VIRY.CZ

ahoj vsem,
dlouho jsem tu nebyl, tak prosim o preventivni kontrolu.
diky

Logfile of random's system information tool 1.09 (written by random/random)
Run by acer at 2013-10-05 07:58:21
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 21 GB (9%) free of 230 GB
Total RAM: 3819 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:58:31, on 5.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Users\acer\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\acer.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={78442EFC- ... 2012-10-05 10:33:37&v=12.2.5.34&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [SearchProtect] C:\Users\acer\AppData\Roaming\SearchProtect\bin\cltmng.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Search Protect by Conduit Updater (CltMngSvc) - Conduit - C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10830 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 37201536
\??\C:\Windows\system32\conhost.exe "21099421921167572708-19625624-176230766820892692457559556327816183311924039401
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Users\acer\AppData\Roaming\SearchProtect\bin\cltmng.exe"
"C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\Windows\system32\CxAudMsg64.exe
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
taskeng.exe {9A5A580D-4E76-4128-8C56-31165FA1BEEB}
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
"C:\Windows\system32\taskmgr.exe" /1
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\acer\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Acer Registration - Reminder Recall task.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job

=========Mozilla firefox=========

ProfilePath - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\a98f6hvt.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.3.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg-secure-search.xml

C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\a98f6hvt.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\a98f6hvt.default\searchplugins\
brothersoft-extreme3-customized-web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll [2013-06-30 3055280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll [2013-06-30 3055280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-11-12 2588968]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-08-02 1831016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SearchProtect"=C:\Users\acer\AppData\Roaming\SearchProtect\bin\cltmng.exe [2013-05-08 2852640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-09-17 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-01 1103440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtectAll]
C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [2013-05-08 2852640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Secure Search\vprot.exe [2013-06-30 2236080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]
C:\PROGRA~2\Acer\ACERVC~1\AcerVCM.exe [2011-05-12 723560]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-24 336384]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-09-17 152392]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-10-05 07:51:25 ----D---- C:\Program Files\trend micro
2013-10-05 07:51:24 ----D---- C:\rsit
2013-10-05 06:59:48 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-10-01 19:59:21 ----D---- C:\Program Files\iPod
2013-10-01 19:59:15 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-01 19:59:15 ----D---- C:\Program Files\iTunes
2013-10-01 19:59:15 ----D---- C:\Program Files (x86)\iTunes
2013-10-01 19:45:46 ----SHD---- C:\Config.Msi
2013-10-01 08:28:09 ----D---- C:\Windows\SYSWOW64\Wat
2013-10-01 08:28:09 ----D---- C:\Windows\system32\Wat
2013-10-01 07:44:14 ----D---- C:\Windows\system32\MRT
2013-10-01 07:44:03 ----A---- C:\Windows\system32\MRT.exe
2013-09-30 21:02:17 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-09-30 21:02:17 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-09-30 21:02:16 ----A---- C:\Windows\system32\Wdfres.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-09-30 20:26:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-09-30 20:26:16 ----A---- C:\Windows\system32\elshyph.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\url.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\wininet.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\wextract.exe
2013-09-30 20:26:15 ----A---- C:\Windows\system32\webcheck.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\vbscript.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\urlmon.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\url.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-09-30 20:26:15 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-30 20:26:15 ----A---- C:\Windows\system32\pngfilt.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\occache.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\msrating.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\msls31.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\mshtmler.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\mshtmled.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\mshtml.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\mshta.exe
2013-09-30 20:26:15 ----A---- C:\Windows\system32\msfeedssync.exe
2013-09-30 20:26:15 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\msfeeds.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\licmgr10.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\jsproxy.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\jscript9.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\jscript.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\inseng.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\imgutil.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\iexpress.exe
2013-09-30 20:26:15 ----A---- C:\Windows\system32\ieUnatt.exe
2013-09-30 20:26:15 ----A---- C:\Windows\system32\ieui.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\iesysprep.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\iesetup.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\iertutil.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\iernonce.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\iepeers.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\ieframe.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\iedkcs32.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\ieapfltr.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\ieapfltr.dat
2013-09-30 20:26:15 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\ie4uinit.exe
2013-09-30 20:26:15 ----A---- C:\Windows\system32\icardie.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\dxtrans.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\dxtmsft.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\XpsPrint.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\WMPhoto.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\FntCache.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\dxgi.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\DWrite.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\d3d10warp.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\d3d10core.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\d3d10_1.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\d3d10.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\d2d1.dll
2013-09-30 20:18:19 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-09-30 20:18:19 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-09-30 20:18:19 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-09-30 20:18:19 ----A---- C:\Windows\system32\UIAnimation.dll
2013-09-30 20:18:19 ----A---- C:\Windows\system32\d3d10level9.dll
2013-09-30 19:54:53 ----A---- C:\Windows\system32\browserchoice.exe
2013-09-30 19:16:06 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-09-30 19:16:05 ----A---- C:\Windows\system32\atmlib.dll
2013-09-30 19:16:04 ----A---- C:\Windows\system32\atmfd.dll
2013-09-30 19:16:03 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-09-30 19:12:45 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-09-30 19:12:45 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-09-30 19:12:42 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-09-30 19:12:42 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-09-30 19:12:37 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-09-30 19:12:36 ----A---- C:\Windows\system32\WUDFx.dll
2013-09-30 19:12:36 ----A---- C:\Windows\system32\WUDFHost.exe
2013-09-30 18:40:46 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2013-09-30 18:40:45 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-09-30 18:40:45 ----A---- C:\Windows\system32\imagehlp.dll
2013-09-30 18:40:43 ----A---- C:\Windows\SYSWOW64\wmi.dll
2013-09-30 18:40:43 ----A---- C:\Windows\system32\wmi.dll
2013-09-29 11:42:25 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-09-29 11:42:24 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-09-28 11:23:26 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2013-09-28 11:23:26 ----A---- C:\Windows\system32\ncsi.dll
2013-09-28 11:23:25 ----A---- C:\Windows\system32\netcorehc.dll
2013-09-28 11:23:25 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-09-28 11:23:24 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2013-09-28 11:23:24 ----A---- C:\Windows\system32\nlasvc.dll
2013-09-28 11:23:23 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2013-09-28 11:23:22 ----A---- C:\Windows\SYSWOW64\netevent.dll
2013-09-28 11:23:22 ----A---- C:\Windows\system32\nlaapi.dll
2013-09-28 11:23:22 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-09-28 11:23:21 ----A---- C:\Windows\system32\netevent.dll
2013-09-28 11:23:11 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-09-28 11:23:08 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-09-28 11:23:07 ----A---- C:\Windows\system32\drivers\netio.sys
2013-09-28 11:23:07 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-09-28 11:22:57 ----A---- C:\Windows\system32\mstscax.dll
2013-09-28 11:22:55 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-09-28 11:22:54 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-09-28 11:22:53 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-09-28 11:22:53 ----A---- C:\Windows\system32\tsgqec.dll
2013-09-28 11:22:53 ----A---- C:\Windows\system32\aaclient.dll
2013-09-28 11:22:16 ----A---- C:\Windows\system32\authui.dll
2013-09-28 11:22:15 ----A---- C:\Windows\system32\consent.exe
2013-09-28 11:22:14 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-09-28 11:22:13 ----A---- C:\Windows\system32\appinfo.dll
2013-09-28 11:21:54 ----A---- C:\Windows\system32\wwansvc.dll
2013-09-28 11:21:54 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-09-28 11:20:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-09-28 11:20:27 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-09-28 11:20:23 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-09-28 11:20:22 ----A---- C:\Windows\system32\KernelBase.dll
2013-09-28 11:20:21 ----A---- C:\Windows\system32\ntdll.dll
2013-09-28 11:20:20 ----A---- C:\Windows\system32\kernel32.dll
2013-09-28 11:20:19 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-09-28 11:20:17 ----A---- C:\Windows\system32\wow64win.dll
2013-09-28 11:20:17 ----A---- C:\Windows\system32\wow64.dll
2013-09-28 11:20:17 ----A---- C:\Windows\system32\winsrv.dll
2013-09-28 11:20:16 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-09-28 11:20:16 ----A---- C:\Windows\system32\conhost.exe
2013-09-28 11:20:14 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-09-28 11:20:14 ----A---- C:\Windows\system32\csrsrv.dll
2013-09-28 11:20:13 ----A---- C:\Windows\system32\smss.exe
2013-09-28 11:20:13 ----A---- C:\Windows\system32\ntvdm64.dll
2013-09-28 11:20:12 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-09-28 11:20:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-28 11:20:11 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-28 11:20:11 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-09-28 11:20:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-28 11:20:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-28 11:20:10 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-09-28 11:20:10 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-09-28 11:20:10 ----A---- C:\Windows\system32\wow64cpu.dll
2013-09-28 11:20:09 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-28 11:20:09 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-28 11:20:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-28 11:20:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-28 11:20:08 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-28 11:20:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-28 11:20:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-28 11:20:07 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-28 11:20:07 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-28 11:20:07 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-28 11:20:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-28 11:20:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-28 11:20:06 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-28 11:20:06 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-28 11:20:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-28 11:20:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-28 11:20:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-28 11:20:05 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-28 11:20:05 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-28 11:20:05 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-28 11:20:05 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-28 11:20:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-28 11:20:04 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-28 11:20:04 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-28 11:20:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-28 11:20:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-28 11:20:03 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-28 11:20:03 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-28 11:20:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-28 11:20:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-28 11:20:02 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-28 11:20:02 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-28 11:20:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-28 11:20:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-28 11:20:01 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-28 11:20:01 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-28 11:20:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-28 11:20:00 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-28 11:19:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-28 11:19:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-28 11:19:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-28 11:19:59 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-28 11:19:59 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-28 11:19:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-28 11:19:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-28 11:19:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-28 11:19:58 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-28 11:19:58 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-28 11:19:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-28 11:19:57 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-09-28 11:19:57 ----A---- C:\Windows\system32\apisetschema.dll
2013-09-28 11:19:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-28 11:19:56 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-28 11:19:56 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-28 11:19:56 ----A---- C:\Windows\SYSWOW64\user.exe
2013-09-28 11:19:32 ----A---- C:\Windows\system32\Wpc.dll
2013-09-28 11:19:30 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-09-28 11:19:30 ----A---- C:\Windows\system32\gameux.dll
2013-09-28 11:19:29 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-09-28 11:18:39 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-09-28 11:18:38 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-09-28 11:18:38 ----A---- C:\Windows\system32\cdd.dll
2013-09-28 11:16:39 ----A---- C:\Windows\system32\crypt32.dll
2013-09-28 11:16:37 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-09-28 11:16:36 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-09-28 11:16:36 ----A---- C:\Windows\system32\wintrust.dll
2013-09-28 11:16:36 ----A---- C:\Windows\system32\cryptsvc.dll
2013-09-28 11:16:35 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-09-28 11:16:35 ----A---- C:\Windows\system32\cryptnet.dll
2013-09-28 11:16:34 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-09-28 11:16:07 ----A---- C:\Windows\system32\msxml6.dll
2013-09-28 11:16:04 ----A---- C:\Windows\system32\msxml3.dll
2013-09-28 11:16:03 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-09-28 11:16:00 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2013-09-28 11:16:00 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-09-28 11:16:00 ----A---- C:\Windows\system32\msxml3r.dll
2013-09-28 11:15:55 ----A---- C:\Windows\system32\rpcrt4.dll
2013-09-28 11:15:53 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-09-28 11:15:48 ----A---- C:\Windows\system32\win32k.sys
2013-09-28 11:15:40 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-09-28 11:15:39 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2013-09-28 11:15:39 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2013-09-28 11:15:39 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-09-28 11:15:17 ----A---- C:\Windows\system32\ncrypt.dll
2013-09-28 11:15:16 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-09-28 11:15:00 ----A---- C:\Windows\system32\qedit.dll
2013-09-28 11:14:59 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-09-28 11:14:56 ----A---- C:\Windows\system32\dpnet.dll
2013-09-28 11:14:55 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-09-28 11:14:52 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-09-28 11:13:51 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2013-09-28 11:13:51 ----A---- C:\Windows\system32\poqexec.exe
2013-09-28 10:58:06 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-09-28 10:58:05 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-09-28 10:58:01 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-09-28 10:57:55 ----A---- C:\Windows\SYSWOW64\webio.dll
2013-09-28 10:57:54 ----A---- C:\Windows\system32\webio.dll
2013-09-28 10:57:35 ----A---- C:\Windows\system32\mcupdate_AuthenticAMD.dll
2013-09-28 10:57:32 ----A---- C:\Windows\system32\schannel.dll
2013-09-28 10:57:32 ----A---- C:\Windows\system32\drivers\cng.sys
2013-09-28 10:57:31 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-09-28 10:57:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-09-28 10:57:30 ----A---- C:\Windows\system32\lsass.exe
2013-09-28 10:57:30 ----A---- C:\Windows\system32\lsasrv.dll
2013-09-28 10:57:30 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-09-28 10:57:29 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-09-28 10:57:29 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-09-28 10:57:29 ----A---- C:\Windows\system32\sspisrv.dll
2013-09-28 10:57:29 ----A---- C:\Windows\system32\sspicli.dll
2013-09-28 10:57:29 ----A---- C:\Windows\system32\secur32.dll
2013-09-28 10:57:26 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-09-28 10:57:25 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2013-09-28 10:57:11 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2013-09-28 10:57:11 ----A---- C:\Windows\system32\ntshrui.dll
2013-09-28 10:57:06 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-09-28 10:56:38 ----A---- C:\Windows\system32\shell32.dll
2013-09-28 10:56:33 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-09-28 10:56:32 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-09-28 10:56:32 ----A---- C:\Windows\system32\shdocvw.dll
2013-09-28 10:56:21 ----A---- C:\Windows\system32\quartz.dll
2013-09-28 10:56:20 ----A---- C:\Windows\SYSWOW64\quartz.dll
2013-09-28 10:56:19 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2013-09-28 10:56:19 ----A---- C:\Windows\system32\qdvd.dll
2013-09-28 10:56:16 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-09-28 10:56:16 ----A---- C:\Windows\system32\usp10.dll
2013-09-28 10:56:13 ----A---- C:\Windows\system32\profsvc.dll
2013-09-28 10:56:12 ----A---- C:\Windows\system32\rdrmemptylst.exe
2013-09-28 10:56:12 ----A---- C:\Windows\system32\rdpwsx.dll
2013-09-28 10:56:12 ----A---- C:\Windows\system32\rdpcorekmts.dll
2013-09-28 10:56:08 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-09-28 10:55:53 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-09-28 10:55:53 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 1 month======

2013-10-05 07:58:29 ----D---- C:\Windows\Temp
2013-10-05 07:51:25 ----RD---- C:\Program Files
2013-10-05 07:47:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-05 07:47:44 ----D---- C:\Program Files (x86)
2013-10-05 07:20:16 ----D---- C:\Windows\System32
2013-10-05 07:20:16 ----D---- C:\Windows\inf
2013-10-05 07:20:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-05 06:31:58 ----D---- C:\Windows\system32\config
2013-10-03 08:05:19 ----D---- C:\Windows\Microsoft.NET
2013-10-03 08:04:02 ----RSD---- C:\Windows\assembly
2013-10-01 20:07:22 ----D---- C:\Windows
2013-10-01 20:05:17 ----D---- C:\Windows\system32\catroot
2013-10-01 20:03:48 ----SHD---- C:\Windows\Installer
2013-10-01 20:01:35 ----D---- C:\Windows\SysWOW64
2013-10-01 19:59:15 ----HD---- C:\ProgramData
2013-10-01 19:49:15 ----D---- C:\Windows\system32\DriverStore
2013-10-01 19:48:56 ----D---- C:\Windows\system32\drivers
2013-10-01 19:29:22 ----D---- C:\Windows\winsxs
2013-10-01 19:01:02 ----D---- C:\Windows\Prefetch
2013-10-01 08:28:36 ----D---- C:\Program Files\Common Files\System
2013-10-01 08:28:35 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-10-01 08:28:35 ----D---- C:\Windows\system32\cs-CZ
2013-10-01 08:28:34 ----D---- C:\Windows\ehome
2013-10-01 08:28:34 ----D---- C:\Windows\AppPatch
2013-10-01 08:28:33 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-10-01 08:28:32 ----D---- C:\Windows\system32\wbem
2013-10-01 08:28:32 ----D---- C:\Program Files\Windows Defender
2013-10-01 08:28:32 ----D---- C:\Program Files (x86)\Windows Defender
2013-10-01 08:28:31 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-01 08:28:30 ----D---- C:\Program Files\Internet Explorer
2013-10-01 08:28:27 ----D---- C:\Windows\SYSWOW64\migration
2013-10-01 08:28:27 ----D---- C:\Windows\SYSWOW64\en-US
2013-10-01 08:28:25 ----D---- C:\Windows\system32\migration
2013-10-01 08:28:25 ----D---- C:\Windows\PolicyDefinitions
2013-10-01 08:28:24 ----D---- C:\Windows\system32\en-US
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\it-IT
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\el-GR
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\es-ES
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\de-DE
2013-10-01 08:28:19 ----D---- C:\Windows\SYSWOW64\da-DK
2013-10-01 08:28:19 ----D---- C:\Windows\system32\pt-PT
2013-10-01 08:28:19 ----D---- C:\Windows\system32\pt-BR
2013-10-01 08:28:19 ----D---- C:\Windows\system32\pl-PL
2013-10-01 08:28:19 ----D---- C:\Windows\system32\ko-KR
2013-10-01 08:28:19 ----D---- C:\Windows\system32\it-IT
2013-10-01 08:28:19 ----D---- C:\Windows\system32\hu-HU
2013-10-01 08:28:18 ----D---- C:\Windows\system32\zh-TW
2013-10-01 08:28:18 ----D---- C:\Windows\system32\zh-HK
2013-10-01 08:28:18 ----D---- C:\Windows\system32\tr-TR
2013-10-01 08:28:18 ----D---- C:\Windows\system32\sv-SE
2013-10-01 08:28:18 ----D---- C:\Windows\system32\nl-NL
2013-10-01 08:28:18 ----D---- C:\Windows\system32\fr-FR
2013-10-01 08:28:18 ----D---- C:\Windows\system32\fi-FI
2013-10-01 08:28:18 ----D---- C:\Windows\system32\es-ES
2013-10-01 08:28:18 ----D---- C:\Windows\system32\el-GR
2013-10-01 08:28:18 ----D---- C:\Windows\system32\de-DE
2013-10-01 08:28:17 ----D---- C:\Windows\system32\zh-CN
2013-10-01 08:28:17 ----D---- C:\Windows\system32\ru-RU
2013-10-01 08:28:17 ----D---- C:\Windows\system32\nb-NO
2013-10-01 08:28:17 ----D---- C:\Windows\system32\ja-JP
2013-10-01 08:28:17 ----D---- C:\Windows\system32\da-DK
2013-10-01 08:27:58 ----RSD---- C:\Windows\Fonts
2013-10-01 08:27:57 ----D---- C:\Program Files\Windows Journal
2013-10-01 07:50:52 ----D---- C:\Windows\system32\catroot2
2013-10-01 07:44:13 ----D---- C:\Windows\debug
2013-09-30 20:44:11 ----D---- C:\Windows\Logs
2013-09-30 19:09:04 ----SHD---- C:\System Volume Information
2013-09-29 11:44:57 ----SD---- C:\Users\acer\AppData\Roaming\Microsoft
2013-09-29 11:42:27 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-08-30 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-30 204880]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-08-30 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-08-30 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-30 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-08-30 64288]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-06-30 45856]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-09-24 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-09-24 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-09-24 62776]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-08-30 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-08-30 80816]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-24 9359872]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-05-24 309760]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-05 4745280]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2011-03-25 1583744]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-11-12 138024]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-01-25 77424]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-28 44672]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-09-21 80384]
S3 BTWAMPFL;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2011-01-10 349736]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2011-01-24 107560]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-09-14 138280]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-02-15 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-09-14 21416]
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver; C:\Windows\system32\DRIVERS\E1G6032E.sys [2009-06-10 145792]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
S3 PCDSRVC{51725DDC-83F12EEE-06020200}_0;PCDSRVC{51725DDC-83F12EEE-06020200}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\users\acer\appdata\local\temp\u8njktq_yaot\pcdrdiag\bin\pcdsrvc_x64.pkms []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-12-01 250984]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-05-24 204288]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2011-03-09 956192]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 CltMngSvc;Search Protect by Conduit Updater; C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [2013-01-27 95008]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2010-12-17 198784]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360]
R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-05 118680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-09-30 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
S4 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [2013-06-30 1598128]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

Zdravim

No neco tam vidim.


Nejprve udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Dobry vecer,
prikladam log.

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.06.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
acer :: ACER-PC [administrátor]

6.10.2013 19:38:58
MBAM-log-2013-10-06 (21-42-17).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 378036
Uplynulý čas: 2 hodin, 35 sekund

Nalezené procesy v paměti: 2
C:\Users\acer\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> 1204 -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> 1176 -> Nebyla provedena žádná instrukce.

Nalezené moduly v paměti: 3
C:\Users\acer\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.

Nalezené klíče v registru: 5
HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.Smart) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.Smart) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\SEARCHPROTECT (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtect (PUP.Optional.Conduit.A) -> Data: C:\Users\acer\AppData\Roaming\SearchProtect\bin\cltmng.exe -> Nebyla provedena žádná instrukce.
HKCU\Software\SearchProtect|IELastInstalledTBHomepage (PUP.Optional.SearchProtect.A) -> Data: http://search.conduit.com?SearchSource= ... SP_IEWSP04 -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 14
C:\Program Files (x86)\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\ct3205709 (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\ct3205709\xpi (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 80
C:\Users\acer\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\bin\ChromeModule.dll (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\bin\SPHook32.dll (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\bin\SPRunner.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\bin\uninstall.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\bs_iRinger.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\496N4AMA\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWLSNT9Y\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\DownloadManager.exe (PUP.Optional.Smart) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\LZGbRocc.exe.part (PUP.Optional.iMeshMusicBoxTB.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\nsb2084.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\nsg8F3D.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\nsgD4AF.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\nsqCF33.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\nsrF540.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\nsw542B.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\P8i88xKF.exe.part (PUP.Optional.Installex) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\SecondStepInstaller.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\yxUlzbJl.exe.part (PUP.Optional.Installex) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\ct3205709\ctbe.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\ct3205709\spch.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\ct3205709\spff.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\ct3205709\statisticsStub.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\bin\SPHook32.dll (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\bin\SPRunner.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\bin\uninstall.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Roaming\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\ct3205709\chromeid.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\ct3205709\conduit.xml (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\ct3205709\CT3205709.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\ct3205709\CT3205709.xpi (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\ct3205709\dtime.csf (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\ct3205709\initData.json (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\ct3205709\manifest.json (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\ct3205709\setup.ini.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\ct3205709\stub.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\ct3205709\version.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\acer\AppData\Local\Temp\ct3205709\xpi\install.rdf (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.

(konec)

diky

Vsechny nalezy nechte odstranit. Po restartu test zopakujte, at vime, jestli se to nevraci. Oznamte vysledek a podle toho budeme pokracovat.

nebyla nalezena zadna infekce

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.06.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
acer :: ACER-PC [administrátor]

7.10.2013 18:40:27
mbam-log-2013-10-07 (18-40-27).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 378073
Uplynulý čas: 1 hodin, 53 minut, 13 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

MBAM muzete odinstalovat.

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

prikladam log z AdwCleaner:

# AdwCleaner v3.006 - Report created 08/10/2013 at 20:06:09
# Updated 01/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : acer - ACER-PC
# Running from : C:\Users\acer\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Found C:\Program Files (x86)\AVG Secure Search
Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\Searchprotect
Folder Found C:\ProgramData\AVG Secure Search
Folder Found C:\ProgramData\ParetoLogic
Folder Found C:\Searchprotect
Folder Found C:\Users\acer\AppData\Local\AVG Secure Search
Folder Found C:\Users\acer\AppData\Local\Conduit
Folder Found C:\Users\acer\AppData\LocalLow\AVG Secure Search
Folder Found C:\Users\acer\AppData\LocalLow\Conduit
Folder Found C:\Users\acer\AppData\LocalLow\PriceGong
Folder Found C:\Users\acer\AppData\Roaming\DriverCure
Folder Found C:\Users\acer\AppData\Roaming\ParetoLogic
Folder Found C:\Users\acer\AppData\Roaming\Searchprotect

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\ParetoLogic
Key Found : HKCU\Software\SearchProtect
Key Found : [x64] HKCU\Software\AVG Secure Search
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\ParetoLogic
Key Found : [x64] HKCU\Software\SearchProtect
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3205709
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\ParetoLogic
Key Found : HKLM\Software\SearchProtect
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://isearch.avg.com/?cid={78442EFC-6D9A-4689-8A5E-5D40FB01E35C}&mid=824f0366a698448699025cad72057e38-6d23cdf84538644d0e8d8f3eb74e973dbd43116b&lang=cs&ds=hk011&pr=sa&d=2012-10-05 10:33:37&v=12.2.5.34&sap=hp

-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\a98f6hvt.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [6728 octets] - [08/10/2013 20:06:09]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6788 octets] ##########

Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zase zkopirujte.


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

Log z AdwCleaner:
# AdwCleaner v3.006 - Report created 09/10/2013 at 07:09:34
# Updated 01/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : acer - ACER-PC
# Running from : C:\Users\acer\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Searchprotect
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Searchprotect
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\acer\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\acer\AppData\Local\Conduit
Folder Deleted : C:\Users\acer\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\acer\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\acer\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\acer\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\acer\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\acer\AppData\Roaming\Searchprotect
File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3205709
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\a98f6hvt.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [6908 octets] - [08/10/2013 20:06:09]
AdwCleaner[S0].txt - [6489 octets] - [09/10/2013 07:09:34]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6549 octets] ##########




Log z RogueKiller:
RogueKiller V8.7.1 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : acer [Práva správce]
Mód : Kontrola -- Datum : 10/09/2013 07:18:11
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 4 ¤¤¤
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv.job : C:\Windows\TEMP\{274B5AA4-D4E7-43AE-9490-C6BE516949F9}.exe - --uninstall=1 [x] -> NALEZENO
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\Windows\TEMP\{A5DA5B49-4E25-4505-8358-EDD20B2896EF}.exe - --uninstall=1 [x] -> NALEZENO
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv : C:\Windows\TEMP\{274B5AA4-D4E7-43AE-9490-C6BE516949F9}.exe - --uninstall=1 [x] -> NALEZENO
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv : C:\Windows\TEMP\{A5DA5B49-4E25-4505-8358-EDD20B2896EF}.exe - --uninstall=1 [x] -> NALEZENO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - WDC WD5000BPVT-22A1YT0 ATA Device +++++
--- User ---
[MBR] a7f9e9e575e60aaca2396dbdcf78a0eb
[BSP] 486a7e3585dc4f0fb55d2b8d4548a8fd : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 16000 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 32770048 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 32974848 | Size: 230269 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 504565760 | Size: 230569 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_10092013_071811.txt >>

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

RogueKiller jsem nezavrel, takze jsem pouze mazal. Zde je prvni log:

¨RogueKiller V8.7.1 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : acer [Práva správce]
Mód : Odebrat -- Datum : 10/10/2013 06:49:57
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 4 ¤¤¤
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv.job : C:\Windows\TEMP\{274B5AA4-D4E7-43AE-9490-C6BE516949F9}.exe - --uninstall=1 [x] -> VYMAZÁNO
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\Windows\TEMP\{A5DA5B49-4E25-4505-8358-EDD20B2896EF}.exe - --uninstall=1 [x] -> VYMAZÁNO
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv : C:\Windows\TEMP\{274B5AA4-D4E7-43AE-9490-C6BE516949F9}.exe - --uninstall=1 [x] -> VYMAZÁNO
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv : C:\Windows\TEMP\{A5DA5B49-4E25-4505-8358-EDD20B2896EF}.exe - --uninstall=1 [x] -> ERROR DELETING TASK

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - WDC WD5000BPVT-22A1YT0 ATA Device +++++
--- User ---
[MBR] a7f9e9e575e60aaca2396dbdcf78a0eb
[BSP] 486a7e3585dc4f0fb55d2b8d4548a8fd : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 16000 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 32770048 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 32974848 | Size: 230269 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 504565760 | Size: 230569 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_10102013_064957.txt >>
RKreport[0]_S_10092013_071811.txt



A zde druhy:

RogueKiller V8.7.1 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : acer [Práva správce]
Mód : Oprava HOSTS -- Datum : 10/10/2013 06:50:49
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončeno : << RKreport[0]_H_10102013_065049.txt >>
RKreport[0]_D_10102013_064957.txt;RKreport[0]_S_10092013_071811.txt



Dekuji

Dejte novy log z RSIT

a k tomu

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by acer at 2013-10-10 18:55:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 21 GB (9%) free of 230 GB
Total RAM: 3819 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:56:01, on 10.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\trend micro\acer.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9791 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 27405200
\??\C:\Windows\system32\conhost.exe "624624732-73765809-169627974-776752617994752132339310411-1910673865424451484
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\system32\CxAudMsg64.exe
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Users\acer\Desktop\RogueKiller.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\wuauclt.exe"
taskeng.exe {A5F18138-B1CF-4F10-BD08-D90D8C86CA29}
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
wmiadap.exe /R /T
"C:\Users\acer\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Acer Registration - Reminder Recall task.job

=========Mozilla firefox=========

ProfilePath - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\a98f6hvt.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\a98f6hvt.default\extensions\
staged
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\a98f6hvt.default\searchplugins\
brothersoft-extreme3-customized-web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-11-12 2588968]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-08-02 1831016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-09-17 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-01 1103440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtectAll]
C:\Program Files (x86)\SearchProtect\bin\cltmng.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Secure Search\vprot.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]
C:\PROGRA~2\Acer\ACERVC~1\AcerVCM.exe [2011-05-12 723560]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-24 336384]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-09-17 152392]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-10-08 20:05:58 ----D---- C:\AdwCleaner
2013-10-06 19:37:02 ----D---- C:\Users\acer\AppData\Roaming\Malwarebytes
2013-10-06 19:36:45 ----D---- C:\ProgramData\Malwarebytes
2013-10-05 07:51:25 ----D---- C:\Program Files\trend micro
2013-10-05 07:51:24 ----D---- C:\rsit
2013-10-05 06:59:48 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-10-01 19:59:21 ----D---- C:\Program Files\iPod
2013-10-01 19:59:15 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-01 19:59:15 ----D---- C:\Program Files\iTunes
2013-10-01 19:59:15 ----D---- C:\Program Files (x86)\iTunes
2013-10-01 19:45:46 ----SHD---- C:\Config.Msi
2013-10-01 08:28:09 ----D---- C:\Windows\SYSWOW64\Wat
2013-10-01 08:28:09 ----D---- C:\Windows\system32\Wat
2013-10-01 07:44:14 ----D---- C:\Windows\system32\MRT
2013-10-01 07:44:03 ----A---- C:\Windows\system32\MRT.exe
2013-09-30 21:02:17 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-09-30 21:02:17 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-09-30 21:02:16 ----A---- C:\Windows\system32\Wdfres.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-09-30 20:26:16 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-09-30 20:26:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-09-30 20:26:16 ----A---- C:\Windows\system32\elshyph.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\url.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-09-30 20:26:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\wininet.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\wextract.exe
2013-09-30 20:26:15 ----A---- C:\Windows\system32\webcheck.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\vbscript.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\urlmon.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\url.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-09-30 20:26:15 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-30 20:26:15 ----A---- C:\Windows\system32\pngfilt.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\occache.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\msrating.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\msls31.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\mshtmler.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\mshtmled.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\mshtml.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\mshta.exe
2013-09-30 20:26:15 ----A---- C:\Windows\system32\msfeedssync.exe
2013-09-30 20:26:15 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\msfeeds.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\licmgr10.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\jsproxy.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\jscript9.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\jscript.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\inseng.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\imgutil.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\iexpress.exe
2013-09-30 20:26:15 ----A---- C:\Windows\system32\ieUnatt.exe
2013-09-30 20:26:15 ----A---- C:\Windows\system32\ieui.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\iesysprep.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\iesetup.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\iertutil.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\iernonce.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\iepeers.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\ieframe.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\iedkcs32.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\ieapfltr.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\ieapfltr.dat
2013-09-30 20:26:15 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\ie4uinit.exe
2013-09-30 20:26:15 ----A---- C:\Windows\system32\icardie.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\dxtrans.dll
2013-09-30 20:26:15 ----A---- C:\Windows\system32\dxtmsft.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-30 20:18:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-09-30 20:18:20 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\XpsPrint.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\WMPhoto.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\FntCache.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\dxgi.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\DWrite.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\d3d10warp.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\d3d10core.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\d3d10_1.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\d3d10.dll
2013-09-30 20:18:20 ----A---- C:\Windows\system32\d2d1.dll
2013-09-30 20:18:19 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-09-30 20:18:19 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-09-30 20:18:19 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-09-30 20:18:19 ----A---- C:\Windows\system32\UIAnimation.dll
2013-09-30 20:18:19 ----A---- C:\Windows\system32\d3d10level9.dll
2013-09-30 19:54:53 ----A---- C:\Windows\system32\browserchoice.exe
2013-09-30 19:16:06 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-09-30 19:16:05 ----A---- C:\Windows\system32\atmlib.dll
2013-09-30 19:16:04 ----A---- C:\Windows\system32\atmfd.dll
2013-09-30 19:16:03 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-09-30 19:12:45 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-09-30 19:12:45 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-09-30 19:12:42 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-09-30 19:12:42 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-09-30 19:12:37 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-09-30 19:12:36 ----A---- C:\Windows\system32\WUDFx.dll
2013-09-30 19:12:36 ----A---- C:\Windows\system32\WUDFHost.exe
2013-09-30 18:40:46 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2013-09-30 18:40:45 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-09-30 18:40:45 ----A---- C:\Windows\system32\imagehlp.dll
2013-09-30 18:40:43 ----A---- C:\Windows\SYSWOW64\wmi.dll
2013-09-30 18:40:43 ----A---- C:\Windows\system32\wmi.dll
2013-09-29 11:42:25 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-09-29 11:42:24 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-09-28 11:23:26 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2013-09-28 11:23:26 ----A---- C:\Windows\system32\ncsi.dll
2013-09-28 11:23:25 ----A---- C:\Windows\system32\netcorehc.dll
2013-09-28 11:23:25 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-09-28 11:23:24 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2013-09-28 11:23:24 ----A---- C:\Windows\system32\nlasvc.dll
2013-09-28 11:23:23 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2013-09-28 11:23:22 ----A---- C:\Windows\SYSWOW64\netevent.dll
2013-09-28 11:23:22 ----A---- C:\Windows\system32\nlaapi.dll
2013-09-28 11:23:22 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-09-28 11:23:21 ----A---- C:\Windows\system32\netevent.dll
2013-09-28 11:23:11 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-09-28 11:23:08 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-09-28 11:23:07 ----A---- C:\Windows\system32\drivers\netio.sys
2013-09-28 11:23:07 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-09-28 11:22:57 ----A---- C:\Windows\system32\mstscax.dll
2013-09-28 11:22:55 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-09-28 11:22:54 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-09-28 11:22:53 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-09-28 11:22:53 ----A---- C:\Windows\system32\tsgqec.dll
2013-09-28 11:22:53 ----A---- C:\Windows\system32\aaclient.dll
2013-09-28 11:22:16 ----A---- C:\Windows\system32\authui.dll
2013-09-28 11:22:15 ----A---- C:\Windows\system32\consent.exe
2013-09-28 11:22:14 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-09-28 11:22:13 ----A---- C:\Windows\system32\appinfo.dll
2013-09-28 11:21:54 ----A---- C:\Windows\system32\wwansvc.dll
2013-09-28 11:21:54 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-09-28 11:20:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-09-28 11:20:27 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-09-28 11:20:23 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-09-28 11:20:22 ----A---- C:\Windows\system32\KernelBase.dll
2013-09-28 11:20:21 ----A---- C:\Windows\system32\ntdll.dll
2013-09-28 11:20:20 ----A---- C:\Windows\system32\kernel32.dll
2013-09-28 11:20:19 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-09-28 11:20:17 ----A---- C:\Windows\system32\wow64win.dll
2013-09-28 11:20:17 ----A---- C:\Windows\system32\wow64.dll
2013-09-28 11:20:17 ----A---- C:\Windows\system32\winsrv.dll
2013-09-28 11:20:16 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-09-28 11:20:16 ----A---- C:\Windows\system32\conhost.exe
2013-09-28 11:20:14 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-09-28 11:20:14 ----A---- C:\Windows\system32\csrsrv.dll
2013-09-28 11:20:13 ----A---- C:\Windows\system32\smss.exe
2013-09-28 11:20:13 ----A---- C:\Windows\system32\ntvdm64.dll
2013-09-28 11:20:12 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-09-28 11:20:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-28 11:20:11 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-28 11:20:11 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-09-28 11:20:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-28 11:20:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-28 11:20:10 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-09-28 11:20:10 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-09-28 11:20:10 ----A---- C:\Windows\system32\wow64cpu.dll
2013-09-28 11:20:09 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-28 11:20:09 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-28 11:20:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-28 11:20:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-28 11:20:08 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-28 11:20:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-28 11:20:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-28 11:20:07 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-28 11:20:07 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-28 11:20:07 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-28 11:20:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-28 11:20:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-28 11:20:06 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-28 11:20:06 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-28 11:20:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-28 11:20:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-28 11:20:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-28 11:20:05 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-28 11:20:05 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-28 11:20:05 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-28 11:20:05 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-28 11:20:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-28 11:20:04 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-28 11:20:04 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-28 11:20:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-28 11:20:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-28 11:20:03 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-28 11:20:03 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-28 11:20:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-28 11:20:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-28 11:20:02 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-28 11:20:02 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-28 11:20:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-28 11:20:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-28 11:20:01 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-28 11:20:01 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-28 11:20:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-28 11:20:00 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-28 11:19:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-28 11:19:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-28 11:19:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-28 11:19:59 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-28 11:19:59 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-28 11:19:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-28 11:19:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-28 11:19:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-28 11:19:58 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-28 11:19:58 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-28 11:19:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-28 11:19:57 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-09-28 11:19:57 ----A---- C:\Windows\system32\apisetschema.dll
2013-09-28 11:19:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-28 11:19:56 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-28 11:19:56 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-28 11:19:56 ----A---- C:\Windows\SYSWOW64\user.exe
2013-09-28 11:19:32 ----A---- C:\Windows\system32\Wpc.dll
2013-09-28 11:19:30 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-09-28 11:19:30 ----A---- C:\Windows\system32\gameux.dll
2013-09-28 11:19:29 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-09-28 11:18:39 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-09-28 11:18:38 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-09-28 11:18:38 ----A---- C:\Windows\system32\cdd.dll
2013-09-28 11:16:39 ----A---- C:\Windows\system32\crypt32.dll
2013-09-28 11:16:37 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-09-28 11:16:36 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-09-28 11:16:36 ----A---- C:\Windows\system32\wintrust.dll
2013-09-28 11:16:36 ----A---- C:\Windows\system32\cryptsvc.dll
2013-09-28 11:16:35 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-09-28 11:16:35 ----A---- C:\Windows\system32\cryptnet.dll
2013-09-28 11:16:34 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-09-28 11:16:07 ----A---- C:\Windows\system32\msxml6.dll
2013-09-28 11:16:04 ----A---- C:\Windows\system32\msxml3.dll
2013-09-28 11:16:03 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-09-28 11:16:00 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2013-09-28 11:16:00 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-09-28 11:16:00 ----A---- C:\Windows\system32\msxml3r.dll
2013-09-28 11:15:55 ----A---- C:\Windows\system32\rpcrt4.dll
2013-09-28 11:15:53 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-09-28 11:15:48 ----A---- C:\Windows\system32\win32k.sys
2013-09-28 11:15:40 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-09-28 11:15:39 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2013-09-28 11:15:39 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2013-09-28 11:15:39 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-09-28 11:15:17 ----A---- C:\Windows\system32\ncrypt.dll
2013-09-28 11:15:16 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-09-28 11:15:00 ----A---- C:\Windows\system32\qedit.dll
2013-09-28 11:14:59 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-09-28 11:14:56 ----A---- C:\Windows\system32\dpnet.dll
2013-09-28 11:14:55 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-09-28 11:14:52 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-09-28 11:13:51 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2013-09-28 11:13:51 ----A---- C:\Windows\system32\poqexec.exe
2013-09-28 10:58:06 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-09-28 10:58:05 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-09-28 10:58:01 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-09-28 10:57:55 ----A---- C:\Windows\SYSWOW64\webio.dll
2013-09-28 10:57:54 ----A---- C:\Windows\system32\webio.dll
2013-09-28 10:57:35 ----A---- C:\Windows\system32\mcupdate_AuthenticAMD.dll
2013-09-28 10:57:32 ----A---- C:\Windows\system32\schannel.dll
2013-09-28 10:57:32 ----A---- C:\Windows\system32\drivers\cng.sys
2013-09-28 10:57:31 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-09-28 10:57:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-09-28 10:57:30 ----A---- C:\Windows\system32\lsass.exe
2013-09-28 10:57:30 ----A---- C:\Windows\system32\lsasrv.dll
2013-09-28 10:57:30 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-09-28 10:57:29 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-09-28 10:57:29 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-09-28 10:57:29 ----A---- C:\Windows\system32\sspisrv.dll
2013-09-28 10:57:29 ----A---- C:\Windows\system32\sspicli.dll
2013-09-28 10:57:29 ----A---- C:\Windows\system32\secur32.dll
2013-09-28 10:57:26 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-09-28 10:57:25 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2013-09-28 10:57:11 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2013-09-28 10:57:11 ----A---- C:\Windows\system32\ntshrui.dll
2013-09-28 10:57:06 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-09-28 10:56:38 ----A---- C:\Windows\system32\shell32.dll
2013-09-28 10:56:33 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-09-28 10:56:32 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-09-28 10:56:32 ----A---- C:\Windows\system32\shdocvw.dll
2013-09-28 10:56:21 ----A---- C:\Windows\system32\quartz.dll
2013-09-28 10:56:20 ----A---- C:\Windows\SYSWOW64\quartz.dll
2013-09-28 10:56:19 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2013-09-28 10:56:19 ----A---- C:\Windows\system32\qdvd.dll
2013-09-28 10:56:16 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-09-28 10:56:16 ----A---- C:\Windows\system32\usp10.dll
2013-09-28 10:56:13 ----A---- C:\Windows\system32\profsvc.dll
2013-09-28 10:56:12 ----A---- C:\Windows\system32\rdrmemptylst.exe
2013-09-28 10:56:12 ----A---- C:\Windows\system32\rdpwsx.dll
2013-09-28 10:56:12 ----A---- C:\Windows\system32\rdpcorekmts.dll
2013-09-28 10:56:08 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-09-28 10:55:53 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-09-28 10:55:53 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 1 month======

2013-10-10 18:56:03 ----D---- C:\Windows\Temp
2013-10-10 06:51:45 ----D---- C:\Windows\System32
2013-10-10 06:51:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-10 06:51:44 ----D---- C:\Windows\inf
2013-10-10 06:50:29 ----D---- C:\Windows\system32\catroot
2013-10-10 06:49:56 ----D---- C:\Windows\system32\Tasks
2013-10-10 06:49:53 ----D---- C:\Windows\Tasks
2013-10-09 20:13:38 ----D---- C:\Windows\system32\catroot2
2013-10-09 20:11:50 ----D---- C:\Windows\winsxs
2013-10-09 20:04:01 ----D---- C:\Windows\system32\config
2013-10-09 07:18:04 ----D---- C:\Windows\system32\drivers
2013-10-09 07:10:05 ----D---- C:\Program Files (x86)\Common Files
2013-10-09 07:09:57 ----D---- C:\Program Files (x86)
2013-10-09 07:09:49 ----HD---- C:\ProgramData
2013-10-07 18:36:37 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-05 08:31:11 ----D---- C:\Windows\Microsoft.NET
2013-10-05 08:31:05 ----RSD---- C:\Windows\assembly
2013-10-05 07:51:25 ----RD---- C:\Program Files
2013-10-01 20:07:22 ----D---- C:\Windows
2013-10-01 20:03:48 ----SHD---- C:\Windows\Installer
2013-10-01 20:01:35 ----D---- C:\Windows\SysWOW64
2013-10-01 19:49:15 ----D---- C:\Windows\system32\DriverStore
2013-10-01 19:01:02 ----D---- C:\Windows\Prefetch
2013-10-01 08:28:36 ----D---- C:\Program Files\Common Files\System
2013-10-01 08:28:35 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-10-01 08:28:35 ----D---- C:\Windows\system32\cs-CZ
2013-10-01 08:28:34 ----D---- C:\Windows\ehome
2013-10-01 08:28:34 ----D---- C:\Windows\AppPatch
2013-10-01 08:28:33 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-10-01 08:28:32 ----D---- C:\Windows\system32\wbem
2013-10-01 08:28:32 ----D---- C:\Program Files\Windows Defender
2013-10-01 08:28:32 ----D---- C:\Program Files (x86)\Windows Defender
2013-10-01 08:28:31 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-01 08:28:30 ----D---- C:\Program Files\Internet Explorer
2013-10-01 08:28:27 ----D---- C:\Windows\SYSWOW64\migration
2013-10-01 08:28:27 ----D---- C:\Windows\SYSWOW64\en-US
2013-10-01 08:28:25 ----D---- C:\Windows\system32\migration
2013-10-01 08:28:25 ----D---- C:\Windows\PolicyDefinitions
2013-10-01 08:28:24 ----D---- C:\Windows\system32\en-US
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\it-IT
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-10-01 08:28:21 ----D---- C:\Windows\SYSWOW64\el-GR
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\es-ES
2013-10-01 08:28:20 ----D---- C:\Windows\SYSWOW64\de-DE
2013-10-01 08:28:19 ----D---- C:\Windows\SYSWOW64\da-DK
2013-10-01 08:28:19 ----D---- C:\Windows\system32\pt-PT
2013-10-01 08:28:19 ----D---- C:\Windows\system32\pt-BR
2013-10-01 08:28:19 ----D---- C:\Windows\system32\pl-PL
2013-10-01 08:28:19 ----D---- C:\Windows\system32\ko-KR
2013-10-01 08:28:19 ----D---- C:\Windows\system32\it-IT
2013-10-01 08:28:19 ----D---- C:\Windows\system32\hu-HU
2013-10-01 08:28:18 ----D---- C:\Windows\system32\zh-TW
2013-10-01 08:28:18 ----D---- C:\Windows\system32\zh-HK
2013-10-01 08:28:18 ----D---- C:\Windows\system32\tr-TR
2013-10-01 08:28:18 ----D---- C:\Windows\system32\sv-SE
2013-10-01 08:28:18 ----D---- C:\Windows\system32\nl-NL
2013-10-01 08:28:18 ----D---- C:\Windows\system32\fr-FR
2013-10-01 08:28:18 ----D---- C:\Windows\system32\fi-FI
2013-10-01 08:28:18 ----D---- C:\Windows\system32\es-ES
2013-10-01 08:28:18 ----D---- C:\Windows\system32\el-GR
2013-10-01 08:28:18 ----D---- C:\Windows\system32\de-DE
2013-10-01 08:28:17 ----D---- C:\Windows\system32\zh-CN
2013-10-01 08:28:17 ----D---- C:\Windows\system32\ru-RU
2013-10-01 08:28:17 ----D---- C:\Windows\system32\nb-NO
2013-10-01 08:28:17 ----D---- C:\Windows\system32\ja-JP
2013-10-01 08:28:17 ----D---- C:\Windows\system32\da-DK
2013-10-01 08:27:58 ----RSD---- C:\Windows\Fonts
2013-10-01 08:27:57 ----D---- C:\Program Files\Windows Journal
2013-10-01 07:44:13 ----D---- C:\Windows\debug
2013-09-30 20:44:11 ----D---- C:\Windows\Logs
2013-09-30 19:09:04 ----SHD---- C:\System Volume Information
2013-09-29 11:44:57 ----SD---- C:\Users\acer\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-08-30 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-30 204880]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-08-30 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-08-30 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-30 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-08-30 64288]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-06-30 45856]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-09-24 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-09-24 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-09-24 62776]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-08-30 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-08-30 80816]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-24 9359872]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-05-24 309760]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-05 4745280]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2011-03-25 1583744]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-11-12 138024]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-01-25 77424]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-28 44672]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-09-21 80384]
S3 BTWAMPFL;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2011-01-10 349736]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2011-01-24 107560]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-09-14 138280]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-02-15 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-09-14 21416]
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver; C:\Windows\system32\DRIVERS\E1G6032E.sys [2009-06-10 145792]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
S3 PCDSRVC{51725DDC-83F12EEE-06020200}_0;PCDSRVC{51725DDC-83F12EEE-06020200}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\users\acer\appdata\local\temp\u8njktq_yaot\pcdrdiag\bin\pcdsrvc_x64.pkms []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-12-01 250984]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-05-24 204288]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2011-03-09 956192]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2010-12-17 198784]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360]
R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-05 118680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-09-30 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
S4 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe []
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

log OTL, 1. cast:
OTL logfile created on: 10.10.2013 18:58:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\acer\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,73 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 63,21% Memory free
7,46 Gb Paging File | 5,93 Gb Available in Paging File | 79,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 224,87 Gb Total Space | 20,50 Gb Free Space | 9,12% Space Free | Partition Type: NTFS
Drive D: | 225,17 Gb Total Space | 152,91 Gb Free Space | 67,91% Space Free | Partition Type: NTFS

Computer Name: ACER-PC | User Name: acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.10.10 18:56:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\acer\Desktop\OTL.exe
PRC - [2013.10.05 07:00:24 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.08.30 09:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.08.30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.07.01 04:51:13 | 000,418,896 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011.07.01 04:51:12 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011.07.01 04:51:11 | 000,353,360 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011.06.06 22:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.04.22 19:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010.01.30 02:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe


========== Modules (No Company Name) ==========

MOD - [2013.10.05 07:00:22 | 003,279,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.11.28 15:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.11.28 15:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013.08.30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011.08.02 11:59:46 | 000,872,552 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2011.05.24 17:03:40 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.04.22 19:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV:64bit: - [2011.03.09 17:45:56 | 000,956,192 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010.12.17 01:18:08 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2010.09.23 04:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013.10.05 07:00:22 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011.07.01 04:51:11 | 000,353,360 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011.06.21 12:55:04 | 000,173,424 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2011.06.06 22:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.30 02:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2009.07.20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.08.30 09:48:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.08.30 09:48:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.08.30 09:48:10 | 000,204,880 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.08.30 09:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.08.30 09:48:10 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.08.30 09:48:10 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.08.30 09:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.08.30 09:48:09 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.06.30 08:17:33 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012.12.13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.09.24 16:46:11 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2012.09.24 16:46:11 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2012.09.24 16:46:11 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.14 07:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.07.14 07:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.07.05 14:55:30 | 004,745,280 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.05.24 18:26:58 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.05.24 16:25:44 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.03.30 08:46:46 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.03.25 04:49:24 | 001,583,744 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011.02.15 09:35:54 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011.01.25 05:48:03 | 000,077,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011.01.24 10:29:46 | 000,107,560 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011.01.10 09:15:08 | 000,349,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2010.12.01 10:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.11.28 22:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.12 08:23:39 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010.09.14 08:59:16 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.09.14 08:59:10 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3201615947-1864163299-2172574384-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKU\S-1-5-21-3201615947-1864163299-2172574384-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3201615947-1864163299-2172574384-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3201615947-1864163299-2172574384-1000\..\SearchScopes\{B257DD20-A775-4326-894B-A3939682AD97}: "URL" = http://search.conduit.com/ResultsExt.as ... SP_IEWSP04
IE - HKU\S-1-5-21-3201615947-1864163299-2172574384-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3201615947-1864163299-2172574384-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.09.29 11:42:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012.10.03 20:55:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\acer\AppData\Roaming\Mozilla\Extensions
[2013.10.09 07:17:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\a98f6hvt.default\extensions
[2013.03.30 07:21:55 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\a98f6hvt.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2013.10.09 07:17:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\a98f6hvt.default\extensions\staged
[2013.09.22 17:43:56 | 000,534,729 | ---- | M] () (No name found) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\a98f6hvt.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.10.09 07:17:24 | 000,534,789 | ---- | M] () (No name found) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\a98f6hvt.default\extensions\staged\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.01.28 10:42:09 | 000,001,136 | ---- | M] () -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\a98f6hvt.default\searchplugins\brothersoft-extreme3-customized-web-search.xml
[2013.10.05 06:59:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.10.05 06:59:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.10.05 07:00:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.10.05 06:59:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2013.10.05 06:59:50 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

O1 HOSTS File: ([2013.10.10 06:50:49 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\.DEFAULT..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe File not found
O4 - HKU\S-1-5-18..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BDFF6BE-6E6F-49E8-837B-8F4AD00430DD}: DhcpNameServer = 1.1.1.1 217.11.224.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96DB6B28-0124-41B9-955A-60D3F74427C5}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.10.10 18:56:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\acer\Desktop\OTL.exe
[2013.10.09 07:14:56 | 000,000,000 | ---D | C] -- C:\Users\acer\Desktop\RK_Quarantine
[2013.10.08 20:05:58 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.10.06 19:37:02 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Malwarebytes
[2013.10.06 19:36:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.10.06 19:36:18 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Local\Programs
[2013.10.05 07:51:25 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.10.05 07:51:24 | 000,000,000 | ---D | C] -- C:\rsit
[2013.10.05 06:59:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.10.01 20:01:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.10.01 19:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.10.01 19:59:15 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.10.01 19:59:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.10.01 19:59:15 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.10.01 19:45:46 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.10.01 08:28:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2013.10.01 08:28:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2013.10.01 07:44:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013.09.30 21:02:17 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2013.09.30 21:02:16 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2013.09.30 20:26:16 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.09.30 20:26:16 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.09.30 20:26:16 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.09.30 20:26:16 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.09.30 20:26:16 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.09.30 20:26:16 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.09.30 20:26:16 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.09.30 20:26:16 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.09.30 20:26:16 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.09.30 20:26:16 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.09.30 20:26:16 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.09.30 20:26:16 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.09.30 20:26:16 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.09.30 20:26:16 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.09.30 20:26:16 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.09.30 20:26:16 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.09.30 20:26:16 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.09.30 20:26:16 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.09.30 20:26:16 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.09.30 20:26:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.09.30 20:26:16 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.09.30 20:26:15 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.09.30 20:26:15 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.09.30 20:26:15 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.09.30 20:26:15 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.09.30 20:26:15 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.09.30 20:26:15 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.09.30 20:26:15 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.09.30 20:26:15 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.09.30 20:26:15 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.09.30 20:26:15 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.09.30 20:26:15 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.09.30 20:26:15 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.09.30 20:26:15 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.09.30 20:26:15 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.09.30 20:26:15 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.09.30 20:26:15 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.09.30 20:26:15 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.09.30 20:26:15 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.09.30 20:26:15 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.09.30 20:26:15 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.09.30 20:26:15 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.09.30 20:26:15 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.09.30 20:26:15 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.09.30 20:26:15 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.09.30 20:26:15 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.09.30 20:26:15 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.09.30 20:26:15 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.09.30 20:26:15 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.09.30 20:26:15 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.09.30 20:26:15 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.09.30 20:26:15 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.09.30 20:26:15 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.09.30 20:26:15 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.09.30 20:26:15 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.09.30 20:26:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.09.30 20:26:15 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.09.30 20:26:15 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.09.30 20:26:15 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.09.30 20:26:15 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.09.30 20:26:15 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.09.30 20:26:15 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.09.30 20:26:15 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.09.30 20:26:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.09.30 20:26:15 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.09.30 20:26:15 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.09.30 20:26:15 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.09.30 20:26:15 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.09.30 20:18:20 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.09.30 20:18:20 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.09.30 20:18:20 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.09.30 20:18:20 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.09.30 20:18:20 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.09.30 20:18:20 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.09.30 20:18:20 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.09.30 20:18:20 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.09.30 20:18:20 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.09.30 20:18:20 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.09.30 20:18:20 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.09.30 20:18:20 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.09.30 20:18:20 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.09.30 20:18:20 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.09.30 20:18:20 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.09.30 20:18:20 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.09.30 20:18:20 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.09.30 20:18:20 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.09.30 20:18:20 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.09.30 20:18:20 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.09.30 20:18:20 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.09.30 20:18:20 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.09.30 20:18:20 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.09.30 20:18:20 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.09.30 20:18:20 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.09.30 20:18:20 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.09.30 20:18:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.09.30 20:18:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.09.30 20:18:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.09.30 20:18:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.09.30 20:18:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.09.30 20:18:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.09.30 20:18:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.09.30 20:18:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.09.30 20:18:20 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.09.30 20:18:20 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.09.30 20:18:19 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.09.30 20:18:19 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.09.30 20:18:19 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.09.30 19:54:53 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2013.09.30 19:16:06 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013.09.30 19:16:05 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013.09.30 19:16:04 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013.09.30 19:16:03 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013.09.30 19:12:42 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2013.09.30 19:12:37 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2013.09.30 19:12:36 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2013.09.30 19:12:36 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2013.09.30 18:40:46 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2013.09.30 18:40:45 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013.09.28 11:23:26 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2013.09.28 11:23:26 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2013.09.28 11:23:25 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2013.09.28 11:23:24 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2013.09.28 11:23:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2013.09.28 11:23:21 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2013.09.28 11:23:07 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2013.09.28 11:23:07 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.09.28 11:22:57 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.09.28 11:22:55 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.09.28 11:22:54 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013.09.28 11:22:53 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013.09.28 11:22:53 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013.09.28 11:22:53 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013.09.28 11:22:16 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.09.28 11:22:15 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013.09.28 11:22:14 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.09.28 11:21:54 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013.09.28 11:20:31 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.09.28 11:20:27 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.09.28 11:20:23 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.09.28 11:20:22 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.09.28 11:20:21 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013.09.28 11:20:20 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.09.28 11:20:17 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.09.28 11:20:17 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.09.28 11:20:17 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.09.28 11:20:16 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.09.28 11:20:14 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.09.28 11:20:13 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.09.28 11:20:13 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.09.28 11:20:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.09.28 11:20:11 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.09.28 11:20:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.28 11:20:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.28 11:20:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.09.28 11:20:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.09.28 11:20:10 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.09.28 11:20:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.09.28 11:20:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.09.28 11:20:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.09.28 11:20:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.09.28 11:20:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.09.28 11:20:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.09.28 11:20:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.09.28 11:20:07 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.09.28 11:20:07 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.09.28 11:20:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.09.28 11:20:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.09.28 11:20:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.09.28 11:20:06 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.09.28 11:20:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.09.28 11:20:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.09.28 11:20:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.09.28 11:20:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.09.28 11:20:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.09.28 11:20:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.09.28 11:20:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.09.28 11:20:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.09.28 11:20:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.09.28 11:20:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.09.28 11:20:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.09.28 11:20:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.09.28 11:20:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.09.28 11:20:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.09.28 11:20:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.09.28 11:20:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.09.28 11:20:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.09.28 11:20:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.09.28 11:20:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.09.28 11:20:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.09.28 11:20:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.09.28 11:20:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.09.28 11:20:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.09.28 11:20:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.09.28 11:20:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.09.28 11:20:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.09.28 11:20:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.09.28 11:19:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.09.28 11:19:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.09.28 11:19:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.09.28 11:19:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.09.28 11:19:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.09.28 11:19:58 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.09.28 11:19:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.09.28 11:19:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.09.28 11:19:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.09.28 11:19:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.09.28 11:19:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.09.28 11:19:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2013.09.28 11:19:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.09.28 11:19:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.09.28 11:19:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.09.28 11:19:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.09.28 11:19:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.09.28 11:19:39 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013.09.28 11:19:38 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013.09.28 11:19:38 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013.09.28 11:19:38 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013.09.28 11:19:37 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013.09.28 11:19:37 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013.09.28 11:19:37 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013.09.28 11:19:36 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013.09.28 11:19:36 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013.09.28 11:19:35 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013.09.28 11:19:35 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013.09.28 11:19:35 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013.09.28 11:19:35 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013.09.28 11:19:34 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013.09.28 11:19:34 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013.09.28 11:19:33 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013.09.28 11:19:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013.09.28 11:19:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013.09.28 11:19:32 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013.09.28 11:19:32 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013.09.28 11:19:32 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013.09.28 11:19:30 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013.09.28 11:19:30 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013.09.28 11:19:29 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013.09.28 11:19:21 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013.09.28 11:19:20 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013.09.28 11:19:20 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013.09.28 11:19:19 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013.09.28 11:19:19 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013.09.28 11:19:19 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013.09.28 11:19:18 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013.09.28 11:19:18 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013.09.28 11:18:38 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.09.28 11:18:38 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013.09.28 11:16:39 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.09.28 11:16:36 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013.09.28 11:16:35 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.09.28 11:16:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2013.09.28 11:16:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2013.09.28 11:15:55 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013.09.28 11:15:40 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2013.09.28 11:15:39 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2013.09.28 11:15:39 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2013.09.28 11:15:17 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.09.28 11:15:00 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013.09.28 11:14:59 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013.09.28 11:14:56 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2013.09.28 11:14:55 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2013.09.28 11:14:52 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.09.28 11:13:51 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2013.09.28 11:13:51 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2013.09.28 10:58:06 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013.09.28 10:58:05 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013.09.28 10:57:55 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2013.09.28 10:57:54 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2013.09.28 10:57:35 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_AuthenticAMD.dll
[2013.09.28 10:57:30 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013.09.28 10:57:29 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013.09.28 10:57:29 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013.09.28 10:57:29 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013.09.28 10:57:25 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2013.09.28 10:57:11 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2013.09.28 10:57:06 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2013.09.28 10:56:32 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.09.28 10:56:21 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2013.09.28 10:56:20 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2013.09.28 10:56:19 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013.09.28 10:56:19 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013.09.28 10:56:16 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013.09.28 10:56:12 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2013.09.28 10:56:12 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2013.09.28 10:56:12 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2013.09.28 10:56:08 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2013.09.28 10:56:06 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2013.09.28 10:56:05 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2013.01.28 09:46:23 | 004,815,840 | ---- | C] (Make The Cut, LLC.) -- C:\Users\acer\iRinger.exe

========== Files - Modified Within 30 Days ==========

log OTL 2. cast:
[2013.10.10 19:02:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.10.10 19:00:00 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\Acer Registration - Reminder Recall task.job
[2013.10.10 18:56:54 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.10.10 18:56:54 | 000,631,292 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.10.10 18:56:54 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.10.10 18:56:54 | 000,121,914 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.10.10 18:56:54 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.10.10 18:56:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\acer\Desktop\OTL.exe
[2013.10.10 18:54:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.10.09 07:20:04 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.10.09 07:20:04 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.10.09 07:14:06 | 000,950,272 | ---- | M] () -- C:\Users\acer\Desktop\RogueKiller.exe
[2013.10.09 07:11:58 | 3003,305,984 | -HS- | M] () -- C:\hiberfil.sys
[2013.10.08 20:04:45 | 001,045,226 | ---- | M] () -- C:\Users\acer\Desktop\adwcleaner.exe
[2013.10.05 07:23:54 | 000,001,335 | ---- | M] () -- C:\Users\acer\Desktop\Continue AllGeneratorFree.lnk
[2013.10.01 20:01:40 | 000,001,747 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.10.01 18:56:47 | 000,419,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.09.30 20:26:16 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.09.30 20:26:16 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.09.30 20:26:16 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.09.30 20:26:16 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.09.30 20:26:16 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.09.30 20:26:16 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.09.30 20:26:16 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.09.30 20:26:16 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.09.30 20:26:16 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.09.30 20:26:16 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.09.30 20:26:16 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.09.30 20:26:16 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.09.30 20:26:16 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.09.30 20:26:16 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.09.30 20:26:16 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.09.30 20:26:16 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.09.30 20:26:16 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.09.30 20:26:16 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.09.30 20:26:16 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.09.30 20:26:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.09.30 20:26:16 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.09.30 20:26:15 | 003,959,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.09.30 20:26:15 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.09.30 20:26:15 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.09.30 20:26:15 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.09.30 20:26:15 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.09.30 20:26:15 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.09.30 20:26:15 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.09.30 20:26:15 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.09.30 20:26:15 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.09.30 20:26:15 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.09.30 20:26:15 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.09.30 20:26:15 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.09.30 20:26:15 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.09.30 20:26:15 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.09.30 20:26:15 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.09.30 20:26:15 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.09.30 20:26:15 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.09.30 20:26:15 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.09.30 20:26:15 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.09.30 20:26:15 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.09.30 20:26:15 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.09.30 20:26:15 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.09.30 20:26:15 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.09.30 20:26:15 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.09.30 20:26:15 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.09.30 20:26:15 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.09.30 20:26:15 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.09.30 20:26:15 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.09.30 20:26:15 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.09.30 20:26:15 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.09.30 20:26:15 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.09.30 20:26:15 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.09.30 20:26:15 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.09.30 20:26:15 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.09.30 20:26:15 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.09.30 20:26:15 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.09.30 20:26:15 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.09.30 20:26:15 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.09.30 20:26:15 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.09.30 20:26:15 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.09.30 20:26:15 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.09.30 20:26:15 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.09.30 20:26:15 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.09.30 20:26:15 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.09.30 20:26:15 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.09.30 20:26:15 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.09.30 20:26:15 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.09.30 20:26:15 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.09.30 20:26:15 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.09.30 20:18:20 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.09.30 20:18:20 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.09.30 20:18:20 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.09.30 20:18:20 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.09.30 20:18:20 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.09.30 20:18:20 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.09.30 20:18:20 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.09.30 20:18:20 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.09.30 20:18:20 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.09.30 20:18:20 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.09.30 20:18:20 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.09.30 20:18:20 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.09.30 20:18:20 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.09.30 20:18:20 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.09.30 20:18:20 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.09.30 20:18:20 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.09.30 20:18:20 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.09.30 20:18:20 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.09.30 20:18:20 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.09.30 20:18:20 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.09.30 20:18:20 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.09.30 20:18:20 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.09.30 20:18:20 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.09.30 20:18:20 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.09.30 20:18:20 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.09.30 20:18:20 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.09.30 20:18:20 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.09.30 20:18:20 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.09.30 20:18:20 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.09.30 20:18:20 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.09.30 20:18:20 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.09.30 20:18:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.09.30 20:18:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.09.30 20:18:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.09.30 20:18:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.09.30 20:18:20 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.09.30 20:18:20 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.09.30 20:18:19 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.09.30 20:18:19 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.09.29 11:42:23 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

========== Files Created - No Company Name ==========

[2013.10.10 19:02:57 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.10.09 07:14:18 | 000,950,272 | ---- | C] () -- C:\Users\acer\Desktop\RogueKiller.exe
[2013.10.08 20:04:53 | 001,045,226 | ---- | C] () -- C:\Users\acer\Desktop\adwcleaner.exe
[2013.10.05 07:23:54 | 000,001,335 | ---- | C] () -- C:\Users\acer\Desktop\Continue AllGeneratorFree.lnk
[2013.10.01 20:01:40 | 000,001,747 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.09.30 21:02:24 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013.09.30 20:26:15 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.09.30 20:26:15 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.09.30 19:12:35 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013.09.29 11:42:25 | 000,204,880 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.09.29 11:42:24 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.06.30 08:16:46 | 000,003,718 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
[2013.02.27 14:26:52 | 000,000,163 | ---- | C] () -- C:\Windows\wininit.ini
[2012.09.24 16:41:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.12.05 17:53:30 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.12.31 18:16:49 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\BSplayer
[2012.12.31 18:07:35 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\BSplayer Pro
[2013.08.01 07:26:10 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,588 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.10.02 17:38:48 | 000,000,384 | ---- | C] () -- C:\Windows\Tasks\Acer Registration - Reminder Recall task.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2013.05.10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013.05.10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013.05.10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013.05.13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.07.14 07:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.07.14 07:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.07.14 07:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.07.14 07:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.07.14 07:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.07.14 07:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe

< MD5 for: NDIS.SYS >
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.07.14 07:35:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.07.14 07:35:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.07.14 07:35:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.07.14 07:35:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013.03.19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\SoftwareDistribution\Download\268508fd4ccc167ed4a39a80b42d2570\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.08.29 03:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\SoftwareDistribution\Download\b5eb64a2a2d59058733468e222ed35e9\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013.08.02 07:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\SoftwareDistribution\Download\268508fd4ccc167ed4a39a80b42d2570\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\SoftwareDistribution\Download\b5eb64a2a2d59058733468e222ed35e9\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SoftwareDistribution\Download\1c012f0794cde3759c755dcc871d67ef\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\SoftwareDistribution\Download\1c012f0794cde3759c755dcc871d67ef\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2011.07.14 07:24:59 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.09.21 11:42:42 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2011.07.14 07:24:59 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.07.20 04:13:45 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=CB6A53EF141CC3DA32DA54F7E75D301B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21687_none_118505f696597a9d\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011.07.20 04:13:45 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=DC08410DB2D0CC542DACAC7A90E6CB7A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17582_none_10f667b97d405c20\tcpip.sys
[2011.09.21 11:42:42 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[11 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[17 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\052d66685e46be761e2962e9ce9c858c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\052d66685e46be761e2962e9ce9c858c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\17f40b48514053b81076b3752a454b6b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\17f40b48514053b81076b3752a454b6b\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\2952b13c6b96ac1ce1e31e037d9c37ff\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2952b13c6b96ac1ce1e31e037d9c37ff\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2e9f9bd0a2204e7a7a1e2ef73cd496d3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2e9f9bd0a2204e7a7a1e2ef73cd496d3\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3fed8cf61a4a888f2f91e60142dd8af9\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3fed8cf61a4a888f2f91e60142dd8af9\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\4f719706d0f784f591a5da38f73ad6d1\*.tmp files -> C:\Windows\SoftwareDistribution\Download\4f719706d0f784f591a5da38f73ad6d1\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\5635879a5b7bb6a83fc14397403ca0bb\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5635879a5b7bb6a83fc14397403ca0bb\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\5960c74dfb44a70bd9a9b7e78116b734\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5960c74dfb44a70bd9a9b7e78116b734\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\689cac754f5a33114f5a6085194f6ece\*.tmp files -> C:\Windows\SoftwareDistribution\Download\689cac754f5a33114f5a6085194f6ece\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6f83b0aee029c4e423ca67d6c8e35945\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6f83b0aee029c4e423ca67d6c8e35945\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\74f326dda14c60c449dcbffc6addc5d5\*.tmp files -> C:\Windows\SoftwareDistribution\Download\74f326dda14c60c449dcbffc6addc5d5\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\7e6b15be611cbae08ac8ed6aa9769010\*.tmp files -> C:\Windows\SoftwareDistribution\Download\7e6b15be611cbae08ac8ed6aa9769010\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\85850b848b55144c7312bf70f5dae6f8\*.tmp files -> C:\Windows\SoftwareDistribution\Download\85850b848b55144c7312bf70f5dae6f8\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\8bc6e6dab4242173d80f9a2dc0d926a7\*.tmp files -> C:\Windows\SoftwareDistribution\Download\8bc6e6dab4242173d80f9a2dc0d926a7\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\8d585f92e1a5e46e6f77762ad9dfdb5e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\8d585f92e1a5e46e6f77762ad9dfdb5e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\9809d021a380bcd578123e1643736466\*.tmp files -> C:\Windows\SoftwareDistribution\Download\9809d021a380bcd578123e1643736466\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\aa275a20f01aeac415eb18ed96954d58\*.tmp files -> C:\Windows\SoftwareDistribution\Download\aa275a20f01aeac415eb18ed96954d58\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ae5723efc251d9249233ffe24e20334a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ae5723efc251d9249233ffe24e20334a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\af2a9aaceb2ef618ea08ce81659857b2\*.tmp files -> C:\Windows\SoftwareDistribution\Download\af2a9aaceb2ef618ea08ce81659857b2\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\bbc95bf962d19dd37aa08ec7bdeedb14\*.tmp files -> C:\Windows\SoftwareDistribution\Download\bbc95bf962d19dd37aa08ec7bdeedb14\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d46e7670abf5ba4e80056999b99e7a79\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d46e7670abf5ba4e80056999b99e7a79\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d95aac6c0764ad0d389a9c27c2c1d703\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d95aac6c0764ad0d389a9c27c2c1d703\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\dd3e07c69097c9216d85bb8c213b5c29\*.tmp files -> C:\Windows\SoftwareDistribution\Download\dd3e07c69097c9216d85bb8c213b5c29\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f4824f3999802e9fe668848cdb6c7749\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f4824f3999802e9fe668848cdb6c7749\*.tmp -> ]
[17 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\avg_a01452\ProgData\*.tmp files -> C:\Windows\Temp\avg_a01452\ProgData\*.tmp -> ]
[1 C:\Windows\Temp\avg_a03928\ProgData\*.tmp files -> C:\Windows\Temp\avg_a03928\ProgData\*.tmp -> ]
[1 C:\Windows\Temp\avg_a03928\ProgFiles\AVG Secure Search\*.tmp files -> C:\Windows\Temp\avg_a03928\ProgFiles\AVG Secure Search\*.tmp -> ]
[1 C:\Windows\Temp\avg_a04152\ProgData\*.tmp files -> C:\Windows\Temp\avg_a04152\ProgData\*.tmp -> ]
[1 C:\Windows\Temp\avg_a04152\ProgFiles\AVG Secure Search\*.tmp files -> C:\Windows\Temp\avg_a04152\ProgFiles\AVG Secure Search\*.tmp -> ]
[1 C:\Windows\Temp\avg_a05772\ProgData\*.tmp files -> C:\Windows\Temp\avg_a05772\ProgData\*.tmp -> ]
[1 C:\Windows\Temp\avg_a05772\ProgFiles\AVG Secure Search\*.tmp files -> C:\Windows\Temp\avg_a05772\ProgFiles\AVG Secure Search\*.tmp -> ]
[1 C:\Windows\Temp\avg_a15260\ProgData\*.tmp files -> C:\Windows\Temp\avg_a15260\ProgData\*.tmp -> ]
[1 C:\Windows\Temp\avg_a15260\ProgFiles\AVG Secure Search\*.tmp files -> C:\Windows\Temp\avg_a15260\ProgFiles\AVG Secure Search\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.11.06 12:07:14 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Adobe
[2012.12.16 19:43:06 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Apple Computer
[2012.12.31 18:16:49 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\BSplayer
[2012.12.31 18:07:35 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\BSplayer Pro
[2013.01.26 10:48:08 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\CyberLink
[2012.09.25 07:21:38 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Identities
[2011.12.05 18:50:16 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Macromedia
[2013.10.06 19:37:02 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Malwarebytes
[2010.11.21 09:16:41 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Media Center Programs
[2013.09.29 11:44:57 | 000,000,000 | --SD | M] -- C:\Users\acer\AppData\Roaming\Microsoft
[2012.10.03 20:55:44 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Mozilla
[2012.10.07 21:03:03 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Nero
[2013.01.26 11:40:44 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Skype
[2013.08.01 07:26:10 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\uTorrent
[2012.12.09 16:08:22 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2009.08.11 22:21:26 | 000,087,552 | ---- | M] () -- C:\Users\acer\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 22:21:30 | 000,090,112 | ---- | M] () -- C:\Users\acer\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 15:52:04 | 000,697,690 | ---- | M] () -- C:\Users\acer\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012.10.11 10:01:20 | 001,175,371 | ---- | M] () -- C:\Users\acer\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 11:42:54 | 000,113,152 | ---- | M] () -- C:\Users\acer\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 11:45:10 | 000,358,400 | ---- | M] () -- C:\Users\acer\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 11:42:06 | 000,137,728 | ---- | M] () -- C:\Users\acer\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 16:30:22 | 000,042,305 | ---- | M] () -- C:\Users\acer\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2011.12.05 18:48:54 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\acer\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >