VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

PC do 2min zamrzne

https://forum.viry.cz:443/viewtopic.php?t=127313

Stránka 1 z 3

PC do 2min zamrzne

Napsal: 16 led 2013 21:02
od tomsk
Caute, poslednu dobu asi 1 tyzden mi PC zamrzne po starte windowsu (v nudzovom rezime mi nezamrzol este iba v nudzovom rezime s network) do cca 2 min a nic sa neda robit iba restart a restartovat kym uz nezamrzne zasa, lebo ono nezamrza vzdy to je ako keby nejaka % sanca ze zamrzne PC :D no nizsie dodavam log z RSIT + konfiguracie mojho PC

Konfiguracia:
OS: Windows 7 Professional 64bit
CPU: Intel Core 2 Duo 3.3Ghz
RAM: 4GB
GPU: Asus EAH6850
Motherboard: Asus P5KR

Re: PC do 2min zamrzne

Napsal: 16 led 2013 21:17
od Rudy
Zdravím!
RSIT vám dá 2 logy. Potřebuji vidět obsah souboru log.txt. Z info.txt nevyčtu nic.

Re: PC do 2min zamrzne

Napsal: 16 led 2013 21:24
od tomsk
Prepacte nejak som to prehliadol :)

Kód: Vybrat vše

Logfile of random's system information tool 1.08 (written by random/random)
Run by tomsk at 2013-01-16 21:23:20
Microsoft Windows 7 Professional  Service Pack 1
System drive C: has 4 GB (3%) free of 150 GB
Total RAM: 4095 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:23:23, on 16. 1. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\trend micro\tomsk.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 190.210.56.155 taleworlds.com
O1 - Hosts: 190.210.56.155 http://www.taleworlds.com
O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-158558460-2646869902-57166230-1001\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun (User '?')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Prevziať pomocou FDM - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Prevziať video pomocou FDM - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Prevziať vybrané pomocou FDM - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Prevziať všetko pomocou FDM - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {6685D182-E710-4193-9678-785C6B7290E5} (Media Control) - http://snehuliak.dynalias.net/Option/Media.CAB
O16 - DPF: {79EE81BD-6194-4240-A04F-131A81513DCB} (Media Control) - http://snehuliak.dynalias.net/Media.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: base64 - (no CLSID) - (no file)
O18 - Protocol: chrome - (no CLSID) - (no file)
O18 - Protocol: prox - (no CLSID) - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft, Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: COMODO System - Cleaner Service (Cleaner_Validator) - Unknown owner - C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
O23 - Service: Desura Install Service - Desura Pty Ltd - C:\Program Files (x86)\Common Files\Desura\desura_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: Overwolf Updater Service (OverwolfUpdaterService) - Overwolf Ltd - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: webcamXP Service (wxpSvc) - Unknown owner - C:\Program Files (x86)\wLite\wService.exe

--
End of file - 14081 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=63a3811d-6540-4d26-a350-826b9e710711 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\2a3c487d-64d0-4354-b529-11192e0ce279-1d0-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
"C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\Sandboxie\SbieSvc.exe"
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\AVG\AVG2013\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
"C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe"
"C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe"
C:\Windows\system32\inetsrv\inetinfo.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe"
C:\Windows\system32\svchost.exe -k iissvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
WLIDSvcM.exe 2868
"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" 
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=e49ec860-d54b-483d-9c9a-4f445566d654 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\3084362b-11b0-4701-8c74-f53de6b1e241-c30-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3804.560aa00.637944341 "C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\npsitesafety.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 3804 "\\.\pipe\gecko-crash-server-pipe.3804" plugin
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3804.12be6700.988820948 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 3804 "\\.\pipe\gecko-crash-server-pipe.3804" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe" --proxy-stub-channel=Flash5024.6B97EFD0.41 --host-broker-channel=Flash5024.6B97EFD0.18467 --host-pid=5024 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe" --channel=5060.0028F288.1117848054 --proxy-stub-channel=Flash5024.6B97EFD0.41 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll" --host-npapi-version=27 --type=renderer
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe" 
"C:\Program Files (x86)\Skype\Phone\Skype.exe" 
"C:\Program Files (x86)\Steam\Steam.exe" 
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-228d5545-c997-498a-905d-2a97a13613f4 -SystemEventPortName:HostProcess-a49dfe2a-092f-43f2-9c3a-f1b57fab79d0 -IoCancelEventPortName:HostProcess-a4bc8f46-07ff-4cb5-b3e3-68cf4b748a7c -NonStateChangingEventPortName:HostProcess-934cfd99-63db-4bb2-a80c-3e5bc702b925 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fd08ed10-e78a-4e56-9041-88a247689243 -DeviceGroupId:WpdFsGroup
"C:\Users\tomsk\Downloads\RSITx64.exe" 
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AmiUpdXp.job
C:\Windows\tasks\COMODO Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [2012-10-10 287048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00cbb66b-1d3b-46d3-9577-323a336acb50}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-10-23 426736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-12-30 1796552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DDA57003-0068-4ed2-9D32-4D1EC707D94D}]
Microsoft Web Test Recorder 10.0 Helper - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19 61360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll [2012-10-10 233288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-12-30 1796552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe /AutoStart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6]
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2012-09-24 490880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser companion helper]
C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO]
C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe [2011-11-23 213304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO Internet Security]
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe -h []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPA]
C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe [2011-11-23 184120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desura]
C:\Program Files (x86)\Desura\desura.exe [2012-10-02 2529096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
E:\Origin\Origin.exe [2012-12-10 3492504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameXN GO]
C:\ProgramData\GameXN\GameXNGO.exe [2012-12-04 348440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2010-10-28 294912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HydraVisionDesktopManager]
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2011-04-27 393216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [2011-01-13 6129496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MurGee.com Auto Clicker]
C:\Program Files (x86)\Auto Clicker\AutoClicker.exe [2012-08-25 76024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2Pcontrol]
C:\Program Files (x86)\P2Pcontrol\winrun.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2012-08-17 336992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2012-04-18 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_ROC_NT]
C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe / /PROMPT /CMPID=ROC_NT []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_roc_ssl_v12]
 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
C:\Program Files\Sandboxie\SbieCtrl.exe [2012-08-25 765200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-02-14 636032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-10-23 296096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tvncontrol]
C:\Program Files (x86)\TightVNC\tvnserver.exe -controlservice -slave []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
c:\program files (x86)\avg secure search\vprot.exe [2012-12-30 997320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~2\MCAFEE~1\202B13~1.181\SSSCHE~1.EXE  []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Ultra Hal Text-to-Speech Reader Startup.lnk]
C:\Windows\Installer\{96EF451E-A402-44D8-BAEE-D70D558A4122}\New_Shortcut_S1449_0EB7CDB78E0C4A918D2CA535D5B8160C.exe -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^tomsk^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]
C:\PROGRA~2\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2012-12-11 3147384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="          "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=157

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2013-01-16 20:57:17 ----D---- C:\rsit
2013-01-13 16:32:28 ----A---- C:\Uninstall.exe
2013-01-11 13:32:18 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-01-07 14:40:59 ----A---- C:\Uninstall.ini
2013-01-07 14:40:47 ----D---- C:\Minecraft-NovyVek
2013-01-06 22:05:25 ----D---- C:\Users\tomsk\AppData\Roaming\FreemakeVideoDownloader
2013-01-06 22:03:06 ----D---- C:\Program Files\WinPcap
2013-01-06 22:01:55 ----D---- C:\ProgramData\Freemake
2013-01-06 22:01:22 ----D---- C:\Program Files (x86)\Freemake
2013-01-03 16:16:40 ----A---- C:\Windows\system32\dpnet.dll
2013-01-03 16:16:39 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2012-12-30 15:48:54 ----D---- C:\Program Files (x86)\SeaMonkey
2012-12-30 15:47:26 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-12-29 23:57:44 ----A---- C:\Windows\ntbtlog.txt
2012-12-29 21:13:57 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-12-29 21:13:57 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2012-12-29 21:13:57 ----A---- C:\Windows\system32\atmlib.dll
2012-12-29 21:13:57 ----A---- C:\Windows\system32\atmfd.dll
2012-12-29 21:13:29 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-12-29 21:13:29 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-12-29 21:13:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-12-29 21:13:29 ----A---- C:\Windows\system32\msfeeds.dll
2012-12-29 21:13:29 ----A---- C:\Windows\system32\ieui.dll
2012-12-29 21:13:28 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-12-29 21:13:28 ----A---- C:\Windows\system32\mshtmled.dll
2012-12-29 21:13:28 ----A---- C:\Windows\system32\ieframe.dll
2012-12-29 21:13:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-12-29 21:13:27 ----A---- C:\Windows\system32\mshtml.dll
2012-12-29 21:13:27 ----A---- C:\Windows\system32\ieUnatt.exe
2012-12-29 21:13:26 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-12-29 21:13:26 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-12-29 21:13:26 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-12-29 21:13:26 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-12-29 21:13:26 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-12-29 21:13:26 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-12-29 21:13:26 ----A---- C:\Windows\system32\wininet.dll
2012-12-29 21:13:26 ----A---- C:\Windows\system32\vbscript.dll
2012-12-29 21:13:26 ----A---- C:\Windows\system32\jsproxy.dll
2012-12-29 21:13:26 ----A---- C:\Windows\system32\jscript9.dll
2012-12-29 21:13:26 ----A---- C:\Windows\system32\jscript.dll
2012-12-29 21:13:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-12-29 21:13:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-12-29 21:13:24 ----A---- C:\Windows\system32\urlmon.dll
2012-12-29 21:13:24 ----A---- C:\Windows\system32\iertutil.dll
2012-12-29 21:13:23 ----A---- C:\Windows\SYSWOW64\url.dll
2012-12-29 21:13:23 ----A---- C:\Windows\system32\url.dll
2012-12-29 21:12:39 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2012-12-29 21:12:39 ----A---- C:\Windows\system32\rdpudd.dll
2012-12-29 21:12:39 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2012-12-29 21:12:39 ----A---- C:\Windows\system32\rdpcorets.dll
2012-12-29 21:12:39 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2012-12-29 21:12:38 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2012-12-29 21:12:38 ----A---- C:\Windows\system32\TSWbPrxy.exe
2012-12-29 21:12:38 ----A---- C:\Windows\system32\rdpendp_winip.dll
2012-12-29 21:12:38 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2012-12-29 21:12:37 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2012-12-29 21:12:37 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2012-12-29 21:12:37 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2012-12-29 21:12:37 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-12-29 21:12:37 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-12-29 21:12:37 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2012-12-29 21:12:37 ----A---- C:\Windows\system32\mstsc.exe
2012-12-29 21:12:36 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2012-12-29 21:12:36 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2012-12-29 21:12:36 ----A---- C:\Windows\system32\wksprtPS.dll
2012-12-29 21:12:36 ----A---- C:\Windows\system32\wksprt.exe
2012-12-29 21:12:36 ----A---- C:\Windows\system32\tsgqec.dll
2012-12-29 21:12:36 ----A---- C:\Windows\system32\mstscax.dll
2012-12-29 21:12:36 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2012-12-29 21:12:36 ----A---- C:\Windows\system32\aaclient.dll
2012-12-29 21:11:59 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-12-29 21:11:59 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-12-29 21:11:59 ----A---- C:\Windows\system32\schannel.dll
2012-12-29 21:11:59 ----A---- C:\Windows\system32\ncrypt.dll
2012-12-29 21:11:59 ----A---- C:\Windows\system32\lsasrv.dll
2012-12-29 21:11:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-12-29 21:11:59 ----A---- C:\Windows\system32\drivers\cng.sys
2012-12-29 21:11:58 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-12-29 21:11:58 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-12-29 20:49:20 ----D---- C:\Users\tomsk\AppData\Roaming\AVG2013
2012-12-29 20:41:36 ----D---- C:\Program Files (x86)\AVG Secure Search
2012-12-29 20:40:31 ----HD---- C:\$AVG
2012-12-29 20:40:31 ----D---- C:\ProgramData\AVG2013
2012-12-29 20:39:47 ----D---- C:\Program Files (x86)\AVG
2012-12-29 20:33:34 ----A---- C:\Windows\system32\KernelBase.dll
2012-12-29 20:33:34 ----A---- C:\Windows\system32\kernel32.dll
2012-12-29 20:33:33 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-12-29 20:33:33 ----A---- C:\Windows\system32\winsrv.dll
2012-12-29 20:33:33 ----A---- C:\Windows\system32\conhost.exe
2012-12-29 20:33:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-12-29 20:33:31 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-12-29 20:33:31 ----A---- C:\Windows\system32\wow64win.dll
2012-12-29 20:33:31 ----A---- C:\Windows\system32\wow64.dll
2012-12-29 20:33:31 ----A---- C:\Windows\system32\ntvdm64.dll
2012-12-29 20:33:30 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-12-29 20:33:30 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-12-29 20:33:30 ----A---- C:\Windows\system32\wow64cpu.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-12-29 20:33:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-12-29 20:33:29 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-12-29 20:33:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-12-29 20:33:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-12-29 20:33:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-12-29 20:33:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-29 20:33:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-12-29 20:33:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-12-29 20:33:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-12-29 20:33:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-12-29 20:33:28 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-12-29 20:33:28 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-12-29 20:33:28 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-12-29 20:33:28 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-12-29 20:33:28 ----A---- C:\Windows\SYSWOW64\user.exe
2012-12-29 20:33:05 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-12-29 20:33:05 ----A---- C:\Windows\system32\tzres.dll
2012-12-29 20:32:47 ----A---- C:\Windows\system32\win32k.sys
2012-12-29 20:26:19 ----SHD---- C:\Config.Msi
2012-12-24 22:05:00 ----D---- C:\Users\tomsk\AppData\Roaming\.minecraft
2012-12-24 19:49:52 ----A---- C:\Windows\unvise32.exe
2012-12-21 23:54:13 ----D---- C:\Users\tomsk\AppData\Roaming\CyberLink
2012-12-21 23:50:45 ----D---- C:\ProgramData\Apple Computer
2012-12-21 23:40:56 ----D---- C:\Program Files\CyberLink
2012-12-21 23:35:27 ----D---- C:\ProgramData\Temp
2012-12-21 23:35:12 ----D---- C:\ProgramData\install_clap
2012-12-21 23:13:31 ----D---- C:\ProgramData\CyberLink
2012-12-21 22:53:51 ----D---- C:\ProgramData\dvdfab
2012-12-21 22:49:08 ----D---- C:\Users\tomsk\AppData\Roaming\YourFileDownloader
2012-12-21 22:17:54 ----D---- C:\Users\tomsk\AppData\Roaming\GoforFiles
2012-12-21 21:54:56 ----D---- C:\Users\tomsk\AppData\Roaming\Thinstall
2012-12-21 21:54:34 ----D---- C:\ProgramData\AxaraMedia
2012-12-21 19:37:39 ----D---- C:\Users\tomsk\AppData\Roaming\4Media
2012-12-21 19:37:08 ----D---- C:\ProgramData\4Media
2012-12-21 18:42:24 ----D---- C:\Program Files (x86)\Yontoo
2012-12-21 18:42:15 ----D---- C:\Users\tomsk\AppData\Roaming\ExpressFiles
2012-12-21 18:39:19 ----D---- C:\Users\tomsk\AppData\Roaming\iPumper
2012-12-21 18:36:39 ----D---- C:\Users\tomsk\AppData\Roaming\AVCWare
2012-12-21 18:33:28 ----D---- C:\ProgramData\AVCWare
2012-12-21 18:33:28 ----D---- C:\Program Files (x86)\AVCWare
2012-12-20 21:26:40 ----D---- C:\Users\tomsk\AppData\Roaming\AxaraMedia
2012-12-20 21:26:07 ----A---- C:\Windows\SYSWOW64\msxml3a.dll
2012-12-20 21:25:59 ----D---- C:\Program Files (x86)\AxaraMedia
2012-12-20 21:25:59 ----A---- C:\Windows\SYSWOW64\mpg4c32.dll
2012-12-20 21:25:59 ----A---- C:\Windows\SYSWOW64\mcdvd_32.dll
2012-12-20 21:25:59 ----A---- C:\Windows\SYSWOW64\divx.dll
2012-12-20 14:57:09 ----A---- C:\Windows\Qiii.INI
2012-12-15 23:57:56 ----D---- C:\Program Files (x86)\Microsoft Chart Controls
2012-12-06 21:43:25 ----D---- C:\Users\tomsk\AppData\Roaming\Corel
2012-12-06 21:43:25 ----D---- C:\ProgramData\Protexis
2012-12-06 21:43:23 ----D---- C:\Users\tomsk\AppData\Roaming\Ulead Systems
2012-12-06 20:42:34 ----D---- C:\ProgramData\eSellerate
2012-12-06 20:42:00 ----D---- C:\Program Files (x86)\SmartSound Software
2012-12-06 20:41:56 ----D---- C:\ProgramData\SmartSound Software Inc
2012-12-06 20:41:00 ----D---- C:\Windows\RegisteredPackages
2012-12-06 20:40:59 ----HD---- C:\Windows\msdownld.tmp
2012-12-06 20:40:32 ----D---- C:\ProgramData\InterVideo
2012-12-06 20:39:32 ----D---- C:\ProgramData\Corel
2012-12-06 20:38:40 ----D---- C:\ProgramData\Ulead Systems
2012-12-06 20:36:04 ----D---- C:\Program Files (x86)\Windows Media Components
2012-12-06 20:35:52 ----D---- C:\Program Files (x86)\Corel
2012-12-05 21:12:36 ----D---- C:\Users\tomsk\AppData\Roaming\ArcSoft
2012-12-05 21:05:32 ----D---- C:\ProgramData\ArcSoft
2012-12-05 20:49:01 ----D---- C:\Users\tomsk\AppData\Roaming\MOVAVI
2012-12-05 20:48:49 ----D---- C:\Program Files (x86)\Movavi Video Converter 3D 2
2012-12-05 20:32:16 ----D---- C:\Users\tomsk\AppData\Roaming\DVDVideoSoft
2012-12-05 20:31:55 ----D---- C:\Program Files (x86)\DVDVideoSoft
2012-12-05 19:52:16 ----D---- C:\Program Files (x86)\TornTV.com
2012-12-04 20:42:44 ----A---- C:\Windows\system32\Wdfres.dll
2012-12-04 20:42:44 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-12-04 20:42:44 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-12-04 20:33:04 ----D---- C:\Program Files (x86)\CherryPlayer
2012-12-04 20:24:05 ----D---- C:\Program Files (x86)\BrowserCompanion
2012-12-04 20:24:03 ----D---- C:\Program Files (x86)\P2Pcontrol
2012-12-04 20:24:03 ----A---- C:\Windows\SYSWOW64\drivers\tcpip.sys
2012-12-04 20:23:55 ----D---- C:\Program Files (x86)\Codec
2012-12-04 15:31:29 ----RD---- C:\Program Files (x86)\Skype
2012-11-26 20:33:08 ----D---- C:\Program Files (x86)\Auto Clicker
2012-11-26 20:03:41 ----D---- C:\Program Files (x86)\Advanced Auto Clicker
2012-11-22 20:04:23 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2012-11-22 20:04:23 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-11-22 20:04:23 ----A---- C:\Windows\SYSWOW64\java.exe
2012-11-20 07:42:01 ----D---- C:\Users\tomsk\AppData\Roaming\Mumble
2012-11-20 07:41:40 ----D---- C:\Program Files (x86)\Mumble
2012-11-18 22:26:47 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-11-18 22:26:47 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-11-18 22:26:47 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-11-18 22:26:47 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-11-18 22:26:46 ----A---- C:\Windows\system32\WUDFx.dll
2012-11-18 22:26:46 ----A---- C:\Windows\system32\WUDFHost.exe
2012-11-18 22:26:46 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-11-18 22:15:34 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2012-11-18 22:15:34 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2012-11-18 22:15:34 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2012-11-18 22:15:34 ----A---- C:\Windows\system32\dhcpcore6.dll
2012-11-18 22:15:26 ----A---- C:\Windows\SYSWOW64\iisRtl.dll
2012-11-18 22:15:26 ----A---- C:\Windows\SYSWOW64\admwprox.dll
2012-11-18 22:15:26 ----A---- C:\Windows\system32\iisRtl.dll
2012-11-18 22:15:26 ----A---- C:\Windows\system32\admwprox.dll
2012-11-18 22:15:25 ----A---- C:\Windows\SYSWOW64\iisreset.exe
2012-11-18 22:15:25 ----A---- C:\Windows\system32\wamregps.dll
2012-11-18 22:15:25 ----A---- C:\Windows\system32\iisreset.exe
2012-11-18 22:15:25 ----A---- C:\Windows\system32\ahadmin.dll
2012-11-18 22:15:24 ----A---- C:\Windows\SYSWOW64\ahadmin.dll
2012-11-18 22:15:23 ----A---- C:\Windows\SYSWOW64\wamregps.dll
2012-11-18 22:15:23 ----A---- C:\Windows\SYSWOW64\iisrstap.dll
2012-11-18 22:15:23 ----A---- C:\Windows\system32\iisrstap.dll
2012-11-18 22:15:20 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2012-11-18 22:15:20 ----A---- C:\Windows\system32\ncsi.dll
2012-11-18 22:15:20 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-11-18 22:15:19 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2012-11-18 22:15:19 ----A---- C:\Windows\SYSWOW64\netevent.dll
2012-11-18 22:15:19 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2012-11-18 22:15:19 ----A---- C:\Windows\system32\nlasvc.dll
2012-11-18 22:15:19 ----A---- C:\Windows\system32\nlaapi.dll
2012-11-18 22:15:19 ----A---- C:\Windows\system32\netevent.dll
2012-11-18 22:15:19 ----A---- C:\Windows\system32\netcorehc.dll
2012-11-18 22:15:19 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-11-18 22:15:19 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2012-11-18 22:15:17 ----A---- C:\Windows\SYSWOW64\synceng.dll
2012-11-18 22:15:17 ----A---- C:\Windows\system32\synceng.dll
2012-11-15 23:33:24 ----A---- C:\Windows\system32\drivers\avgmfx64.sys
2012-11-13 10:53:49 ----D---- C:\Users\tomsk\AppData\Roaming\Rovio - By Radim ek(c)
2012-11-13 09:31:01 ----A---- C:\Windows\system32\libqt4intf.dll
2012-11-13 09:30:01 ----D---- C:\lazarus
2012-11-12 07:59:48 ----D---- C:\Program Files\Microsoft Windows Performance Toolkit
2012-11-12 07:56:56 ----D---- C:\Program Files\Debugging Tools for Windows (x64)
2012-11-12 07:56:18 ----D---- C:\Program Files (x86)\Application Verifier
2012-11-12 07:56:17 ----D---- C:\Program Files\Application Verifier (x64)
2012-11-11 17:11:16 ----D---- C:\Crash
2012-11-07 21:43:37 ----D---- C:\Users\tomsk\AppData\Roaming\six-zsync
2012-11-07 21:43:37 ----D---- C:\Users\tomsk\AppData\Roaming\six-updater
2012-11-07 21:43:09 ----D---- C:\Program Files (x86)\SIX Projects
2012-11-03 20:52:01 ----RD---- C:\Sandbox
2012-11-03 20:50:34 ----A---- C:\Windows\Sandboxie.ini
2012-11-03 20:50:30 ----D---- C:\Program Files\Sandboxie
2012-11-02 12:42:13 ----D---- C:\Program Files (x86)\CamStudio 2.6b
2012-11-02 12:42:13 ----A---- C:\Windows\system32\CamCodec.dll
2012-11-02 12:23:54 ----D---- C:\Users\tomsk\AppData\Roaming\TechSmith
2012-11-02 09:51:16 ----D---- C:\ProgramData\TechSmith
2012-11-02 09:51:16 ----D---- C:\Program Files (x86)\TechSmith
2012-11-02 09:28:45 ----D---- C:\Users\tomsk\AppData\Roaming\Solveig Multimedia
2012-11-02 09:25:51 ----D---- C:\Program Files (x86)\HyperCam 3
2012-11-01 00:05:43 ----D---- C:\Windows\SYSWOW64\Hotspot Shield
2012-10-31 10:37:43 ----D---- C:\Program Files (x86)\Red Sky
2012-10-28 17:34:46 ----D---- C:\ProgramData\Tarma Installer
2012-10-23 18:38:25 ----A---- C:\Windows\SYSWOW64\rmoc3260.dll
2012-10-23 18:38:20 ----A---- C:\Windows\SYSWOW64\pndx5032.dll
2012-10-23 18:38:20 ----A---- C:\Windows\SYSWOW64\pndx5016.dll
2012-10-23 18:38:19 ----A---- C:\Windows\SYSWOW64\pncrt.dll
2012-10-23 18:38:17 ----A---- C:\Windows\SYSWOW64\msvcp71.dll
2012-10-23 18:38:10 ----D---- C:\Program Files (x86)\Real
2012-10-23 18:38:08 ----D---- C:\Users\tomsk\AppData\Roaming\Real
2012-10-23 18:35:56 ----D---- C:\ProgramData\Real
2012-10-22 13:02:44 ----A---- C:\Windows\system32\drivers\avgidsdrivera.sys
2012-10-17 18:14:18 ----D---- C:\Users\tomsk\AppData\Roaming\The Creative Assembly

======List of files/folders modified in the last 3 months======

2013-01-16 21:23:22 ----D---- C:\Program Files\trend micro
2013-01-16 21:23:21 ----D---- C:\Windows\Temp
2013-01-16 21:23:19 ----D---- C:\Users\tomsk\AppData\Roaming\Skype
2013-01-16 21:06:09 ----D---- C:\Windows\system32\config
2013-01-16 21:04:50 ----D---- C:\Program Files (x86)\Steam
2013-01-16 20:56:01 ----D---- C:\Windows\system32\catroot
2013-01-16 20:55:23 ----D---- C:\Windows\system32\catroot2
2013-01-16 20:55:22 ----D---- C:\Windows\winsxs
2013-01-16 20:50:32 ----D---- C:\ProgramData\MFAData
2013-01-16 20:46:00 ----D---- C:\Windows\system32\Tasks
2013-01-16 20:45:56 ----D---- C:\Windows\system32\inetsrv
2013-01-15 11:20:56 ----D---- C:\Users\tomsk\AppData\Roaming\DAEMON Tools Lite
2013-01-12 16:37:35 ----RD---- C:\Program Files (x86)
2013-01-12 00:22:46 ----D---- C:\Users\tomsk\AppData\Roaming\ICQ
2013-01-11 22:12:38 ----SHD---- C:\Windows\Installer
2013-01-11 13:46:42 ----D---- C:\Users\tomsk\AppData\Roaming\vlc
2013-01-11 12:48:41 ----D---- C:\Windows\system32\drivers
2013-01-11 12:48:04 ----SHD---- C:\System Volume Information
2013-01-11 12:47:45 ----D---- C:\Windows\System32
2013-01-09 21:45:33 ----D---- C:\Windows\SysWOW64
2013-01-09 21:45:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-01-09 20:59:00 ----D---- C:\Users\tomsk\AppData\Roaming\uTorrent
2013-01-08 07:43:14 ----D---- C:\Windows\Minidump
2013-01-08 07:43:14 ----D---- C:\Windows
2013-01-07 09:49:51 ----RSD---- C:\Windows\assembly
2013-01-07 09:48:19 ----D---- C:\Windows\Logs
2013-01-07 08:56:45 ----D---- C:\Users\tomsk\AppData\Roaming\Audacity
2013-01-06 22:03:06 ----RD---- C:\Program Files
2013-01-06 22:01:55 ----HD---- C:\ProgramData
2013-01-04 18:23:18 ----D---- C:\Users\tomsk\AppData\Roaming\FileZilla
2013-01-03 23:37:32 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-01-03 23:37:32 ----D---- C:\Windows\system32\sk-SK
2013-01-03 23:37:25 ----D---- C:\Windows\AppPatch
2013-01-03 16:21:24 ----A---- C:\Windows\win.ini
2013-01-03 16:18:04 ----D---- C:\Windows\system32\MpEngineStore
2013-01-03 16:13:33 ----D---- C:\Windows\debug
2013-01-03 16:13:32 ----A---- C:\Windows\system32\MRT.exe
2013-01-01 21:44:19 ----D---- C:\Users\tomsk\AppData\Roaming\Adobe
2012-12-30 15:49:00 ----D---- C:\Users\tomsk\AppData\Roaming\Mozilla
2012-12-29 22:52:54 ----D---- C:\Users\tomsk\AppData\Roaming\Apple Computer
2012-12-29 22:03:53 ----D---- C:\Windows\SYSWOW64\migration
2012-12-29 22:03:53 ----D---- C:\Program Files (x86)\Internet Explorer
2012-12-29 22:03:51 ----D---- C:\Windows\system32\migration
2012-12-29 22:03:49 ----D---- C:\Program Files\Internet Explorer
2012-12-29 22:03:48 ----D---- C:\Windows\SYSWOW64\wbem
2012-12-29 22:03:48 ----D---- C:\Windows\SYSWOW64\en-US
2012-12-29 22:03:48 ----D---- C:\Windows\system32\wbem
2012-12-29 22:03:48 ----D---- C:\Windows\system32\en-US
2012-12-29 22:03:48 ----D---- C:\Windows\system32\drivers\en-US
2012-12-29 22:03:48 ----D---- C:\Windows\PolicyDefinitions
2012-12-29 22:03:40 ----D---- C:\Windows\system32\DriverStore
2012-12-29 22:03:38 ----D---- C:\Windows\inf
2012-12-29 20:56:10 ----D---- C:\Windows\Tasks
2012-12-29 20:41:53 ----D---- C:\Users\tomsk\AppData\Roaming\TuneUp Software
2012-12-29 20:26:40 ----D---- C:\Program Files (x86)\TuneUp Utilities 2011
2012-12-29 20:22:13 ----D---- C:\Windows\SoftwareDistribution
2012-12-29 20:21:59 ----D---- C:\ProgramData\IObit
2012-12-29 20:21:46 ----D---- C:\Users\tomsk\AppData\Roaming\IObit
2012-12-29 20:21:42 ----D---- C:\Program Files (x86)\IObit
2012-12-27 10:58:19 ----D---- C:\Users\tomsk\AppData\Roaming\TS3Client
2012-12-25 23:32:47 ----D---- C:\Users\tomsk\AppData\Roaming\Hamachi
2012-12-24 20:19:21 ----D---- C:\ProgramData\WarThunder
2012-12-21 23:51:28 ----D---- C:\Program Files (x86)\QuickTime
2012-12-21 23:48:46 ----D---- C:\Program Files (x86)\Common Files
2012-12-21 23:45:59 ----RSD---- C:\Windows\Fonts
2012-12-21 23:35:23 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-12-20 22:01:39 ----D---- C:\Users\tomsk\AppData\Roaming\Free Download Manager
2012-12-20 21:22:00 ----D---- C:\Windows\Resources
2012-12-16 21:00:34 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-12-15 18:19:49 ----D---- C:\ProgramData\Origin
2012-12-15 11:41:33 ----D---- C:\ProgramData\GameXN
2012-12-15 11:41:25 ----D---- C:\Users\tomsk\AppData\Roaming\go
2012-12-15 11:40:16 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2012-12-13 14:30:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-12-10 20:32:58 ----D---- C:\Users\tomsk\AppData\Roaming\Origin
2012-12-06 21:08:16 ----D---- C:\Windows\Microsoft.NET
2012-12-05 21:04:54 ----D---- C:\Windows\SYSWOW64\drivers
2012-12-04 22:21:05 ----D---- C:\Windows\SYSWOW64\inetsrv
2012-12-04 20:30:08 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-12-04 15:31:37 ----D---- C:\ProgramData\Skype
2012-11-26 16:58:12 ----D---- C:\Downloads
2012-11-22 20:25:46 ----D---- C:\.jagex_cache_32
2012-11-22 20:04:23 ----D---- C:\Program Files (x86)\Java
2012-11-17 23:40:29 ----D---- C:\Users\tomsk\AppData\Roaming\.techniclauncher
2012-11-12 07:41:40 ----D---- C:\Program Files (x86)\MSBuild
2012-11-11 22:08:20 ----D---- C:\ProgramData\Microsoft Help
2012-11-08 18:51:08 ----D---- C:\ProgramData\AVG Secure Search
2012-11-03 14:09:08 ----SHD---- C:\$Recycle.Bin
2012-11-03 14:09:00 ----RD---- C:\Users
2012-10-24 21:06:41 ----D---- C:\xampp
2012-10-18 19:06:56 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2012-10-17 20:55:47 ----D---- C:\Users\tomsk\AppData\Roaming\Rovio

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-10-23 503352]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard64.sys [2007-05-30 12024]
R1 AvgAsC64;AVG Anti-Spyware Clean Driver; C:\Windows\System32\DRIVERS\AvgAsC64.sys [2007-05-30 14072]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2012-11-08 30568]
R1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2010-12-09 79552]
R1 CFRPD;CFRPD; C:\Windows\system32\DRIVERS\CFRPD.sys [2010-12-09 41472]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-23 254528]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-08-17 126944]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2012-05-22 224088]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2012-05-22 130904]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2007-02-17 296816]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35344]
R2 PfFilter;PfFilter; \??\C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [2011-03-16 36792]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-09-18 22784]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-02-15 10856960]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-02-15 327680]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x64.sys [2009-06-25 58368]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-12-05 95248]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-04-22 33344]
R3 HssDrv;Hotspot Shield Helper Miniport; C:\Windows\system32\DRIVERS\HssDrv.sys [2012-03-06 56832]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-03-27 4015592]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\DRIVERS\ManyCam_x64.sys [2008-03-13 27136]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-14 15416]
R3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561V64.SYS [2009-04-30 588952]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2012-08-25 202632]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2012-09-13 38632]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-05-22 147288]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2012-05-22 166232]
S1 MpKsl773426dd;MpKsl773426dd; \??\C:\Windows\system32\MpEngineStore\MpKsl773426dd.sys [2012-04-11 35664]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-02-15 10856960]
S3 dump_wmimmc;dump_wmimmc; \??\E:\Heroes In the Sky\GameGuard\dump_wmimmc.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [2011-09-18 138328]
S3 esihdrv;esihdrv; \??\C:\Users\tomsk\AppData\Local\Temp\esihdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena\safedrv.sys []
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-01 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
S3 ksfmonsys;ksfmonsys; \??\C:\Program files (x86)\Kingsoft\PCDoctor\ksfmonsys64.sys []
S3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232]
S3 LVPr2Mon;LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2005-01-04 4682]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-29 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2012-02-21 31232]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-12-29 57856]
S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2011-09-20 21872]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\drivers\usb8023x.sys [2009-07-14 19968]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 VASDeviceDrm;Virtual Audio Streaming with Drm (WDM); C:\Windows\system32\drivers\vasdDev.sys [2012-03-19 1454896]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S4 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ADExchange;ArcSoft Exchange Service; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2012-08-14 43624]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-12 1026432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-02-15 235520]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 Cleaner_Validator;COMODO System - Cleaner Service; C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe [2010-12-09 371648]
R2 CLPSLS;COMODO livePCsupport Service; C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000]
R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2012-12-28 9216]
R2 IISADMIN;@%windir%\system32\inetsrv\iisres.dll,-30007; C:\Windows\system32\inetsrv\inetinfo.exe [2010-11-20 15872]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-10-18 76888]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-10-24 390672]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2012-08-25 123664]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-12-21 541760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-10 136176]
S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2011-04-12 72704]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880]
S3 Desura Install Service;Desura Install Service; C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2012-10-02 131912]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-10 136176]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [2012-10-12 78072]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 LVPrcS64;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 191000]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-11 115760]
S3 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-09-23 641832]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2011-04-24 4164600]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 OverwolfUpdaterService;Overwolf Updater Service; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2012-08-21 18360]
S3 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2010-09-16 80896]
S3 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-04-19 736104]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 Apache2.2;Apache2.2; C:\xampp\apache\bin\httpd.exe [2012-08-18 22016]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 hshld;Hotspot Shield Service; C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-10-13 523632]
S4 HssSrv;Hotspot Shield Routing Service; C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe [2012-10-12 413040]
S4 HssWd;Hotspot Shield Monitoring Service; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2012-10-12 389488]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

-----------------EOF-----------------

Re: PC do 2min zamrzne

Napsal: 16 led 2013 22:48
od Rudy
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00cbb66b-1d3b-46d3-9577-323a336acb50}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]

:commands
[Purity]
[Emptytemp]
[Emptyflash]
[Resethosts]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Odinstalujte Advanced system care. Je to soft, kterým si snadno poškodíte systém.

Re: PC do 2min zamrzne

Napsal: 17 led 2013 14:37
od tomsk
Takze OTM spusteny (pri starte mi AVG nieco hlasilo :D ale viem ze to nieje skodny soft tak som ho spustil)

Chcel by som sa spytat aky iny soft na optimalizaciu winu doporucujete, kedze win obsahuje sluzby ktore urcite niesu potrebne alebo ktore nevyuzivam.

A este by som sa chcel spytat co ten OTM robi on iba vykona prikazy ktore mu zadame? Napriklad ako ste napisali pod :files tak to iba killol procesy, pod :reg premazal registre a pod :commands vyprazdnil temp, cache a pod? A este by ma zaujimalo co je na HotSpot Shield a Google updater zle? Kedze som ho daval do OTM.

Dakujem za rady

Novy log z RSIT:

Kód: Vybrat vše

Logfile of random's system information tool 1.09 (written by random/random)
Run by tomsk at 2013-01-17 14:30:02
Microsoft Windows 7 Professional  Service Pack 1
System drive C: has 5 GB (3%) free of 150 GB
Total RAM: 4095 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:30:12, on 17. 1. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 6\DelayLoad.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files\trend micro\tomsk.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-158558460-2646869902-57166230-1001\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun (User '?')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Prevziať pomocou FDM - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Prevziať video pomocou FDM - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Prevziať vybrané pomocou FDM - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Prevziať všetko pomocou FDM - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {6685D182-E710-4193-9678-785C6B7290E5} (Media Control) - http://snehuliak.dynalias.net/Option/Media.CAB
O16 - DPF: {79EE81BD-6194-4240-A04F-131A81513DCB} (Media Control) - http://snehuliak.dynalias.net/Media.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: base64 - (no CLSID) - (no file)
O18 - Protocol: chrome - (no CLSID) - (no file)
O18 - Protocol: prox - (no CLSID) - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft, Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: COMODO System - Cleaner Service (Cleaner_Validator) - Unknown owner - C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
O23 - Service: Desura Install Service - Desura Pty Ltd - C:\Program Files (x86)\Common Files\Desura\desura_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: Overwolf Updater Service (OverwolfUpdaterService) - Overwolf Ltd - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: webcamXP Service (wxpSvc) - Unknown owner - C:\Program Files (x86)\wLite\wService.exe

--
End of file - 13064 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=aac54603-34f3-485e-be86-ed77a82fdc0f /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\74631d22-b6d2-4810-a34d-073594b2f901-1d0-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
"C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\Sandboxie\SbieSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\AVG\AVG2013\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
"C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe"
"C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe"
C:\Windows\system32\inetsrv\inetinfo.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"taskhost.exe"
taskeng.exe {328AC164-435E-4866-B8EC-7F80D6B00445}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {A04605D3-80C4-4590-8DB4-255879F23A36}
taskeng.exe {0BB4979D-6B1C-425B-9695-B458E5544E33}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe"
C:\Windows\system32\svchost.exe -k iissvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
WLIDSvcM.exe 2556
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\DelayLoad.exe" /DelayLoad
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=e8bb7b57-42a8-4f12-899b-5069dc79fa42 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\3bdeff55-bd7c-4a4b-af94-92298803cb15-ad4-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\01172013_142351.log
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-158558460-2646869902-57166230-10011_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-158558460-2646869902-57166230-10011 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"  "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532 
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Users\tomsk\Desktop\Údržba\Hihihi.exe" 
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AmiUpdXp.job
C:\Windows\tasks\COMODO Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\tomsk\AppData\Roaming\Mozilla\Firefox\Profiles\t413u9ml.default-1355690283645

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.132.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.4.0]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
afurladvisor@anchorfree.com
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Users\tomsk\AppData\Roaming\Mozilla\Firefox\Profiles\t413u9ml.default-1355690283645\extensions\
plugin@yontoo.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [2012-10-10 287048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-12-30 1796552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DDA57003-0068-4ed2-9D32-4D1EC707D94D}]
Microsoft Web Test Recorder 10.0 Helper - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19 61360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-12-30 1796552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe /AutoStart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6]
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2012-09-24 490880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser companion helper]
C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO]
C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe [2011-11-23 213304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO Internet Security]
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe -h []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPA]
C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe [2011-11-23 184120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desura]
C:\Program Files (x86)\Desura\desura.exe [2012-10-02 2529096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
E:\Origin\Origin.exe [2012-12-10 3492504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameXN GO]
C:\ProgramData\GameXN\GameXNGO.exe [2012-12-04 348440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2010-10-28 294912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HydraVisionDesktopManager]
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2011-04-27 393216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [2011-01-13 6129496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MurGee.com Auto Clicker]
C:\Program Files (x86)\Auto Clicker\AutoClicker.exe [2012-08-25 76024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2Pcontrol]
C:\Program Files (x86)\P2Pcontrol\winrun.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2012-08-17 336992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2012-04-18 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_ROC_NT]
C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe / /PROMPT /CMPID=ROC_NT []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_roc_ssl_v12]
 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
C:\Program Files\Sandboxie\SbieCtrl.exe [2012-08-25 765200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-02-14 636032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-10-23 296096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tvncontrol]
C:\Program Files (x86)\TightVNC\tvnserver.exe -controlservice -slave []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
c:\program files (x86)\avg secure search\vprot.exe [2012-12-30 997320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~2\MCAFEE~1\202B13~1.181\SSSCHE~1.EXE  []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Ultra Hal Text-to-Speech Reader Startup.lnk]
C:\Windows\Installer\{96EF451E-A402-44D8-BAEE-D70D558A4122}\New_Shortcut_S1449_0EB7CDB78E0C4A918D2CA535D5B8160C.exe -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^tomsk^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]
C:\PROGRA~2\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2012-12-11 3147384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="          "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=157

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2013-01-17 14:23:51 ----D---- C:\_OTM
2013-01-16 20:57:17 ----D---- C:\rsit
2013-01-16 20:56:39 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-16 20:56:37 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-01-16 20:56:36 ----A---- C:\Windows\system32\kernel32.dll
2013-01-16 20:56:35 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-01-16 20:56:35 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-01-16 20:56:35 ----A---- C:\Windows\system32\wow64win.dll
2013-01-16 20:56:35 ----A---- C:\Windows\system32\wow64cpu.dll
2013-01-16 20:56:35 ----A---- C:\Windows\system32\wow64.dll
2013-01-16 20:56:35 ----A---- C:\Windows\system32\winsrv.dll
2013-01-16 20:56:35 ----A---- C:\Windows\system32\ntvdm64.dll
2013-01-16 20:56:35 ----A---- C:\Windows\system32\conhost.exe
2013-01-16 20:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-16 20:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-16 20:56:34 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-16 20:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-16 20:56:33 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-01-16 20:56:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-16 20:56:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-16 20:56:32 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-16 20:56:32 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-16 20:56:32 ----A---- C:\Windows\SYSWOW64\user.exe
2013-01-16 20:56:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-01-16 20:56:12 ----A---- C:\Windows\system32\taskhost.exe
2013-01-16 20:56:10 ----A---- C:\Windows\system32\win32k.sys
2013-01-13 16:32:28 ----A---- C:\Uninstall.exe
2013-01-11 13:32:18 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-01-07 14:40:59 ----A---- C:\Uninstall.ini
2013-01-07 14:40:47 ----D---- C:\Minecraft-NovyVek
2013-01-06 22:05:25 ----D---- C:\Users\tomsk\AppData\Roaming\FreemakeVideoDownloader
2013-01-06 22:03:06 ----D---- C:\Program Files\WinPcap
2013-01-06 22:01:55 ----D---- C:\ProgramData\Freemake
2013-01-06 22:01:22 ----D---- C:\Program Files (x86)\Freemake
2013-01-03 16:16:40 ----A---- C:\Windows\system32\dpnet.dll
2013-01-03 16:16:39 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2012-12-30 15:48:54 ----D---- C:\Program Files (x86)\SeaMonkey
2012-12-30 15:47:26 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-12-29 23:57:44 ----A---- C:\Windows\ntbtlog.txt
2012-12-29 21:13:57 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-12-29 21:13:57 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2012-12-29 21:13:57 ----A---- C:\Windows\system32\atmlib.dll
2012-12-29 21:13:57 ----A---- C:\Windows\system32\atmfd.dll
2012-12-29 21:13:29 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-12-29 21:13:29 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-12-29 21:13:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-12-29 21:13:29 ----A---- C:\Windows\system32\msfeeds.dll
2012-12-29 21:13:29 ----A---- C:\Windows\system32\ieui.dll
2012-12-29 21:13:28 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-12-29 21:13:28 ----A---- C:\Windows\system32\mshtmled.dll
2012-12-29 21:13:28 ----A---- C:\Windows\system32\ieframe.dll
2012-12-29 21:13:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-12-29 21:13:27 ----A---- C:\Windows\system32\mshtml.dll
2012-12-29 21:13:27 ----A---- C:\Windows\system32\ieUnatt.exe
2012-12-29 21:13:26 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-12-29 21:13:26 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-12-29 21:13:26 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-12-29 21:13:26 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-12-29 21:13:26 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-12-29 21:13:26 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-12-29 21:13:26 ----A---- C:\Windows\system32\wininet.dll
2012-12-29 21:13:26 ----A---- C:\Windows\system32\vbscript.dll
2012-12-29 21:13:26 ----A---- C:\Windows\system32\jsproxy.dll
2012-12-29 21:13:26 ----A---- C:\Windows\system32\jscript9.dll
2012-12-29 21:13:26 ----A---- C:\Windows\system32\jscript.dll
2012-12-29 21:13:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-12-29 21:13:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-12-29 21:13:24 ----A---- C:\Windows\system32\urlmon.dll
2012-12-29 21:13:24 ----A---- C:\Windows\system32\iertutil.dll
2012-12-29 21:13:23 ----A---- C:\Windows\SYSWOW64\url.dll
2012-12-29 21:13:23 ----A---- C:\Windows\system32\url.dll
2012-12-29 21:12:39 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2012-12-29 21:12:39 ----A---- C:\Windows\system32\rdpudd.dll
2012-12-29 21:12:39 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2012-12-29 21:12:39 ----A---- C:\Windows\system32\rdpcorets.dll
2012-12-29 21:12:39 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2012-12-29 21:12:38 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2012-12-29 21:12:38 ----A---- C:\Windows\system32\TSWbPrxy.exe
2012-12-29 21:12:38 ----A---- C:\Windows\system32\rdpendp_winip.dll
2012-12-29 21:12:38 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2012-12-29 21:12:37 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2012-12-29 21:12:37 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2012-12-29 21:12:37 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2012-12-29 21:12:37 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-12-29 21:12:37 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-12-29 21:12:37 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2012-12-29 21:12:37 ----A---- C:\Windows\system32\mstsc.exe
2012-12-29 21:12:36 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2012-12-29 21:12:36 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2012-12-29 21:12:36 ----A---- C:\Windows\system32\wksprtPS.dll
2012-12-29 21:12:36 ----A---- C:\Windows\system32\wksprt.exe
2012-12-29 21:12:36 ----A---- C:\Windows\system32\tsgqec.dll
2012-12-29 21:12:36 ----A---- C:\Windows\system32\mstscax.dll
2012-12-29 21:12:36 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2012-12-29 21:12:36 ----A---- C:\Windows\system32\aaclient.dll
2012-12-29 21:11:59 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-12-29 21:11:59 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-12-29 21:11:59 ----A---- C:\Windows\system32\schannel.dll
2012-12-29 21:11:59 ----A---- C:\Windows\system32\ncrypt.dll
2012-12-29 21:11:59 ----A---- C:\Windows\system32\lsasrv.dll
2012-12-29 21:11:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-12-29 21:11:59 ----A---- C:\Windows\system32\drivers\cng.sys
2012-12-29 21:11:58 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-12-29 21:11:58 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-12-29 20:49:20 ----D---- C:\Users\tomsk\AppData\Roaming\AVG2013
2012-12-29 20:41:36 ----D---- C:\Program Files (x86)\AVG Secure Search
2012-12-29 20:40:31 ----HD---- C:\$AVG
2012-12-29 20:40:31 ----D---- C:\ProgramData\AVG2013
2012-12-29 20:39:47 ----D---- C:\Program Files (x86)\AVG
2012-12-29 20:33:05 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-12-29 20:33:05 ----A---- C:\Windows\system32\tzres.dll
2012-12-29 20:26:19 ----SHD---- C:\Config.Msi
2012-12-25 13:34:52 ----A---- C:\scu.dat
2012-12-24 22:05:00 ----D---- C:\Users\tomsk\AppData\Roaming\.minecraft
2012-12-24 19:49:52 ----A---- C:\Windows\unvise32.exe
2012-12-21 23:54:13 ----D---- C:\Users\tomsk\AppData\Roaming\CyberLink
2012-12-21 23:50:45 ----D---- C:\ProgramData\Apple Computer
2012-12-21 23:40:56 ----D---- C:\Program Files\CyberLink
2012-12-21 23:35:27 ----D---- C:\ProgramData\Temp
2012-12-21 23:35:12 ----D---- C:\ProgramData\install_clap
2012-12-21 23:13:31 ----D---- C:\ProgramData\CyberLink
2012-12-21 22:53:51 ----D---- C:\ProgramData\dvdfab
2012-12-21 22:49:08 ----D---- C:\Users\tomsk\AppData\Roaming\YourFileDownloader
2012-12-21 22:17:54 ----D---- C:\Users\tomsk\AppData\Roaming\GoforFiles
2012-12-21 21:54:56 ----D---- C:\Users\tomsk\AppData\Roaming\Thinstall
2012-12-21 21:54:34 ----D---- C:\ProgramData\AxaraMedia
2012-12-21 19:37:39 ----D---- C:\Users\tomsk\AppData\Roaming\4Media
2012-12-21 19:37:08 ----D---- C:\ProgramData\4Media
2012-12-21 18:42:24 ----D---- C:\Program Files (x86)\Yontoo
2012-12-21 18:42:15 ----D---- C:\Users\tomsk\AppData\Roaming\ExpressFiles
2012-12-21 18:39:19 ----D---- C:\Users\tomsk\AppData\Roaming\iPumper
2012-12-21 18:36:39 ----D---- C:\Users\tomsk\AppData\Roaming\AVCWare
2012-12-21 18:33:28 ----D---- C:\ProgramData\AVCWare
2012-12-21 18:33:28 ----D---- C:\Program Files (x86)\AVCWare
2012-12-20 21:26:40 ----D---- C:\Users\tomsk\AppData\Roaming\AxaraMedia
2012-12-20 21:26:07 ----A---- C:\Windows\SYSWOW64\msxml3a.dll
2012-12-20 21:25:59 ----D---- C:\Program Files (x86)\AxaraMedia
2012-12-20 21:25:59 ----A---- C:\Windows\SYSWOW64\mpg4c32.dll
2012-12-20 21:25:59 ----A---- C:\Windows\SYSWOW64\mcdvd_32.dll
2012-12-20 21:25:59 ----A---- C:\Windows\SYSWOW64\divx.dll
2012-12-20 14:57:09 ----A---- C:\Windows\Qiii.INI
2012-12-15 23:57:56 ----D---- C:\Program Files (x86)\Microsoft Chart Controls
2012-12-06 21:43:25 ----D---- C:\Users\tomsk\AppData\Roaming\Corel
2012-12-06 21:43:25 ----D---- C:\ProgramData\Protexis
2012-12-06 21:43:23 ----D---- C:\Users\tomsk\AppData\Roaming\Ulead Systems
2012-12-06 20:42:34 ----D---- C:\ProgramData\eSellerate
2012-12-06 20:42:00 ----D---- C:\Program Files (x86)\SmartSound Software
2012-12-06 20:41:56 ----D---- C:\ProgramData\SmartSound Software Inc
2012-12-06 20:41:00 ----D---- C:\Windows\RegisteredPackages
2012-12-06 20:40:32 ----D---- C:\ProgramData\InterVideo
2012-12-06 20:39:32 ----D---- C:\ProgramData\Corel
2012-12-06 20:38:40 ----D---- C:\ProgramData\Ulead Systems
2012-12-06 20:36:04 ----D---- C:\Program Files (x86)\Windows Media Components
2012-12-06 20:35:52 ----D---- C:\Program Files (x86)\Corel
2012-12-05 21:12:36 ----D---- C:\Users\tomsk\AppData\Roaming\ArcSoft
2012-12-05 21:05:32 ----D---- C:\ProgramData\ArcSoft
2012-12-05 20:49:01 ----D---- C:\Users\tomsk\AppData\Roaming\MOVAVI
2012-12-05 20:48:49 ----D---- C:\Program Files (x86)\Movavi Video Converter 3D 2
2012-12-05 20:32:16 ----D---- C:\Users\tomsk\AppData\Roaming\DVDVideoSoft
2012-12-05 20:31:55 ----D---- C:\Program Files (x86)\DVDVideoSoft
2012-12-05 19:52:16 ----D---- C:\Program Files (x86)\TornTV.com
2012-12-04 20:42:44 ----A---- C:\Windows\system32\Wdfres.dll
2012-12-04 20:42:44 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-12-04 20:42:44 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-12-04 20:33:04 ----D---- C:\Program Files (x86)\CherryPlayer
2012-12-04 20:24:05 ----D---- C:\Program Files (x86)\BrowserCompanion
2012-12-04 20:24:03 ----D---- C:\Program Files (x86)\P2Pcontrol
2012-12-04 20:24:03 ----A---- C:\Windows\SYSWOW64\drivers\tcpip.sys
2012-12-04 20:23:55 ----D---- C:\Program Files (x86)\Codec
2012-12-04 15:31:29 ----RD---- C:\Program Files (x86)\Skype
2012-11-26 20:33:08 ----D---- C:\Program Files (x86)\Auto Clicker
2012-11-26 20:03:41 ----D---- C:\Program Files (x86)\Advanced Auto Clicker
2012-11-22 20:04:23 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2012-11-22 20:04:23 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-11-22 20:04:23 ----A---- C:\Windows\SYSWOW64\java.exe
2012-11-20 07:42:01 ----D---- C:\Users\tomsk\AppData\Roaming\Mumble
2012-11-20 07:41:40 ----D---- C:\Program Files (x86)\Mumble
2012-11-18 22:26:47 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-11-18 22:26:47 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-11-18 22:26:47 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-11-18 22:26:47 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-11-18 22:26:46 ----A---- C:\Windows\system32\WUDFx.dll
2012-11-18 22:26:46 ----A---- C:\Windows\system32\WUDFHost.exe
2012-11-18 22:26:46 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-11-18 22:15:34 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2012-11-18 22:15:34 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2012-11-18 22:15:34 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2012-11-18 22:15:34 ----A---- C:\Windows\system32\dhcpcore6.dll
2012-11-18 22:15:26 ----A---- C:\Windows\SYSWOW64\iisRtl.dll
2012-11-18 22:15:26 ----A---- C:\Windows\SYSWOW64\admwprox.dll
2012-11-18 22:15:26 ----A---- C:\Windows\system32\iisRtl.dll
2012-11-18 22:15:26 ----A---- C:\Windows\system32\admwprox.dll
2012-11-18 22:15:25 ----A---- C:\Windows\SYSWOW64\iisreset.exe
2012-11-18 22:15:25 ----A---- C:\Windows\system32\wamregps.dll
2012-11-18 22:15:25 ----A---- C:\Windows\system32\iisreset.exe
2012-11-18 22:15:25 ----A---- C:\Windows\system32\ahadmin.dll
2012-11-18 22:15:24 ----A---- C:\Windows\SYSWOW64\ahadmin.dll
2012-11-18 22:15:23 ----A---- C:\Windows\SYSWOW64\wamregps.dll
2012-11-18 22:15:23 ----A---- C:\Windows\SYSWOW64\iisrstap.dll
2012-11-18 22:15:23 ----A---- C:\Windows\system32\iisrstap.dll
2012-11-18 22:15:20 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2012-11-18 22:15:20 ----A---- C:\Windows\system32\ncsi.dll
2012-11-18 22:15:20 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-11-18 22:15:19 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2012-11-18 22:15:19 ----A---- C:\Windows\SYSWOW64\netevent.dll
2012-11-18 22:15:19 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2012-11-18 22:15:19 ----A---- C:\Windows\system32\nlasvc.dll
2012-11-18 22:15:19 ----A---- C:\Windows\system32\nlaapi.dll
2012-11-18 22:15:19 ----A---- C:\Windows\system32\netevent.dll
2012-11-18 22:15:19 ----A---- C:\Windows\system32\netcorehc.dll
2012-11-18 22:15:19 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-11-18 22:15:19 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2012-11-18 22:15:17 ----A---- C:\Windows\SYSWOW64\synceng.dll
2012-11-18 22:15:17 ----A---- C:\Windows\system32\synceng.dll
2012-11-15 23:33:24 ----A---- C:\Windows\system32\drivers\avgmfx64.sys
2012-11-13 10:53:49 ----D---- C:\Users\tomsk\AppData\Roaming\Rovio - By Radim ek(c)
2012-11-13 09:31:01 ----A---- C:\Windows\system32\libqt4intf.dll
2012-11-13 09:30:01 ----D---- C:\lazarus
2012-11-12 07:59:48 ----D---- C:\Program Files\Microsoft Windows Performance Toolkit
2012-11-12 07:56:56 ----D---- C:\Program Files\Debugging Tools for Windows (x64)
2012-11-12 07:56:18 ----D---- C:\Program Files (x86)\Application Verifier
2012-11-12 07:56:17 ----D---- C:\Program Files\Application Verifier (x64)
2012-11-11 17:11:16 ----D---- C:\Crash
2012-11-08 11:29:12 ----A---- C:\Windows\SYSWOW64\msxml4.dll
2012-11-07 21:43:37 ----D---- C:\Users\tomsk\AppData\Roaming\six-zsync
2012-11-07 21:43:37 ----D---- C:\Users\tomsk\AppData\Roaming\six-updater
2012-11-07 21:43:09 ----D---- C:\Program Files (x86)\SIX Projects
2012-11-03 20:52:01 ----RD---- C:\Sandbox
2012-11-03 20:50:34 ----A---- C:\Windows\Sandboxie.ini
2012-11-03 20:50:30 ----D---- C:\Program Files\Sandboxie
2012-11-02 12:42:13 ----D---- C:\Program Files (x86)\CamStudio 2.6b
2012-11-02 12:42:13 ----A---- C:\Windows\system32\CamCodec.dll
2012-11-02 12:23:54 ----D---- C:\Users\tomsk\AppData\Roaming\TechSmith
2012-11-02 09:51:16 ----D---- C:\ProgramData\TechSmith
2012-11-02 09:51:16 ----D---- C:\Program Files (x86)\TechSmith
2012-11-02 09:28:45 ----D---- C:\Users\tomsk\AppData\Roaming\Solveig Multimedia
2012-11-02 09:25:51 ----D---- C:\Program Files (x86)\HyperCam 3
2012-11-01 00:05:43 ----D---- C:\Windows\SYSWOW64\Hotspot Shield
2012-10-31 10:37:43 ----D---- C:\Program Files (x86)\Red Sky
2012-10-31 10:27:46 ----A---- C:\Users\tomsk\AppData\Roaming\steam_md5.dat
2012-10-31 08:28:05 ----A---- C:\Windows\SYSWOW64\cd.dat
2012-10-28 17:34:46 ----D---- C:\ProgramData\Tarma Installer
2012-10-23 18:38:25 ----A---- C:\Windows\SYSWOW64\rmoc3260.dll
2012-10-23 18:38:20 ----A---- C:\Windows\SYSWOW64\pndx5032.dll
2012-10-23 18:38:20 ----A---- C:\Windows\SYSWOW64\pndx5016.dll
2012-10-23 18:38:19 ----A---- C:\Windows\SYSWOW64\pncrt.dll
2012-10-23 18:38:17 ----A---- C:\Windows\SYSWOW64\msvcp71.dll
2012-10-23 18:38:10 ----D---- C:\Program Files (x86)\Real
2012-10-23 18:38:08 ----D---- C:\Users\tomsk\AppData\Roaming\Real
2012-10-23 18:35:56 ----D---- C:\ProgramData\Real
2012-10-22 13:02:44 ----A---- C:\Windows\system32\drivers\avgidsdrivera.sys

======List of files/folders modified in the last 3 months======

2013-01-17 14:30:11 ----D---- C:\Windows\Temp
2013-01-17 14:30:11 ----D---- C:\Program Files\trend micro
2013-01-17 14:29:27 ----D---- C:\Windows\system32\inetsrv
2013-01-17 14:28:51 ----D---- C:\Windows\system32\Tasks
2013-01-17 14:25:20 ----D---- C:\Windows\system32\config
2013-01-17 14:25:06 ----D---- C:\Windows\system32\drivers\etc
2013-01-17 14:24:59 ----D---- C:\Windows\System32
2013-01-17 14:24:59 ----D---- C:\Windows
2013-01-17 14:24:33 ----D---- C:\ProgramData\MFAData
2013-01-17 14:24:22 ----SHD---- C:\System Volume Information
2013-01-17 14:23:53 ----D---- C:\Windows\Tasks
2013-01-17 14:23:18 ----SHD---- C:\Windows\Installer
2013-01-17 14:18:31 ----D---- C:\Windows\winsxs
2013-01-17 14:15:13 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-01-17 14:15:13 ----D---- C:\Windows\SysWOW64
2013-01-17 14:15:11 ----D---- C:\Windows\system32\sk-SK
2013-01-17 14:15:09 ----D---- C:\Windows\AppPatch
2013-01-16 22:11:31 ----RSD---- C:\Windows\assembly
2013-01-16 22:10:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-16 22:10:55 ----D---- C:\Windows\inf
2013-01-16 22:09:38 ----D---- C:\Windows\Microsoft.NET
2013-01-16 22:09:03 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-01-16 22:06:53 ----D---- C:\Program Files (x86)\MSXML 4.0
2013-01-16 22:05:51 ----D---- C:\Users\tomsk\AppData\Roaming\ICQ
2013-01-16 22:05:08 ----D---- C:\Users\tomsk\AppData\Roaming\Skype
2013-01-16 21:04:50 ----D---- C:\Program Files (x86)\Steam
2013-01-16 20:56:01 ----D---- C:\Windows\system32\catroot
2013-01-16 20:55:23 ----D---- C:\Windows\system32\catroot2
2013-01-15 11:20:56 ----D---- C:\Users\tomsk\AppData\Roaming\DAEMON Tools Lite
2013-01-12 16:37:35 ----RD---- C:\Program Files (x86)
2013-01-11 13:46:42 ----D---- C:\Users\tomsk\AppData\Roaming\vlc
2013-01-11 12:48:41 ----D---- C:\Windows\system32\drivers
2013-01-09 21:45:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-01-09 20:59:00 ----D---- C:\Users\tomsk\AppData\Roaming\uTorrent
2013-01-08 07:43:14 ----D---- C:\Windows\Minidump
2013-01-07 09:48:19 ----D---- C:\Windows\Logs
2013-01-07 08:56:45 ----D---- C:\Users\tomsk\AppData\Roaming\Audacity
2013-01-06 22:03:06 ----RD---- C:\Program Files
2013-01-06 22:01:55 ----HD---- C:\ProgramData
2013-01-04 18:23:18 ----D---- C:\Users\tomsk\AppData\Roaming\FileZilla
2013-01-03 16:21:24 ----A---- C:\Windows\win.ini
2013-01-03 16:18:04 ----D---- C:\Windows\system32\MpEngineStore
2013-01-03 16:13:33 ----D---- C:\Windows\debug
2013-01-03 16:13:32 ----A---- C:\Windows\system32\MRT.exe
2013-01-01 21:44:19 ----D---- C:\Users\tomsk\AppData\Roaming\Adobe
2012-12-30 15:49:00 ----D---- C:\Users\tomsk\AppData\Roaming\Mozilla
2012-12-29 22:52:54 ----D---- C:\Users\tomsk\AppData\Roaming\Apple Computer
2012-12-29 22:03:53 ----D---- C:\Windows\SYSWOW64\migration
2012-12-29 22:03:53 ----D---- C:\Program Files (x86)\Internet Explorer
2012-12-29 22:03:51 ----D---- C:\Windows\system32\migration
2012-12-29 22:03:49 ----D---- C:\Program Files\Internet Explorer
2012-12-29 22:03:48 ----D---- C:\Windows\SYSWOW64\wbem
2012-12-29 22:03:48 ----D---- C:\Windows\SYSWOW64\en-US
2012-12-29 22:03:48 ----D---- C:\Windows\system32\wbem
2012-12-29 22:03:48 ----D---- C:\Windows\system32\en-US
2012-12-29 22:03:48 ----D---- C:\Windows\system32\drivers\en-US
2012-12-29 22:03:48 ----D---- C:\Windows\PolicyDefinitions
2012-12-29 22:03:40 ----D---- C:\Windows\system32\DriverStore
2012-12-29 20:41:53 ----D---- C:\Users\tomsk\AppData\Roaming\TuneUp Software
2012-12-29 20:26:40 ----D---- C:\Program Files (x86)\TuneUp Utilities 2011
2012-12-29 20:22:13 ----D---- C:\Windows\SoftwareDistribution
2012-12-29 20:21:59 ----D---- C:\ProgramData\IObit
2012-12-29 20:21:46 ----D---- C:\Users\tomsk\AppData\Roaming\IObit
2012-12-29 20:21:42 ----D---- C:\Program Files (x86)\IObit
2012-12-27 10:58:19 ----D---- C:\Users\tomsk\AppData\Roaming\TS3Client
2012-12-25 23:32:47 ----D---- C:\Users\tomsk\AppData\Roaming\Hamachi
2012-12-24 20:19:21 ----D---- C:\ProgramData\WarThunder
2012-12-21 23:51:28 ----D---- C:\Program Files (x86)\QuickTime
2012-12-21 23:48:46 ----D---- C:\Program Files (x86)\Common Files
2012-12-21 23:45:59 ----RSD---- C:\Windows\Fonts
2012-12-21 23:35:23 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-12-20 22:01:39 ----D---- C:\Users\tomsk\AppData\Roaming\Free Download Manager
2012-12-20 21:22:00 ----D---- C:\Windows\Resources
2012-12-16 21:00:34 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-12-15 18:19:49 ----D---- C:\ProgramData\Origin
2012-12-15 11:41:33 ----D---- C:\ProgramData\GameXN
2012-12-15 11:41:25 ----D---- C:\Users\tomsk\AppData\Roaming\go
2012-12-15 11:40:16 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2012-12-10 20:32:58 ----D---- C:\Users\tomsk\AppData\Roaming\Origin
2012-12-05 21:04:54 ----D---- C:\Windows\SYSWOW64\drivers
2012-12-04 22:21:05 ----D---- C:\Windows\SYSWOW64\inetsrv
2012-12-04 15:31:37 ----D---- C:\ProgramData\Skype
2012-11-26 16:58:12 ----D---- C:\Downloads
2012-11-22 20:25:46 ----D---- C:\.jagex_cache_32
2012-11-22 20:04:23 ----D---- C:\Program Files (x86)\Java
2012-11-17 23:40:29 ----D---- C:\Users\tomsk\AppData\Roaming\.techniclauncher
2012-11-12 07:41:40 ----D---- C:\Program Files (x86)\MSBuild
2012-11-11 22:08:20 ----D---- C:\ProgramData\Microsoft Help
2012-11-08 18:51:08 ----D---- C:\ProgramData\AVG Secure Search
2012-11-03 14:09:08 ----SHD---- C:\$Recycle.Bin
2012-11-03 14:09:00 ----RD---- C:\Users
2012-10-24 21:06:41 ----D---- C:\xampp
2012-10-18 19:06:56 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-10-23 503352]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard64.sys [2007-05-30 12024]
R1 AvgAsC64;AVG Anti-Spyware Clean Driver; C:\Windows\System32\DRIVERS\AvgAsC64.sys [2007-05-30 14072]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2012-11-08 30568]
R1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2010-12-09 79552]
R1 CFRPD;CFRPD; C:\Windows\system32\DRIVERS\CFRPD.sys [2010-12-09 41472]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-23 254528]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-08-17 126944]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2012-05-22 224088]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2012-05-22 130904]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2007-02-17 296816]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35344]
R2 PfFilter;PfFilter; \??\C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [2011-03-16 36792]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-09-18 22784]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-02-15 10856960]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-02-15 327680]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x64.sys [2009-06-25 58368]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-12-05 95248]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-04-22 33344]
R3 HssDrv;Hotspot Shield Helper Miniport; C:\Windows\system32\DRIVERS\HssDrv.sys [2012-03-06 56832]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-03-27 4015592]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\DRIVERS\ManyCam_x64.sys [2008-03-13 27136]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-14 15416]
R3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561V64.SYS [2009-04-30 588952]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2012-08-25 202632]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2012-09-13 38632]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-05-22 147288]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2012-05-22 166232]
S1 MpKsl773426dd;MpKsl773426dd; \??\C:\Windows\system32\MpEngineStore\MpKsl773426dd.sys [2012-04-11 35664]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-02-15 10856960]
S3 dump_wmimmc;dump_wmimmc; \??\E:\Heroes In the Sky\GameGuard\dump_wmimmc.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [2011-09-18 138328]
S3 esihdrv;esihdrv; \??\C:\Users\tomsk\AppData\Local\Temp\esihdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena\safedrv.sys []
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-01 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
S3 ksfmonsys;ksfmonsys; \??\C:\Program files (x86)\Kingsoft\PCDoctor\ksfmonsys64.sys []
S3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232]
S3 LVPr2Mon;LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2005-01-04 4682]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-29 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2012-02-21 31232]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-12-29 57856]
S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2011-09-20 21872]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\drivers\usb8023x.sys [2009-07-14 19968]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 VASDeviceDrm;Virtual Audio Streaming with Drm (WDM); C:\Windows\system32\drivers\vasdDev.sys [2012-03-19 1454896]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S4 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ADExchange;ArcSoft Exchange Service; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2012-08-14 43624]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-12 1026432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-02-15 235520]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 Cleaner_Validator;COMODO System - Cleaner Service; C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe [2010-12-09 371648]
R2 CLPSLS;COMODO livePCsupport Service; C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2012-12-28 9216]
R2 IISADMIN;@%windir%\system32\inetsrv\iisres.dll,-30007; C:\Windows\system32\inetsrv\inetinfo.exe [2010-11-20 15872]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-10-18 76888]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-10-24 390672]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2012-08-25 123664]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-10 136176]
S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2011-04-12 72704]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880]
S3 Desura Install Service;Desura Install Service; C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2012-10-02 131912]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-10 136176]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [2012-10-12 78072]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 LVPrcS64;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 191000]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-11 115760]
S3 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-09-23 641832]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2011-04-24 4164600]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 OverwolfUpdaterService;Overwolf Updater Service; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2012-08-21 18360]
S3 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2010-09-16 80896]
S3 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-12-21 541760]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-04-19 736104]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 Apache2.2;Apache2.2; C:\xampp\apache\bin\httpd.exe [2012-08-18 22016]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 hshld;Hotspot Shield Service; C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-10-13 523632]
S4 HssSrv;Hotspot Shield Routing Service; C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe [2012-10-12 413040]
S4 HssWd;Hotspot Shield Monitoring Service; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2012-10-12 389488]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

-----------------EOF-----------------

Re: PC do 2min zamrzne

Napsal: 17 led 2013 17:59
od Rudy
Příkaz >:files< smaže soubory, příp. celé adresáře, >:reg< registry klíče, nebo hodnoty a >:commands< jsednak promaže dočasné soubory, cookies a havěť typu purity. Z HotSpot Shield byl smazán pouze toolbar, který zpomaluje chod PC a automatické updatery, jsou otevřenou branou do PC pro všelijaké svinstvo. Správně jste odhadl, že OTM je v pořádku. Některé antiviry ho nemají rádi a označují jako virus.

Dvouklikem na soubor spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
O18 - Protocol: base64 - (no CLSID) - (no file)
O18 - Protocol: chrome - (no CLSID) - (no file)
O18 - Protocol: prox - (no CLSID) - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Re: PC do 2min zamrzne

Napsal: 19 led 2013 15:57
od tomsk
Takze vsetko vykonane, ak mi zamrzne niekedy tak vam napisem ale zatial to vyzera OK :)

A ako zvycajne aby som sa nieco aj naucil by ma zaujimalo co som vsetko robil cize:

Kód: Vybrat vše

O18 - Protocol: base64 - (no CLSID) - (no file)
Toto neviem co robi ale base64 poznam z programovacieho jazyka PHP tam sa to vyuziva ako typ sifrovania

Kód: Vybrat vše

O18 - Protocol: chrome - (no CLSID) - (no file)
Neviem co som urobil s Google Chrome

Kód: Vybrat vše

O18 - Protocol: prox - (no CLSID) - (no file)
Nieco asi s proxy ale neviem co :)

Kód: Vybrat vše

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
Premazal som addony v skype? :D


A na koniec posledna otazka: ste mi pisali aby som advanced system care nepouzival tak by som sa chcel spytat aku alternativu by som mal vyuzivat na optimalizaciu/udrzbu PC


Dakujem za pomoc :)

Re: PC do 2min zamrzne

Napsal: 19 led 2013 17:36
od Rudy
Jsou to zbytky po dříve již smazaných, nebo odinstalovaných položkách. (no file) znamená není soubor, jinými slovy daný registry klíč je tzv. prázdný, tedy zbytečný. Musím ještě upozonit, že volného místa na disku máte zhruba 5GB, což není mnoho. Přesuňte některá data na jiný disk, jinak je možné, že se problém znovu vrátí.

Re: PC do 2min zamrzne

Napsal: 14 bře 2013 14:43
od tomsk
pomohlo mi to na par dni (uvolnenie miesta z C) :D cize problem sa vratil a nemyslim ze to miesto bolo problem len to bola nahoda ze vtedy sa ten problem neukazoval, takze po par mesiacoch pozorovania som zistil PC mi zamrza skoro vzdy na 100% ked instalujem nejaky Driver (napriklad cez spravcu zariadeni) alebo ked nastavujem cas (zistil som to tak ze par dni mam uz vybitu bateriu v PC tak sa mi neuklada cas)


PS: teraz pisem z nudzoveho rezimu a asi 2 hodiny som sa snazil dostat do normalneho stavu ale zatial sa nepodarilo :/ ale v nudzovom rezime je vsetko OK, cize hardware-ova chyba sa myslim vylucuje


EDIT: na C mam momentalne cez 16Gb volneho miesta a nic... boly casy ked som mal na C volnych asi 50mb a toto mi nikdy nerobilo :D

Re: PC do 2min zamrzne

Napsal: 14 bře 2013 19:04
od Rudy
Zkuste obnovu systému k datu, kdy korektně fungoval.

Re: PC do 2min zamrzne

Napsal: 14 bře 2013 19:19
od tomsk
S tymto mam problem lebo nemam bod obnovenia ked fungoval spravne

Re: PC do 2min zamrzne

Napsal: 14 bře 2013 19:26
od Rudy
Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

Re: PC do 2min zamrzne

Napsal: 15 bře 2013 13:24
od tomsk
Nech sa páči :)

Kód: Vybrat vše

ComboFix 13-03-14.02 - tomsk . 03. 2013   2:11.2.2 - x64 NETWORK
Microsoft Windows 7 Professional   6.1.7601.1.1250.421.1051.18.4095.3309 [GMT 1:00]
Running from: c:\users\tomsk\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2013 *Disabled/Outdated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG Anti-Virus Free Edition 2013 *Disabled/Outdated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\program files (x86)\BrowserCompanion\blabbers-ff-full.xpi
c:\program files (x86)\BrowserCompanion\logo.ico
c:\program files (x86)\BrowserCompanion\sqlite3.dll
c:\program files (x86)\BrowserCompanion\uninstall.exe
c:\program files (x86)\BrowserCompanion\updater.ini
c:\program files (x86)\codec\uninstall.exe
c:\program files (x86)\codec\WakeSplitter.ax
c:\program files (x86)\P2Pcontrol\config\nodes.dat
c:\program files (x86)\P2Pcontrol\data
c:\program files (x86)\P2Pcontrol\P2Pcontrol.url
c:\program files (x86)\P2Pcontrol\P2Pcontrol_claim.url
c:\program files (x86)\P2Pcontrol\uninst.exe
c:\programdata\Safe\zsinfo.dat
C:\uninstall.exe
c:\users\tomsk\1a.png
c:\users\tomsk\5a.png
c:\users\tomsk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\P2Pcontrol\Claim money.lnk
c:\users\tomsk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\P2Pcontrol\P2Pcontrol website.lnk
c:\users\tomsk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\P2Pcontrol\Uninstall.lnk
c:\users\tomsk\AppData\Roaming\mIRC\logs\status.log
c:\users\tomsk\Desktop\Setup.exe
c:\users\tomsk\Documents\Downloads\CT2776682_BrotherSoft_Extreme.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
D:\install.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
(((((((((((((((((((((((((   Files Created from 2013-02-15 to 2013-03-15  )))))))))))))))))))))))))))))))
.
.
2013-07-03 20:20 . 2013-07-03 20:20	--------	d-----w-	c:\users\tomsk\AppData\Local\SplitMediaLabs
2013-07-03 20:19 . 2013-07-03 20:19	--------	d-----w-	c:\programdata\SplitMediaLabs
2013-07-03 20:19 . 2013-07-03 20:19	--------	d-----w-	c:\program files (x86)\SplitMediaLabs
2013-07-03 20:17 . 2013-07-03 20:17	--------	d-----w-	c:\users\tomsk\AppData\Roaming\SplitMediaLabs
2013-03-15 01:19 . 2013-03-15 01:19	--------	d-----w-	c:\users\tomsk\AppData\Local\temp
2013-03-15 01:19 . 2013-03-15 01:19	--------	d-----w-	c:\users\test\AppData\Local\temp
2013-03-15 01:19 . 2013-03-15 01:19	--------	d-----w-	c:\users\Internet\AppData\Local\temp
2013-03-15 01:19 . 2013-03-15 01:19	--------	d-----w-	c:\users\DefaultAppPool\AppData\Local\temp
2013-03-15 01:19 . 2013-03-15 01:19	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-03-14 03:41 . 2013-03-14 03:41	--------	d-----w-	C:\_OTM
2013-03-03 21:43 . 2013-03-03 21:43	--------	d-----w-	c:\program files (x86)\Spirent Communications
2013-03-03 20:45 . 2013-03-04 12:52	--------	d-----w-	c:\users\tomsk\AppData\Local\Htc
2013-03-03 20:17 . 2012-07-25 11:00	1002728	----a-w-	c:\windows\system32\WinUSBCoInstaller2.dll
2013-03-03 20:15 . 2013-03-03 20:17	--------	d-----w-	c:\users\tomsk\AppData\Local\Android-Sync
2013-03-03 19:39 . 2013-03-03 19:39	--------	d-----w-	c:\users\tomsk\AppData\Roaming\Teleca
2013-03-03 19:39 . 2013-03-03 20:41	--------	d-----w-	c:\program files (x86)\Common Files\Teleca Shared
2013-03-03 19:36 . 2013-03-03 19:36	--------	d-----w-	c:\windows\Downloaded Installations
2013-03-02 10:44 . 2013-01-11 10:52	19032	------w-	c:\windows\system32\pwdrvio.sys
2013-03-02 10:44 . 2013-01-11 10:52	3055808	----a-w-	c:\windows\system32\pwNative.exe
2013-03-02 10:44 . 2013-01-11 10:52	12384	------w-	c:\windows\system32\pwdspio.sys
2013-03-02 10:44 . 2013-03-02 10:44	--------	d-----w-	c:\program files (x86)\MiniTool Partition Wizard Home Edition 7.7
2013-03-01 21:46 . 2013-03-01 21:46	--------	d-----w-	c:\users\tomsk\AppData\Roaming\Mael
2013-03-01 20:10 . 2010-06-11 10:32	708168	----a-w-	c:\windows\system32\WinUSBCoInstaller.dll
2013-03-01 20:10 . 2010-06-11 10:32	1490656	----a-w-	c:\windows\system32\WdfCoInstaller01007.dll
2013-02-27 20:42 . 2013-02-27 21:03	--------	d-----w-	c:\users\tomsk\AppData\Local\Temporary Projects
2013-02-26 11:40 . 2009-01-25 11:14	17272	----a-w-	c:\windows\system32\sdnclean64.exe
2013-02-26 11:39 . 2013-02-26 11:40	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
2013-02-26 11:38 . 2013-02-26 11:38	--------	d-----w-	c:\users\tomsk\AppData\Local\Programs
2013-02-26 08:44 . 2013-02-26 08:44	--------	d-----w-	c:\users\test\AppData\Local\Mozilla
2013-02-26 08:43 . 2013-02-26 08:43	--------	d-----w-	c:\users\test\AppData\Local\Opera
2013-02-26 08:43 . 2013-02-26 08:43	--------	d-----w-	c:\users\test\AppData\Local\AVG Secure Search
2013-02-21 20:51 . 2013-01-09 01:10	996352	----a-w-	c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-21 20:51 . 2013-01-08 22:01	768000	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-21 20:00 . 2013-01-05 05:53	5553512	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-02-21 20:00 . 2013-01-05 05:00	3967848	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-02-21 20:00 . 2013-01-05 05:00	3913064	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-02-21 20:00 . 2013-01-04 03:26	3153408	----a-w-	c:\windows\system32\win32k.sys
2013-02-21 20:00 . 2013-01-04 05:46	215040	----a-w-	c:\windows\system32\winsrv.dll
2013-02-21 20:00 . 2013-01-04 04:51	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-02-21 20:00 . 2013-01-04 02:47	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-02-21 20:00 . 2013-01-04 02:47	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-02-21 20:00 . 2013-01-04 02:47	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-02-21 20:00 . 2013-01-04 02:47	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-02-21 20:00 . 2013-01-03 06:00	1913192	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-02-21 20:00 . 2013-01-03 06:00	288088	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-17 14:40 . 2013-02-17 14:40	--------	d-----w-	c:\program files (x86)\Astroburn Lite
2013-02-15 22:04 . 2013-02-15 22:04	208448	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-02-15 13:41 . 2012-12-19 13:48	237992	----a-w-	c:\windows\system32\drivers\VBoxDrv.sys
2013-02-15 13:41 . 2012-12-19 13:47	120232	----a-w-	c:\windows\system32\drivers\VBoxUSBMon.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-27 18:45 . 2012-07-06 12:08	691568	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-27 18:45 . 2011-11-23 19:11	71024	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-21 20:54 . 2011-04-10 15:29	70004024	----a-w-	c:\windows\system32\MRT.exe
2013-02-18 20:36 . 2012-10-12 18:42	39768	----a-w-	c:\windows\system32\drivers\avgtpx64.sys
2013-01-04 04:43 . 2013-02-21 20:00	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-12-29 20:13 . 2012-12-29 20:13	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-29 20:13 . 2012-12-29 20:13	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-29 20:13 . 2012-12-29 20:13	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-29 20:13 . 2012-12-29 20:13	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-29 20:12 . 2012-12-29 20:12	3174912	----a-w-	c:\windows\system32\rdpcorets.dll
2012-12-29 20:12 . 2012-12-29 20:12	243200	----a-w-	c:\windows\system32\rdpudd.dll
2012-12-29 20:12 . 2012-12-29 20:12	19456	----a-w-	c:\windows\system32\drivers\rdpvideominiport.sys
2012-12-29 20:12 . 2012-12-29 20:12	192000	----a-w-	c:\windows\SysWow64\rdpendp_winip.dll
2012-12-29 20:12 . 2012-12-29 20:12	15360	----a-w-	c:\windows\system32\RdpGroupPolicyExtension.dll
2012-12-29 20:12 . 2012-12-29 20:12	62976	----a-w-	c:\windows\system32\TSWbPrxy.exe
2012-12-29 20:12 . 2012-12-29 20:12	54272	----a-w-	c:\windows\system32\MsRdpWebAccess.dll
2012-12-29 20:12 . 2012-12-29 20:12	228864	----a-w-	c:\windows\system32\rdpendp_winip.dll
2012-12-29 20:12 . 2012-12-29 20:12	1048064	----a-w-	c:\windows\SysWow64\mstsc.exe
2012-12-29 20:12 . 2012-12-29 20:12	4916224	----a-w-	c:\windows\SysWow64\mstscax.dll
2012-12-29 20:12 . 2012-12-29 20:12	43520	----a-w-	c:\windows\system32\TsUsbGDCoInstaller.dll
2012-12-29 20:12 . 2012-12-29 20:12	37376	----a-w-	c:\windows\SysWow64\tsgqec.dll
2012-12-29 20:12 . 2012-12-29 20:12	269312	----a-w-	c:\windows\SysWow64\aaclient.dll
2012-12-29 20:12 . 2012-12-29 20:12	13312	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-12-29 20:12 . 2012-12-29 20:12	13312	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-12-29 20:12 . 2012-12-29 20:12	1123840	----a-w-	c:\windows\system32\mstsc.exe
2012-12-29 20:12 . 2012-12-29 20:12	57856	----a-w-	c:\windows\system32\drivers\TsUsbFlt.sys
2012-12-29 20:12 . 2012-12-29 20:12	5773824	----a-w-	c:\windows\system32\mstscax.dll
2012-12-29 20:12 . 2012-12-29 20:12	46592	----a-w-	c:\windows\SysWow64\MsRdpWebAccess.dll
2012-12-29 20:12 . 2012-12-29 20:12	44032	----a-w-	c:\windows\system32\tsgqec.dll
2012-12-29 20:12 . 2012-12-29 20:12	384000	----a-w-	c:\windows\system32\wksprt.exe
2012-12-29 20:12 . 2012-12-29 20:12	322560	----a-w-	c:\windows\system32\aaclient.dll
2012-12-29 20:12 . 2012-12-29 20:12	18432	----a-w-	c:\windows\system32\wksprtPS.dll
2012-12-29 20:12 . 2012-12-29 20:12	16896	----a-w-	c:\windows\SysWow64\wksprtPS.dll
2012-12-29 20:11 . 2012-12-29 20:11	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2012-12-29 20:11 . 2012-12-29 20:11	458712	----a-w-	c:\windows\system32\drivers\cng.sys
2012-12-29 20:11 . 2012-12-29 20:11	340992	----a-w-	c:\windows\system32\schannel.dll
2012-12-29 20:11 . 2012-12-29 20:11	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2012-12-29 20:11 . 2012-12-29 20:11	154480	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2012-12-29 20:11 . 2012-12-29 20:11	1448448	----a-w-	c:\windows\system32\lsasrv.dll
2012-12-29 20:11 . 2012-12-29 20:11	247808	----a-w-	c:\windows\SysWow64\schannel.dll
2012-12-19 13:47 . 2012-12-19 13:47	204200	----a-w-	c:\windows\system32\VBoxNetFltNobj.dll
2012-12-19 13:47 . 2012-12-19 13:47	146856	----a-w-	c:\windows\system32\drivers\VBoxNetFlt.sys
2012-12-19 13:47 . 2012-12-19 13:47	132008	----a-w-	c:\windows\system32\drivers\VBoxNetAdp.sys
2012-12-19 13:47 . 2012-12-19 13:47	106408	----a-w-	c:\windows\system32\drivers\VBoxUSB.sys
2012-12-16 20:00 . 2012-05-13 16:20	280792	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2012-12-16 20:00 . 2011-08-16 12:35	280792	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2012-12-16 19:59 . 2011-07-02 17:16	281032	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-02-18 20:36	1929392	----a-w-	c:\program files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll" [2013-02-18 1929392]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0OODBS\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-10-23 503352]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
R1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys [2010-12-09 79552]
R1 CFRPD;CFRPD;c:\windows\system32\DRIVERS\CFRPD.sys [2010-12-09 41472]
R1 MpKsl773426dd;MpKsl773426dd;c:\windows\system32\MpEngineStore\MpKsl773426dd.sys [2012-04-11 35664]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2012-12-19 237992]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-12-19 120232]
R2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2012-08-14 43624]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-12 1026432]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-02-15 235520]
R2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2012-05-31 75144]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [2012-05-31 385416]
R2 Cleaner_Validator;COMODO System - Cleaner Service;c:\program files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe [2010-12-09 371648]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
R2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2012-12-28 9216]
R2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 PfFilter;PfFilter;c:\program files (x86)\IObit\Protected Folder\pffilter.sys [2011-03-16 36792]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe [2012-10-24 390672]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-18 968880]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-12-05 95248]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe [2002-01-03 49152]
R3 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe [2012-10-02 131912]
R3 dump_wmimmc;dump_wmimmc;e:\heroes in the sky\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [2011-09-18 138328]
R3 esihdrv;esihdrv;c:\users\tomsk\AppData\Local\Temp\esihdrv.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 ksfmonsys;ksfmonsys;c:\program files (x86)\Kingsoft\PCDoctor\ksfmonsys64.sys [x]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232]
R3 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [2008-03-13 27136]
R3 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-09-23 641832]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2013-01-11 19032]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2013-01-11 12384]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-12-29 19456]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-12-29 57856]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-11-26 745368]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2011-09-20 21872]
R3 VASDeviceDrm;Virtual Audio Streaming with Drm (WDM);c:\windows\system32\drivers\vasdDev.sys [2012-03-19 1454896]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2012-12-19 106408]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-03-17 68440]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-10 1255736]
R3 wxpSvc;webcamXP Service;c:\program files (x86)\wLite\wService.exe [2010-05-02 5027328]
R4 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2012-08-18 22016]
R4 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]
R4 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-10-13 523632]
R4 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-10-12 389488]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S1 AvgAsC64;AVG Anti-Spyware Clean Driver;c:\windows\system32\DRIVERS\AvgAsC64.sys [2007-05-30 14072]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-02-18 39768]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-23 254528]
S2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x64.sys [2009-06-25 58368]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-12-19 132008]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2012-12-19 146856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-05 08:10	1630672	----a-w-	c:\program files (x86)\Google\Chrome\Application\25.0.1364.152\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-06 18:45]
.
2013-07-04 c:\windows\Tasks\COMODO Updater.job
- c:\program files\COMODO\COMODO System-Cleaner\Updater.exe [2010-12-09 12:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2012-10-10 16:30	287048	----a-w-	c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.sk/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Prevziať pomocou FDM - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Prevziať video pomocou FDM - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: Prevziať vybrané pomocou FDM - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Prevziať všetko pomocou FDM - file://c:\program files (x86)\Free Download Manager\dlall.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\tomsk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
DPF: {6685D182-E710-4193-9678-785C6B7290E5} - hxxp://snehuliak.dynalias.net/Option/Media.CAB
DPF: {79EE81BD-6194-4240-A04F-131A81513DCB} - hxxp://snehuliak.dynalias.net/Media.CAB
FF - ProfilePath - c:\users\tomsk\AppData\Roaming\Mozilla\Firefox\Profiles\t413u9ml.default-1355690283645\
FF - ExtSQL: 2013-02-05 12:45; cryenginebrowserplugin@crytek.com; c:\users\tomsk\AppData\Roaming\Mozilla\Firefox\Profiles\t413u9ml.default-1355690283645\extensions\cryenginebrowserplugin@crytek.com
FF - user.js: extentions.y2layers.installId - df2bafcc-9324-4d1f-b18f-acc90ae6979c
FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,buzzdock,YontooNewOffers
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: nglayout.initialpaint.delay - 0
.
- - - - ORPHANS REMOVED - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
SafeBoot-AVG Anti-Spyware Driver
SafeBoot-IMFservice
ShellIconOverlayIdentifiers-{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} - (no file)
ShellIconOverlayIdentifiers-{C72C6188-BEF2-46E5-A89A-52F0ED75219E} - (no file)
ShellIconOverlayIdentifiers-{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} - (no file)
ShellIconOverlayIdentifiers-{CB1EFEF8-D5E0-49D1-B768-41B48B1D7803} - (no file)
AddRemove-BrowserCompanion - c:\program files (x86)\BrowserCompanion\uninstall.exe
AddRemove-Codec - c:\program files (x86)\Codec\uninstall.exe
AddRemove-Minecraft Klient - Nový Věk & Svět Dávných Bohů 1.0 - MC 1.4.6 - C:\Uninstall.exe
AddRemove-Minecraft Klient Update - Nový Věk & Svět Dávných Bohů 1.1 - MC 1.4.6 - C:\Uninstall.exe
AddRemove-P2Pcontrol - c:\program files (x86)\P2Pcontrol\uninst.exe
AddRemove-_{AA902C31-B49D-4608-BCCF-2519EB77722D} - c:\program files (x86)\Corel\Corel VideoStudio Pro X4\Setup\{AA902C31-B49D-4608-BCCF-2519EB77722D}\SetupARP.exe
AddRemove-GoforFiles - c:\program files (x86)\GoforFiles\uninstall.exe
AddRemove-Planet Side 2 - d:\planet side 2\Uninstaller.exe
AddRemove-PlanetSide 2 - d:\planetside 2\Uninstaller.exe
AddRemove-soe-PlanetSide 2 - d:\planetside 2\Uninstaller.exe
AddRemove-soe-PlanetSide 2 (2) - d:\planetside 2\Uninstaller.exe
AddRemove-YourFileDownloader - c:\program files (x86)\YourFileDownloader\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wxpSvc]
"ImagePath"="c:\program files (x86)\wLite\wService.exe /startedbyscm:5053B757-40E35B3B-webcamSRV"
"ImagePath"="\"c:\program files\CyberLink\Shared files\RichVideo64.exe\"\00Z
[\]^_Ž\00\00Ž\00\00\00\00\0b\00JKLMNO\00\00\00\00\00\00\00\00\03\00\00\00|}~Ž\00\00Ž\00\00\00\00Ž\00\00\00\00\00\00\00‘’“"
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-158558460-2646869902-57166230-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:04,65,2e,7d,52,b0,f8,b7,12,6d,f5,33,3b,3d,69,2d,7d,df,f7,fb,d8,16,43,
   9b,f0,66,3d,86,37,54,c2,6d,ea,6d,86,d4,09,e9,d5,f7,a0,3d,48,4c,35,6a,1b,fe,\
"??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49
.
[HKEY_USERS\S-1-5-21-158558460-2646869902-57166230-1001\Software\SecuROM\License information*]
"datasecu"=hex:88,ae,fd,0d,54,eb,51,85,ed,f7,0e,18,57,04,2e,11,fb,2a,d3,4b,a5,
   5a,5a,8d,3c,5b,60,02,e9,08,96,c9,17,73,b2,72,0a,95,c7,4a,c0,cb,2b,46,cb,9c,\
"rkeysecu"=hex:bd,bf,c7,35,48,27,b4,45,d6,86,c3,d2,3d,62,32,b6
.
[HKEY_USERS\S-1-5-21-158558460-2646869902-57166230-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\e:\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"qgif4.dll"=multi:"2011-10-10T17:42\00gif\00\00"
"qico4.dll"=multi:"2011-10-10T17:42\00ico\00\00"
"qjpeg4.dll"=multi:"2011-10-10T17:42\00jpeg\00jpg\00\00"
.
[HKEY_USERS\S-1-5-21-158558460-2646869902-57166230-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QTextCodecFactoryInterface:\e:\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\codecs]
"qcncodecs4.dll"=multi:"2011-10-10T17:42\00GB18030\00GBK\00GB2312\00CP936\00MS936\00windows-936\00MIB: 114\00MIB: 113\00MIB: 2025\00\00"
"qkrcodecs4.dll"=multi:"2011-10-10T17:42\00EUC-KR\00cp949\00MIB: 38\00MIB: -949\00\00"
"qtwcodecs4.dll"=multi:"2011-10-10T17:42\00Big5\00Big5-HKSCS\00Big5-ETen\00CP950\00MIB: 2026\00MIB: 2101\00\00"
.
[HKEY_USERS\S-1-5-21-158558460-2646869902-57166230-1001\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\e:\b*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\codecs]
"qcncodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qjpcodecs4.dll"=multi:"40602\000\00Windows msvc release full-config\002011-10-10T17:42\00\00"
"qjpcodecsd4.dll"=multi:"40703\001\00Windows msvc debug full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qkrcodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qtwcodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
.
[HKEY_USERS\S-1-5-21-158558460-2646869902-57166230-1001\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\e:\b*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"Microsoft.VC80.CRT.manifest"=multi:"0\001\00unknown\002011-10-10T17:42\00\00"
"msvcr80.dll"=multi:"0\001\00unknown\002011-10-10T17:42\00\00"
"qgif4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qico4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qjpeg4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="A3E4B62F3D20BB8F06E19652459CCBFDDC0C5BC7D7439AC8DEB71C1B67F7B2A6EAD6E19209FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98088EDD5E5BE2F6E667FEBC9E127BECC74CA2D97226D213B5553CF1B041B0A3C6E356D19368B1E61E94AF37EA3AFEF9B709F9A5E08985D857B50A07FD72EB2274C71CE2071F3E0BCBF2E699BB1DEF6EBACE013EDD44A3E4F24A1873882E4773FC23F1E1DABA853E847941376F297C597B6B4ABCA33B4C228A475B7630EF76A8CD450AD596C6852A6ED8CE00D1980E9D7510E39AE279F6C90C7E7D32ACB59A75ED41CBAC94D32E9C4186D24981AC03C0B8318CB5A2120F3BFB875AAF0602CCB1736ED035837465074CB846CCF3AA2D6C6388B9513919F27A71BA85D81B5C19D88AE6E72566C082FB6FEBD2286FDB53EEAF1213135629F52C1837C4FD1CCDFE0B750A14941455D4B62161D9DB900BAE3B6690F60677E05F1EAE5E0FD111E6730D867C8B7E36509B13E99C6DCDC60A6D64E409F31873E0E93D0957946CD139DD45A7A43845CC568D116665D4C856AC32A61EC3D09C71CDC41C0D0BB5C98D5B99C1D3ACB92CAA0E5257C8C88C7757CC92DF194D0348F0531373372988C745E7F82F1C05E15C7624872E561644ECB3C59811EFF739B6BF1E6B1D9623D5AA4FFEBDE4A3E0B6612B473E0268E1DE1FAC7942DF50D9D466845FD8974EAE1B995540A0D8A43673AB172CFA64EB0473E5D5CC0217FBC967B8B74D5A8696C68A20D3D54EA6694007905C0AB689E2984F0097A6BCA4C966BBF52622E330B8A889AD1E68E58F53FE93C7F21CDECAE001EF8DACF34E19A491CE47EF1A5B001557311559267B76D636EF6D25A3D4A490DF0A95A4A7032C0B6ECEB90A781D841F18500F7FC218E3FB6B258212E1ECB82F1D8500E3331DB60E662242BD02F5F05EF5E535DE74B583DEEAF3EA2CA0714B0E66FB9BA2925337D328DF36277F2C1D6E3FAA89187746A42FC3CDF0B9A91D46912BBF986C40CFCE97A4D6CF384073817C0585EC22872E3C32C859BDD54E23353420518BA03C30C4A88F85ADB49579BE4E9D9528C56A4461BF1070E4EFE0284982BBEA70F20D0701E56321D135545B18B9A32B6521635450447622D7CA3AC3589D3C76A3EB3B5892495C9123A6D6ACF22AF54CB5A5C01FE9401BB1F1FCB5845A3BA094E56652A02B5B7C746BCAF9F45B9E35320B1A4E5830476093ECEF326BEC242C17DC1362CDA1B98899D9B5A02F802CC8CBBD175FA84B026D75EAE4136CD0B6E90791F303BFED97898600502FC93377DA3A098B4BAA09AC2DB270EC417169E2232072E34A4E30BB4CF156D610A76DBD58510C386D70571850DFE4EEA8D6422FE951D08B55C3287FE2C9345BB1A0C7CDF31CCA3422FBCBA8C7C29425"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-03-15  02:21:40
ComboFix-quarantined-files.txt  2013-03-15 01:21
.
Pre-Run: 16 804 990 976 bytes free
Post-Run: 16 387 604 480 bytes free
.
- - End Of File - - 7F9128705360C7DEA62EAD432B2BF1B3

Re: PC do 2min zamrzne

Napsal: 15 bře 2013 18:23
od Rudy
Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
KillAll::

Firefox::
F - ProfilePath - c:\users\tomsk\AppData\Roaming\Mozilla\Firefox\Profiles\t413u9ml.default-1355690283645\
FF - ExtSQL: 2013-02-05 12:45; cryenginebrowserplugin@crytek.com; c:\users\tomsk\AppData\Roaming\Mozilla\Firefox\Profiles\t413u9ml.default-1355690283645\extensions\cryenginebrowserplugin@crytek.com
FF - user.js: extentions.y2layers.installId - df2bafcc-9324-4d1f-b18f-acc90ae6979c
FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,buzzdock,YontooNewOffers
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: nglayout.initialpaint.delay - 0

Regnull::
[HKEY_USERS\S-1-5-21-158558460-2646869902-57166230-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Reboot::
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Re: PC do 2min zamrzne

Napsal: 15 bře 2013 19:25
od tomsk
takze odinstaloval som pre istotu Advanced System Care a spustil som Spybot Search & Destroy a spustil som ten ComboFix s tym scriptom ale nepomohlo


tu je novy log:

Kód: Vybrat vše

ComboFix 13-03-15.01 - tomsk . 03. 2013   7:54.3.2 - x64 NETWORK
Microsoft Windows 7 Professional   6.1.7601.1.1250.421.1051.18.4095.3132 [GMT 1:00]
Running from: c:\users\tomsk\Desktop\ComboFix.exe
Command switches used :: c:\users\tomsk\Desktop\CFScript.TXT
AV: AVG Anti-Virus Free Edition 2013 *Disabled/Outdated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG Anti-Virus Free Edition 2013 *Disabled/Outdated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\tomsk\AppData\Roaming\Microsoft\Windows\Templates\temp.exe
.
.
(((((((((((((((((((((((((   Files Created from 2013-02-15 to 2013-03-15  )))))))))))))))))))))))))))))))
.
.
2013-07-03 20:20 . 2013-07-03 20:20	--------	d-----w-	c:\users\tomsk\AppData\Local\SplitMediaLabs
2013-07-03 20:19 . 2013-07-03 20:19	--------	d-----w-	c:\programdata\SplitMediaLabs
2013-07-03 20:19 . 2013-07-03 20:19	--------	d-----w-	c:\program files (x86)\SplitMediaLabs
2013-07-03 20:17 . 2013-07-03 20:17	--------	d-----w-	c:\users\tomsk\AppData\Roaming\SplitMediaLabs
2013-03-15 07:00 . 2013-03-15 07:03	--------	d-----w-	c:\users\tomsk\AppData\Local\temp
2013-03-15 07:00 . 2013-03-15 07:00	--------	d-----w-	c:\users\test\AppData\Local\temp
2013-03-15 07:00 . 2013-03-15 07:00	--------	d-----w-	c:\users\Internet\AppData\Local\temp
2013-03-15 07:00 . 2013-03-15 07:00	--------	d-----w-	c:\users\DefaultAppPool\AppData\Local\temp
2013-03-15 07:00 . 2013-03-15 07:00	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-03-15 06:08 . 2013-03-15 06:08	7054	----a-w-	c:\windows\system32\PerfStringBackup.TMP
2013-03-03 21:43 . 2013-03-03 21:43	--------	d-----w-	c:\program files (x86)\Spirent Communications
2013-03-03 20:45 . 2013-03-15 02:23	--------	d-----w-	c:\users\tomsk\AppData\Local\Htc
2013-03-03 20:17 . 2012-07-25 11:00	1002728	----a-w-	c:\windows\system32\WinUSBCoInstaller2.dll
2013-03-03 20:15 . 2013-03-03 20:17	--------	d-----w-	c:\users\tomsk\AppData\Local\Android-Sync
2013-03-03 19:39 . 2013-03-03 19:39	--------	d-----w-	c:\users\tomsk\AppData\Roaming\Teleca
2013-03-03 19:39 . 2013-03-03 20:41	--------	d-----w-	c:\program files (x86)\Common Files\Teleca Shared
2013-03-03 19:36 . 2013-03-03 19:36	--------	d-----w-	c:\windows\Downloaded Installations
2013-03-02 10:44 . 2013-01-11 10:52	19032	------w-	c:\windows\system32\pwdrvio.sys
2013-03-02 10:44 . 2013-01-11 10:52	3055808	----a-w-	c:\windows\system32\pwNative.exe
2013-03-02 10:44 . 2013-01-11 10:52	12384	------w-	c:\windows\system32\pwdspio.sys
2013-03-02 10:44 . 2013-03-02 10:44	--------	d-----w-	c:\program files (x86)\MiniTool Partition Wizard Home Edition 7.7
2013-03-01 21:46 . 2013-03-01 21:46	--------	d-----w-	c:\users\tomsk\AppData\Roaming\Mael
2013-03-01 20:10 . 2010-06-11 10:32	708168	----a-w-	c:\windows\system32\WinUSBCoInstaller.dll
2013-03-01 20:10 . 2010-06-11 10:32	1490656	----a-w-	c:\windows\system32\WdfCoInstaller01007.dll
2013-02-27 20:42 . 2013-02-27 21:03	--------	d-----w-	c:\users\tomsk\AppData\Local\Temporary Projects
2013-02-26 11:40 . 2009-01-25 11:14	17272	----a-w-	c:\windows\system32\sdnclean64.exe
2013-02-26 11:39 . 2013-03-15 06:07	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
2013-02-26 11:38 . 2013-02-26 11:38	--------	d-----w-	c:\users\tomsk\AppData\Local\Programs
2013-02-26 08:44 . 2013-02-26 08:44	--------	d-----w-	c:\users\test\AppData\Local\Mozilla
2013-02-26 08:43 . 2013-02-26 08:43	--------	d-----w-	c:\users\test\AppData\Local\Opera
2013-02-26 08:43 . 2013-02-26 08:43	--------	d-----w-	c:\users\test\AppData\Local\AVG Secure Search
2013-02-21 20:51 . 2013-01-09 01:10	996352	----a-w-	c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-21 20:51 . 2013-01-08 22:01	768000	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-21 20:00 . 2013-01-05 05:53	5553512	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-02-21 20:00 . 2013-01-05 05:00	3967848	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-02-21 20:00 . 2013-01-05 05:00	3913064	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-02-21 20:00 . 2013-01-04 03:26	3153408	----a-w-	c:\windows\system32\win32k.sys
2013-02-21 20:00 . 2013-01-04 05:46	215040	----a-w-	c:\windows\system32\winsrv.dll
2013-02-21 20:00 . 2013-01-04 04:51	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-02-21 20:00 . 2013-01-04 02:47	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-02-21 20:00 . 2013-01-04 02:47	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-02-21 20:00 . 2013-01-04 02:47	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-02-21 20:00 . 2013-01-04 02:47	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-02-21 20:00 . 2013-01-03 06:00	1913192	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-02-21 20:00 . 2013-01-03 06:00	288088	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-17 14:40 . 2013-02-17 14:40	--------	d-----w-	c:\program files (x86)\Astroburn Lite
2013-02-15 22:04 . 2013-02-15 22:04	208448	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-02-15 13:41 . 2012-12-19 13:48	237992	----a-w-	c:\windows\system32\drivers\VBoxDrv.sys
2013-02-15 13:41 . 2012-12-19 13:47	120232	----a-w-	c:\windows\system32\drivers\VBoxUSBMon.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-27 18:45 . 2012-07-06 12:08	691568	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-27 18:45 . 2011-11-23 19:11	71024	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-21 20:54 . 2011-04-10 15:29	70004024	----a-w-	c:\windows\system32\MRT.exe
2013-02-18 20:36 . 2012-10-12 18:42	39768	----a-w-	c:\windows\system32\drivers\avgtpx64.sys
2013-01-04 04:43 . 2013-02-21 20:00	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-12-29 20:13 . 2012-12-29 20:13	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-29 20:13 . 2012-12-29 20:13	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-29 20:13 . 2012-12-29 20:13	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-29 20:13 . 2012-12-29 20:13	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-29 20:12 . 2012-12-29 20:12	3174912	----a-w-	c:\windows\system32\rdpcorets.dll
2012-12-29 20:12 . 2012-12-29 20:12	243200	----a-w-	c:\windows\system32\rdpudd.dll
2012-12-29 20:12 . 2012-12-29 20:12	19456	----a-w-	c:\windows\system32\drivers\rdpvideominiport.sys
2012-12-29 20:12 . 2012-12-29 20:12	192000	----a-w-	c:\windows\SysWow64\rdpendp_winip.dll
2012-12-29 20:12 . 2012-12-29 20:12	15360	----a-w-	c:\windows\system32\RdpGroupPolicyExtension.dll
2012-12-29 20:12 . 2012-12-29 20:12	62976	----a-w-	c:\windows\system32\TSWbPrxy.exe
2012-12-29 20:12 . 2012-12-29 20:12	54272	----a-w-	c:\windows\system32\MsRdpWebAccess.dll
2012-12-29 20:12 . 2012-12-29 20:12	228864	----a-w-	c:\windows\system32\rdpendp_winip.dll
2012-12-29 20:12 . 2012-12-29 20:12	1048064	----a-w-	c:\windows\SysWow64\mstsc.exe
2012-12-29 20:12 . 2012-12-29 20:12	4916224	----a-w-	c:\windows\SysWow64\mstscax.dll
2012-12-29 20:12 . 2012-12-29 20:12	43520	----a-w-	c:\windows\system32\TsUsbGDCoInstaller.dll
2012-12-29 20:12 . 2012-12-29 20:12	37376	----a-w-	c:\windows\SysWow64\tsgqec.dll
2012-12-29 20:12 . 2012-12-29 20:12	269312	----a-w-	c:\windows\SysWow64\aaclient.dll
2012-12-29 20:12 . 2012-12-29 20:12	13312	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-12-29 20:12 . 2012-12-29 20:12	13312	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-12-29 20:12 . 2012-12-29 20:12	1123840	----a-w-	c:\windows\system32\mstsc.exe
2012-12-29 20:12 . 2012-12-29 20:12	57856	----a-w-	c:\windows\system32\drivers\TsUsbFlt.sys
2012-12-29 20:12 . 2012-12-29 20:12	5773824	----a-w-	c:\windows\system32\mstscax.dll
2012-12-29 20:12 . 2012-12-29 20:12	46592	----a-w-	c:\windows\SysWow64\MsRdpWebAccess.dll
2012-12-29 20:12 . 2012-12-29 20:12	44032	----a-w-	c:\windows\system32\tsgqec.dll
2012-12-29 20:12 . 2012-12-29 20:12	384000	----a-w-	c:\windows\system32\wksprt.exe
2012-12-29 20:12 . 2012-12-29 20:12	322560	----a-w-	c:\windows\system32\aaclient.dll
2012-12-29 20:12 . 2012-12-29 20:12	18432	----a-w-	c:\windows\system32\wksprtPS.dll
2012-12-29 20:12 . 2012-12-29 20:12	16896	----a-w-	c:\windows\SysWow64\wksprtPS.dll
2012-12-29 20:11 . 2012-12-29 20:11	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2012-12-29 20:11 . 2012-12-29 20:11	458712	----a-w-	c:\windows\system32\drivers\cng.sys
2012-12-29 20:11 . 2012-12-29 20:11	340992	----a-w-	c:\windows\system32\schannel.dll
2012-12-29 20:11 . 2012-12-29 20:11	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2012-12-29 20:11 . 2012-12-29 20:11	154480	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2012-12-29 20:11 . 2012-12-29 20:11	1448448	----a-w-	c:\windows\system32\lsasrv.dll
2012-12-29 20:11 . 2012-12-29 20:11	247808	----a-w-	c:\windows\SysWow64\schannel.dll
2012-12-19 13:47 . 2012-12-19 13:47	204200	----a-w-	c:\windows\system32\VBoxNetFltNobj.dll
2012-12-19 13:47 . 2012-12-19 13:47	146856	----a-w-	c:\windows\system32\drivers\VBoxNetFlt.sys
2012-12-19 13:47 . 2012-12-19 13:47	132008	----a-w-	c:\windows\system32\drivers\VBoxNetAdp.sys
2012-12-19 13:47 . 2012-12-19 13:47	106408	----a-w-	c:\windows\system32\drivers\VBoxUSB.sys
2012-12-16 20:00 . 2012-05-13 16:20	280792	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2012-12-16 20:00 . 2011-08-16 12:35	280792	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2012-12-16 19:59 . 2011-07-02 17:16	281032	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-02-18 20:36	1929392	----a-w-	c:\program files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll" [2013-02-18 1929392]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-11-13 3713032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-10-23 503352]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
R1 MpKsl773426dd;MpKsl773426dd;c:\windows\system32\MpEngineStore\MpKsl773426dd.sys [2012-04-11 35664]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2012-12-19 237992]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-12-19 120232]
R2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2012-08-14 43624]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-02-15 235520]
R2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2012-05-31 75144]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [2012-05-31 385416]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
R2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-18 968880]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-12-05 95248]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe [2002-01-03 49152]
R3 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe [2012-10-02 131912]
R3 dump_wmimmc;dump_wmimmc;e:\heroes in the sky\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [2011-09-18 138328]
R3 esihdrv;esihdrv;c:\users\tomsk\AppData\Local\Temp\esihdrv.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 ksfmonsys;ksfmonsys;c:\program files (x86)\Kingsoft\PCDoctor\ksfmonsys64.sys [x]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232]
R3 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [2008-03-13 27136]
R3 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-09-23 641832]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2013-01-11 19032]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2013-01-11 12384]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-12-29 19456]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-12-29 57856]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-11-26 745368]
R3 VASDeviceDrm;Virtual Audio Streaming with Drm (WDM);c:\windows\system32\drivers\vasdDev.sys [2012-03-19 1454896]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2012-12-19 106408]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-03-17 68440]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-10 1255736]
R3 wxpSvc;webcamXP Service;c:\program files (x86)\wLite\wService.exe [2010-05-02 5027328]
R4 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2012-08-18 22016]
R4 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-10-13 523632]
R4 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-10-12 389488]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-02-18 39768]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-23 254528]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x64.sys [2009-06-25 58368]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-12-19 132008]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2012-12-19 146856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-15 05:52	1629648	----a-w-	c:\program files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-06 18:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2012-10-10 16:30	287048	----a-w-	c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.sk/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Prevziať pomocou FDM - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Prevziať video pomocou FDM - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: Prevziať vybrané pomocou FDM - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Prevziať všetko pomocou FDM - file://c:\program files (x86)\Free Download Manager\dlall.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\tomsk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
DPF: {6685D182-E710-4193-9678-785C6B7290E5} - hxxp://snehuliak.dynalias.net/Option/Media.CAB
DPF: {79EE81BD-6194-4240-A04F-131A81513DCB} - hxxp://snehuliak.dynalias.net/Media.CAB
FF - ProfilePath - c:\users\tomsk\AppData\Roaming\Mozilla\Firefox\Profiles\t413u9ml.default-1355690283645\
FF - ExtSQL: 2013-02-05 12:45; cryenginebrowserplugin@crytek.com; c:\users\tomsk\AppData\Roaming\Mozilla\Firefox\Profiles\t413u9ml.default-1355690283645\extensions\cryenginebrowserplugin@crytek.com
FF - user.js: extentions.y2layers.installId - df2bafcc-9324-4d1f-b18f-acc90ae6979c
FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,buzzdock,YontooNewOffers
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: nglayout.initialpaint.delay - 0
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-RunOnce-<NO NAME> - (no file)
Notify-SDWinLogon - SDWinLogon.dll
ShellIconOverlayIdentifiers-{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} - (no file)
ShellIconOverlayIdentifiers-{C72C6188-BEF2-46E5-A89A-52F0ED75219E} - (no file)
ShellIconOverlayIdentifiers-{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} - (no file)
ShellIconOverlayIdentifiers-{CB1EFEF8-D5E0-49D1-B768-41B48B1D7803} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wxpSvc]
"ImagePath"="c:\program files (x86)\wLite\wService.exe /startedbyscm:5053B757-40E35B3B-webcamSRV"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-158558460-2646869902-57166230-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\e:\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"qgif4.dll"=multi:"2011-10-10T17:42\00gif\00\00"
"qico4.dll"=multi:"2011-10-10T17:42\00ico\00\00"
"qjpeg4.dll"=multi:"2011-10-10T17:42\00jpeg\00jpg\00\00"
.
[HKEY_USERS\S-1-5-21-158558460-2646869902-57166230-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QTextCodecFactoryInterface:\e:\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\codecs]
"qcncodecs4.dll"=multi:"2011-10-10T17:42\00GB18030\00GBK\00GB2312\00CP936\00MS936\00windows-936\00MIB: 114\00MIB: 113\00MIB: 2025\00\00"
"qkrcodecs4.dll"=multi:"2011-10-10T17:42\00EUC-KR\00cp949\00MIB: 38\00MIB: -949\00\00"
"qtwcodecs4.dll"=multi:"2011-10-10T17:42\00Big5\00Big5-HKSCS\00Big5-ETen\00CP950\00MIB: 2026\00MIB: 2101\00\00"
.
[HKEY_USERS\S-1-5-21-158558460-2646869902-57166230-1001\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\e:\b*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\codecs]
"qcncodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qjpcodecs4.dll"=multi:"40602\000\00Windows msvc release full-config\002011-10-10T17:42\00\00"
"qjpcodecsd4.dll"=multi:"40703\001\00Windows msvc debug full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qkrcodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qtwcodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
.
[HKEY_USERS\S-1-5-21-158558460-2646869902-57166230-1001\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\e:\b*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"Microsoft.VC80.CRT.manifest"=multi:"0\001\00unknown\002011-10-10T17:42\00\00"
"msvcr80.dll"=multi:"0\001\00unknown\002011-10-10T17:42\00\00"
"qgif4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qico4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
"qjpeg4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T17:42\00\00"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="A3E4B62F3D20BB8F06E19652459CCBFDDC0C5BC7D7439AC8DEB71C1B67F7B2A6EAD6E19209FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98088EDD5E5BE2F6E667FEBC9E127BECC74CA2D97226D213B5553CF1B041B0A3C6E356D19368B1E61E94AF37EA3AFEF9B709F9A5E08985D857B50A07FD72EB2274C71CE2071F3E0BCBF2E699BB1DEF6EBACE013EDD44A3E4F24A1873882E4773FC23F1E1DABA853E847941376F297C597B6B4ABCA33B4C228A475B7630EF76A8CD450AD596C6852A6ED8CE00D1980E9D7510E39AE279F6C90C7E7D32ACB59A75ED41CBAC94D32E9C4186D24981AC03C0B8318CB5A2120F3BFB875AAF0602CCB1736ED035837465074CB846CCF3AA2D6C6388B9513919F27A71BA85D81B5C19D88AE6E72566C082FB6FEBD2286FDB53EEAF1213135629F52C1837C4FD1CCDFE0B750A14941455D4B62161D9DB900BAE3B6690F60677E05F1EAE5E0FD111E6730D867C8B7E36509B13E99C6DCDC60A6D64E409F31873E0E93D0957946CD139DD45A7A43845CC568D116665D4C856AC32A61EC3D09C71CDC41C0D0BB5C98D5B99C1D3ACB92CAA0E5257C8C88C7757CC92DF194D0348F0531373372988C745E7F82F1C05E15C7624872E561644ECB3C59811EFF739B6BF1E6B1D9623D5AA4FFEBDE4A3E0B6612B473E0268E1DE1FAC7942DF50D9D466845FD8974EAE1B995540A0D8A43673AB172CFA64EB0473E5D5CC0217FBC967B8B74D5A8696C68A20D3D54EA6694007905C0AB689E2984F0097A6BCA4C966BBF52622E330B8A889AD1E68E58F53FE93C7F21CDECAE001EF8DACF34E19A491CE47EF1A5B001557311559267B76D636EF6D25A3D4A490DF0A95A4A7032C0B6ECEB90A781D841F18500F7FC218E3FB6B258212E1ECB82F1D8500E3331DB60E662242BD02F5F05EF5E535DE74B583DEEAF3EA2CA0714B0E66FB9BA2925337D328DF36277F2C1D6E3FAA89187746A42FC3CDF0B9A91D46912BBF986C40CFCE97A4D6CF384073817C0585EC22872E3C32C859BDD54E23353420518BA03C30C4A88F85ADB49579BE4E9D9528C56A4461BF1070E4EFE0284982BBEA70F20D0701E56321D135545B18B9A32B6521635450447622D7CA3AC3589D3C76A3EB3B5892495C9123A6D6ACF22AF54CB5A5C01FE9401BB1F1FCB5845A3BA094E56652A02B5B7C746BCAF9F45B9E35320B1A4E5830476093ECEF326BEC242C17DC1362CDA1B98899D9B5A02F802CC8CBBD175FA84B026D75EAE4136CD0B6E90791F303BFED97898600502FC93377DA3A098B4BAA09AC2DB270EC417169E2232072E34A4E30BB4CF156D610A76DBD58510C386D70571850DFE4EEA8D6422FE951D08B55C3287FE2C9345BB1A0C7CDF31CCA3422FBCBA8C7C29425"
.
Completion time: 2013-03-15  08:07:42 - machine was rebooted
ComboFix-quarantined-files.txt  2013-03-15 07:07
.
Pre-Run: 19 509 796 864 bytes free
Post-Run: 19 323 670 528 bytes free
.
- - End Of File - - 8B04EE6F8F75D8E2E466E0522B478366
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz