll
2012-12-12 21:23:29 ----A---- C:\Windows\system32\mshtml.dll
2012-12-12 10:47:20 ----A---- C:\Windows\system32\win32k.sys
2012-12-12 10:47:00 ----A---- C:\Windows\system32\KernelBase.dll
2012-12-12 10:46:58 ----A---- C:\Windows\system32\kernel32.dll
2012-12-12 10:46:57 ----A---- C:\Windows\system32\winsrv.dll
2012-12-12 10:46:57 ----A---- C:\Windows\system32\conhost.exe
2012-12-12 10:46:51 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-12 10:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-12-12 10:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-12-12 10:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-12 10:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-12-12 10:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-12 10:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-12 10:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-12 10:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-12-12 10:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-12-12 10:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-12-12 10:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-12 10:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-12 10:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-12-12 10:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-12 10:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-12-12 10:46:48 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-12-12 10:46:48 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-12 10:46:48 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-12-12 10:46:48 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-12-12 10:46:48 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-12-12 10:46:46 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-12-12 10:46:46 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-12-12 10:46:46 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-12-12 10:46:46 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-12-12 10:46:45 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-12 10:46:45 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-12-12 10:46:45 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-12-12 10:46:24 ----A---- C:\Windows\system32\dpnet.dll
2012-12-12 10:46:01 ----A---- C:\Windows\system32\tzres.dll
2012-12-09 17:17:48 ----D---- C:\ProgramData\tmp
2012-12-09 17:17:46 ----D---- C:\ProgramData\hps
2012-12-09 17:16:18 ----D---- C:\Program Files\dm

======List of files/folders modified in the last 1 month======

2013-01-05 15:57:55 ----D---- C:\Windows\Prefetch
2013-01-05 15:57:49 ----D---- C:\Windows\Temp
2013-01-05 15:57:48 ----D---- C:\Program Files\trend micro
2013-01-05 15:57:21 ----RD---- C:\Program Files
2013-01-05 15:57:20 ----D---- C:\Windows\system32\drivers
2013-01-05 15:55:42 ----D---- C:\Windows\WindowsMobile
2013-01-05 11:49:22 ----HD---- C:\ProgramData
2013-01-05 08:32:13 ----D---- C:\Windows\system32\config
2013-01-04 08:50:49 ----SHD---- C:\System Volume Information
2013-01-03 11:08:52 ----D---- C:\Users\Nikos\AppData\Roaming\uTorrent
2013-01-02 12:57:16 ----D---- C:\Program Files\Mozilla Firefox
2013-01-02 08:10:42 ----D---- C:\Windows\Tasks
2013-01-01 18:48:16 ----D---- C:\Windows\system32\Tasks
2013-01-01 10:44:20 ----D---- C:\Windows\System32
2013-01-01 10:44:19 ----SD---- C:\ProgramData\Microsoft
2013-01-01 10:43:26 ----SHD---- C:\Windows\Installer
2013-01-01 10:43:07 ----D---- C:\Program Files\Ad-Aware Antivirus
2012-12-31 14:13:57 ----D---- C:\Windows
2012-12-31 10:47:23 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-12-31 10:15:19 ----D---- C:\Users\Nikos\AppData\Roaming\Ad-Aware Antivirus
2012-12-27 17:27:18 ----D---- C:\Windows\inf
2012-12-27 17:27:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-12-27 09:16:05 ----D---- C:\Program Files\Common Files\InstallShield
2012-12-27 09:15:30 ----HD---- C:\Program Files\InstallShield Installation Information
2012-12-26 18:23:59 ----D---- C:\Games
2012-12-25 18:08:31 ----D---- C:\Users\Nikos\AppData\Roaming\Skype
2012-12-23 11:44:31 ----D---- C:\Windows\system32\LogFiles
2012-12-23 07:34:32 ----D---- C:\Program Files\Opera
2012-12-22 08:03:51 ----D---- C:\Windows\winsxs
2012-12-21 20:35:37 ----D---- C:\Windows\system32\catroot
2012-12-21 20:35:22 ----D---- C:\Windows\system32\catroot2
2012-12-21 20:01:38 ----D---- C:\Windows\system32\DriverStore
2012-12-21 09:27:33 ----D---- C:\ProgramData\Sony Ericsson
2012-12-21 09:26:58 ----D---- C:\Program Files\Sony Ericsson
2012-12-13 17:33:32 ----D---- C:\Windows\rescache
2012-12-13 13:54:14 ----D---- C:\Windows\system32\ja-JP
2012-12-13 13:54:14 ----D---- C:\Windows\system32\en-US
2012-12-13 13:54:14 ----D---- C:\Windows\system32\cs-CZ
2012-12-13 13:54:13 ----D---- C:\Windows\system32\migration
2012-12-13 13:54:13 ----D---- C:\Program Files\Internet Explorer
2012-12-12 21:23:27 ----D---- C:\ProgramData\Microsoft Help
2012-12-12 21:20:23 ----A---- C:\Windows\system32\MRT.exe
2012-12-11 20:57:20 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-12-08 20:35:16 ----D---- C:\Rossmann FOTOSHOP

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-03 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2011-05-18 40320]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-01-15 70144]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]
S0 qwiua;qwiua; C:\Windows\System32\drivers\whbt.sys [2013-01-05 54016]
S1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 a6er9pfo;a6er9pfo; C:\Windows\system32\drivers\a6er9pfo.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-08-02 12400]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-08-02 25200]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\Windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\drivers\usb8023x.sys [2009-07-14 15872]
S3 usbUDisc;usbUDisc; C:\Windows\system32\DRIVERS\USBDrv.sys [2012-12-21 7040]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-10-30 44808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-12-23 76888]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-12-08 1527104]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-01 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-06-07 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-11 250808]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-01 136176]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-07 1343400]

-----------------EOF-----------------

VIRY.CZ

Preventivka - asi malware

Preventivka - asi malware

Re: Preventivka - asi malware

Re: Preventivka - asi malware

Re: Preventivka - asi malware

Re: Preventivka - asi malware

Re: Preventivka - asi malware

Re: Preventivka - asi malware

Re: Preventivka - asi malware

Re: Preventivka - asi malware

Re: Preventivka - asi malware

Re: Preventivka - asi malware

Re: Preventivka - asi malware

Re: Preventivka - asi malware

Re: Preventivka - asi malware

Re: Preventivka - asi malware