VIRY.CZ

Ahojte, prave jsme dokoncil odvirovavani PC meho bratrance ale vypada to ze tam neco zustalo, tak bych chtel poprosit o kontrolu.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Matt at 2013-05-11 16:47:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 375 GB (81%) free of 465 GB
Total RAM: 3039 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:47:25 PM, on 11/05/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IDT\WDM\sttray.exe
c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Users\Matt\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matt\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matt\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matt\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matt\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matt\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matt\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Matt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {d8215d9c-81ed-4e53-b420-bfcdbac4734d} - (no file)
R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - (no file)
R3 - URLSearchHook: (no name) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - (no file)
R3 - URLSearchHook: (no name) - {0cc09160-108c-4759-bab1-5c12c216e005} - (no file)
R3 - URLSearchHook: (no name) - {2d922b81-34c7-4aab-9c5d-433e79fc9445} - (no file)
R3 - URLSearchHook: (no name) - {77f8c945-4b74-4bd6-a073-e0d1997edce8} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: (no name) - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - (no file)
O2 - BHO: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: (no name) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - (no file)
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: (no name) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - (no file)
O3 - Toolbar: (no name) - {2d922b81-34c7-4aab-9c5d-433e79fc9445} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CD3A49E-F05E-4EC5-A5BA-14A85816A903}: NameServer = 198.142.0.51 61.88.88.88
O17 - HKLM\System\CCS\Services\Tcpip\..\{455B356B-F1AD-480A-B210-03D8D946C73E}: NameServer = 198.142.0.51 61.88.88.88
O17 - HKLM\System\CCS\Services\Tcpip\..\{87D3DBD4-C9DD-417E-A4CE-8EC90089471F}: NameServer = 198.142.0.51 61.88.88.88
O17 - HKLM\System\CCS\Services\Tcpip\..\{BFADE558-1F34-4F4D-BD98-6FBB38D757F6}: NameServer = 198.142.0.51 61.88.88.88
O17 - HKLM\System\CS1\Services\Tcpip\..\{3CD3A49E-F05E-4EC5-A5BA-14A85816A903}: NameServer = 198.142.0.51 61.88.88.88
O17 - HKLM\System\CS2\Services\Tcpip\..\{3CD3A49E-F05E-4EC5-A5BA-14A85816A903}: NameServer = 198.142.0.51 61.88.88.88
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~2\search~1\261123~1.78\c190e9~1\srchal~1.dll c:\progra~2\search~1\22559~1.50\c190e9~1\srchal~1.dll c:\progra~1\contin~1\sprote~1.dll c:\progra~1\simple~1\sprote~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: HWDeviceService.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Optus Mobile Broadband. OUC (Optus Mobile Broadband. RunOuc) - Unknown owner - C:\Program Files\Optus Mobile Broadband\UpdateDog\ouc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe

--
End of file - 12777 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-11-23 603816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-02 203320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-23 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}]
Browser Companion Helper Verifier - C:\Program Files\BrowserCompanion\updatebhoWin32.dll [2012-06-28 141104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-29 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED663}]
avast! Ad Blocker - C:\Program Files\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll [2013-02-18 1366720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{48586425-6bb7-4f51-8dc6-38c88e3ebb58}
{98889811-442D-49dd-99D7-DC866BE87DBC}
{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}
{2d922b81-34c7-4aab-9c5d-433e79fc9445}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-29 192144]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-02 203320]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-11-23 603816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-24 498744]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-02 4858456]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2012-11-23 738984]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2013-03-27 73832]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-03-23 495708]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2299176]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-07-14 8704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-19 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-04-20 58656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Matt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Matt\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-01 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2013-02-20 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
~C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Optimizer Pro]
C:\Program Files\Optimizer Pro\OptProLauncher.exe [2012-01-02 81912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files\SweetIM\Messenger\SweetIM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator]
C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-02-26 295728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-06-09 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2009-07-31 795936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Matt^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
C:\PROGRA~1\MICROS~4\Office12\ONENOTEM.EXE [2009-02-26 97680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Matt^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^tcbhn.lnk]
C:\Users\Matt\AppData\Roaming\BROWSE~1\tcbhn.exe [2012-06-28 695448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~2\search~1\261123~1.78\c190e9~1\srchal~1.dll c:\progra~2\search~1\22559~1.50\c190e9~1\srchal~1.dll c:\progra~1\contin~1\sprote~1.dll c:\progra~1\simple~1\sprote~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"WallpaperStyle"=2

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideSCAHealth"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.l3codecp"=l3codecp.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-05-11 16:19:41 ----D---- C:\Program Files\trend micro
2013-05-11 16:19:36 ----D---- C:\rsit
2013-05-11 15:41:03 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-05-11 15:41:02 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2013-05-11 15:40:59 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-05-11 15:40:59 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-05-11 15:40:56 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2013-05-11 15:40:51 ----A---- C:\Windows\system32\wksprtPS.dll
2013-05-11 15:40:51 ----A---- C:\Windows\system32\wksprt.exe
2013-05-11 15:40:51 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-05-11 15:40:51 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-05-11 15:40:51 ----A---- C:\Windows\system32\tsgqec.dll
2013-05-11 15:40:51 ----A---- C:\Windows\system32\rdpudd.dll
2013-05-11 15:40:51 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-05-11 15:40:51 ----A---- C:\Windows\system32\mstsc.exe
2013-05-11 15:40:51 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-05-11 15:40:51 ----A---- C:\Windows\system32\aaclient.dll
2013-05-11 15:40:50 ----A---- C:\Windows\system32\rdpcorets.dll
2013-05-11 15:40:50 ----A---- C:\Windows\system32\mstscax.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\wininet.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\wextract.exe
2013-05-11 15:31:53 ----A---- C:\Windows\system32\webcheck.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\vbscript.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\urlmon.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\url.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-05-11 15:31:53 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-05-11 15:31:53 ----A---- C:\Windows\system32\pngfilt.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\occache.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-05-11 15:31:53 ----A---- C:\Windows\system32\msrating.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\msls31.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\mshtmler.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\mshtmled.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\mshtml.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\mshta.exe
2013-05-11 15:31:53 ----A---- C:\Windows\system32\msfeedssync.exe
2013-05-11 15:31:53 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\msfeeds.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\licmgr10.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\jsproxy.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\jscript9.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\jscript.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\inseng.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\imgutil.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\iexpress.exe
2013-05-11 15:31:53 ----A---- C:\Windows\system32\ieUnatt.exe
2013-05-11 15:31:53 ----A---- C:\Windows\system32\ieui.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\iesysprep.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\iesetup.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\iertutil.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\iernonce.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\iepeers.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\ieframe.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\iedkcs32.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\ieapfltr.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\ieapfltr.dat
2013-05-11 15:31:53 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\ie4uinit.exe
2013-05-11 15:31:53 ----A---- C:\Windows\system32\icardie.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\elshyph.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\dxtrans.dll
2013-05-11 15:31:53 ----A---- C:\Windows\system32\dxtmsft.dll
2013-05-11 15:31:19 ----A---- C:\Windows\system32\taskhost.exe
2013-05-11 15:30:49 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-11 15:30:49 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-11 15:30:49 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-11 15:30:49 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-11 15:30:49 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-11 15:30:49 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-11 15:30:49 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-11 15:30:49 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-11 15:30:49 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-11 15:30:49 ----A---- C:\Windows\system32\XpsPrint.dll
2013-05-11 15:30:49 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-05-11 15:30:49 ----A---- C:\Windows\system32\WMPhoto.dll
2013-05-11 15:30:49 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-05-11 15:30:49 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-05-11 15:30:49 ----A---- C:\Windows\system32\UIAnimation.dll
2013-05-11 15:30:49 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-05-11 15:30:49 ----A---- C:\Windows\system32\FntCache.dll
2013-05-11 15:30:49 ----A---- C:\Windows\system32\dxgi.dll
2013-05-11 15:30:49 ----A---- C:\Windows\system32\DWrite.dll
2013-05-11 15:30:49 ----A---- C:\Windows\system32\d3d11.dll
2013-05-11 15:30:49 ----A---- C:\Windows\system32\d3d10warp.dll
2013-05-11 15:30:49 ----A---- C:\Windows\system32\d3d10level9.dll
2013-05-11 15:30:49 ----A---- C:\Windows\system32\d3d10core.dll
2013-05-11 15:30:49 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-05-11 15:30:49 ----A---- C:\Windows\system32\d3d10_1.dll
2013-05-11 15:30:49 ----A---- C:\Windows\system32\d3d10.dll
2013-05-11 15:30:49 ----A---- C:\Windows\system32\d2d1.dll
2013-05-11 15:04:55 ----A---- C:\Windows\system32\qdvd.dll
2013-05-11 15:04:50 ----A---- C:\Windows\system32\schannel.dll
2013-05-11 15:04:50 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-05-11 15:04:50 ----A---- C:\Windows\system32\drivers\cng.sys
2013-05-11 15:04:49 ----A---- C:\Windows\system32\lsasrv.dll
2013-05-11 15:04:40 ----A---- C:\Windows\system32\ncsi.dll
2013-05-11 15:04:39 ----A---- C:\Windows\system32\nlasvc.dll
2013-05-11 15:04:39 ----A---- C:\Windows\system32\nlaapi.dll
2013-05-11 15:04:39 ----A---- C:\Windows\system32\netcorehc.dll
2013-05-11 15:04:39 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-05-11 15:04:39 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-05-11 15:04:38 ----A---- C:\Windows\system32\netevent.dll
2013-05-11 15:03:25 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-05-11 15:01:47 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2013-05-11 15:01:47 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-05-11 14:58:24 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-05-11 14:58:23 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-05-10 19:34:47 ----D---- C:\Windows\IswTmp
2013-05-10 17:38:42 ----D---- C:\Program Files\iPod
2013-05-10 17:38:35 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-05-10 17:30:47 ----D---- C:\Windows\system32\SPReview
2013-05-10 17:22:51 ----A---- C:\Windows\system32\dfshim.dll
2013-05-10 17:22:43 ----A---- C:\Windows\system32\mfc40u.dll
2013-05-10 17:22:43 ----A---- C:\Windows\system32\mfc40.dll
2013-05-10 17:22:41 ----A---- C:\Windows\system32\sysmain.dll
2013-05-10 17:22:39 ----A---- C:\Windows\system32\secproc_isv.dll
2013-05-10 17:22:38 ----A---- C:\Windows\system32\RMActivate_isv.exe
2013-05-10 17:22:37 ----A---- C:\Windows\system32\secproc.dll
2013-05-10 17:22:36 ----A---- C:\Windows\system32\RMActivate.exe
2013-05-10 17:22:35 ----A---- C:\Windows\system32\spwizui.dll
2013-05-10 17:22:34 ----A---- C:\Windows\system32\mscoree.dll
2013-05-10 17:22:33 ----A---- C:\Windows\system32\mf.dll
2013-05-10 17:22:33 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2013-05-10 17:22:32 ----A---- C:\Windows\system32\CertEnroll.dll
2013-05-10 17:22:31 ----A---- C:\Windows\system32\wmp.dll
2013-05-10 17:22:30 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2013-05-10 17:22:30 ----A---- C:\Windows\system32\PresentationHost.exe
2013-05-10 17:22:30 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2013-05-10 17:22:29 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2013-05-10 17:22:28 ----A---- C:\Windows\system32\schedsvc.dll
2013-05-10 17:22:27 ----A---- C:\Windows\system32\RacEngn.dll
2013-05-10 17:22:26 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2013-05-10 17:22:25 ----A---- C:\Windows\system32\rdpdd.dll
2013-05-10 17:22:24 ----A---- C:\Windows\system32\qmgr.dll
2013-05-10 17:22:24 ----A---- C:\Windows\system32\ExplorerFrame.dll
2013-05-10 17:22:23 ----A---- C:\Windows\system32\wevtsvc.dll
2013-05-10 17:22:23 ----A---- C:\Windows\system32\ole32.dll
2013-05-10 17:22:21 ----A---- C:\Windows\system32\vssapi.dll
2013-05-10 17:22:21 ----A---- C:\Windows\system32\SearchFolder.dll
2013-05-10 17:22:21 ----A---- C:\Windows\system32\d3d9.dll
2013-05-10 17:22:20 ----A---- C:\Windows\system32\taskschd.dll
2013-05-10 17:22:20 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-05-10 17:22:18 ----A---- C:\Windows\system32\spreview.exe
2013-05-10 17:22:18 ----A---- C:\Windows\system32\spinstall.exe
2013-05-10 17:22:17 ----A---- C:\Windows\system32\wer.dll
2013-05-10 17:22:17 ----A---- C:\Windows\system32\termsrv.dll
2013-05-10 17:22:17 ----A---- C:\Windows\system32\rpcrt4.dll
2013-05-10 17:22:17 ----A---- C:\Windows\system32\certcli.dll
2013-05-10 17:22:16 ----A---- C:\Windows\system32\gpsvc.dll
2013-05-10 17:22:16 ----A---- C:\Windows\system32\dwmcore.dll
2013-05-10 17:22:15 ----A---- C:\Windows\system32\wbengine.exe
2013-05-10 17:22:15 ----A---- C:\Windows\system32\odbc32.dll
2013-05-10 17:22:15 ----A---- C:\Windows\system32\MPSSVC.dll
2013-05-10 17:22:15 ----A---- C:\Windows\system32\diagperf.dll
2013-05-10 17:22:14 ----A---- C:\Windows\system32\WinSAT.exe
2013-05-10 17:22:14 ----A---- C:\Windows\system32\scavengeui.dll
2013-05-10 17:22:13 ----A---- C:\Windows\system32\TSWorkspace.dll
2013-05-10 17:22:13 ----A---- C:\Windows\system32\tsmf.dll
2013-05-10 17:22:13 ----A---- C:\Windows\system32\dot3api.dll
2013-05-10 17:22:12 ----A---- C:\Windows\system32\winhttp.dll
2013-05-10 17:22:11 ----A---- C:\Windows\system32\setupapi.dll
2013-05-10 17:22:11 ----A---- C:\Windows\system32\MSVidCtl.dll
2013-05-10 17:22:11 ----A---- C:\Windows\system32\apphelp.dll
2013-05-10 17:22:10 ----A---- C:\Windows\system32\VSSVC.exe
2013-05-10 17:22:10 ----A---- C:\Windows\system32\netlogon.dll
2013-05-10 17:22:10 ----A---- C:\Windows\system32\dbgeng.dll
2013-05-10 17:22:09 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-05-10 17:22:09 ----A---- C:\Windows\system32\winlogon.exe
2013-05-10 17:22:09 ----A---- C:\Windows\system32\user32.dll
2013-05-10 17:22:09 ----A---- C:\Windows\system32\netcfgx.dll
2013-05-10 17:22:08 ----A---- C:\Windows\system32\WsmSvc.dll
2013-05-10 17:22:08 ----A---- C:\Windows\system32\Query.dll
2013-05-10 17:22:07 ----A---- C:\Windows\system32\upnp.dll
2013-05-10 17:22:07 ----A---- C:\Windows\system32\netfxperf.dll
2013-05-10 17:22:07 ----A---- C:\Windows\system32\mmcndmgr.dll
2013-05-10 17:22:07 ----A---- C:\Windows\system32\lsm.exe
2013-05-10 17:22:07 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2013-05-10 17:22:07 ----A---- C:\Windows\system32\advapi32.dll
2013-05-10 17:22:06 ----A---- C:\Windows\system32\msv1_0.dll
2013-05-10 17:22:05 ----A---- C:\Windows\system32\sppobjs.dll
2013-05-10 17:22:05 ----A---- C:\Windows\system32\SessEnv.dll
2013-05-10 17:22:05 ----A---- C:\Windows\system32\msdrm.dll
2013-05-10 17:22:05 ----A---- C:\Windows\system32\imapi2fs.dll
2013-05-10 17:22:05 ----A---- C:\Windows\system32\authui.dll
2013-05-10 17:22:04 ----A---- C:\Windows\system32\shlwapi.dll
2013-05-10 17:22:04 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2013-05-10 17:22:04 ----A---- C:\Windows\system32\mcbuilder.exe
2013-05-10 17:22:03 ----A---- C:\Windows\system32\xpsservices.dll
2013-05-10 17:22:03 ----A---- C:\Windows\system32\winload.exe
2013-05-10 17:22:03 ----A---- C:\Windows\system32\userenv.dll
2013-05-10 17:22:03 ----A---- C:\Windows\system32\certmgr.dll
2013-05-10 17:22:02 ----A---- C:\Windows\system32\WebClnt.dll
2013-05-10 17:22:02 ----A---- C:\Windows\system32\sppwinob.dll
2013-05-10 17:22:02 ----A---- C:\Windows\system32\comdlg32.dll
2013-05-10 17:22:02 ----A---- C:\Windows\system32\audiosrv.dll
2013-05-10 17:22:01 ----A---- C:\Windows\system32\rpcss.dll
2013-05-10 17:22:01 ----A---- C:\Windows\system32\framedynos.dll
2013-05-10 17:22:01 ----A---- C:\Windows\system32\cmd.exe
2013-05-10 17:22:01 ----A---- C:\Windows\system32\BFE.DLL
2013-05-10 17:22:00 ----A---- C:\Windows\system32\Wldap32.dll
2013-05-10 17:22:00 ----A---- C:\Windows\system32\propsys.dll
2013-05-10 17:22:00 ----A---- C:\Windows\system32\mfds.dll
2013-05-10 17:21:59 ----A---- C:\Windows\system32\drivers\volsnap.sys
2013-05-10 17:21:57 ----A---- C:\Windows\system32\winresume.exe
2013-05-10 17:21:57 ----A---- C:\Windows\system32\samsrv.dll
2013-05-10 17:21:56 ----A---- C:\Windows\system32\werconcpl.dll
2013-05-10 17:21:56 ----A---- C:\Windows\system32\azroles.dll
2013-05-10 17:21:55 ----A---- C:\Windows\system32\themeui.dll
2013-05-10 17:21:55 ----A---- C:\Windows\system32\taskeng.exe
2013-05-10 17:21:55 ----A---- C:\Windows\system32\spp.dll
2013-05-10 17:21:55 ----A---- C:\Windows\system32\mswsock.dll
2013-05-10 17:21:55 ----A---- C:\Windows\system32\dhcpcore.dll
2013-05-10 17:21:55 ----A---- C:\Windows\system32\credui.dll
2013-05-10 17:21:54 ----A---- C:\Windows\system32\mfreadwrite.dll
2013-05-10 17:21:54 ----A---- C:\Windows\system32\drivers\http.sys
2013-05-10 17:21:54 ----A---- C:\Windows\system32\basecsp.dll
2013-05-10 17:21:53 ----A---- C:\Windows\system32\taskcomp.dll
2013-05-10 17:21:53 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2013-05-10 17:21:53 ----A---- C:\Windows\system32\evr.dll
2013-05-10 17:21:53 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-05-10 17:21:53 ----A---- C:\Windows\system32\dbghelp.dll
2013-05-10 17:21:52 ----A---- C:\Windows\system32\WinSATAPI.dll
2013-05-10 17:21:52 ----A---- C:\Windows\system32\gdi32.dll
2013-05-10 17:21:52 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2013-05-10 17:21:52 ----A---- C:\Windows\system32\calc.exe
2013-05-10 17:21:51 ----A---- C:\Windows\system32\vpnike.dll
2013-05-10 17:21:51 ----A---- C:\Windows\system32\srvsvc.dll
2013-05-10 17:21:51 ----A---- C:\Windows\system32\sqlsrv32.dll
2013-05-10 17:21:51 ----A---- C:\Windows\system32\QAGENTRT.DLL
2013-05-10 17:21:50 ----A---- C:\Windows\system32\UIRibbon.dll
2013-05-10 17:21:50 ----A---- C:\Windows\system32\lpksetup.exe
2013-05-10 17:21:50 ----A---- C:\Windows\system32\fveapi.dll
2013-05-10 17:21:49 ----A---- C:\Windows\system32\sxs.dll
2013-05-10 17:21:48 ----A---- C:\Windows\system32\ws2_32.dll
2013-05-10 17:21:48 ----A---- C:\Windows\system32\stobject.dll
2013-05-10 17:21:48 ----A---- C:\Windows\system32\netshell.dll
2013-05-10 17:21:48 ----A---- C:\Windows\system32\hgprint.dll
2013-05-10 17:21:48 ----A---- C:\Windows\system32\drivers\msdsm.sys
2013-05-10 17:21:47 ----A---- C:\Windows\system32\prncache.dll
2013-05-10 17:21:47 ----A---- C:\Windows\system32\printui.dll
2013-05-10 17:21:47 ----A---- C:\Windows\system32\inetpp.dll
2013-05-10 17:21:47 ----A---- C:\Windows\system32\drivers\rdbss.sys
2013-05-10 17:21:47 ----A---- C:\Windows\system32\comctl32.dll
2013-05-10 17:21:46 ----A---- C:\Windows\system32\WSDApi.dll
2013-05-10 17:21:46 ----A---- C:\Windows\system32\wmpeffects.dll
2013-05-10 17:21:46 ----A---- C:\Windows\system32\rpchttp.dll
2013-05-10 17:21:46 ----A---- C:\Windows\system32\net1.exe
2013-05-10 17:21:46 ----A---- C:\Windows\system32\dps.dll
2013-05-10 17:21:45 ----A---- C:\Windows\system32\FXSSVC.exe
2013-05-10 17:21:45 ----A---- C:\Windows\system32\drivers\pci.sys
2013-05-10 17:21:45 ----A---- C:\Windows\system32\ci.dll
2013-05-10 17:21:45 ----A---- C:\Windows\system32\aitagent.exe
2013-05-10 17:21:45 ----A---- C:\Windows\system32\aepdu.dll
2013-05-10 17:21:44 ----A---- C:\Windows\system32\vds.exe
2013-05-10 17:21:44 ----A---- C:\Windows\system32\scansetting.dll
2013-05-10 17:21:43 ----A---- C:\Windows\system32\WMVCORE.DLL
2013-05-10 17:21:43 ----A---- C:\Windows\system32\wlangpui.dll
2013-05-10 17:21:43 ----A---- C:\Windows\system32\QSHVHOST.DLL
2013-05-10 17:21:43 ----A---- C:\Windows\system32\MMDevAPI.dll
2013-05-10 17:21:43 ----A---- C:\Windows\system32\davclnt.dll
2013-05-10 17:21:42 ----A---- C:\Windows\system32\consent.exe
2013-05-10 17:21:41 ----A---- C:\Windows\system32\wpdshext.dll
2013-05-10 17:21:41 ----A---- C:\Windows\system32\t2embed.dll
2013-05-10 17:21:41 ----A---- C:\Windows\system32\pnidui.dll
2013-05-10 17:21:41 ----A---- C:\Windows\system32\IPSECSVC.DLL
2013-05-10 17:21:40 ----A---- C:\Windows\system32\webservices.dll
2013-05-10 17:21:40 ----A---- C:\Windows\system32\fde.dll
2013-05-10 17:21:40 ----A---- C:\Windows\system32\drivers\termdd.sys
2013-05-10 17:21:39 ----A---- C:\Windows\system32\SyncCenter.dll
2013-05-10 17:21:39 ----A---- C:\Windows\system32\sdengin2.dll
2013-05-10 17:21:39 ----A---- C:\Windows\system32\netdiagfx.dll
2013-05-10 17:21:39 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2013-05-10 17:21:38 ----A---- C:\Windows\system32\wscapi.dll
2013-05-10 17:21:37 ----A---- C:\Windows\system32\wisptis.exe
2013-05-10 17:21:37 ----A---- C:\Windows\system32\WinSCard.dll
2013-05-10 17:21:37 ----A---- C:\Windows\system32\pla.dll
2013-05-10 17:21:37 ----A---- C:\Windows\system32\msasn1.dll
2013-05-10 17:21:37 ----A---- C:\Windows\system32\mcmde.dll
2013-05-10 17:21:37 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2013-05-10 17:21:36 ----A---- C:\Windows\system32\winsta.dll
2013-05-10 17:21:36 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2013-05-10 17:21:36 ----A---- C:\Windows\system32\drivers\msahci.sys
2013-05-10 17:21:35 ----A---- C:\Windows\system32\wiaservc.dll
2013-05-10 17:21:35 ----A---- C:\Windows\system32\setupcl.exe
2013-05-10 17:21:35 ----A---- C:\Windows\system32\imapi2.dll
2013-05-10 17:21:35 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2013-05-10 17:21:35 ----A---- C:\Windows\system32\aeinv.dll
2013-05-10 17:21:33 ----A---- C:\Windows\system32\WMPEncEn.dll
2013-05-10 17:21:33 ----A---- C:\Windows\system32\onex.dll
2013-05-10 17:21:33 ----A---- C:\Windows\system32\dwmredir.dll
2013-05-10 17:21:33 ----A---- C:\Windows\system32\drivers\acpi.sys
2013-05-10 17:21:32 ----A---- C:\Windows\system32\winmm.dll
2013-05-10 17:21:32 ----A---- C:\Windows\system32\TabSvc.dll
2013-05-10 17:21:32 ----A---- C:\Windows\system32\shsvcs.dll
2013-05-10 17:21:32 ----A---- C:\Windows\system32\rasmans.dll
2013-05-10 17:21:32 ----A---- C:\Windows\system32\drivers\udfs.sys
2013-05-10 17:21:31 ----A---- C:\Windows\system32\vaultsvc.dll
2013-05-10 17:21:31 ----A---- C:\Windows\system32\samcli.dll
2013-05-10 17:21:31 ----A---- C:\Windows\system32\netiohlp.dll
2013-05-10 17:21:31 ----A---- C:\Windows\system32\Narrator.exe
2013-05-10 17:21:31 ----A---- C:\Windows\system32\hbaapi.dll
2013-05-10 17:21:31 ----A---- C:\Windows\system32\bootres.dll
2013-05-10 17:21:31 ----A---- C:\Windows\system32\autofmt.exe
2013-05-10 17:21:31 ----A---- C:\Windows\system32\autochk.exe
2013-05-10 17:21:31 ----A---- C:\Windows\system32\audiodg.exe
2013-05-10 17:21:30 ----A---- C:\Windows\system32\thumbcache.dll
2013-05-10 17:21:30 ----A---- C:\Windows\system32\regapi.dll
2013-05-10 17:21:30 ----A---- C:\Windows\system32\proquota.exe
2013-05-10 17:21:30 ----A---- C:\Windows\system32\msutb.dll
2013-05-10 17:21:30 ----A---- C:\Windows\system32\msinfo32.exe
2013-05-10 17:21:30 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2013-05-10 17:21:30 ----A---- C:\Windows\system32\halmacpi.dll
2013-05-10 17:21:30 ----A---- C:\Windows\system32\hal.dll
2013-05-10 17:21:30 ----A---- C:\Windows\system32\autoconv.exe
2013-05-10 17:21:30 ----A---- C:\Windows\system32\AudioSes.dll
2013-05-10 17:21:29 ----A---- C:\Windows\system32\tcpipcfg.dll
2013-05-10 17:21:29 ----A---- C:\Windows\system32\srchadmin.dll
2013-05-10 17:21:29 ----A---- C:\Windows\system32\schtasks.exe
2013-05-10 17:21:29 ----A---- C:\Windows\system32\powercpl.dll
2013-05-10 17:21:29 ----A---- C:\Windows\system32\mimefilt.dll
2013-05-10 17:21:29 ----A---- C:\Windows\system32\ipsmsnap.dll
2013-05-10 17:21:29 ----A---- C:\Windows\system32\eapphost.dll
2013-05-10 17:21:29 ----A---- C:\Windows\system32\drivers\winusb.sys
2013-05-10 17:21:28 ----A---- C:\Windows\system32\wcncsvc.dll
2013-05-10 17:21:28 ----A---- C:\Windows\system32\msihnd.dll
2013-05-10 17:21:28 ----A---- C:\Windows\system32\mscorier.dll
2013-05-10 17:21:28 ----A---- C:\Windows\system32\framedyn.dll
2013-05-10 17:21:28 ----A---- C:\Windows\system32\drivers\volmgr.sys
2013-05-10 17:21:27 ----A---- C:\Windows\system32\QAGENT.DLL
2013-05-10 17:21:27 ----A---- C:\Windows\system32\netid.dll
2013-05-10 17:21:27 ----A---- C:\Windows\system32\drivers\netbt.sys
2013-05-10 17:21:27 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2013-05-10 17:21:26 ----A---- C:\Windows\system32\umpo.dll
2013-05-10 17:21:26 ----A---- C:\Windows\system32\DXP.dll
2013-05-10 17:21:26 ----A---- C:\Windows\system32\actxprxy.dll
2013-05-10 17:21:25 ----A---- C:\Windows\system32\wdc.dll
2013-05-10 17:21:25 ----A---- C:\Windows\system32\untfs.dll
2013-05-10 17:21:25 ----A---- C:\Windows\system32\StructuredQuery.dll
2013-05-10 17:21:25 ----A---- C:\Windows\system32\scesrv.dll
2013-05-10 17:21:25 ----A---- C:\Windows\system32\rastls.dll
2013-05-10 17:21:24 ----A---- C:\Windows\system32\Vault.dll
2013-05-10 17:21:24 ----A---- C:\Windows\system32\sppsvc.exe
2013-05-10 17:21:24 ----A---- C:\Windows\system32\sdclt.exe
2013-05-10 17:21:24 ----A---- C:\Windows\system32\nci.dll
2013-05-10 17:21:24 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-05-10 17:21:23 ----A---- C:\Windows\system32\WMNetMgr.dll
2013-05-10 17:21:23 ----A---- C:\Windows\system32\wlanpref.dll
2013-05-10 17:21:23 ----A---- C:\Windows\system32\RpcRtRemote.dll
2013-05-10 17:21:23 ----A---- C:\Windows\system32\Robocopy.exe
2013-05-10 17:21:23 ----A---- C:\Windows\system32\ListSvc.dll
2013-05-10 17:21:22 ----A---- C:\Windows\system32\taskmgr.exe
2013-05-10 17:21:22 ----A---- C:\Windows\system32\DxpTaskSync.dll
2013-05-10 17:21:21 ----A---- C:\Windows\system32\mtxclu.dll
2013-05-10 17:21:21 ----A---- C:\Windows\system32\msdri.dll
2013-05-10 17:21:21 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-05-10 17:21:21 ----A---- C:\Windows\system32\drivers\mpio.sys
2013-05-10 17:21:21 ----A---- C:\Windows\system32\Display.dll
2013-05-10 17:21:20 ----A---- C:\Windows\system32\XpsRasterService.dll
2013-05-10 17:21:20 ----A---- C:\Windows\system32\userinit.exe
2013-05-10 17:21:20 ----A---- C:\Windows\system32\termmgr.dll
2013-05-10 17:21:20 ----A---- C:\Windows\system32\sharemediacpl.dll
2013-05-10 17:21:20 ----A---- C:\Windows\system32\puiobj.dll
2013-05-10 17:21:20 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2013-05-10 17:21:19 ----A---- C:\Windows\system32\eudcedit.exe
2013-05-10 17:21:19 ----A---- C:\Windows\system32\drivers\scsiport.sys
2013-05-10 17:21:19 ----A---- C:\Windows\system32\DiagCpl.dll
2013-05-10 17:21:18 ----A---- C:\Windows\system32\logoncli.dll
2013-05-10 17:21:17 ----A---- C:\Windows\system32\wiadefui.dll
2013-05-10 17:21:17 ----A---- C:\Windows\system32\sppcomapi.dll
2013-05-10 17:21:17 ----A---- C:\Windows\system32\shsetup.dll
2013-05-10 17:21:17 ----A---- C:\Windows\system32\rasppp.dll
2013-05-10 17:21:17 ----A---- C:\Windows\system32\msdtctm.dll
2013-05-10 17:21:17 ----A---- C:\Windows\system32\msconfig.exe
2013-05-10 17:21:17 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2013-05-10 17:21:17 ----A---- C:\Windows\system32\cabview.dll
2013-05-10 17:21:17 ----A---- C:\Windows\system32\biocpl.dll
2013-05-10 17:21:16 ----A---- C:\Windows\system32\SensorsCpl.dll
2013-05-10 17:21:15 ----A---- C:\Windows\system32\wpccpl.dll
2013-05-10 17:21:15 ----A---- C:\Windows\system32\themecpl.dll
2013-05-10 17:21:15 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-05-10 17:21:15 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2013-05-10 17:21:15 ----A---- C:\Windows\system32\dnscmmc.dll
2013-05-10 17:21:14 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2013-05-10 17:21:14 ----A---- C:\Windows\system32\hgcpl.dll
2013-05-10 17:21:13 ----A---- C:\Windows\system32\tapisrv.dll
2013-05-10 17:21:13 ----A---- C:\Windows\system32\scecli.dll
2013-05-10 17:21:13 ----A---- C:\Windows\system32\fontext.dll
2013-05-10 17:21:12 ----A---- C:\Windows\system32\mscories.dll
2013-05-10 17:21:12 ----A---- C:\Windows\system32\mscms.dll
2013-05-10 17:21:12 ----A---- C:\Windows\system32\mprddm.dll
2013-05-10 17:21:12 ----A---- C:\Windows\system32\localsec.dll
2013-05-10 17:21:11 ----A---- C:\Windows\system32\wlanui.dll
2013-05-10 17:21:11 ----A---- C:\Windows\system32\wkssvc.dll
2013-05-10 17:21:11 ----A---- C:\Windows\system32\usercpl.dll
2013-05-10 17:21:11 ----A---- C:\Windows\system32\SndVolSSO.dll
2013-05-10 17:21:11 ----A---- C:\Windows\system32\qedit.dll
2013-05-10 17:21:11 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2013-05-10 17:21:11 ----A---- C:\Windows\system32\KMSVC.DLL
2013-05-10 17:21:11 ----A---- C:\Windows\system32\iasacct.dll
2013-05-10 17:21:11 ----A---- C:\Windows\system32\bcdsrv.dll
2013-05-10 17:21:10 ----A---- C:\Windows\system32\VAN.dll
2013-05-10 17:21:10 ----A---- C:\Windows\system32\prntvpt.dll
2013-05-10 17:21:10 ----A---- C:\Windows\system32\netcenter.dll
2013-05-10 17:21:10 ----A---- C:\Windows\system32\mblctr.exe
2013-05-10 17:21:10 ----A---- C:\Windows\system32\batmeter.dll
2013-05-10 17:21:09 ----A---- C:\Windows\system32\w32tm.exe
2013-05-10 17:21:09 ----A---- C:\Windows\system32\SndVol.exe
2013-05-10 17:21:06 ----A---- C:\Windows\system32\wpdbusenum.dll
2013-05-10 17:21:06 ----A---- C:\Windows\system32\spwizeng.dll
2013-05-10 17:21:06 ----A---- C:\Windows\system32\azroleui.dll
2013-05-10 17:21:05 ----A---- C:\Windows\system32\zipfldr.dll
2013-05-10 17:21:05 ----A---- C:\Windows\system32\fdeploy.dll
2013-05-10 17:21:05 ----A---- C:\Windows\system32\drivers\ks.sys
2013-05-10 17:21:05 ----A---- C:\Windows\system32\accessibilitycpl.dll
2013-05-10 17:21:04 ----A---- C:\Windows\system32\netjoin.dll
2013-05-10 17:21:04 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2013-05-10 17:21:04 ----A---- C:\Windows\system32\cryptui.dll
2013-05-10 17:21:03 ----A---- C:\Windows\system32\wusa.exe
2013-05-10 17:21:03 ----A---- C:\Windows\system32\networkmap.dll
2013-05-10 17:21:03 ----A---- C:\Windows\system32\mspbda.dll
2013-05-10 17:21:03 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2013-05-10 17:21:03 ----A---- C:\Windows\system32\Faultrep.dll
2013-05-10 17:21:03 ----A---- C:\Windows\system32\adsldp.dll
2013-05-10 17:21:02 ----A---- C:\Windows\system32\sud.dll
2013-05-10 17:21:02 ----A---- C:\Windows\system32\prnfldr.dll
2013-05-10 17:21:02 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2013-05-10 17:21:02 ----A---- C:\Windows\system32\ActionCenter.dll
2013-05-10 17:21:01 ----A---- C:\Windows\system32\taskbarcpl.dll
2013-05-10 17:21:01 ----A---- C:\Windows\system32\slui.exe
2013-05-10 17:21:01 ----A---- C:\Windows\system32\photowiz.dll
2013-05-10 17:21:01 ----A---- C:\Windows\system32\msieftp.dll
2013-05-10 17:21:01 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2013-05-10 17:21:01 ----A---- C:\Windows\system32\iasrad.dll
2013-05-10 17:21:01 ----A---- C:\Windows\system32\credssp.dll
2013-05-10 17:21:00 ----A---- C:\Windows\system32\iprtrmgr.dll
2013-05-10 17:21:00 ----A---- C:\Windows\system32\halacpi.dll
2013-05-10 17:21:00 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-05-10 17:21:00 ----A---- C:\Windows\system32\dot3cfg.dll
2013-05-10 17:21:00 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2013-05-10 17:20:59 ----A---- C:\Windows\system32\wpd_ci.dll
2013-05-10 17:20:59 ----A---- C:\Windows\system32\sisbkup.dll
2013-05-10 17:20:59 ----A---- C:\Windows\system32\shwebsvc.dll
2013-05-10 17:20:59 ----A---- C:\Windows\system32\ifsutil.dll
2013-05-10 17:20:59 ----A---- C:\Windows\system32\ftp.exe
2013-05-10 17:20:59 ----A---- C:\Windows\system32\efscore.dll
2013-05-10 17:20:58 ----A---- C:\Windows\system32\sdcpl.dll
2013-05-10 17:20:58 ----A---- C:\Windows\system32\recovery.dll
2013-05-10 17:20:58 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2013-05-10 17:20:57 ----A---- C:\Windows\system32\syncui.dll
2013-05-10 17:20:57 ----A---- C:\Windows\system32\DeviceCenter.dll
2013-05-10 17:20:57 ----A---- C:\Windows\system32\bcdedit.exe
2013-05-10 17:20:57 ----A---- C:\Windows\system32\autoplay.dll
2013-05-10 17:20:56 ----A---- C:\Windows\system32\wmpmde.dll
2013-05-10 17:20:56 ----A---- C:\Windows\system32\sppnp.dll
2013-05-10 17:20:56 ----A---- C:\Windows\system32\ntlanman.dll
2013-05-10 17:20:56 ----A---- C:\Windows\system32\dskquoui.dll
2013-05-10 17:20:55 ----A---- C:\Windows\system32\vdsutil.dll
2013-05-10 17:20:55 ----A---- C:\Windows\system32\rtutils.dll
2013-05-10 17:20:55 ----A---- C:\Windows\system32\OobeFldr.dll
2013-05-10 17:20:54 ----A---- C:\Windows\system32\systemcpl.dll
2013-05-10 17:20:54 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-05-10 17:20:54 ----A---- C:\Windows\system32\recdisc.exe
2013-05-10 17:20:54 ----A---- C:\Windows\system32\ntprint.dll
2013-05-10 17:20:54 ----A---- C:\Windows\system32\nshwfp.dll
2013-05-10 17:20:54 ----A---- C:\Windows\system32\bcdboot.exe
2013-05-10 17:20:53 ----A---- C:\Windows\system32\sethc.exe
2013-05-10 17:20:53 ----A---- C:\Windows\system32\riched20.dll
2013-05-10 17:20:53 ----A---- C:\Windows\system32\drivers\tdx.sys
2013-05-10 17:20:53 ----A---- C:\Windows\system32\blackbox.dll
2013-05-10 17:20:53 ----A---- C:\Windows\system32\AxInstSv.dll
2013-05-10 17:20:52 ----A---- C:\Windows\system32\wmpsrcwp.dll
2013-05-10 17:20:52 ----A---- C:\Windows\system32\netplwiz.dll
2013-05-10 17:20:52 ----A---- C:\Windows\system32\NAPHLPR.DLL
2013-05-10 17:20:52 ----A---- C:\Windows\system32\migisol.dll
2013-05-10 17:20:52 ----A---- C:\Windows\system32\fms.dll
2013-05-10 17:20:52 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2013-05-10 17:20:52 ----A---- C:\Windows\system32\activeds.dll
2013-05-10 17:20:51 ----A---- C:\Windows\system32\nshipsec.dll
2013-05-10 17:20:51 ----A---- C:\Windows\system32\httpapi.dll
2013-05-10 17:20:51 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-05-10 17:20:51 ----A---- C:\Windows\system32\dot3svc.dll
2013-05-10 17:20:51 ----A---- C:\Windows\system32\asycfilt.dll
2013-05-10 17:20:50 ----A---- C:\Windows\system32\wsqmcons.exe
2013-05-10 17:20:50 ----A---- C:\Windows\system32\wavemsp.dll
2013-05-10 17:20:50 ----A---- C:\Windows\system32\msftedit.dll
2013-05-10 17:20:50 ----A---- C:\Windows\system32\isoburn.exe
2013-05-10 17:20:49 ----A---- C:\Windows\system32\wlanmsm.dll
2013-05-10 17:20:49 ----A---- C:\Windows\system32\tzutil.exe
2013-05-10 17:20:49 ----A---- C:\Windows\system32\ReAgent.dll
2013-05-10 17:20:49 ----A---- C:\Windows\system32\provsvc.dll
2013-05-10 17:20:49 ----A---- C:\Windows\system32\dsuiext.dll
2013-05-10 17:20:49 ----A---- C:\Windows\system32\dot3ui.dll
2013-05-10 17:20:49 ----A---- C:\Windows\system32\dfrgui.exe
2013-05-10 17:20:48 ----A---- C:\Windows\system32\wvc.dll
2013-05-10 17:20:48 ----A---- C:\Windows\system32\wtsapi32.dll
2013-05-10 17:20:48 ----A---- C:\Windows\system32\wimgapi.dll
2013-05-10 17:20:48 ----A---- C:\Windows\system32\sysclass.dll
2013-05-10 17:20:48 ----A---- C:\Windows\system32\ocsetup.exe
2013-05-10 17:20:48 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2013-05-10 17:20:48 ----A---- C:\Windows\system32\appinfo.dll
2013-05-10 17:20:47 ----A---- C:\Windows\system32\twext.dll
2013-05-10 17:20:47 ----A---- C:\Windows\system32\mstask.dll
2013-05-10 17:20:47 ----A---- C:\Windows\system32\certprop.dll
2013-05-10 17:20:46 ----A---- C:\Windows\twain_32.dll
2013-05-10 17:20:46 ----A---- C:\Windows\system32\shdocvw.dll
2013-05-10 17:20:46 ----A---- C:\Windows\system32\setupugc.exe
2013-05-10 17:20:46 ----A---- C:\Windows\system32\qcap.dll
2013-05-10 17:20:45 ----A---- C:\Windows\system32\uxlib.dll
2013-05-10 17:20:45 ----A---- C:\Windows\system32\slwga.dll
2013-05-10 17:20:45 ----A---- C:\Windows\system32\qasf.dll
2013-05-10 17:20:45 ----A---- C:\Windows\system32\imm32.dll
2013-05-10 17:20:44 ----A---- C:\Windows\system32\wwanconn.dll
2013-05-10 17:20:44 ----A---- C:\Windows\system32\ssText3d.scr
2013-05-10 17:20:44 ----A---- C:\Windows\system32\srrstr.dll
2013-05-10 17:20:43 ----A---- C:\Windows\system32\wmdrmsdk.dll
2013-05-10 17:20:43 ----A---- C:\Windows\system32\nslookup.exe
2013-05-10 17:20:43 ----A---- C:\Windows\system32\msvfw32.dll
2013-05-10 17:20:43 ----A---- C:\Windows\system32\mciavi32.dll
2013-05-10 17:20:43 ----A---- C:\Windows\system32\clusapi.dll
2013-05-10 17:20:43 ----A---- C:\Windows\system32\audiodev.dll
2013-05-10 17:20:42 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2013-05-10 17:20:42 ----A---- C:\Windows\system32\msscp.dll
2013-05-10 17:20:42 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2013-05-10 17:20:41 ----A---- C:\Windows\system32\wimserv.exe
2013-05-10 17:20:41 ----A---- C:\Windows\system32\TSpkg.dll
2013-05-10 17:20:41 ----A---- C:\Windows\system32\rdpencom.dll
2013-05-10 17:20:41 ----A---- C:\Windows\system32\diskraid.exe
2013-05-10 17:20:41 ----A---- C:\Windows\system32\acppage.dll
2013-05-10 17:20:40 ----A---- C:\Windows\system32\remotepg.dll
2013-05-10 17:20:40 ----A---- C:\Windows\system32\raschap.dll
2013-05-10 17:20:40 ----A---- C:\Windows\system32\QUTIL.DLL
2013-05-10 17:20:40 ----A---- C:\Windows\system32\perfmon.exe
2013-05-10 17:20:40 ----A---- C:\Windows\system32\input.dll
2013-05-10 17:20:40 ----A---- C:\Windows\system32\drmmgrtn.dll
2013-05-10 17:20:39 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2013-05-10 17:20:39 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2013-05-10 17:20:39 ----A---- C:\Windows\system32\sdrsvc.dll
2013-05-10 17:20:39 ----A---- C:\Windows\system32\olepro32.dll
2013-05-10 17:20:39 ----A---- C:\Windows\system32\ocsetapi.dll
2013-05-10 17:20:39 ----A---- C:\Windows\system32\networkexplorer.dll
2013-05-10 17:20:39 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2013-05-10 17:20:38 ----A---- C:\Windows\system32\wmpdxm.dll
2013-05-10 17:20:38 ----A---- C:\Windows\system32\vpnikeapi.dll
2013-05-10 17:20:38 ----A---- C:\Windows\system32\onexui.dll
2013-05-10 17:20:38 ----A---- C:\Windows\system32\nltest.exe
2013-05-10 17:20:37 ----A---- C:\Windows\system32\wpdwcn.dll
2013-05-10 17:20:37 ----A---- C:\Windows\system32\vdsbas.dll
2013-05-10 17:20:37 ----A---- C:\Windows\system32\runonce.exe
2013-05-10 17:20:37 ----A---- C:\Windows\system32\iTVData.dll
2013-05-10 17:20:37 ----A---- C:\Windows\system32\dxdiagn.dll
2013-05-10 17:20:37 ----A---- C:\Windows\bfsvc.exe
2013-05-10 17:20:36 ----A---- C:\Windows\system32\Mcx2Svc.dll
2013-05-10 17:20:36 ----A---- C:\Windows\system32\logagent.exe
2013-05-10 17:20:36 ----A---- C:\Windows\system32\drivers\sdbus.sys
2013-05-10 17:20:35 ----A---- C:\Windows\system32\msvidc32.dll
2013-05-10 17:20:35 ----A---- C:\Windows\system32\msiexec.exe
2013-05-10 17:20:35 ----A---- C:\Windows\system32\MFPlay.dll
2013-05-10 17:20:35 ----A---- C:\Windows\system32\eapp3hst.dll
2013-05-10 17:20:35 ----A---- C:\Windows\system32\drivers\rmcast.sys
2013-05-10 17:20:34 ----A---- C:\Windows\system32\wmdrmdev.dll
2013-05-10 17:20:34 ----A---- C:\Windows\system32\shacct.dll
2013-05-10 17:20:34 ----A---- C:\Windows\system32\PnPUnattend.exe
2013-05-10 17:20:33 ----A---- C:\Windows\system32\wmpshell.dll
2013-05-10 17:20:33 ----A---- C:\Windows\system32\unimdmat.dll
2013-05-10 17:20:33 ----A---- C:\Windows\system32\sqlcese30.dll
2013-05-10 17:20:33 ----A---- C:\Windows\system32\lsmproxy.dll
2013-05-10 17:20:33 ----A---- C:\Windows\system32\iscsium.dll
2013-05-10 17:20:33 ----A---- C:\Windows\system32\bitsadmin.exe
2013-05-10 17:20:32 ----A---- C:\Windows\system32\tabcal.exe
2013-05-10 17:20:32 ----A---- C:\Windows\system32\rdpd3d.dll
2013-05-10 17:20:32 ----A---- C:\Windows\system32\mprapi.dll
2013-05-10 17:20:32 ----A---- C:\Windows\system32\Bubbles.scr
2013-05-10 17:20:31 ----A---- C:\Windows\system32\WPDSp.dll
2013-05-10 17:20:31 ----A---- C:\Windows\system32\srvcli.dll
2013-05-10 17:20:31 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2013-05-10 17:20:31 ----A---- C:\Windows\system32\pdh.dll
2013-05-10 17:20:31 ----A---- C:\Windows\system32\OpcServices.dll
2013-05-10 17:20:31 ----A---- C:\Windows\system32\ncryptui.dll
2013-05-10 17:20:31 ----A---- C:\Windows\system32\logman.exe
2013-05-10 17:20:31 ----A---- C:\Windows\system32\cscapi.dll
2013-05-10 17:20:30 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-05-10 17:20:30 ----A---- C:\Windows\system32\Ribbons.scr
2013-05-10 17:20:30 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2013-05-10 17:20:30 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2013-05-10 17:20:30 ----A---- C:\Windows\system32\olethk32.dll
2013-05-10 17:20:30 ----A---- C:\Windows\system32\MdSched.exe
2013-05-10 17:20:30 ----A---- C:\Windows\system32\lpremove.exe
2013-05-10 17:20:30 ----A---- C:\Windows\system32\djoin.exe
2013-05-10 17:20:29 ----A---- C:\Windows\system32\Mystify.scr
2013-05-10 17:20:29 ----A---- C:\Windows\system32\mapistub.dll
2013-05-10 17:20:29 ----A---- C:\Windows\system32\mapi32.dll
2013-05-10 17:20:29 ----A---- C:\Windows\system32\ActionQueue.dll
2013-05-10 17:20:28 ----A---- C:\Windows\system32\WMADMOD.DLL
2013-05-10 17:20:28 ----A---- C:\Windows\system32\wiavideo.dll
2013-05-10 17:20:28 ----A---- C:\Windows\system32\utildll.dll
2013-05-10 17:20:28 ----A---- C:\Windows\system32\takeown.exe
2013-05-10 17:20:28 ----A---- C:\Windows\system32\fphc.dll
2013-05-10 17:20:28 ----A---- C:\Windows\system32\dot3msm.dll
2013-05-10 17:20:28 ----A---- C:\Windows\system32\avifil32.dll
2013-05-10 17:20:27 ----A---- C:\Windows\system32\WMVSDECD.DLL
2013-05-10 17:20:27 ----A---- C:\Windows\system32\wmdrmnet.dll
2013-05-10 17:20:27 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2013-05-10 17:20:27 ----A---- C:\Windows\system32\qdv.dll
2013-05-10 17:20:27 ----A---- C:\Windows\system32\iyuv_32.dll
2013-05-10 17:20:26 ----A---- C:\Windows\system32\sppinst.dll
2013-05-10 17:20:26 ----A---- C:\Windows\system32\QCLIPROV.DLL
2013-05-10 17:20:26 ----A---- C:\Windows\system32\msyuv.dll
2013-05-10 17:20:26 ----A---- C:\Windows\system32\msrle32.dll
2013-05-10 17:20:26 ----A---- C:\Windows\system32\msnetobj.dll
2013-05-10 17:20:26 ----A---- C:\Windows\system32\EhStorAPI.dll
2013-05-10 17:20:25 ----A---- C:\Windows\system32\unattend.dll
2013-05-10 17:20:25 ----A---- C:\Windows\system32\RelPost.exe
2013-05-10 17:20:25 ----A---- C:\Windows\system32\cmstp.exe
2013-05-10 17:20:25 ----A---- C:\Windows\system32\cca.dll
2013-05-10 17:20:24 ----A---- C:\Windows\system32\wsnmp32.dll
2013-05-10 17:20:24 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2013-05-10 17:20:24 ----A---- C:\Windows\system32\vfwwdm32.dll
2013-05-10 17:20:24 ----A---- C:\Windows\system32\pdhui.dll
2013-05-10 17:20:24 ----A---- C:\Windows\system32\MuiUnattend.exe
2013-05-10 17:20:24 ----A---- C:\Windows\system32\basesrv.dll
2013-05-10 17:20:23 ----A---- C:\Windows\system32\umb.dll
2013-05-10 17:20:23 ----A---- C:\Windows\system32\tsbyuv.dll
2013-05-10 17:20:23 ----A---- C:\Windows\system32\setupcln.dll
2013-05-10 17:20:23 ----A---- C:\Windows\system32\msorcl32.dll
2013-05-10 17:20:23 ----A---- C:\Windows\system32\iasrecst.dll
2013-05-10 17:20:23 ----A---- C:\Windows\system32\AzSqlExt.dll
2013-05-10 17:20:22 ----A---- C:\Windows\system32\relog.exe
2013-05-10 17:20:22 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2013-05-10 17:20:22 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2013-05-10 17:20:21 ----A---- C:\Windows\system32\wkscli.dll
2013-05-10 17:20:21 ----A---- C:\Windows\system32\WavDest.dll
2013-05-10 17:20:21 ----A---- C:\Windows\system32\sppuinotify.dll
2013-05-10 17:20:21 ----A---- C:\Windows\system32\netiougc.exe
2013-05-10 17:20:21 ----A---- C:\Windows\system32\iscsicli.exe
2013-05-10 17:20:20 ----A---- C:\Windows\system32\spbcd.dll
2013-05-10 17:20:20 ----A---- C:\Windows\system32\mydocs.dll
2013-05-10 17:20:20 ----A---- C:\Windows\system32\diskpart.exe
2013-05-10 17:20:20 ----A---- C:\Windows\system32\amstream.dll
2013-05-10 17:20:19 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2013-05-10 17:20:19 ----A---- C:\Windows\system32\secproc_ssp.dll
2013-05-10 17:20:19 ----A---- C:\Windows\system32\resutils.dll
2013-05-10 17:20:19 ----A---- C:\Windows\system32\rastapi.dll
2013-05-10 17:20:19 ----A---- C:\Windows\system32\nrpsrv.dll
2013-05-10 17:20:19 ----A---- C:\Windows\system32\netbtugc.exe
2013-05-10 17:20:19 ----A---- C:\Windows\system32\MultiDigiMon.exe
2013-05-10 17:20:19 ----A---- C:\Windows\system32\itircl.dll
2013-05-10 17:20:18 ----A---- C:\Windows\system32\wmpps.dll
2013-05-10 17:20:18 ----A---- C:\Windows\system32\syssetup.dll
2013-05-10 17:20:18 ----A---- C:\Windows\system32\setbcdlocale.dll
2013-05-10 17:20:18 ----A---- C:\Windows\system32\CertPolEng.dll
2013-05-10 17:20:17 ----A---- C:\Windows\system32\WerFaultSecure.exe
2013-05-10 17:20:17 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2013-05-10 17:20:17 ----A---- C:\Windows\system32\ReAgentc.exe
2013-05-10 17:20:17 ----A---- C:\Windows\system32\FXSTIFF.dll
2013-05-10 17:20:16 ----A---- C:\Windows\system32\wiarpc.dll
2013-05-10 17:20:16 ----A---- C:\Windows\system32\tlscsp.dll
2013-05-10 17:20:16 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2013-05-10 17:20:16 ----A---- C:\Windows\system32\netutils.dll
2013-05-10 17:20:16 ----A---- C:\Windows\system32\mciqtz32.dll
2013-05-10 17:20:16 ----A---- C:\Windows\system32\findstr.exe
2013-05-10 17:20:16 ----A---- C:\Windows\system32\eappgnui.dll
2013-05-10 17:20:15 ----A---- C:\Windows\system32\sppc.dll
2013-05-10 17:20:15 ----A---- C:\Windows\system32\muifontsetup.dll
2013-05-10 17:20:15 ----A---- C:\Windows\system32\mobsync.exe
2013-05-10 17:20:15 ----A---- C:\Windows\system32\iccvid.dll
2013-05-10 17:20:15 ----A---- C:\Windows\system32\cabinet.dll
2013-05-10 17:20:14 ----A---- C:\Windows\system32\spopk.dll
2013-05-10 17:20:14 ----A---- C:\Windows\system32\shimgvw.dll
2013-05-10 17:20:14 ----A---- C:\Windows\system32\drivers\tdi.sys
2013-05-10 17:20:14 ----A---- C:\Windows\system32\dosx.exe
2013-05-10 17:20:13 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2013-05-10 17:20:13 ----A---- C:\Windows\system32\unlodctr.exe
2013-05-10 17:20:13 ----A---- C:\Windows\system32\repair-bde.exe
2013-05-10 17:20:13 ----A---- C:\Windows\system32\manage-bde.exe
2013-05-10 17:20:13 ----A---- C:\Windows\system32\luainstall.dll
2013-05-10 17:20:13 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2013-05-10 17:20:13 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2013-05-10 17:20:13 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2013-05-10 17:20:12 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2013-05-10 17:20:12 ----A---- C:\Windows\system32\netcfg.exe
2013-05-10 17:20:12 ----A---- C:\Windows\system32\msdmo.dll
2013-05-10 17:20:11 ----A---- C:\Windows\system32\inetmib1.dll
2013-05-10 17:20:10 ----A---- C:\Windows\system32\UIRibbonRes.dll
2013-05-10 17:20:10 ----A---- C:\Windows\system32\odbcconf.dll
2013-05-10 17:20:10 ----A---- C:\Windows\system32\drivers\cdrom.sys
2013-05-10 17:20:09 ----A---- C:\Windows\system32\perfts.dll
2013-05-10 17:20:09 ----A---- C:\Windows\system32\icaapi.dll
2013-05-10 17:20:08 ----A---- C:\Windows\system32\FXSMON.dll
2013-05-10 17:20:08 ----A---- C:\Windows\system32\elsTrans.dll
2013-05-10 17:20:08 ----A---- C:\Windows\system32\drivers\tunnel.sys
2013-05-10 17:20:08 ----A---- C:\Windows\system32\drivers\dfsc.sys
2013-05-10 17:20:07 ----A---- C:\Windows\system32\wshbth.dll
2013-05-10 17:20:07 ----A---- C:\Windows\system32\TRAPI.dll
2013-05-10 17:20:07 ----A---- C:\Windows\system32\schedcli.dll
2013-05-10 17:20:07 ----A---- C:\Windows\system32\RDPENCDD.dll
2013-05-10 17:20:07 ----A---- C:\Windows\system32\napdsnap.dll
2013-05-10 17:20:07 ----A---- C:\Windows\system32\dsauth.dll
2013-05-10 17:20:07 ----A---- C:\Windows\system32\bitsperf.dll
2013-05-10 17:20:06 ----A---- C:\Windows\system32\LogonUI.exe
2013-05-10 17:20:06 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2013-05-10 17:20:06 ----A---- C:\Windows\system32\cscdll.dll
2013-05-10 17:20:05 ----A---- C:\Windows\system32\wsdchngr.dll
2013-05-10 17:20:05 ----A---- C:\Windows\system32\sscore.dll
2013-05-10 17:20:05 ----A---- C:\Windows\system32\shgina.dll
2013-05-10 17:20:05 ----A---- C:\Windows\system32\riched32.dll
2013-05-10 17:20:05 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2013-05-10 17:20:03 ----A---- C:\Windows\system32\rdpcfgex.dll
2013-05-10 17:20:03 ----A---- C:\Windows\system32\drivers\hidusb.sys
2013-05-10 17:20:03 ----A---- C:\Windows\system32\drivers\appid.sys
2013-05-10 17:20:02 ----A---- C:\Windows\system32\wshirda.dll
2013-05-10 17:20:01 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2013-05-10 17:20:01 ----A---- C:\Windows\system32\drivers\USBCAMD.sys
2013-05-10 17:20:01 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2013-05-10 17:20:00 ----A---- C:\Windows\system32\spwmp.dll
2013-05-10 17:20:00 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2013-05-10 17:20:00 ----A---- C:\Windows\system32\browseui.dll
2013-05-10 17:19:59 ----A---- C:\Windows\system32\shunimpl.dll
2013-05-10 17:19:59 ----A---- C:\Windows\system32\RDPREFDD.dll
2013-05-10 17:19:59 ----A---- C:\Windows\system32\dxmasf.dll
2013-05-10 17:19:59 ----A---- C:\Windows\system32\drivers\wanarp.sys
2013-05-10 17:19:59 ----A---- C:\Windows\system32\drivers\umbus.sys
2013-05-10 17:19:59 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2013-05-10 17:19:59 ----A---- C:\Windows\system32\drivers\scfilter.sys
2013-05-10 17:19:59 ----A---- C:\Windows\system32\drivers\RDPCDD.sys
2013-05-10 17:19:59 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2013-05-10 17:19:59 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2013-05-10 17:19:59 ----A---- C:\Windows\system32\C_ISCII.DLL
2013-05-10 17:19:57 ----A---- C:\Windows\system32\wmploc.DLL
2013-05-10 17:19:57 ----A---- C:\Windows\system32\KBDUS.DLL
2013-05-10 17:19:57 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2013-05-10 17:19:57 ----A---- C:\Windows\system32\KBDTURME.DLL
2013-05-10 17:19:57 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2013-05-10 17:19:57 ----A---- C:\Windows\system32\KBDINTEL.DLL
2013-05-10 17:19:57 ----A---- C:\Windows\system32\KBDINKAN.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDTUQ.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDTUF.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDSG.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDSF.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDPO.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDNEPR.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDMON.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDMAORI.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDLT1.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\kbdlk41a.dll
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDINTAM.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDINORI.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDINMAR.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDINHIN.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDINBEN.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDGR1.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDGKL.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDGEO.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDCZ1.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDBULG.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDBLR.DLL
2013-05-10 17:19:56 ----A---- C:\Windows\system32\KBDBASH.DLL
2013-05-10 17:19:55 ----A---- C:\Windows\system32\spwizres.dll
2013-05-10 17:19:55 ----A---- C:\Windows\system32\pifmgr.dll
2013-05-10 17:19:55 ----A---- C:\Windows\system32\nlsbres.dll
2013-05-10 17:19:55 ----A---- C:\Windows\system32\BlbEvents.dll
2013-05-10 17:19:19 ----A---- C:\Windows\system32\wmicmiplugin.dll
2013-05-10 17:19:19 ----A---- C:\Windows\system32\wbemcomn.dll
2013-05-10 17:19:07 ----A---- C:\Windows\system32\sqmapi.dll
2013-05-10 17:19:06 ----A---- C:\Windows\system32\SmiEngine.dll
2013-05-10 17:18:58 ----A---- C:\Windows\system32\wdscore.dll
2013-05-10 17:18:58 ----A---- C:\Windows\system32\PkgMgr.exe
2013-05-10 17:17:40 ----A---- C:\Windows\system32\drvstore.dll
2013-05-10 17:17:39 ----A---- C:\Windows\system32\dpx.dll
2013-05-10 16:41:34 ----A---- C:\Windows\system32\atmfd.dll
2013-05-10 16:41:33 ----A---- C:\Windows\system32\atmlib.dll
2013-05-09 21:08:54 ----A---- C:\Windows\system32\Wdfres.dll
2013-05-09 21:08:54 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-05-09 21:08:54 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-05-09 21:08:09 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-05-09 21:08:09 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-05-09 21:08:05 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-05-09 21:08:05 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-05-09 21:08:01 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-05-09 21:08:00 ----A---- C:\Windows\system32\WUDFHost.exe
2013-05-09 21:07:59 ----A---- C:\Windows\system32\WUDFx.dll
2013-05-09 20:52:20 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-05-09 20:52:19 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-05-09 20:52:17 ----A---- C:\Windows\system32\smss.exe
2013-05-09 20:52:17 ----A---- C:\Windows\system32\csrsrv.dll
2013-05-09 20:51:53 ----A---- C:\Windows\system32\KernelBase.dll
2013-05-09 20:51:53 ----A---- C:\Windows\system32\conhost.exe
2013-05-09 20:51:52 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-05-09 20:51:52 ----A---- C:\Windows\system32\kernel32.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-05-09 20:51:51 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-05-09 20:51:50 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-05-09 20:51:50 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-05-09 20:51:50 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-05-09 20:51:50 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-05-09 20:51:50 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-05-09 20:51:34 ----A---- C:\Windows\system32\win32spl.dll
2013-05-09 20:51:33 ----A---- C:\Windows\system32\dpnet.dll
2013-05-09 20:51:33 ----A---- C:\Windows\system32\dpnaddr.dll
2013-05-09 20:51:32 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-05-09 20:51:30 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-05-09 20:51:26 ----A---- C:\Windows\system32\wintrust.dll
2013-05-09 20:50:36 ----A---- C:\Windows\system32\gameux.dll
2013-05-09 20:50:35 ----A---- C:\Windows\system32\Wpc.dll
2013-05-09 20:50:03 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-05-09 20:50:00 ----A---- C:\Windows\system32\spoolsv.exe
2013-05-09 20:49:59 ----A---- C:\Windows\system32\win32k.sys
2013-05-09 20:49:35 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-05-09 20:49:35 ----A---- C:\Windows\system32\drivers\netio.sys
2013-05-09 20:49:34 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-05-09 20:49:27 ----A---- C:\Windows\system32\crypt32.dll
2013-05-09 20:49:26 ----A---- C:\Windows\system32\cryptsvc.dll
2013-05-09 20:49:26 ----A---- C:\Windows\system32\cryptnet.dll
2013-05-09 20:49:18 ----A---- C:\Windows\system32\srcore.dll
2013-05-09 20:49:18 ----A---- C:\Windows\system32\rstrui.exe
2013-05-09 20:49:16 ----A---- C:\Windows\system32\usp10.dll
2013-05-09 20:49:12 ----A---- C:\Windows\system32\msxml6.dll
2013-05-09 20:49:11 ----A---- C:\Windows\system32\kerberos.dll
2013-05-09 20:49:08 ----A---- C:\Windows\system32\drivers\bthport.sys
2013-05-09 20:49:06 ----A---- C:\Windows\system32\netapi32.dll
2013-05-09 20:49:06 ----A---- C:\Windows\system32\browser.dll
2013-05-09 20:49:06 ----A---- C:\Windows\system32\browcli.dll
2013-05-09 20:48:14 ----A---- C:\Windows\system32\tzres.dll
2013-05-09 20:46:36 ----A---- C:\Windows\system32\synceng.dll
2013-05-09 20:46:35 ----A---- C:\Windows\system32\ncrypt.dll
2013-05-09 20:46:32 ----A---- C:\Windows\system32\localspl.dll
2013-05-09 20:41:49 ----A---- C:\Windows\system32\winsrv.dll
2013-05-09 20:22:28 ----D---- C:\Windows\SoftwareDistribution
2013-05-09 19:39:55 ----D---- C:\Program Files\Common Files\Adobe
2013-05-09 19:29:05 ----D---- C:\Program Files\Common Files\Java
2013-05-09 19:28:33 ----A---- C:\Windows\system32\npDeployJava1.dll
2013-05-09 19:28:33 ----A---- C:\Windows\system32\javaws.exe
2013-05-09 19:28:25 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-05-09 19:28:25 ----A---- C:\Windows\system32\javaw.exe
2013-05-09 19:28:25 ----A---- C:\Windows\system32\java.exe
2013-05-09 19:27:16 ----D---- C:\ProgramData\McAfee
2013-05-09 12:54:14 ----D---- C:\ProgramData\Windows Genuine Advantage
2013-05-09 12:18:53 ----D---- C:\Users\Matt\AppData\Roaming\ParetoLogic
2013-05-09 12:18:31 ----D---- C:\ProgramData\ParetoLogic
2013-05-09 11:47:11 ----D---- C:\Users\Matt\AppData\Roaming\Foresight Software
2013-05-09 11:47:11 ----D---- C:\Users\Matt\AppData\Roaming\DriverCure
2013-05-09 11:46:02 ----D---- C:\ProgramData\Foresight Software
2013-05-08 18:44:36 ----D---- C:\Users\Matt\AppData\Roaming\CheckPoint
2013-05-07 20:11:43 ----D---- C:\Windows\pss
2013-05-07 19:51:00 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-05-07 19:50:58 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-05-07 19:50:50 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-05-07 19:50:47 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-05-07 19:50:44 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-05-07 19:50:22 ----A---- C:\Windows\avastSS.scr
2013-05-07 08:27:48 ----D---- C:\Windows\Minidump
2013-05-06 19:19:54 ----D---- C:\Program Files\Check Point Software Technologies LTD
2013-05-06 19:19:42 ----D---- C:\Program Files\CheckPoint
2013-05-06 19:04:49 ----D---- C:\Users\Matt\AppData\Roaming\BabSolution
2013-05-06 18:58:35 ----D---- C:\ProgramData\StarApp
2013-05-05 19:50:57 ----D---- C:\ProgramData\CheckPoint
2013-05-05 19:25:30 ----D---- C:\Program Files\CCleaner
2013-05-05 17:15:25 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-05-05 17:15:23 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-05-05 17:15:20 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-05-05 17:15:11 ----A---- C:\Windows\system32\aswBoot.exe
2013-05-05 17:14:24 ----D---- C:\Program Files\AVAST Software
2013-05-05 17:12:48 ----D---- C:\ProgramData\AVAST Software
2013-05-05 16:36:36 ----SHD---- C:\Config.Msi

======List of files/folders modified in the last 1 month======

2013-05-11 16:34:21 ----D---- C:\Windows\Microsoft.NET
2013-05-11 16:34:20 ----RSD---- C:\Windows\assembly
2013-05-11 16:19:41 ----RD---- C:\Program Files
2013-05-11 16:16:55 ----D---- C:\Windows\system32\config
2013-05-11 16:07:25 ----D---- C:\Windows\Temp
2013-05-11 16:06:05 ----D---- C:\Windows\winsxs
2013-05-11 16:05:58 ----D---- C:\Windows\AppPatch
2013-05-11 16:05:41 ----D---- C:\Windows\System32
2013-05-11 16:05:41 ----D---- C:\Windows\inf
2013-05-11 16:05:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-11 16:04:59 ----SHD---- C:\System Volume Information
2013-05-11 16:00:57 ----D---- C:\ProgramData
2013-05-11 16:00:57 ----A---- C:\ProgramData\HPWALog.txt
2013-05-11 16:00:07 ----D---- C:\Windows
2013-05-11 15:59:11 ----D---- C:\Windows\Panther
2013-05-11 15:58:51 ----D---- C:\Windows\registration
2013-05-11 15:55:57 ----D---- C:\Windows\system32\wbem
2013-05-11 15:55:57 ----D---- C:\Windows\system32\en-US
2013-05-11 15:55:57 ----D---- C:\Windows\system32\drivers\en-US
2013-05-11 15:55:57 ----D---- C:\Windows\system32\drivers
2013-05-11 15:55:57 ----D---- C:\Windows\PolicyDefinitions
2013-05-11 15:55:56 ----D---- C:\Windows\system32\migration
2013-05-11 15:55:54 ----D---- C:\Windows\system32\pt-PT
2013-05-11 15:55:54 ----D---- C:\Windows\system32\pt-BR
2013-05-11 15:55:54 ----D---- C:\Windows\system32\pl-PL
2013-05-11 15:55:54 ----D---- C:\Windows\system32\ko-KR
2013-05-11 15:55:54 ----D---- C:\Windows\system32\it-IT
2013-05-11 15:55:54 ----D---- C:\Program Files\Internet Explorer
2013-05-11 15:55:53 ----D---- C:\Windows\system32\zh-TW
2013-05-11 15:55:53 ----D---- C:\Windows\system32\zh-HK
2013-05-11 15:55:53 ----D---- C:\Windows\system32\zh-CN
2013-05-11 15:55:53 ----D---- C:\Windows\system32\tr-TR
2013-05-11 15:55:53 ----D---- C:\Windows\system32\sv-SE
2013-05-11 15:55:53 ----D---- C:\Windows\system32\ru-RU
2013-05-11 15:55:53 ----D---- C:\Windows\system32\nl-NL
2013-05-11 15:55:53 ----D---- C:\Windows\system32\nb-NO
2013-05-11 15:55:53 ----D---- C:\Windows\system32\ja-JP
2013-05-11 15:55:53 ----D---- C:\Windows\system32\hu-HU
2013-05-11 15:55:53 ----D---- C:\Windows\system32\fr-FR
2013-05-11 15:55:53 ----D---- C:\Windows\system32\fi-FI
2013-05-11 15:55:53 ----D---- C:\Windows\system32\es-ES
2013-05-11 15:55:53 ----D---- C:\Windows\system32\el-GR
2013-05-11 15:55:53 ----D---- C:\Windows\system32\de-DE
2013-05-11 15:55:53 ----D---- C:\Windows\system32\da-DK
2013-05-11 15:55:53 ----D---- C:\Windows\system32\cs-CZ
2013-05-11 15:55:51 ----D---- C:\Windows\system32\DriverStore
2013-05-11 15:41:18 ----D---- C:\Windows\system32\catroot2
2013-05-11 15:41:18 ----D---- C:\Windows\system32\catroot
2013-05-11 15:33:26 ----D---- C:\Windows\Logs
2013-05-10 19:58:28 ----SD---- C:\ProgramData\Microsoft
2013-05-10 19:54:11 ----D---- C:\Program Files\ChatZum Toolbar
2013-05-10 19:34:42 ----SHD---- C:\Windows\Installer
2013-05-10 19:34:42 ----D---- C:\ProgramData\SweetIM
2013-05-10 19:34:39 ----D---- C:\Program Files\SweetIM
2013-05-10 19:34:27 ----D---- C:\ProgramData\Tarma Installer
2013-05-10 19:13:31 ----D---- C:\Windows\debug
2013-05-10 17:52:21 ----D---- C:\Program Files\Windows Sidebar
2013-05-10 17:52:21 ----D---- C:\Program Files\Windows Portable Devices
2013-05-10 17:52:21 ----D---- C:\Program Files\Windows Photo Viewer
2013-05-10 17:52:21 ----D---- C:\Program Files\Windows Media Player
2013-05-10 17:52:21 ----D---- C:\Program Files\Windows Mail
2013-05-10 17:52:21 ----D---- C:\Program Files\DVD Maker
2013-05-10 17:52:20 ----D---- C:\Program Files\Windows Defender
2013-05-10 17:52:20 ----D---- C:\Program Files\Common Files\System
2013-05-10 17:52:19 ----D---- C:\Windows\servicing
2013-05-10 17:52:19 ----D---- C:\Windows\ehome
2013-05-10 17:52:16 ----D---- C:\Windows\system32\sysprep
2013-05-10 17:52:16 ----D---- C:\Windows\system32\sppui
2013-05-10 17:52:16 ----D---- C:\Windows\system32\Setup
2013-05-10 17:52:16 ----D---- C:\Windows\system32\oobe
2013-05-10 17:52:16 ----D---- C:\Windows\system32\manifeststore
2013-05-10 17:52:16 ----D---- C:\Windows\system32\en
2013-05-10 17:52:16 ----D---- C:\Windows\system32\AdvancedInstallers
2013-05-10 17:52:12 ----D---- C:\Windows\system32\migwiz
2013-05-10 17:52:12 ----D---- C:\Windows\system32\Dism
2013-05-10 17:51:59 ----RSD---- C:\Windows\Fonts
2013-05-10 17:51:48 ----D---- C:\Windows\system32\Boot
2013-05-10 17:44:32 ----A---- C:\Windows\system32\msclmd.dll
2013-05-10 17:39:56 ----D---- C:\Program Files\iTunes
2013-05-10 17:38:38 ----D---- C:\Program Files\Common Files\Apple
2013-05-10 17:15:15 ----D---- C:\Program Files\Adobe
2013-05-10 17:15:02 ----D---- C:\Program Files\Common Files\Adobe AIR
2013-05-10 17:14:01 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-05-09 19:51:59 ----D---- C:\ProgramData\Adobe
2013-05-09 19:50:02 ----D---- C:\Users\Matt\AppData\Roaming\Adobe
2013-05-09 19:39:55 ----D---- C:\Program Files\Common Files
2013-05-09 19:30:31 ----D---- C:\Program Files\WinRAR
2013-05-09 19:28:11 ----A---- C:\Windows\system32\deployJava1.dll
2013-05-09 19:28:06 ----D---- C:\Program Files\Java
2013-05-09 19:19:24 ----D---- C:\Windows\rescache
2013-05-09 12:20:32 ----D---- C:\Windows\system32\Tasks
2013-05-09 12:20:31 ----D---- C:\Windows\Tasks
2013-05-09 11:44:28 ----D---- C:\Windows\SoftwareDistributionOld
2013-05-08 16:43:12 ----D---- C:\ProgramData\wxDfast
2013-05-08 16:39:24 ----D---- C:\ProgramData\Bcool
2013-05-08 16:37:04 ----D---- C:\Program Files\SimpleSpeedy
2013-05-08 16:23:19 ----D---- C:\Program Files\ContinueToSave
2013-05-08 01:56:11 ----D---- C:\Windows\system32\wfp
2013-05-08 01:56:11 ----D---- C:\Windows\system32\NDF
2013-05-08 01:56:11 ----D---- C:\Windows\system32\CodeIntegrity
2013-05-08 01:55:27 ----D---- C:\Program Files\Optimizer Pro
2013-05-08 01:55:27 ----D---- C:\Program Files\Conduit
2013-05-07 19:51:44 ----D---- C:\Users\Matt\AppData\Roaming\BrowserCompanion
2013-05-07 19:33:06 ----D---- C:\ProgramData\continuetosave
2013-05-07 19:31:49 ----D---- C:\ProgramData\InstallMate
2013-05-07 08:29:27 ----D---- C:\Users\Matt\AppData\Roaming\LimeWire
2013-05-05 19:42:29 ----D---- C:\Windows\ModemLogs
2013-05-05 17:51:29 ----D---- C:\ProgramData\Kaspersky Lab
2013-05-05 16:41:54 ----D---- C:\ProgramData\Big Fish Games
2013-05-05 16:41:50 ----D---- C:\BigFishGamesCache
2013-05-05 16:39:13 ----D---- C:\Users\Matt\AppData\Roaming\Systweak
2013-05-05 16:38:33 ----D---- C:\ProgramData\MFAData
2013-04-24 20:02:12 ----D---- C:\Users\Matt\AppData\Roaming\Azureus
2013-04-16 15:11:50 ----D---- C:\Users\Matt\AppData\Roaming\TuneUpMedia
2013-04-16 15:08:34 ----D---- C:\ProgramData\TuneUpMedia

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-02 61680]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-05-02 368944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-02 56080]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2012-12-13 454744]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-02 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-02 66336]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-11-23 27056]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-04-07 1161664]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-06-30 101392]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-03 4994048]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-02 86056]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-07-02 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-02 18344]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-30 59904]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-30 15872]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-03-21 73216]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-21 116136]
R3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 185344]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2010-03-23 423424]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 299312]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-14 1131008]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-07 393728]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2012-03-21 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-03-21 11136]
S3 ewusbmbb;HUAWEI USB-WWAN miniport; C:\Windows\system32\DRIVERS\ewusbwwan.sys [2012-03-21 349184]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2012-03-21 194816]
S3 NETw1v32;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw1v32.sys [2009-07-21 5958656]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-24 14848]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-24 49664]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-09-28 44544]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-19 65192]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [2009-03-02 81920]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-03-28 14336]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-03 176128]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-02 46808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-31 582944]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2009-10-15 120832]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
R2 HWDeviceService.exe;HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [2011-03-15 271712]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2012-11-23 497320]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe [2010-03-23 229458]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2013-03-27 2447888]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-05-01 229944]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-17 135664]
S2 Optus Mobile Broadband. RunOuc;Optus Mobile Broadband. OUC; C:\Program Files\Optus Mobile Broadband\UpdateDog\ouc.exe [2012-03-21 246112]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-10 256904]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-06 228408]
S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe [2010-10-01 246520]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-17 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-31 194032]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 553288]
S3 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-06-18 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-27 145184]
S3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2009-01-22 247152]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-02-28 1343400]

-----------------EOF-----------------

Zdravim

Co, jak a cim jste tam odvirovaval??

Odinstaloval AVG, naistaloval Avast a pustil Boot-time scan,
log jsem nemohl najit tak tady je PrintScreem
Dale naistaloval Zonealarm a CCleaner, odistaloval nejake drobnosti jako nepotrebne Toolbar, LimeWire, ... , aktualizoval vsechny programy, Windows update nefungovalo a posledni uspesna aktualizace byla 7/2012, s pomoci Google nasel nejake nastroje jako MicrosoftFixit a BITSWin7.reg a zprovoznil aktualizace. Nyni je vsechno aktualni avast nic nenachazi, PC slape lepe ale v avast logu je jeden neodstraneny problem a obcas Taskhost.exe pouziva 50%CPU. Vice mene jsem delal co jsme zvladl za pomoci tohoto webu.

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Prohledat
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

Stahnete Farbar Service Scanner http://download.bleepingcomputer.com/farbar/FSS.exe

• Ulozte nejlepe na Plochu
• U vsech polozek udelejte zatrzitko (tim je oznacite pro skenovani)
• Kliknete na Scan
• Po dokonceni skenu se objevi log FSS.txt ten sem vlozte

Log z AdwCleaner

# AdwCleaner v2.300 - Logfile created 05/12/2013 at 07:33:28
# Updated 28/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Matt - MATT-PC
# Boot Mode : Normal
# Running from : C:\Users\Matt\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\END
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\user.js
File Found : C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Found : C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Found : C:\Users\Public\Desktop\eBay.lnk
Folder Found : C:\Program Files\~BabylonToolbar
Folder Found : C:\Program Files\BrowserCompanion
Folder Found : C:\Program Files\ChatZum Toolbar
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\continuetosave
Folder Found : C:\Program Files\continuetosave
Folder Found : C:\Program Files\iMesh Applications\Mediabar
Folder Found : C:\Program Files\Optimizer Pro
Folder Found : C:\Program Files\SweetIM
Folder Found : C:\Program Files\TrustLoke
Folder Found : C:\Program Files\VideoDownloadConverter_4z
Folder Found : C:\Program Files\WiseConvert
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\ClickIT
Folder Found : C:\ProgramData\continuetosave
Folder Found : C:\ProgramData\continuetosave
Folder Found : C:\ProgramData\IBUpdaterService
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wxDfast
Folder Found : C:\ProgramData\Premium
Folder Found : C:\ProgramData\SearchAlgo Manager
Folder Found : C:\ProgramData\SweetIM
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\ProgramData\wxDfast
Folder Found : C:\Users\Matt\AppData\Local\Conduit
Folder Found : C:\Users\Matt\AppData\Local\PackageAware
Folder Found : C:\Users\Matt\AppData\LocalLow\AVG Security Toolbar
Folder Found : C:\Users\Matt\AppData\LocalLow\bbrs_002.tb
Folder Found : C:\Users\Matt\AppData\LocalLow\Conduit
Folder Found : C:\Users\Matt\AppData\LocalLow\continuetosave
Folder Found : C:\Users\Matt\AppData\LocalLow\continuetosave
Folder Found : C:\Users\Matt\AppData\LocalLow\mediabarim
Folder Found : C:\Users\Matt\AppData\LocalLow\TrustLoke
Folder Found : C:\Users\Matt\AppData\LocalLow\VideoDownloadConverter_4z
Folder Found : C:\Users\Matt\AppData\LocalLow\WiseConvert
Folder Found : C:\Users\Matt\AppData\LocalLow\wxDfast
Folder Found : C:\Users\Matt\AppData\Roaming\BabSolution
Folder Found : C:\Users\Matt\AppData\Roaming\Babylon
Folder Found : C:\Users\Matt\AppData\Roaming\BrowserCompanion
Folder Found : C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SearchAlgo Manager
Folder Found : C:\Windows\Installer\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Folder Found : C:\Windows\system32\SearchAlgo Manager

***** [Registry] *****

Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~1\contin~1\sprote~1.dll
Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~1\simple~1\sprote~1.dll
Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\search~1\22559~1.50\c190e9~1\srchal~1.dll
Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\search~1\261123~1.78\c190e9~1\srchal~1.dll
Key Found : HKCU\Software\96d78de53abf45
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\TrustLoke
Key Found : HKCU\Software\AppDataLow\Software\WiseConvert
Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\Blabbers
Key Found : HKCU\Software\bProtector
Key Found : HKCU\Software\ChatZum Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\96d78de53abf45
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BabylonToolbar
Key Found : HKLM\Software\BrowserCompanion
Key Found : HKLM\Software\ChatZum Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Found : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Found : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Found : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Found : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Found : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Found : HKLM\SOFTWARE\Classes\b
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Found : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Key Found : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{950F80EF-32C2-47DD-9C35-9576E21EE66E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B59BE4AB-56D5-4A60-9FDA-9D02FA4A459B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6}
Key Found : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Found : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Found : HKLM\SOFTWARE\Classes\DnsBHO.BHO
Key Found : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Found : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Found : HKLM\Software\Classes\Installer\Features\254796BF4AC84B64891B61C529A2E23F
Key Found : HKLM\Software\Classes\Installer\Products\254796BF4AC84B64891B61C529A2E23F
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox
Key Found : HKLM\SOFTWARE\Classes\tdataprotocol.CTData
Key Found : HKLM\SOFTWARE\Classes\tdataprotocol.CTData.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2795622
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3176986
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3177532
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3227982
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Key Found : HKLM\SOFTWARE\Classes\updatebho.TimerBHO
Key Found : HKLM\SOFTWARE\Classes\updatebho.TimerBHO.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2210FF7B-F189-4C10-8083-0B8CA29B5386}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29109970-83DB-4D8B-A87E-0C6CE9158D97}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57B81510-58B5-4037-BAF7-E3723BC2FF63}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89D43D90-048F-4B67-B597-2A1624ADEE84}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetPacks Communicator
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B59BE4AB-56D5-4A60-9FDA-9D02FA4A459B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\254796BF4AC84B64891B61C529A2E23F
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4F4C5E11-0612-48D2-8055-987992AAC432}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{774C0434-9948-4DEE-A14E-69CDD316E36C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TrustLoke Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wincore MediaBar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WiseConvert Toolbar
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\SProtector
Key Found : HKLM\Software\Tarma Installer
Key Found : HKLM\Software\TrustLoke
Key Found : HKLM\Software\Web Assistant
Key Found : HKLM\Software\WiseConvert
Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKU\S-1-5-21-1772843596-1217043053-1268504810-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKU\S-1-5-21-1772843596-1217043053-1268504810-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKU\S-1-5-21-1772843596-1217043053-1268504810-1000\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : HKU\S-1-5-21-1772843596-1217043053-1268504810-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Found : HKU\S-1-5-21-1772843596-1217043053-1268504810-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKU\S-1-5-21-1772843596-1217043053-1268504810-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKU\S-1-5-21-1772843596-1217043053-1268504810-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{2D922B81-34C7-4AAB-9C5D-433E79FC9445}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{93A3111F-4F74-4ED8-895E-D9708497629E}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}]
Value Found : HKCU\Software\Mozilla\Firefox\extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2D922B81-34C7-4AAB-9C5D-433E79FC9445}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{2D922B81-34C7-4AAB-9C5D-433E79FC9445}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://www.searchalgo.com?ch=10&cid=273

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [33557 octets] - [12/05/2013 07:33:28]

########## EOF - C:\AdwCleaner[R1].txt - [33618 octets] ##########

Log z FSS

Farbar Service Scanner Version: 14-04-2013
Ran by Matt (administrator) on 12-05-2013 at 07:36:23
Running from "C:\Users\Matt\Downloads"
Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of MpsSvc. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of MpsSvc. The value does not exist.
Unable to retrieve ServiceDll of MpsSvc. The value does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of wscsvc. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of wscsvc. The value does not exist.
Unable to retrieve ServiceDll of wscsvc. The value does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of WinDefend. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of WinDefend. The value does not exist.
Unable to retrieve ServiceDll of WinDefend. The value does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to retrieve start type of iphlpsvc. The value does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to retrieve ImagePath of iphlpsvc. The value does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to retrieve ServiceDll of iphlpsvc. The value does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

Stahnete Service Repair http://kb.eset.com/library/ESET/KB%20Te ... Repair.exe

• Ulozte nejlepe na Plochu
• Spustte a potvrdte Yes abyste potvrdil reinstalaci sluzeb
• Nasledne kliknutim na Yes potvrdte restart PC
• Na Plose vznikne slozka CC Support, najdete tam log SvcRepair.txt - mel by byt CC Support\Logs\SvcRepair.txt - vlozte mi jej sem

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Smazat
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

Service Repair log
-----------------

Log Opened: 2013-05-14 @ 08:41:27
08:41:27 - -----------------
08:41:27 - | Begin Logging |
08:41:27 - -----------------
08:41:27 - Fix started on a WIN_7 X86 computer
08:41:27 - Prep in progress. Please Wait.
08:41:28 - Prep complete
08:41:28 - Repairing Services Now. Please wait...
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BFE.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\iphlpsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo\{FA88062C-9A61-4C1E-AC45-7143F8F01AAD}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap\{8AD2FB26-F91E-44F1-9B24-3C0AE56C9CE0}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\IPHTTPS>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\MpsSvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch2>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\WinDefend.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo\0>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>

SetACL finished successfully.
08:41:41 - Services Repair Complete.
08:41:48 - Reboot Initiated


AdwCleaner [S1] log
-------------------

# AdwCleaner v2.300 - Logfile created 05/14/2013 at 08:49:56
# Updated 28/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Matt - MATT-PC
# Boot Mode : Normal
# Running from : C:\Users\Matt\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\SearchAlgo Manager
File Deleted : C:\END
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\user.js
File Deleted : C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files\~BabylonToolbar
Folder Deleted : C:\Program Files\BrowserCompanion
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\continuetosave
Folder Deleted : C:\Program Files\iMesh Applications\Mediabar
Folder Deleted : C:\Program Files\Optimizer Pro
Folder Deleted : C:\Program Files\VideoDownloadConverter_4z
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\ClickIT
Folder Deleted : C:\ProgramData\continuetosave
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wxDfast
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\wxDfast
Folder Deleted : C:\Users\Matt\AppData\Local\Conduit
Folder Deleted : C:\Users\Matt\AppData\Local\PackageAware
Folder Deleted : C:\Users\Matt\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\Matt\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Matt\AppData\LocalLow\continuetosave
Folder Deleted : C:\Users\Matt\AppData\LocalLow\mediabarim
Folder Deleted : C:\Users\Matt\AppData\LocalLow\VideoDownloadConverter_4z
Folder Deleted : C:\Users\Matt\AppData\LocalLow\wxDfast
Folder Deleted : C:\Users\Matt\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Matt\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Matt\AppData\Roaming\BrowserCompanion
Folder Deleted : C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SearchAlgo Manager
Folder Deleted : C:\Windows\Installer\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Folder Deleted : C:\Windows\system32\SearchAlgo Manager

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~1\contin~1\sprote~1.dll
Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~1\simple~1\sprote~1.dll
Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\search~1\22559~1.50\c190e9~1\srchal~1.dll
Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\search~1\261123~1.78\c190e9~1\srchal~1.dll
Key Deleted : HKCU\Software\96d78de53abf45
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Blabbers
Key Deleted : HKCU\Software\bProtector
Key Deleted : HKCU\Software\ChatZum Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\96d78de53abf45
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{950F80EF-32C2-47DD-9C35-9576E21EE66E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6}
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO
Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Deleted : HKLM\Software\Classes\Installer\Features\254796BF4AC84B64891B61C529A2E23F
Key Deleted : HKLM\Software\Classes\Installer\Products\254796BF4AC84B64891B61C529A2E23F
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2795622
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3176986
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3177532
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3227982
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetPacks Communicator
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\254796BF4AC84B64891B61C529A2E23F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4F4C5E11-0612-48D2-8055-987992AAC432}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{774C0434-9948-4DEE-A14E-69CDD316E36C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wincore MediaBar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{93A3111F-4F74-4ED8-895E-D9708497629E}]
Value Deleted : HKCU\Software\Mozilla\Firefox\extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [33688 octets] - [12/05/2013 07:33:28]
AdwCleaner[S1].txt - [27938 octets] - [14/05/2013 08:49:56]

########## EOF - C:\AdwCleaner[S1].txt - [27999 octets] ##########

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

ComboFix 13-05-13.01 - Matt 14/05/2013 18:44:27.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.3039.2046 [GMT 9.5:30]
Running from: c:\users\Matt\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Bcool
c:\programdata\Bcool\background.html
c:\programdata\Bcool\content.js
c:\programdata\Bcool\data\content.js
c:\programdata\Bcool\data\epoch
c:\programdata\Bcool\data\jsondb.js
c:\programdata\Bcool\dfloegoeaioappncnfjpibijebleffgm.crx
c:\programdata\Bcool\settings.ini
c:\programdata\Microsoft\Windows\Start Menu\Programs\wxDownload Fast
c:\programdata\Microsoft\Windows\Start Menu\Programs\wxDownload Fast\Uninstall wxDownload Fast.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\wxDownload Fast\wxDownload Fast on the Web.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\wxDownload Fast\wxDownload Fast.lnk
c:\users\Matt\Documents\~WRL0003.tmp
c:\users\Matt\Favorites\~$Ouch!!!!.pptx
c:\users\Matt\Favorites\Ouch!!!!.pptx
c:\users\TmNationsForever\TmForever.exe
c:\users\TmNationsForever\TmForeverLauncher.exe
c:\windows\Installer\{caaf1133-061d-189e-85dc-248735f399b1}\U\00000001.@
.
.
((((((((((((((((((((((((( Files Created from 2013-04-14 to 2013-05-14 )))))))))))))))))))))))))))))))
.
.
2013-05-14 09:24 . 2013-05-14 09:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-14 06:44 . 2013-05-14 06:44 -------- d-----w- c:\users\Matt\AppData\Local\SvchostViewer
2013-05-13 23:20 . 2013-05-13 23:20 101 ----a-w- c:\windows\DeleteOnReboot.bat
2013-05-11 06:49 . 2013-05-11 07:17 -------- d-----w- c:\program files\trend micro
2013-05-11 06:49 . 2013-05-11 06:50 -------- d-----w- C:\rsit
2013-05-11 06:11 . 2012-08-23 14:10 12288 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-05-11 06:11 . 2012-08-23 14:44 14848 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2013-05-11 06:00 . 2013-05-11 06:00 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-11 05:34 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll
2013-05-11 05:34 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-05-11 05:34 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-05-11 05:34 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll
2013-05-11 05:34 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-05-11 05:34 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll
2013-05-11 05:34 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll
2013-05-11 05:34 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll
2013-05-11 05:34 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
2013-05-11 05:34 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2013-05-11 05:34 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-05-11 05:34 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
2013-05-11 05:33 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2013-05-11 05:31 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-05-11 05:31 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2013-05-11 05:28 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-05-11 05:28 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-05-10 10:04 . 2013-05-10 10:04 -------- d-----w- c:\windows\IswTmp
2013-05-10 08:08 . 2013-05-10 08:08 -------- d-----w- c:\program files\iPod
2013-05-10 08:08 . 2013-05-10 08:09 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-05-10 08:00 . 2013-05-10 08:00 -------- d-----w- c:\windows\system32\SPReview
2013-05-10 07:51 . 2010-11-20 12:30 245632 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-05-10 07:50 . 2010-11-20 12:21 89600 ----a-w- c:\windows\system32\wbem\WmiApRpl.dll
2013-05-10 07:49 . 2010-11-20 12:21 4096 ----a-w- c:\windows\system32\msdxm.ocx
2013-05-10 07:48 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\wdscore.dll
2013-05-10 07:48 . 2010-11-20 12:17 209920 ----a-w- c:\windows\system32\PkgMgr.exe
2013-05-10 07:47 . 2010-11-20 12:18 323072 ----a-w- c:\windows\system32\drvstore.dll
2013-05-10 07:47 . 2010-11-20 12:18 257024 ----a-w- c:\windows\system32\dpx.dll
2013-05-10 07:11 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll
2013-05-10 07:11 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-05-09 11:38 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-05-09 11:38 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-05-09 11:38 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-05-09 11:38 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-05-09 11:38 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-05-09 11:38 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-05-09 11:38 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-05-09 11:38 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-05-09 11:38 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-05-09 11:37 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-05-09 11:22 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-09 11:22 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-09 11:22 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-05-09 11:22 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe
2013-05-09 11:20 . 2012-12-07 10:46 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2013-05-09 11:19 . 2013-03-01 03:09 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-05-09 11:18 . 2012-11-09 04:42 2048 ----a-w- c:\windows\system32\tzres.dll
2013-05-09 11:16 . 2012-09-25 22:47 78336 ----a-w- c:\windows\system32\synceng.dll
2013-05-09 11:16 . 2012-11-20 04:51 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-05-09 11:16 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll
2013-05-09 11:16 . 2010-11-20 12:21 30208 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\winprint.dll
2013-05-09 11:11 . 2013-01-04 04:50 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-05-09 10:09 . 2013-05-09 10:10 -------- d-----w- c:\program files\Common Files\Adobe
2013-05-09 09:59 . 2013-05-09 09:59 -------- d-----w- c:\program files\Common Files\Java
2013-05-09 09:58 . 2013-05-09 09:58 866720 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-05-09 09:58 . 2013-05-09 09:58 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-05-09 09:57 . 2013-05-09 09:57 -------- d-----w- c:\programdata\McAfee
2013-05-09 02:48 . 2013-05-09 02:48 -------- d-----w- c:\users\Matt\AppData\Roaming\ParetoLogic
2013-05-09 02:48 . 2013-05-09 02:50 -------- d-----w- c:\programdata\ParetoLogic
2013-05-09 02:17 . 2013-05-09 02:17 -------- d-----w- c:\users\Matt\AppData\Roaming\Foresight Software
2013-05-09 02:17 . 2013-05-09 02:17 -------- d-----w- c:\users\Matt\AppData\Roaming\DriverCure
2013-05-09 02:16 . 2013-05-09 02:22 -------- d-----w- c:\programdata\Foresight Software
2013-05-09 02:05 . 2013-05-09 02:05 -------- d-----w- C:\ProcessExplorer
2013-05-08 09:14 . 2013-05-08 09:14 -------- d-----w- c:\users\Matt\AppData\Roaming\CheckPoint
2013-05-07 10:52 . 2013-05-07 10:52 -------- d-----w- c:\users\Matt\AppData\Local\ElevatedDiagnostics
2013-05-07 10:21 . 2013-05-01 23:34 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-07 10:20 . 2013-05-01 23:34 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-07 10:20 . 2013-05-01 23:34 61680 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-07 10:20 . 2013-05-01 23:34 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-07 10:20 . 2013-05-01 23:34 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-10 08:14 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2013-05-10 07:44 . 2012-05-30 11:37 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-10 07:44 . 2011-06-09 08:45 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-09 09:58 . 2010-07-18 11:22 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\system32\GPhotos.scr
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-01 23:33 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-01 4858456]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2013-03-27 73832]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-23 495708]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-13 2299176]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-05-10 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"WallpaperStyle"= 2
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Matt^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Matt^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^tcbhn.lnk]
path=c:\users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk
backup=c:\windows\pss\tcbhn.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-18 19:08 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-04-20 03:18 58656 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-01-28 03:38 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-07-12 10:35 138096 ----atw- c:\users\Matt\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-05-31 20:32 136176 ----atw- c:\users\Matt\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-02-20 03:05 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-24 16:42 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-11 22:02 253816 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2011-06-09 08:44 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\DatacardService\HWDeviceService.exe [x]
R2 Optus Mobile Broadband. RunOuc;Optus Mobile Broadband. OUC;c:\program files\Optus Mobile Broadband\UpdateDog\ouc.exe [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [x]
R3 NETw1v32;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw1v32.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [x]
S1 aswSP;aswSP; [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [x]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - PROCEXP152
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-30 07:44]
.
2013-05-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000Core.job
- c:\users\Matt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-23 10:35]
.
2013-05-14 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000UA.job
- c:\users\Matt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-23 10:35]
.
2013-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 11:58]
.
2013-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 11:58]
.
2013-05-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000Core.job
- c:\users\Matt\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-13 20:32]
.
2013-05-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000UA.job
- c:\users\Matt\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-13 20:32]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.au/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: Interfaces\{3CD3A49E-F05E-4EC5-A5BA-14A85816A903}: NameServer = 198.142.0.51 61.88.88.88
TCP: Interfaces\{455B356B-F1AD-480A-B210-03D8D946C73E}: NameServer = 198.142.0.51 61.88.88.88
TCP: Interfaces\{87D3DBD4-C9DD-417E-A4CE-8EC90089471F}: NameServer = 198.142.0.51 61.88.88.88
TCP: Interfaces\{BFADE558-1F34-4F4D-BD98-6FBB38D757F6}: NameServer = 198.142.0.51 61.88.88.88
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{d8215d9c-81ed-4e53-b420-bfcdbac4734d} - (no file)
URLSearchHooks-{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - (no file)
URLSearchHooks-{0cc09160-108c-4759-bab1-5c12c216e005} - (no file)
URLSearchHooks-{2d922b81-34c7-4aab-9c5d-433e79fc9445} - (no file)
URLSearchHooks-{77f8c945-4b74-4bd6-a073-e0d1997edce8} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - (no file)
Toolbar-{2d922b81-34c7-4aab-9c5d-433e79fc9445} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{D8215D9C-81ED-4E53-B420-BFCDBAC4734D} - (no file)
WebBrowser-{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - (no file)
WebBrowser-{0CC09160-108C-4759-BAB1-5C12C216E005} - (no file)
HKLM-Run-ISW - (no file)
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-msnmsgr - ~c:\program files\Windows Live\Messenger\msnmsgr.exe
MSConfigStartUp-Optimizer Pro - c:\program files\Optimizer Pro\OptProLauncher.exe
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(684)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
Completion time: 2013-05-14 18:55:48
ComboFix-quarantined-files.txt 2013-05-14 09:25
.
Pre-Run: 325,808,476,160 bytes free
Post-Run: 325,701,042,176 bytes free
.
- - End Of File - - DD5C245F9CAD601C33A65445A073BBFB

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  RegLock::
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}]
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
  
  Registry::
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
  [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
  "SPReview"=-
  
  File::
  C:\Windows\tasks\Adobe Flash Player Updater.job
  C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000Core.job
  C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000UA.job
  C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000Core.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000UA.job
  
  ClearJavaCache::
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

ComboFix 13-05-14.01 - Matt 15/05/2013 16:52:10.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.3039.2194 [GMT 9.5:30]
Running from: c:\users\Matt\Desktop\ComboFix.exe
Command switches used :: c:\users\Matt\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000Core.job"
"c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000UA.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Matt\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\users\Matt\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
.
.
((((((((((((((((((((((((( Files Created from 2013-04-15 to 2013-05-15 )))))))))))))))))))))))))))))))
.
.
2013-05-15 07:30 . 2013-05-15 07:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-14 06:44 . 2013-05-14 06:44 -------- d-----w- c:\users\Matt\AppData\Local\SvchostViewer
2013-05-13 23:20 . 2013-05-13 23:20 101 ----a-w- c:\windows\DeleteOnReboot.bat
2013-05-11 06:49 . 2013-05-11 07:17 -------- d-----w- c:\program files\trend micro
2013-05-11 06:49 . 2013-05-11 06:50 -------- d-----w- C:\rsit
2013-05-11 06:11 . 2012-08-23 14:10 12288 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-05-11 06:11 . 2012-08-23 14:44 14848 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2013-05-11 06:00 . 2013-05-11 06:00 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-11 05:34 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll
2013-05-11 05:34 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-05-11 05:34 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-05-11 05:34 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll
2013-05-11 05:34 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-05-11 05:34 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll
2013-05-11 05:34 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll
2013-05-11 05:34 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll
2013-05-11 05:34 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
2013-05-11 05:34 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2013-05-11 05:34 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-05-11 05:34 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
2013-05-11 05:33 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2013-05-11 05:31 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-05-11 05:31 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2013-05-11 05:28 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-05-11 05:28 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-05-10 10:04 . 2013-05-10 10:04 -------- d-----w- c:\windows\IswTmp
2013-05-10 08:08 . 2013-05-10 08:08 -------- d-----w- c:\program files\iPod
2013-05-10 08:08 . 2013-05-10 08:09 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-05-10 08:00 . 2013-05-10 08:00 -------- d-----w- c:\windows\system32\SPReview
2013-05-10 07:51 . 2010-11-20 12:30 245632 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-05-10 07:50 . 2010-11-20 12:21 89600 ----a-w- c:\windows\system32\wbem\WmiApRpl.dll
2013-05-10 07:49 . 2010-11-20 12:21 4096 ----a-w- c:\windows\system32\msdxm.ocx
2013-05-10 07:48 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\wdscore.dll
2013-05-10 07:48 . 2010-11-20 12:17 209920 ----a-w- c:\windows\system32\PkgMgr.exe
2013-05-10 07:47 . 2010-11-20 12:18 323072 ----a-w- c:\windows\system32\drvstore.dll
2013-05-10 07:47 . 2010-11-20 12:18 257024 ----a-w- c:\windows\system32\dpx.dll
2013-05-10 07:11 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll
2013-05-10 07:11 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-05-09 11:38 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-05-09 11:38 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-05-09 11:38 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-05-09 11:38 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-05-09 11:38 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-05-09 11:38 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-05-09 11:38 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-05-09 11:38 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-05-09 11:38 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-05-09 11:37 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-05-09 11:22 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-09 11:22 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-09 11:22 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-05-09 11:22 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe
2013-05-09 11:20 . 2012-12-07 10:46 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2013-05-09 11:19 . 2013-03-01 03:09 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-05-09 11:18 . 2012-11-09 04:42 2048 ----a-w- c:\windows\system32\tzres.dll
2013-05-09 11:16 . 2012-09-25 22:47 78336 ----a-w- c:\windows\system32\synceng.dll
2013-05-09 11:16 . 2012-11-20 04:51 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-05-09 11:16 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll
2013-05-09 11:16 . 2010-11-20 12:21 30208 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\winprint.dll
2013-05-09 11:11 . 2013-01-04 04:50 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-05-09 10:09 . 2013-05-09 10:10 -------- d-----w- c:\program files\Common Files\Adobe
2013-05-09 09:59 . 2013-05-09 09:59 -------- d-----w- c:\program files\Common Files\Java
2013-05-09 09:58 . 2013-05-09 09:58 866720 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-05-09 09:58 . 2013-05-09 09:58 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-05-09 09:57 . 2013-05-09 09:57 -------- d-----w- c:\programdata\McAfee
2013-05-09 02:48 . 2013-05-09 02:48 -------- d-----w- c:\users\Matt\AppData\Roaming\ParetoLogic
2013-05-09 02:48 . 2013-05-09 02:50 -------- d-----w- c:\programdata\ParetoLogic
2013-05-09 02:17 . 2013-05-09 02:17 -------- d-----w- c:\users\Matt\AppData\Roaming\Foresight Software
2013-05-09 02:17 . 2013-05-09 02:17 -------- d-----w- c:\users\Matt\AppData\Roaming\DriverCure
2013-05-09 02:16 . 2013-05-09 02:22 -------- d-----w- c:\programdata\Foresight Software
2013-05-09 02:05 . 2013-05-09 02:05 -------- d-----w- C:\ProcessExplorer
2013-05-08 09:14 . 2013-05-08 09:14 -------- d-----w- c:\users\Matt\AppData\Roaming\CheckPoint
2013-05-07 10:52 . 2013-05-07 10:52 -------- d-----w- c:\users\Matt\AppData\Local\ElevatedDiagnostics
2013-05-07 10:21 . 2013-05-01 23:34 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-07 10:20 . 2013-05-01 23:34 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-07 10:20 . 2013-05-01 23:34 61680 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-07 10:20 . 2013-05-01 23:34 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-07 10:20 . 2013-05-01 23:34 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 05:17 . 2012-05-30 11:37 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-15 05:17 . 2011-06-09 08:45 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-10 08:14 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2013-05-09 09:58 . 2010-07-18 11:22 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\system32\GPhotos.scr
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-01 23:33 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-01 4858456]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2013-03-27 73832]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-23 495708]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-13 2299176]
"ISW"="" [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"WallpaperStyle"= 2
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Matt^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Matt^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^tcbhn.lnk]
path=c:\users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk
backup=c:\windows\pss\tcbhn.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-18 19:08 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-04-20 03:18 58656 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-01-28 03:38 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-07-12 10:35 138096 ----atw- c:\users\Matt\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-05-31 20:32 136176 ----atw- c:\users\Matt\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-02-20 03:05 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-24 16:42 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-11 22:02 253816 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2011-06-09 08:44 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
R2 Optus Mobile Broadband. RunOuc;Optus Mobile Broadband. OUC;c:\program files\Optus Mobile Broadband\UpdateDog\ouc.exe [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 NETw1v32;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw1v32.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [x]
S1 aswSP;aswSP; [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\DatacardService\HWDeviceService.exe [x]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [x]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-30 05:17]
.
2013-05-14 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000Core.job
- c:\users\Matt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-23 10:35]
.
2013-05-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000UA.job
- c:\users\Matt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-23 10:35]
.
2013-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 11:58]
.
2013-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 11:58]
.
2013-05-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000Core.job
- c:\users\Matt\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-13 20:32]
.
2013-05-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1772843596-1217043053-1268504810-1000UA.job
- c:\users\Matt\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-13 20:32]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.au/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{3CD3A49E-F05E-4EC5-A5BA-14A85816A903}: NameServer = 198.142.0.51 61.88.88.88
TCP: Interfaces\{455B356B-F1AD-480A-B210-03D8D946C73E}: NameServer = 198.142.0.51 61.88.88.88
TCP: Interfaces\{87D3DBD4-C9DD-417E-A4CE-8EC90089471F}: NameServer = 198.142.0.51 61.88.88.88
TCP: Interfaces\{BFADE558-1F34-4F4D-BD98-6FBB38D757F6}: NameServer = 198.142.0.51 61.88.88.88
.
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(4272)
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe
c:\windows\system32\atieclxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\windows\system32\taskhost.exe
c:\programdata\Optus Mobile Broadband\OnlineUpdate\ouc.exe
c:\windows\system32\UI0Detect.exe
c:\windows\System32\WUDFHost.exe
c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\windows\system32\conhost.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\sppsvc.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
c:\program files\Hewlett-Packard\Shared\hpqToaster.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Completion time: 2013-05-15 17:09:01 - machine was rebooted
ComboFix-quarantined-files.txt 2013-05-15 07:39
ComboFix2.txt 2013-05-14 09:25
.
Pre-Run: 320,784,072,704 bytes free
Post-Run: 320,780,824,576 bytes free
.
- - End Of File - - 3C065185C4389FB4BB0D3854A6D593B9

Tak jeste uklidime

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Problemy nejsou, dekuji moc za pomoc.