Pravidlá • Registrovať • Prihlásenie

Obsah fóra » Software » Antivíry, bezpečnosť a sieť » Antivíry a antispywary » pomoc s http://adf.ly/Kwky2

Kwky2

Stránka: 1 z 2

[ Príspevkov: 31 ]

Choď na stránku: 1, 2 ďalšia

Autor

Správa

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal

nexter: 22.03.2013 23:07

Zdravim vas. Mam sakra problem. Po nacitani stranky vo firefoxe mozem v ramci nej kliknut este raz a potom mi nabehne tato stranka "adf.ly/Kwky2", kde sa zacne odpocitavanie v pravom hornom rohu a potom add skip. Neviem sa toho zbavit. Zacalo to robit dnes. V chrome mi to nerobi iba vo firefoxe. Posielam vypis z combofixu.

Spoiler: zobraziť

personal compuper

Užívateľ

Užívateľ

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2

Napísal

personal compuper: 23.03.2013 12:59

Ahoj
Odinštaluj spybot
Stiahni si AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
ulož ho na plochu Spusť program stlač tlačidlo search
Po skene sa objaví log budeš ho mať na systémovom disku ako AdwCleaner[R?].txt cely obsah vlož sem

Keď nemáš combofix tak ho presuň na plochu
Spusť poznámkový blok
skopíruj script do poznámkového bloku

Kód:

Killall::
file::
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\HPCeeScheduleFornexter.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\TEMP\cpuz136\cpuz136_x64.sys
registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPWirelessAssistant"=-
"HPPowerAssistant"=-
"Autodesk Sync"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"File Sanitizer"=-
"IFXSPMGT"=-
"QLBController"=-

DDS::
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www

firefox::
FF - ProfilePath - c:\users\nexter\AppData\Roaming\Mozilla\Firefox\Profiles\11kw2nld.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&o ... &gfns=1&q=
FF - ExtSQL: 2013-02-10 17:59; socialfixer@mattkruse.com" target="_blank" rel="nofollow; c:\users\nexter\AppData\Roaming\Mozilla\Firefox\Profiles\11kw2nld.default\extensions\socialfixer@mattkruse.com.xpi
FF - ExtSQL: 2013-03-22 18:56; {e001c731-5e37-4538-a5cb-8168736a2360}; c:\users\nexter\AppData\Roaming\Mozilla\Firefox\Profiles\11kw2nld.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
driver::
cpuz136
SkypeUpdate

clearjavacache::
reboot::

Stiahni si RSIT z http://images.malwareremoval.com/random/RSIT.exe pre 64 bit verzie http://images.malwareremoval.com/random/RSITx64.exe spusť daj continue chvíľu počkaj dokým sa vygeneruje log keď ho vygeneruje nájdeš ho na C:\rsit\log.txt log vlož sem

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal autor témy Offline

nexter: 23.03.2013 14:55

# AdwCleaner v2.115 - Log vytvorený 23/03/2013 o 14:54:45
# Aktualizované 17/03/2013 Xplode
# Operaený systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : nexter - SOHLER
# Spustený systém : Normálny
# Spustené z : C:\Users\nexter\Desktop\adwcleaner.exe
# Volba [Preh3ada?]

***** [Služby] *****

***** [Súbory / Adresáre] *****

***** [Registre] *****

***** [Internetové prehliadaee] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Registre sú eisté.

-\\ Mozilla Firefox v19.0.2 (sk)

Súbor : C:\Users\nexter\AppData\Roaming\Mozilla\Firefox\Profiles\11kw2nld.default\prefs.js

[OK] Súbor je eistý.

-\\ Google Chrome v25.0.1364.172

Súbor : C:\Users\nexter\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Súbor je eistý.

*************************

AdwCleaner[R5].txt - [832 octets] - [23/03/2013 14:54:45]

########## EOF - C:\AdwCleaner[R5].txt - [891 octets] ##########

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal autor témy Offline

nexter: 23.03.2013 15:01

Ten script co si poslal mam "pretiahnut" cez combofix?

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal autor témy Offline

nexter: 23.03.2013 15:02

Spoiler: zobraziť

personal compuper

Užívateľ

Užívateľ

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2

Napísal

personal compuper: 23.03.2013 15:54

nexter píše:

Ten script co si poslal mam "pretiahnut" cez combofix?

ano máš pretiahnuť cez combofix http://imageshack.us/photo/my-images/801/13587703.gif/

upni sem obsah C:\TDSSKiller.2.8.16.0_23.03.2013_11.32.41_log.txt

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal autor témy Offline

nexter: 23.03.2013 16:32

Spoiler: zobraziť

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal autor témy Offline

nexter: 25.03.2013 8:29

Cakal som na odpoved ale asi som zabudol na toto...
1

Spoiler: zobraziť

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal autor témy Offline

nexter: 25.03.2013 8:30

Spoiler: zobraziť

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal autor témy Offline

nexter: 25.03.2013 8:31

Spoiler: zobraziť

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal autor témy Offline

nexter: 25.03.2013 8:32

Spoiler: zobraziť

personal compuper

Užívateľ

Užívateľ

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2

Napísal

personal compuper: 25.03.2013 14:34

Neviem prečo si mažeš legitímne ovládače.

stiahni si TDSSQlook http://www.malwareinfo.nl/tools/TDSSQlook.exe
daj uložiť na plochu
Zobrazia sa možnosti zvoľ možnosť A
zobrazi sa log vlož ho sem

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal autor témy Offline

nexter: 25.03.2013 15:05

nevidim kde na tej stranke sa to da stiahnut....

personal compuper

Užívateľ

Užívateľ

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2

Napísal

personal compuper: 25.03.2013 15:40

na tejto stránke máš rozobratý safeboot.sys https://kc.mcafee.com/corporate/index?p ... id=KB60662
tu máš sptd http://www.duplexsecure.com/downloads/

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal autor témy Offline

nexter: 25.03.2013 17:42

sptd som preinstaloval, z toho safebootu som trochu mimo to este postudujem,
Tu je vypis z TDSSQlook, som ho nakoniec nasiel na disku

TDSSKiller Quarantine Information log
TDSS Qlook Version 1.0.0.5 - nexter - po 25. 03. 2013 - 17:40:09,12.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1
***** START SCAN po 25. 03. 2013 17:40:12,34 *****

---------- TDSSKiller logs ----------

TDSSKiller.2.8.16.0_23.03.2013_11.32.41_log.txt

---------- TDSSStarter logs ----------

---------- DIR LIST ----------

C:\TDSSKiller_Quarantine\23.03.2013_11.32.42
C:\TDSSKiller_Quarantine\23.01.2013_13.48.58
C:\TDSSKiller_Quarantine\23.01.2013_13.48.58\susp0001
C:\TDSSKiller_Quarantine\23.01.2013_13.48.58\susp0000
C:\TDSSKiller_Quarantine\23.01.2013_13.48.58\susp0000\object.ini
C:\TDSSKiller_Quarantine\23.01.2013_13.48.58\susp0000\svc0000
C:\TDSSKiller_Quarantine\23.01.2013_13.48.58\susp0000\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\23.01.2013_13.48.58\susp0000\svc0000\object.ini
C:\TDSSKiller_Quarantine\23.01.2013_13.48.58\susp0000\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\23.01.2013_13.48.58\susp0001\object.ini
C:\TDSSKiller_Quarantine\23.01.2013_13.48.58\susp0001\svc0000
C:\TDSSKiller_Quarantine\23.01.2013_13.48.58\susp0001\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\23.01.2013_13.48.58\susp0001\svc0000\object.ini
C:\TDSSKiller_Quarantine\23.01.2013_13.48.58\susp0001\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0003
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0002
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0001
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0000
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0000\object.ini
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0000\svc0000
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0000\svc0000\object.ini
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0000\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0000\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0001\svc0000
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0001\object.ini
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0001\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0001\svc0000\object.ini
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0001\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0002\object.ini
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0002\svc0000
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0002\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0002\svc0000\object.ini
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0002\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0003\object.ini
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0003\svc0000
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0003\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0003\svc0000\object.ini
C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0003\svc0000\tsk0000.ini

---------- INI FILES ----------

=== C:\TDSSKiller_Quarantine\23.01.2013_13.48.58\susp0000\object.ini

[InfectedObject]
Verdict: LockedFile.Multi.Generic

=== C:\TDSSKiller_Quarantine\23.01.2013_13.48.58\susp0000\svc0000\object.ini

[InfectedObject]
Type: Service
Name: SafeBoot
Type: Kernel driver (0x1)
Start: Boot (0x0)
Suspicious states: Locked file;

=== C:\TDSSKiller_Quarantine\23.01.2013_13.48.58\susp0000\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\windows\system32\drivers\SafeBoot.sys
md5: 6EF8E5E3A079C97C70915CF740E89977

=== C:\TDSSKiller_Quarantine\23.01.2013_13.48.58\susp0001\object.ini

[InfectedObject]
Verdict: LockedFile.Multi.Generic

=== C:\TDSSKiller_Quarantine\23.01.2013_13.48.58\susp0001\svc0000\object.ini

[InfectedObject]
Type: Service
Name: sptd
Type: Kernel driver (0x1)
Start: Boot (0x0)
ImagePath: System32\Drivers\sptd.sys
Suspicious states: Locked file;

=== C:\TDSSKiller_Quarantine\23.01.2013_13.48.58\susp0001\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\windows\system32\Drivers\sptd.sys
md5: 602884696850C86434530790B110E8EB

=== C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0000\object.ini

[InfectedObject]
Verdict: LockedFile.Multi.Generic

=== C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0000\svc0000\object.ini

[InfectedObject]
Type: Service
Name: SafeBoot
Type: Kernel driver (0x1)
Start: Boot (0x0)
Suspicious states: Locked file;

=== C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0000\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\windows\system32\drivers\SafeBoot.sys
md5: 6EF8E5E3A079C97C70915CF740E89977

=== C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0001\object.ini

[InfectedObject]
Verdict: LockedFile.Multi.Generic

=== C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0001\svc0000\object.ini

[InfectedObject]
Type: Service
Name: sptd
Type: Kernel driver (0x1)
Start: Boot (0x0)
ImagePath: System32\Drivers\sptd.sys
Suspicious states: Locked file;

=== C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0001\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\windows\system32\Drivers\sptd.sys
md5: 602884696850C86434530790B110E8EB

=== C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0002\object.ini

[InfectedObject]
Verdict: LockedFile.Multi.Generic

=== C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0002\svc0000\object.ini

[InfectedObject]
Type: Service
Name: SafeBoot
Type: Kernel driver (0x1)
Start: Boot (0x0)
Suspicious states: Locked file;

=== C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0002\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\windows\system32\drivers\SafeBoot.sys
md5: 6EF8E5E3A079C97C70915CF740E89977

=== C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0003\object.ini

[InfectedObject]
Verdict: LockedFile.Multi.Generic

=== C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0003\svc0000\object.ini

[InfectedObject]
Type: Service
Name: sptd
Type: Kernel driver (0x1)
Start: Boot (0x0)
ImagePath: System32\Drivers\sptd.sys
Suspicious states: Locked file;

=== C:\TDSSKiller_Quarantine\23.03.2013_11.32.42\susp0003\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\windows\system32\Drivers\sptd.sys
md5: 602884696850C86434530790B110E8EB

***** END SCAN po 25. 03. 2013 17:40:12,76 *****

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal autor témy Offline

nexter: 27.03.2013 7:29

Neviem s cim dalej pokracovat.... cakam na instrukcie.

personal compuper

Užívateľ

Užívateľ

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2

Napísal

personal compuper: 27.03.2013 13:49

inštrukcie máš v linkoch

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal autor témy Offline

nexter: 27.03.2013 14:15

vsetko je vykonane akurat neviem co s tym safebootom. Na stranke co si mi poslal je popis chyby ktory mne nerobi a aj subory nie su pre W7.

personal compuper

Užívateľ

Užívateľ

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2

Napísal

personal compuper: 27.03.2013 14:38

Stiahni si systemLook http://jpshortstuff.247fixes.com/SystemLook.exe ulož ho a spusť
Do okna skopíruj nasledovne
:filefind
*safeboot.sys*
Následne klikny na Look
O chvíľu vyhodí log z názvom systemlook
Skopíruj ho sem

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal autor témy Offline

nexter: 27.03.2013 15:08

SystemLook 30.07.11 by jpshortstuff
Log created at 15:02 on 27/03/2013 by nexter
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== filefind ==========

Searching for "*safeboot.sys*"
C:\$RECYCLE.BIN\S-1-5-21-2184412465-192472027-3838285202-1002\$ROY52UV\SafeBoot.sys --a---- 102912 bytes [13:08 27/03/2013] [14:14 20/02/2009] 26184E04AC6357D038216DB7F7A67E5E
C:\Users\nexter\Desktop\Appdir 64-bit\SafeBoot.sys --a---- 56032 bytes [13:09 27/03/2013] [14:15 20/02/2009] B2A793B0527312EF18B602FADF23E3FA
C:\Users\nexter\Desktop\WinDriverDir 64-bit\SafeBoot.sys --a---- 56032 bytes [13:08 27/03/2013] [14:14 20/02/2009] B2A793B0527312EF18B602FADF23E3FA
C:\Windows\System32\drivers\SafeBoot.sys ------- 110520 bytes [00:11 02/02/2010] [00:11 02/02/2010] 31B48CB3D35D076291E3B8AFD9A7F203
C:\Windows\SysWOW64\drivers\SafeBoot.sys ------- 110520 bytes [00:11 02/02/2010] [00:11 02/02/2010] 31B48CB3D35D076291E3B8AFD9A7F203

-= EOF =-

personal compuper

Užívateľ

Užívateľ

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2

Napísal

personal compuper: 27.03.2013 15:12

je to OK

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal autor témy Offline

nexter: 27.03.2013 15:24

no ale problem s adf.ly stale zostal, teda mierne sa to zlepsilo pretoze uz ma nehodi az na stranku ale vypise prvy link ktory "purchasereviews.net/donate.php" ktory ma vzdy hodil na adf.ly, no teraz to zostane uz lenp pri purchaserewiews a potom to zastane...

personal compuper

Užívateľ

Užívateľ

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2

Napísal

personal compuper: 27.03.2013 15:40

Stiahni si OTL
http://oldtimer.geekstogo.com/OTL.exe
Pre OS XP spusť pod administratorom
Pre OS vista ,7
Zaškrtni LOP check ,Purity check, všetkých používateľov (scan all users )
Klinky na prehľadať (RUN SCAN)
Prebehne scan keď skonči vyskočia logy OTL.txt a Extras.txt tie sem vlož

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal autor témy Offline

nexter: 27.03.2013 16:27

1/2

OTL Extras logfile created on: 3/27/2013 4:03:22 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\nexter\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000409 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

3.74 Gb Total Physical Memory | 1.09 Gb Available Physical Memory | 29.24% Memory free
7.48 Gb Paging File | 3.20 Gb Available in Paging File | 42.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.47 Gb Total Space | 143.74 Gb Free Space | 32.05% Space Free | Partition Type: NTFS
Drive E: | 1.99 Gb Total Space | 1.39 Gb Free Space | 69.98% Space Free | Partition Type: FAT32
Drive M: | 1.88 Gb Total Space | 1.86 Gb Free Space | 98.96% Space Free | Partition Type: FAT

Computer Name: SOHLER | User Name: nexter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2184412465-192472027-3838285202-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{067DFC10-BDBB-4517-BCCD-B61B9B5234C0}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service |
"{1A6D49F1-9B88-4E93-B7A7-E7F1E3D6F2CA}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1D3E341A-4913-4B1F-A71F-A3D1689F4646}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{202BF76F-FFB1-428F-B308-C3E5F3A3342B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{213548E0-D07B-400E-A55C-E77E1E8AD3D2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{26BF566B-CDA1-4E0D-BAE2-19FF8DEB2ECD}" = rport=138 | protocol=17 | dir=out | app=system |
"{2844F3B5-B28A-4093-AB31-3777860CE805}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{28DFD14E-9E05-47C1-BC73-5F3DA879770A}" = lport=445 | protocol=6 | dir=in | app=system |
"{2CE8EE66-D483-4F11-B410-82F6D1C8319A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{30846D60-FEA6-40D7-9335-2A39E01303A1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{46B70733-E01F-4FF7-989F-119F62A10A13}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5DB01B98-2B77-486F-A552-5FD6A5B34CE9}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6F31B892-41AF-451D-8F83-54997749D691}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6F5AADED-C832-4C8D-BF82-549B0351D6D3}" = lport=138 | protocol=17 | dir=in | app=system |
"{725FF4CD-5678-42BE-A43D-3418BC934991}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7A8BEED5-018B-4C36-8B9F-16E1DA49A3B1}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7EA3F42B-BB6B-4714-B7B9-3FDD4E90FE87}" = lport=139 | protocol=6 | dir=in | app=system |
"{85A251B0-55C4-4A92-8345-AC5F8F1A6B55}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8CD42143-E71D-4C91-A735-689C19E16F1B}" = rport=2869 | protocol=6 | dir=out | app=system |
"{90C469BA-0CB3-45BD-AD13-51D837D80034}" = lport=137 | protocol=17 | dir=in | app=system |
"{95023CC5-8773-48EF-9410-F9720089D4AC}" = rport=139 | protocol=6 | dir=out | app=system |
"{96C71694-0D46-43F9-A2DB-0108FBE08802}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A23C35FD-871B-4697-AA01-63A8EC67CEFE}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A9ED9D5E-6D4F-4643-821E-AFA8660C3D33}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B4A6B866-ECCA-4324-848A-C8BAC35FAA5D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B6D0B4BD-2832-4504-AFEB-A52148E292F8}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{CB7A54F7-3118-495A-9BAD-A2BA03397AA7}" = rport=137 | protocol=17 | dir=out | app=system |
"{DEAE2035-1DDD-47D3-896C-93E40605D99D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{E018ED5E-F3AD-41C6-997C-41ED00A9236E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{E8DC39AA-C889-4FDF-BDAC-5C2D36FD7766}" = rport=445 | protocol=6 | dir=out | app=system |
"{EA2EE6CA-610A-4173-AC87-2892E31105D0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EE7BDB67-5164-4ADE-88A9-341043E7D209}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F0826E29-1BB0-436D-B713-3E3C8B629E4F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F3FB35F6-763B-4D0D-915B-D55C7701532D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D3F153-A890-4796-A68B-AD226A6D6ECF}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{0E0322BD-1EBD-479E-8EE5-74DCB9923BD3}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{0F4F6D58-5EB8-4A00-AA1C-14FFA16ADAE0}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{11973EA8-47FE-4EA5-A20D-A563EB495423}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{134102AB-956F-4643-96A2-F863BD6E4DA7}" = protocol=17 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{150D6847-A916-4250-B718-BD41AFA730D9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{1FD78ADF-919D-480B-8052-D97D6012FFD3}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{2313B8F7-924E-445C-9831-733713B201DC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{27E650F1-74FC-450F-97B0-0DBE856B27FD}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{36C50D33-AF08-4F1C-86A9-96EA2412668F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4213B4CF-70D2-4427-8A07-70F3F29B6EB1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{46D8D4C3-4BFE-4E78-A10E-876A2203636D}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{48F0B040-BC32-4EC9-B800-80CF4631741A}" = protocol=6 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{547EF0D0-38B6-4CC7-ADB4-1C5E2C56BCFD}" = protocol=17 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{5A6E5167-C1FE-49D4-AFF5-FC106825E23D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5B618CE6-6AD4-4D43-A1F4-844FBE4DEE15}" = protocol=6 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{62EF9785-BDC1-4525-9BD0-21526A3CE779}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{68479FF2-0D74-401F-998D-BC96A06E7C42}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{6D817ADD-71D6-458C-B154-7DF4401801B9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6FD59C79-E88B-409B-94DA-2109BB7EAFFD}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"{70F0AAD9-62DB-4754-85A3-B59A8BBF1CC4}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{71136053-C567-436C-8825-08495059D1C8}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{750EC948-25A2-4CDB-8B4C-D9E234F581AA}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{79465575-A5C6-49ED-832E-5AF1EF6FCFE3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{91CFE66F-50BE-49E6-91C8-3CB0E8808037}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{9DC8972D-9D24-4262-8A9B-A350D9B06EC4}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{ADC6C31C-3B38-4AAF-9187-C3175A21E4EB}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{B608A56F-E497-4784-9DE9-C23F80DB5FF0}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{B6E3DBF9-326B-4A40-88C0-0437223989B9}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{B9C08E21-A76E-4BE6-AD4C-826B173EBA94}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BC39EAF6-3504-4C09-9E1E-161F5C9AA263}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{C06D9B5F-A9A3-4023-9E96-B8C3AE422D9B}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C0F483AF-687F-4EFC-8295-ADF5E960AABE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C4223F53-B616-4045-A104-B2330C6A20C1}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{C5F462FC-8769-4B71-978E-998C75329296}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{CB7FCCFF-79D9-4A16-9EB2-8233AA21F02F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{CC1E0061-DA95-438C-8975-425F27697CFB}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{D04965DE-6C9B-422F-943E-4B3C46EC9BCF}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{E3AA2FDD-2D39-4685-BEA0-0622577C52A0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E511D392-1D1F-434A-8B65-031A371B84D2}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{EF35BD25-536D-4AAB-A47B-CB4448B07AE4}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{F1A7F679-BDD9-437E-A4F2-832A7E39E9EE}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{FBBEA566-04B0-4732-AF44-CCF566E3B77E}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{FD5F188A-C39B-41C9-9550-78AF95DB6873}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{FDF8EA4C-F92B-4002-A106-74405235FAF9}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"TCP Query User{371708FB-6CCF-4EC2-973E-C1CAE1D468EB}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{74DCB3FD-DB90-4D27-83FE-74F976D0E19B}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{8F743886-6F62-432B-970A-D34615614AF7}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{A4D6E088-0ACE-474F-91CE-074C747A4EB0}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{8385899C-BB10-4F58-9FB0-C9ED2546F73D}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{8BCCE59B-0139-4A24-AECC-F7665C940548}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{94DB458D-B0A9-4F91-8D02-7835AED96F0A}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{CA8FE992-8C55-48B7-814D-00DEFEF4D317}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1012456A-D118-37E0-E837-34AA28602013}" = AMD Drag and Drop Transcoding
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1C292266-E054-4090-84D5-869649E4F9C7}" = HP Power Data
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417004FF}" = Java(TM) 7 Update 4 (64-bit)
"{33C19CDE-E935-11E0-A0DA-F04DA23A5C58}" = MSVCRT Redists
"{34E6F14D-68F9-486D-87BA-6AA8431F3F44}" = Drive Encryption for HP ProtectTools
"{48903EFA-28EB-4BBB-A950-60C993731C0C}" = SaveByClick
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4F2B8F3E-70FA-AA71-4526-3BFDEDE502EF}" = AMD Fuel
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}" = Corel Graphics - Windows Shell Extension 64 Bit
"{547B7192-B452-467C-AE4D-775056CF8529}" = HP 3D DriveGuard
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{5783F2D7-9001-0409-0102-0060B0CE6BBA}" = AutoCAD 2011 - English
"{5783F2D7-9001-0409-1102-0060B0CE6BBA}" = AutoCAD 2011 Language Pack - English
"{5783F2D7-9017-0409-0102-0060B0CE6BBA}" = AutoCAD Plant 3D 2011
"{5783F2D7-9017-0409-1102-0060B0CE6BBA}" = AutoCAD Plant 3D 2011 Language Pack - English
"{5783F2D7-B017-0409-0102-0060B0CE6BBA}" = AutoCAD Plant 3D 2013 - English
"{5783F2D7-B017-0409-1102-0060B0CE6BBA}" = AutoCAD Plant 3D 2013 Language Pack - English
"{5783F2D7-B017-0409-2102-0060B0CE6BBA}" = AutoCAD Plant 3D 2013 - English
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6674F235-A9BF-4B76-8A4D-D9D07919735C}" = Embedded Security for HP ProtectTools
"{68CA3A47-3F7E-0E92-DC0D-5B0C02D9AFAD}" = ccc-utility64
"{6BB150E8-6CBB-5F8F-CAE7-BE21B2C92D31}" = AMD Accelerated Video Transcoding
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{70675CAC-C262-4765-BBCA-FB0D66252AF4}" = Soluto
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{82C1E6E4-6718-4EFD-9DCC-E276D690EF46}" = Autodesk Inventor Fusion plug-in for AutoCAD 2013
"{86E45973-5352-439F-A115-2E8EE4D40140}" = ActivClient x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{914F7627-B645-9895-F723-BAEAAC865E75}" = AMD Catalyst Install Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D06DE3F-0B91-4E1F-B791-619A9D1B53EF}" = HP ProtectTools Security Manager
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Broadcom 2070 Bluetooth 2.1 + EDR
"{A7500970-FE98-11E1-B560-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
"{AB085680-FE98-11E1-A232-F04DA23A5C58}" = MSVCRT Redists
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D1C6B636-5578-4A9E-ACCF-2AFA5F166335}" = HP Power Assistant
"{D4761C4F-5ED9-11E1-9202-F04DA23A5C58}" = MSVCRT Redists
"{DA3372D5-F228-5C71-3FAC-177D4AEE8659}" = AMD Media Foundation Decoders
"{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}" = Validity Fingerprint Driver
"{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}" = HP Wireless Assistant
"{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}" = Autodesk Sync
"{F4477CC0-7293-414A-93BC-20EE897A80F0}" = Java Card Security for HP ProtectTools
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FE2F4875-095C-427C-9A97-4F8DE05ACF22}" = Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013
"{FFF5619F-2013-0064-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2013
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"7E38E30BB92ED94B21CF062A7386554CBA991FEB" = Windows Driver Package - Broadcom Bluetooth (12/16/2009 6.2.0.9414)
"AutoCAD 2011 - English" = AutoCAD 2011 - English
"AutoCAD Plant 3D 2013 - English" = AutoCAD Plant 3D 2013 - English
"Autodesk Inventor Fusion 2013" = Autodesk Inventor Fusion 2013
"Autodesk Inventor Fusion plug-in for AutoCAD 2013" = Autodesk Inventor Fusion plug-in for AutoCAD 2013
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Canon LBP6300" = Canon LBP6300
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"HPProtectTools" = HP ProtectTools Security Manager
"Lexmark Pro800-Pro900 Series" = Lexmark Pro800-Pro900 Series
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.11 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00307EA9-0A62-4F28-8963-B185D7B278F7}" = Vaisala Humidity Calculator
"{03D45A4B-D7F5-C03E-1650-885756303D13}" = CCC Help Norwegian
"{04801E42-B1A6-4C52-9F3D-CADB5A050433}" = HP Software Setup
"{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08223707-D0AD-4128-99FE-A52B3B82A155}" = D.Signer/XAdES Xml plugin v1.1.0.0
"{0ABBF310-94E4-4AE8-A6BD-10345A3F6439}" = Google Drive
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Panel nástroju
"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office
"{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}" = Autodesk Material Library 2013
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1B1CCFB2-E7D3-4F2B-8755-51AAF8BC39B9}" = Earth Science Picture of the Day Gadget
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F9E5C64-165D-4679-BBB3-498D216D017B}" = HTC Sync
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{24584BB7-0D2D-4A04-81B7-393C8CB87498}" = HP Software Framework
"{2487FBE2-3A7F-4E48-98D5-57A0AD824BF7}" = D.Signer/XAdES v1.1.0.0
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 37
"{284E9E9A-D8BE-3588-D0BA-E9BB61970A1D}" = CCC Help Hungarian
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2DA697D7-FED3-4DE2-A174-92A2A12F9688}" = HP SoftPaq Download Manager
"{30E18A93-982E-AF1B-D646-E8C5DAECA390}" = CCC Help French
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{3516C69A-024D-42A8-B948-FFAA7B9CC49A}" = Windows SideShow Managed Runtime 1.0
"{3544DED1-07DB-40C0-98F3-435A6DA195C7}" = Google SketchUp 8
"{356658C7-8C60-4A43-AF50-75CA8E642934}" = CorelDRAW Graphics Suite X5 - CZ
"{3E8A20E1-223F-11E2-9116-B8AC6F98CCE3}" = Google Earth
"{4021F8B5-E8BB-D0F9-AF28-4970013FAE3D}" = AMD VISION Engine Control Center
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{470D66DF-B597-124E-EDCE-8B966AA5F230}" = CCC Help Portuguese
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{483924A6-52C5-9169-0280-14272D5FBA70}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{57AE1BE1-24E8-4169-D52C-ABE31BD91562}" = CCC Help Finnish
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{5B5745F7-23EF-9E5E-6689-512C9FA08222}" = CCC Help English
"{5BF8E079-D6E2-4323-B794-75152371122A}" = Windows 7 Default Setting
"{5D26BF7B-BEF6-477D-8FC1-0C1C159B6364}_is1" = Quicksys RegDefrag 2.9
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{606E12B9-641F-4644-A22A-FF38AE980AFD}" = Autodesk Material Library Base Resolution Image Library 2013
"{625031C9-E249-2A53-C282-C1E9872B211E}" = CCC Help Turkish
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service
"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{655E0B5A-7ADF-A052-587F-64F0E59B58E7}" = CCC Help Dutch
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}" = File Sanitizer For HP ProtectTools
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74437563-D720-0307-90FC-1C351B1041D7}" = Catalyst Control Center Localization All
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7861911B-4270-498A-8F7A-FCF0570F4877}" = HP QuickWeb
"{7861911B-4270-498A-8F7A-FCF0570F48E3}" = HP QuickWeb
"{789A4D10-821B-3FA5-52B0-F0FAEEDED9F4}" = CCC Help Czech
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7BA14A92-C229-5E00-3ADE-8D22F81B849E}" = CCC Help German
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7E890D16-5CB9-4F18-BAA1-CCD0A543CAE5}" = MAGIX Music Maker MX Premium Download Version
"{7F77DB04-A969-40a4-89EF-06CE06D56524}" = pdfforge Toolbar v5.0
"{80A5B901-C7BD-D300-17BA-9E02F18EAB77}" = CCC Help Danish
"{82F505E6-5879-B30A-12B7-7795969D3BBB}" = CCC Help Polish
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8476003F-6927-8393-C6F4-FAF47D61D00B}" = CCC Help Korean
"{89A2D79E-B3AD-A83A-795F-5645EFF922D3}" = CCC Help Greek
"{89C0F58F-9E5B-2B45-D9DF-7988A54BECA8}" = CCC Help Italian
"{8B91D776-792D-F02B-DE43-BF398549C729}" = CCC Help Spanish
"{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011
"{8D4B1DDC-0CB5-4908-B740-A385C2F3B6A9}" = HP User Guides 0185
"{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1" = Auslogics Registry Cleaner
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F272838-BDD6-B433-D650-25E231AEFA8A}" = Catalyst Control Center InstallProxy
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_ENTERPRISER_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_ENTERPRISER_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_ENTERPRISER_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_ENTERPRISER_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_ENTERPRISER_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_ENTERPRISER_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISER_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PRJPRO_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PRJPRO_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_ENTERPRISER_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISER_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PRJPRO_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PRJPRO_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PRJPRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-041B-1000-0000000FF1CE}_ENTERPRISER_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}_ENTERPRISER_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PRJPRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_ENTERPRISER_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2007
"{90120000-00A1-041B-0000-0000000FF1CE}_ENTERPRISER_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
"{90120000-00B4-0409-0000-0000000FF1CE}_PRJPRO_{F3CD3F3F-726C-4414-A1FE-5CD0968313EA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{90120000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2007
"{90120000-00BA-041B-0000-0000000FF1CE}_ENTERPRISER_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00D1-0409-0000-0000000FF1CE}" = Microsoft Office Access database engine 2007 (English)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PRJPRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PRJPRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{96AC1B0B-02D1-4FAA-9C1E-C92ECA74921A}" = HP Setup
"{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{983BE967-28E9-5C78-8851-638DAC4AF66E}" = CCC Help Swedish
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{994359E8-D614-4CC6-84DB-415C27D2BA12}" = MAGIX Screenshare
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A6365256-0FBA-4DCD-88CE-D92A4DC9328E}" = HP ESU for Microsoft Windows 7
"{A707240D-18D3-07F4-AE2E-6AE76C220192}" = CCC Help Japanese
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-1029-4770-7760-000000000004}{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Czech
"{AE140A73-39CD-470F-B14A-B531C2A5F462}" = HP QuickLook
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B95AC87D-630B-603F-3F12-AA22B3BBA69C}" = CCC Help Chinese Traditional
"{C97CC14E-4789-4FC5-BC75-79191F7CE009}" = HP Hotkey Support
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant
"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = CanoScan Toolbox Ver4.9
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{D69F9215-B06A-4ADF-A464-E2607B2FA296}" = Privacy Manager for HP ProtectTools
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = HP Webcam Driver
"{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}" = LightScribe System Software
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{EB1C554C-5343-9A69-1B8C-666AF192CA19}" = CCC Help Russian
"{EBCB66BD-328F-421C-96BA-8E66C7B69336}" = MAGIX Speed burnR (MSI)
"{ED238DD0-F1F1-46CC-ADD7-F56A36088B71}_is1" = DRSR verzia 0.1
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F32D24DD-D787-10F9-D21E-BC3FAB3064CB}" = Catalyst Control Center Graphics Previews Common
"{F5CC2EF8-20A4-4366-A681-3FE849E65809}" = RICOH Media Driver
"{F8D90583-7BB5-75A9-B23F-A353AD4674BC}" = CCC Help Thai
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Aide PDF to DXF Converter_is1" = Aide PDF to DXF Converter 9.6
"AutoCAD Plant 3D 2011" = AutoCAD Plant 3D 2011
"Autodesk Content Service" = Autodesk Content Service
"Autodesk Design Review 2011" = Autodesk Design Review 2011
"avast" = avast! Free Antivirus
"Cisco Connect" = Cisco Connect
"Drive Encryption" = Drive Encryption for HP ProtectTools
"DVDFab 8 Qt_is1" = DVDFab 8.2.0.7 (25/08/2012) Qt
"ENTERPRISER" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Foxit Reader" = Foxit Reader
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918
"GamePlayLabs Plugin" = GamePlayLabs Plugin
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"IDAutomation.com Code 39 Font Advantage Package" = IDAutomation.com Code 39 Font Advantage Package
"InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}" = CorelDRAW Graphics Suite 11
"InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"MAGIX_MSI_mm18dlx" = MAGIX Music Maker MX Premium Download Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verzia 1.70.0.1100
"Marvell Miniport Driver" = Marvell Miniport Driver
"Mobile Partner" = Mobile Partner
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 19.0.2 (x86 sk)" = Mozilla Firefox 19.0.2 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPE" = MyPhoneExplorer
"PC Translator 2004 Komplet" = PC Translator 2004 Komplet
"PRJPRO" = Microsoft Office Project Professional 2007
"Snapshot Viewer" = Snapshot Viewer
"SP_661c9f97" =
"TeamViewer 7" = TeamViewer 7
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2184412465-192472027-3838285202-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"c1cf4c0f01c31177" = eDANE – aplikácia sekcie daňovej FR SR pre podávanie daňových dokumentov
"Flux" = F.lux
"pdfsam" = pdfsam
"PhotoFiltre" = PhotoFiltre
"PhotoFiltre Studio X" = PhotoFiltre Studio X
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3/25/2013 6:26:16 AM | Computer Name = sohler | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.

Error - 3/25/2013 12:00:39 PM | Computer Name = sohler | Source = VSS | ID = 8194
Description =

Error - 3/25/2013 2:04:13 PM | Computer Name = sohler | Source = .NET Runtime | ID = 1026
Description =

Error - 3/26/2013 5:56:26 AM | Computer Name = sohler | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: acad.exe, verzia: 24.1.49.0, časová značka:
0x4b724de9 Názov chybového modulu: mfc90u.dll, verzia: 9.0.30729.6161, časová značka:
0x4dacf630 Kód výnimky: 0xc0000005 Odstup chyby: 0x0000000000089a15 Identifikácia
chybného procesu: 0x1860 Čas spustenia chybnej aplikácie: 0x01ce29f43e9d48d6 Cesta
chybnej aplikácie: C:\Program Files\Autodesk\AutoCAD 2011\acad.exe Cesta chybného
modulu: C:\windows\WinSxS\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
Identifikácia
hlásenia: 6c2c9ec0-95fb-11e2-8083-70f395268cce

Error - 3/26/2013 6:53:41 AM | Computer Name = sohler | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.

Error - 3/26/2013 3:43:03 PM | Computer Name = sohler | Source = .NET Runtime | ID = 1026
Description =

Error - 3/26/2013 3:43:20 PM | Computer Name = sohler | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: Connect.Service.ContentService.exe, verzia:
3.0.84.0, časová značka: 0x4f344200 Názov chybového modulu: KERNELBASE.dll, verzia:
6.1.7601.18015, časová značka: 0x50b83c8a Kód výnimky: 0xe0434352 Odstup chyby: 0x0000c41f
Identifikácia
chybného procesu: 0x930 Čas spustenia chybnej aplikácie: 0x01ce2a5a1b095e01 Cesta
chybnej aplikácie: C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
Cesta
chybného modulu: C:\windows\syswow64\KERNELBASE.dll Identifikácia hlásenia: 6947bd06-964d-11e2-8e09-70f395268cce

Error - 3/27/2013 4:07:12 AM | Computer Name = sohler | Source = .NET Runtime | ID = 1026
Description =

Error - 3/27/2013 4:07:31 AM | Computer Name = sohler | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: Connect.Service.ContentService.exe, verzia:
3.0.84.0, časová značka: 0x4f344200 Názov chybového modulu: KERNELBASE.dll, verzia:
6.1.7601.18015, časová značka: 0x50b83c8a Kód výnimky: 0xe0434352 Odstup chyby: 0x0000c41f
Identifikácia
chybného procesu: 0x908 Čas spustenia chybnej aplikácie: 0x01ce2ac2109e7487 Cesta
chybnej aplikácie: C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
Cesta
chybného modulu: C:\windows\syswow64\KERNELBASE.dll Identifikácia hlásenia: 5ef4a14e-96b5-11e2-8760-70f395268cce

Error - 3/27/2013 10:44:23 AM | Computer Name = sohler | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.

[ Hewlett-Packard Events ]
Error - 1/17/2013 7:42:50 AM | Computer Name = sohler | Source = HPSF.exe | ID = 4000
Description =

Error - 1/21/2013 9:22:50 AM | Computer Name = sohler | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 at System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) at System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) at System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) at System.Activator.CreateInstance(Type
type, Boolean nonPublic) at HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)

at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)

at System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) at System.Activator.CreateInstance(Type type, Boolean nonPublic)

at HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib

Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: sk-SK RAM: 3830 Ram
Utilization: 40 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)

Error - 1/29/2013 6:08:25 AM | Computer Name = sohler | Source = HPSF.exe | ID = 4000
Description =

Error - 1/29/2013 6:09:36 AM | Computer Name = sohler | Source = HPSF.exe | ID = 4000
Description =

Error - 2/13/2013 2:30:05 AM | Computer Name = sohler | Source = HPSF.exe | ID = 4000
Description =

Error - 3/14/2013 2:07:20 AM | Computer Name = sohler | Source = HPSF.exe | ID = 4000
Description =

Error - 3/14/2013 2:07:20 AM | Computer Name = sohler | Source = HPSF.exe | ID = 4000
Description =

Error - 3/14/2013 2:07:20 AM | Computer Name = sohler | Source = HPSF.exe | ID = 4000
Description =

Error - 3/14/2013 2:07:48 AM | Computer Name = sohler | Source = HPSF.exe | ID = 4000
Description =

Error - 3/21/2013 7:19:55 AM | Computer Name = sohler | Source = HPSF.exe | ID = 4000
Description =

[ HP Power Assistant Events ]
Error - 5/23/2012 1:06:36 AM | Computer Name = sohler | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.

Error - 5/24/2012 1:04:28 AM | Computer Name = sohler | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.

Error - 5/25/2012 1:09:24 AM | Computer Name = sohler | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.

Error - 5/25/2012 5:49:50 AM | Computer Name = sohler | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.

Error - 5/28/2012 1:17:38 AM | Computer Name = sohler | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.

Error - 5/29/2012 2:16:10 AM | Computer Name = sohler | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal autor témy Offline

nexter: 27.03.2013 16:27

2/2

Error - 5/30/2012 1:00:55 AM | Computer Name = sohler | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.

Error - 5/30/2012 5:59:04 AM | Computer Name = sohler | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.

Error - 5/31/2012 1:06:37 AM | Computer Name = sohler | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.

Error - 6/1/2012 1:14:48 AM | Computer Name = sohler | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.

[ HP Software Framework Events ]
Error - 3/20/2013 12:00:42 PM | Computer Name = sohler | Source = CaslSmBios | ID = 5
Description = 2013. 03. 20 17:00:42.358|00000C08|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Object reference not set to an instance
of an object.

Error - 3/20/2013 12:00:43 PM | Computer Name = sohler | Source = CaslSmBios | ID = 5
Description = 2013. 03. 20 17:00:43.388|00000C08|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged event. Exception: Object reference not
set to an instance of an object.

Error - 3/22/2013 3:00:08 PM | Computer Name = sohler | Source = CaslSmBios | ID = 5
Description = 2013. 03. 22 20:00:08.394|000013E8|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Object reference not set to an instance
of an object.

Error - 3/22/2013 3:00:08 PM | Computer Name = sohler | Source = CaslSmBios | ID = 5
Description = 2013. 03. 22 20:00:08.613|000013E8|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged event. Exception: Object reference not
set to an instance of an object.

Error - 3/23/2013 9:23:09 AM | Computer Name = sohler | Source = CaslSmBios | ID = 5
Description = 2013. 03. 23 14:23:08.254|00001254|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Object reference not set to an instance
of an object.

Error - 3/23/2013 9:23:09 AM | Computer Name = sohler | Source = CaslSmBios | ID = 5
Description = 2013. 03. 23 14:23:09.455|00001254|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged event. Exception: Object reference not
set to an instance of an object.

Error - 3/23/2013 11:10:29 AM | Computer Name = sohler | Source = CaslSmBios | ID = 5
Description = 2013. 03. 23 16:10:29.376|000017E4|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Object reference not set to an instance
of an object.

Error - 3/23/2013 11:10:29 AM | Computer Name = sohler | Source = CaslSmBios | ID = 5
Description = 2013. 03. 23 16:10:29.454|000017E4|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged event. Exception: Object reference not
set to an instance of an object.

Error - 3/24/2013 8:45:45 AM | Computer Name = sohler | Source = CaslSmBios | ID = 5
Description = 2013. 03. 24 13:45:45.531|00001794|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Object reference not set to an instance
of an object.

Error - 3/24/2013 8:45:45 AM | Computer Name = sohler | Source = CaslSmBios | ID = 5
Description = 2013. 03. 24 13:45:45.562|00001794|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged event. Exception: Object reference not
set to an instance of an object.

[ HP Wireless Assistant Events ]
Error - 9/12/2011 1:46:13 AM | Computer Name = sohler | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filter hlásení zrušil volanie.
(Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize()

at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__9(RadioHardware
radio) at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()

at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 9/26/2011 6:31:47 AM | Computer Name = sohler | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filter hlásení zrušil volanie.
(Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize()

at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) at HPPA_Service.CurrentConfiguration.ApplyDeviceManagerState(List`1
radios) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 4/22/2012 1:18:08 PM | Computer Name = sohler | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 4/22/2012 1:18:08 PM | Computer Name = sohler | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 7/9/2012 2:21:18 PM | Computer Name = sohler | Source = HP WA Application | ID = 0
Description = HardwareAccess.UnableToConnectException Application.ApplicationStartup;
failed to create hardware layer Error in the application. at HardwareAccess.Hardware..ctor(Dispatcher
dispatcher, ServicePort port, Int32 timeout) at HardwareAccess.Hardware.Create(Dispatcher
dispatcher, ServicePort port, Int32 timeout) at HPWA_Main.App.ApplicationStartup(Object
sender, StartupEventArgs args)

Error - 7/9/2012 2:21:34 PM | Computer Name = sohler | Source = HP WA Application | ID = 0
Description = MainWindow.ShowImpl; not initialized, closing application...

Error - 8/19/2012 11:16:26 AM | Computer Name = sohler | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filter hlásení zrušil volanie.
(Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 12/10/2012 2:10:57 AM | Computer Name = sohler | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filter hlásení zrušil volanie.
(Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize()

at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__9(RadioHardware
radio) at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()

at HPPA_Service.CurrentConfiguration.ReloadRadioList()

[ Media Center Events ]
Error - 4/2/2012 7:46:11 AM | Computer Name = sohler | Source = MCUpdate | ID = 0
Description = 13:46:10 - Chyba pripájania na Internet. 13:46:11 - Nebolo možné
spojiť sa so serverom..

Error - 6/16/2012 4:31:11 AM | Computer Name = sohler | Source = MCUpdate | ID = 0
Description = 10:31:10 - Chyba pripájania na Internet. 10:31:10 - Nebolo možné
spojiť sa so serverom..

Error - 8/27/2012 6:31:18 AM | Computer Name = sohler | Source = MCUpdate | ID = 0
Description = 12:31:16 - Chyba pripájania na Internet. 12:31:17 - Nebolo možné
spojiť sa so serverom..

Error - 11/18/2012 4:01:26 AM | Computer Name = sohler | Source = MCUpdate | ID = 0
Description = 9:01:25 - Chyba pripájania na Internet. 9:01:25 - Nebolo možné
spojiť sa so serverom..

Error - 2/6/2013 11:02:17 AM | Computer Name = sohler | Source = MCUpdate | ID = 0
Description = 16:02:10 - Chyba pripájania na Internet. 16:02:10 - Nebolo možné
spojiť sa so serverom..

[ OSession Events ]
Error - 12/8/2011 11:20:57 AM | Computer Name = sohler | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 402
seconds with 180 seconds of active time. This session ended with a crash.

Error - 4/11/2012 3:19:52 AM | Computer Name = sohler | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4007
seconds with 2100 seconds of active time. This session ended with a crash.

Error - 5/28/2012 11:26:06 AM | Computer Name = sohler | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 20
seconds with 0 seconds of active time. This session ended with a crash.

Error - 7/11/2012 4:35:51 AM | Computer Name = sohler | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4086
seconds with 720 seconds of active time. This session ended with a crash.

Error - 3/18/2013 8:29:55 AM | Computer Name = sohler | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 13894
seconds with 780 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 3/26/2013 3:44:20 PM | Computer Name = sohler | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Soluto PCGenome Core Service zlyhalo kvôli nasledujúcej
chybe: %%1053

Error - 3/27/2013 1:48:51 AM | Computer Name = sohler | Source = DCOM | ID = 10010
Description =

Error - 3/27/2013 3:33:33 AM | Computer Name = sohler | Source = bowser | ID = 8003
Description =

Error - 3/27/2013 4:08:06 AM | Computer Name = sohler | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby lxecCATSCustConnectService bol
dosiahnutý časový limit (30000 ms).

Error - 3/27/2013 4:08:06 AM | Computer Name = sohler | Source = Service Control Manager | ID = 7000
Description = Spustenie služby lxecCATSCustConnectService zlyhalo kvôli nasledujúcej
chybe: %%1053

Error - 3/27/2013 4:08:19 AM | Computer Name = sohler | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby Mobile Partner. OUC bol dosiahnutý
časový limit (30000 ms).

Error - 3/27/2013 4:08:19 AM | Computer Name = sohler | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Mobile Partner. OUC zlyhalo kvôli nasledujúcej chybe:
%%1053

Error - 3/27/2013 4:09:43 AM | Computer Name = sohler | Source = DCOM | ID = 10005
Description =

Error - 3/27/2013 4:09:43 AM | Computer Name = sohler | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby HP Software Framework Service bol
dosiahnutý časový limit (30000 ms).

Error - 3/27/2013 4:09:43 AM | Computer Name = sohler | Source = Service Control Manager | ID = 7000
Description = Spustenie služby HP Software Framework Service zlyhalo kvôli nasledujúcej
chybe: %%1053

< End of report >

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal autor témy Offline

nexter: 27.03.2013 16:28

1/2

OTL logfile created on: 3/27/2013 4:03:22 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\nexter\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000409 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

3.74 Gb Total Physical Memory | 1.09 Gb Available Physical Memory | 29.24% Memory free
7.48 Gb Paging File | 3.20 Gb Available in Paging File | 42.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.47 Gb Total Space | 143.74 Gb Free Space | 32.05% Space Free | Partition Type: NTFS
Drive E: | 1.99 Gb Total Space | 1.39 Gb Free Space | 69.98% Space Free | Partition Type: FAT32
Drive M: | 1.88 Gb Total Space | 1.86 Gb Free Space | 98.96% Space Free | Partition Type: FAT

Computer Name: SOHLER | User Name: nexter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2013/03/27 16:01:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\nexter\Desktop\OTL.exe
PRC - [2013/03/27 15:01:36 | 000,139,264 | ---- | M] () -- C:\Users\nexter\Desktop\SystemLook.exe
PRC - [2013/03/13 16:09:43 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013/03/11 01:22:07 | 001,274,320 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/03/07 15:29:07 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/03/07 00:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/03/07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/02/15 23:04:53 | 001,352,776 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
PRC - [2012/12/18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/12 17:15:30 | 000,523,680 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
PRC - [2012/09/06 10:32:12 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012/07/02 09:35:28 | 000,218,624 | ---- | M] () -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
PRC - [2012/03/23 13:25:24 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2011/03/16 11:26:40 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2011/01/23 18:47:42 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
PRC - [2010/11/16 14:37:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010/03/25 15:02:02 | 000,090,112 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files (x86)\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
PRC - [2010/03/17 01:37:08 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2010/02/24 07:56:12 | 001,160,480 | ---- | M] (Infineon Technologies AG) -- C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
PRC - [2010/02/24 07:44:38 | 000,214,304 | ---- | M] (Infineon Technologies AG) -- C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
PRC - [2010/02/24 06:27:24 | 000,992,544 | ---- | M] (Infineon Technologies AG) -- C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
PRC - [2010/02/02 01:09:48 | 000,281,192 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2010/02/02 01:05:52 | 000,704,512 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
PRC - [2010/01/19 19:17:10 | 000,297,984 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2009/12/29 13:19:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

========== Modules (No Company Name) ==========

MOD - [2013/03/27 15:01:36 | 000,139,264 | ---- | M] () -- C:\Users\nexter\Desktop\SystemLook.exe
MOD - [2013/03/13 16:09:42 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013/03/11 01:22:06 | 000,459,728 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppgooglenaclpluginchrome.dll
MOD - [2013/03/11 01:22:05 | 012,662,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
MOD - [2013/03/11 01:22:04 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
MOD - [2013/03/11 01:21:18 | 000,596,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libglesv2.dll
MOD - [2013/03/11 01:21:18 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libegl.dll
MOD - [2013/03/11 01:21:16 | 001,552,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll
MOD - [2013/03/07 15:29:21 | 003,069,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/10/24 09:01:25 | 000,034,816 | ---- | M] () -- C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll
MOD - [2012/09/23 20:43:36 | 000,313,992 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
MOD - [2011/03/04 11:02:54 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2011/03/04 11:02:52 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2011/03/04 11:02:50 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2011/01/23 18:47:42 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
MOD - [2010/04/01 11:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdrs.dll
MOD - [2010/04/01 11:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecscw.dll
MOD - [2009/05/27 06:16:50 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdatr.dll
MOD - [2009/04/28 08:56:23 | 000,024,064 | ---- | M] () -- C:\Windows\SysWOW64\LXECsmr.dll
MOD - [2009/03/09 23:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxeccaps.dll
MOD - [2009/02/20 09:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\SysWOW64\LXECsm.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/03/07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/02/15 23:04:08 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2013/02/03 19:35:28 | 000,183,264 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoLauncherService.exe -- (SolutoLauncherService)
SRV:64bit: - [2013/02/03 19:35:22 | 000,552,928 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV:64bit: - [2013/02/03 19:32:58 | 001,239,552 | ---- | M] (Soluto) [On_Demand | Stopped] -- C:\Program Files\Soluto\SolutoRemoteService.exe -- (SolutoRemoteService)
SRV:64bit: - [2013/01/29 08:57:09 | 000,271,360 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2013/01/29 08:57:08 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2012/07/11 19:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2012/07/04 07:20:54 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/07/04 01:36:06 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/09/12 17:08:46 | 000,142,904 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV:64bit: - [2011/05/13 17:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010/04/14 14:08:30 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxeccoms.exe -- (lxec_device)
SRV:64bit: - [2010/04/14 14:08:23 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\windows\SysNative\spool\DRIVERS\x64\3\\lxecserv.exe -- (lxecCATSCustConnectService)
SRV:64bit: - [2010/04/05 19:12:00 | 000,103,992 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010/03/31 00:04:50 | 000,462,088 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2010/02/18 13:52:30 | 002,045,232 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2010/02/02 01:09:48 | 000,281,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV:64bit: - [2010/02/02 01:05:52 | 000,704,512 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe -- (DEBridge)
SRV:64bit: - [2010/01/21 18:42:44 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2009/12/29 13:19:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/06/04 00:38:36 | 000,277,032 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe -- (ac.sharedstore)
SRV - [2013/03/13 16:09:44 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/07 15:29:15 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/12 17:15:30 | 000,523,680 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2012/09/06 10:32:12 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012/07/02 09:35:28 | 000,218,624 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc)
SRV - [2012/03/23 13:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012/02/09 17:05:18 | 000,018,720 | ---- | M] (Autodesk, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2012/01/19 12:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/06/21 14:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/06/19 16:42:11 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/03/16 11:26:40 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2010/11/16 14:38:16 | 000,339,456 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2010/04/14 14:08:23 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe -- (lxecCATSCustConnectService)
SRV - [2010/04/14 14:08:12 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxeccoms.exe -- (lxec_device)
SRV - [2010/03/25 15:02:02 | 000,090,112 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe -- (HPDayStarterService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/17 01:37:08 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/02/24 07:56:12 | 001,160,480 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe -- (IFXSpMgtSrv)
SRV - [2010/02/24 07:44:38 | 000,214,304 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe -- (PersonalSecureDriveService)
SRV - [2010/02/24 06:27:24 | 000,992,544 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe -- (IFXTCS)
SRV - [2010/02/18 13:26:46 | 001,664,304 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2010/01/19 19:17:10 | 000,297,984 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2009/12/07 19:36:10 | 000,362,040 | ---- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- c:\Windows\SysWOW64\flcdlock.exe -- (FLCDLOCK)
SRV - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/08/07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/03/25 17:01:12 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013/03/07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/03/07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/03/07 00:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/03/07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/03/07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/03/07 00:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/03/07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/03/07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/02/12 05:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013/02/03 19:32:42 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Soluto.sys -- (Soluto)
DRV:64bit: - [2013/01/29 08:57:11 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/04 07:59:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/07/04 06:10:56 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/07/03 17:21:52 | 000,019,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012/07/02 09:35:36 | 000,421,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV:64bit: - [2012/07/02 09:35:36 | 000,221,312 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2012/07/02 09:35:36 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2012/07/02 09:35:36 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2012/04/18 15:05:16 | 000,019,304 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2012/03/05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/17 08:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011/08/17 08:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011/08/17 08:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011/08/17 08:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011/07/22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/07/07 20:30:38 | 001,379,376 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/05/13 17:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 17:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/04/22 10:04:29 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/04 20:44:12 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/11/20 14:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010/11/20 14:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/20 12:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/11/20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/11/20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/06/25 15:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010/03/09 02:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/02/16 20:24:20 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2010/02/02 01:11:36 | 000,015,688 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\windows\SysNative\drivers\SbFsLock.sys -- (SbFsLock)
DRV:64bit: - [2010/02/02 01:11:34 | 000,058,184 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\SysNative\drivers\RsvLock.sys -- (RsvLock)
DRV:64bit: - [2010/02/02 01:11:32 | 000,056,648 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\SafeBoot.sys -- (SafeBoot)
DRV:64bit: - [2010/01/30 06:46:04 | 000,089,344 | ---- | M] (Realtek Semiconductor Corp.) [2 MP Fixed] [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
DRV:64bit: - [2010/01/26 04:06:06 | 000,044,576 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\psd.sys -- (PersonalSecureDrive)
DRV:64bit: - [2010/01/21 18:42:48 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2010/01/08 11:23:00 | 000,395,776 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2010/01/07 19:22:44 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/01/07 19:22:40 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/01/07 19:22:36 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/01/07 19:22:34 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/12/11 13:32:06 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
DRV:64bit: - [2009/11/12 13:48:56 | 000,005,504 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\windows\SysNative\drivers\StarOpen.sys -- (StarOpen)
DRV:64bit: - [2009/11/01 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/10/28 16:54:00 | 000,079,360 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdpe64.sys -- (risdpcie)
DRV:64bit: - [2009/10/26 13:52:00 | 000,061,952 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci)
DRV:64bit: - [2009/10/21 21:37:52 | 000,040,760 | ---- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DAMDrv64.sys -- (DAMDrv)
DRV:64bit: - [2009/08/23 13:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 19:32:52 | 000,060,160 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\SbAlg.sys -- (SbAlg)
DRV:64bit: - [2009/04/22 07:14:44 | 000,146,048 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AESTAu64.sys -- (AESTAud)
DRV - [2010/02/02 01:11:46 | 000,051,800 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysWow64\drivers\SbAlg.sys -- (SbAlg)
DRV - [2010/02/02 01:11:28 | 000,013,256 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\windows\SysWow64\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2010/02/02 01:11:24 | 000,040,088 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\SysWow64\drivers\rsvlock.sys -- (RsvLock)
DRV - [2010/02/02 01:11:22 | 000,110,520 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysWow64\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2009/11/12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{5C107638-26D5-4D6C-A04A-D9F6E9391E01}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{5C107638-26D5-4D6C-A04A-D9F6E9391E01}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2184412465-192472027-3838285202-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2184412465-192472027-3838285202-1002\..\SearchScopes,DefaultScope = {5C107638-26D5-4D6C-A04A-D9F6E9391E01}
IE - HKU\S-1-5-21-2184412465-192472027-3838285202-1002\..\SearchScopes\{5C107638-26D5-4D6C-A04A-D9F6E9391E01}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-2184412465-192472027-3838285202-1002\..\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}: "URL" = http://badoo.com/startpage/?source=bsb&q={searchTerms}
IE - HKU\S-1-5-21-2184412465-192472027-3838285202-1002\..\SearchScopes\{CAA28645-68E2-4C39-A762-904A77D81BD9}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =827316&p={searchTerms}
IE - HKU\S-1-5-21-2184412465-192472027-3838285202-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\windows\system32\npDeployJava1.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2010/05/27 01:06:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/22 17:19:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/27 10:26:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/03/08 09:23:53 | 000,000,000 | ---D | M]

[2013/03/27 10:27:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\nexter\AppData\Roaming\mozilla\Extensions
[2013/03/27 10:26:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/08 09:23:49 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/03/08 09:23:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/03/08 09:23:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/03/07 15:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/26 19:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2013/03/07 19:55:01 | 000,001,583 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\atlas-sk.xml
[2013/03/07 19:55:01 | 000,001,380 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\azet-sk.xml
[2013/03/07 19:55:01 | 000,001,479 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\dunaj-sk.xml
[2013/03/07 19:55:01 | 000,001,473 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slovnik-sk.xml
[2013/03/07 19:55:02 | 000,001,104 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sk.xml
[2013/03/07 19:55:01 | 000,000,830 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\zoznam-sk.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Disabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Disabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Disabled) = C:\Users\nexter\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: TV = C:\Users\nexter\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.12_0\
CHR - Extension: YouTube = C:\Users\nexter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Users\nexter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: avast! WebRep = C:\Users\nexter\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: Kontrola po\u0161ty Google = C:\Users\nexter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: DvdVideoSoft Free Youtube Download = C:\Users\nexter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\
CHR - Extension: Type Fu = C:\Users\nexter\AppData\Local\Google\Chrome\User Data\Default\Extensions\okboeogmnhjpgbeaokfogelclpblaemo\2.0.0_0\
CHR - Extension: Bitdefender QuickScan = C:\Users\nexter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.118_0\
CHR - Extension: Gmail = C:\Users\nexter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/03/23 16:13:45 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files (x86)\PC Translator\webie.dll ()
O4:64bit: - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4:64bit: - HKLM..\Run: [acevents] C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity)
O4:64bit: - HKLM..\Run: [CNAP2 Launcher] C:\Windows\SysNative\spool\drivers\x64\3\CNAP2LAK.EXE (CANON INC.)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe ()
O4:64bit: - HKLM..\Run: [lxecmon.exe] C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe ()
O4:64bit: - HKLM..\Run: [Soluto] c:\program files\soluto\soluto.exe (Soluto)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AMD AVT] C:\windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [estar] C:\System.Sav\Util\HideDOS.EXE ()
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-2184412465-192472027-3838285202-1002..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2184412465-192472027-3838285202-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2184412465-192472027-3838285202-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2184412465-192472027-3838285202-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O8:64bit: - Extra context menu item: Prevést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Prevést cíl vazby do existujícího PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Prevést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Pridat do stávajícího PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Prevést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Pridat do stávajícího PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files (x86)\PC Translator\webie.dll ()
O9 - Extra 'Tools' menuitem : &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files (x86)\PC Translator\webie.dll ()
O9 - Extra 'Tools' menuitem : Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files (x86)\PC Translator\webie.dll ()
O9 - Extra 'Tools' menuitem : Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files (x86)\PC Translator\webie.dll ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-2184412465-192472027-3838285202-1002\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-2184412465-192472027-3838285202-1002\..Trusted Ranges: GD ([http] in Local intranet)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.4.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.4.0)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.168.1.2 195.168.1.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D044146-0F77-45DA-9CD4-BD9CFA547FA9}: NameServer = 194.154.227.17 195.91.0.17
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{253EAEDF-C912-42F0-B89B-F7A18CDF79D4}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{705F48C7-5F8D-48AD-A1BF-851D34A35BE5}: DhcpNameServer = 195.168.1.2 195.168.1.4
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~3\GoogleDesktopNetwork3.dll) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/05/11 20:57:18 | 000,000,000 | ---D | M] - C:\AutoCAD Plant 3D 2011 Content -- [ NTFS ]
O32 - AutoRun File - [2013/02/15 23:02:28 | 000,000,000 | ---D | M] - C:\AutoCAD Plant 3D 2013 Content -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal autor témy Offline

nexter: 27.03.2013 16:28

2/2

[2013/03/27 16:01:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\nexter\Desktop\OTL.exe
[2013/03/27 14:09:30 | 000,000,000 | ---D | C] -- C:\Users\nexter\Desktop\Appdir 64-bit
[2013/03/27 14:08:54 | 000,000,000 | ---D | C] -- C:\Users\nexter\Desktop\WinDriverDir 64-bit
[2013/03/27 10:26:51 | 000,000,000 | ---D | C] -- C:\Users\nexter\AppData\Roaming\Mozilla
[2013/03/27 10:26:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/03/27 10:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
[2013/03/27 10:17:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MozBackup
[2013/03/24 11:00:29 | 000,000,000 | ---D | C] -- C:\Users\nexter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2013/03/23 16:43:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/03/23 16:43:45 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013/03/23 16:43:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/03/23 16:31:57 | 000,000,000 | ---D | C] -- C:\windows\temp
[2013/03/23 16:13:55 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/03/23 14:58:51 | 000,000,000 | ---D | C] -- C:\rsit
[2013/03/23 13:08:24 | 000,000,000 | ---D | C] -- C:\Users\nexter\AppData\Roaming\SUPERAntiSpyware.com
[2013/03/23 13:08:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/03/23 13:07:54 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/03/23 13:07:54 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/03/23 12:38:18 | 000,000,000 | ---D | C] -- C:\userscript
[2013/03/23 11:32:32 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\nexter\Desktop\tdsskiller.exe
[2013/03/22 22:39:16 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013/03/22 22:39:16 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013/03/22 22:39:16 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2013/03/22 22:34:34 | 005,042,224 | R--- | C] (Swearware) -- C:\Users\nexter\Desktop\ComboFix.exe
[2013/03/22 22:34:15 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\nexter\Desktop\rkill (1).com
[2013/03/22 21:35:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/03/22 21:35:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2013/03/22 17:17:44 | 000,000,000 | ---D | C] -- C:\Users\nexter\AppData\Roaming\QuickScan
[2013/03/21 08:30:06 | 000,000,000 | ---D | C] -- C:\Users\nexter\AppData\Roaming\FileOpen
[2013/03/21 08:30:06 | 000,000,000 | ---D | C] -- C:\ProgramData\FileOpen
[2013/03/18 08:32:32 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2013/03/17 20:59:39 | 000,000,000 | ---D | C] -- C:\Komku
[2013/03/15 15:40:38 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2013/03/15 15:40:37 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/03/15 15:40:37 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/03/15 15:40:37 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/03/15 15:40:37 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2013/03/15 15:40:37 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2013/03/15 15:40:37 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2013/03/15 15:40:37 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/03/15 15:40:37 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2013/03/15 15:40:37 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2013/03/15 15:40:37 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/03/15 15:40:37 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2013/03/15 15:40:37 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/03/15 15:40:37 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013/03/15 15:40:37 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/03/15 15:40:37 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2013/03/15 15:40:37 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2013/03/15 15:40:37 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/03/15 15:40:37 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2013/03/15 15:40:37 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2013/03/15 15:40:37 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/03/15 15:40:37 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/03/15 15:40:37 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2013/03/15 15:40:37 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2013/03/15 15:40:37 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2013/03/15 15:40:37 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2013/03/15 15:40:37 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/03/15 15:40:37 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2013/03/15 15:40:37 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2013/03/15 15:40:37 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2013/03/15 15:40:37 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2013/03/15 15:40:37 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2013/03/15 15:40:37 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2013/03/15 15:40:37 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/03/15 15:40:37 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/03/15 15:40:37 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2013/03/15 15:40:37 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2013/03/15 15:40:37 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2013/03/15 15:40:37 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2013/03/15 15:40:37 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2013/03/15 15:40:37 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/03/15 15:40:37 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2013/03/15 15:40:37 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/03/15 15:40:37 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2013/03/15 15:40:37 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/03/15 15:40:37 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2013/03/15 15:40:37 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2013/03/15 15:40:37 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/03/15 15:40:37 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2013/03/15 15:40:37 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2013/03/15 15:40:37 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/03/15 15:40:37 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2013/03/15 15:40:37 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/03/15 15:40:37 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2013/03/15 15:40:37 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2013/03/15 15:40:37 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/03/15 15:40:37 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2013/03/15 15:40:37 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/03/15 15:40:37 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2013/03/15 15:40:37 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2013/03/15 15:40:37 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2013/03/15 15:40:37 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/03/15 15:40:37 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/03/15 15:40:37 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2013/03/15 15:40:37 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2013/03/15 15:40:37 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2013/03/15 15:40:37 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2013/03/15 15:40:37 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2013/03/15 15:32:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/15 15:32:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/03/15 15:28:26 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023x.sys
[2013/03/15 15:28:26 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023.sys
[2013/03/08 09:23:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/02 20:13:14 | 000,000,000 | ---D | C] -- C:\Users\nexter\Documents\Moje palety
[2013/03/02 20:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2013/03/02 18:23:28 | 000,000,000 | ---D | C] -- C:\Users\nexter\Documents\Corel
[2013/03/02 18:23:03 | 000,000,000 | ---D | C] -- C:\Users\nexter\Documents\Visual Studio 2008
[2013/03/02 18:21:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2013/03/02 18:20:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2013/03/02 18:18:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Protexis
[2013/03/02 18:18:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2013/03/02 18:12:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5
[2013/03/02 18:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\CorelDRAW Graphics Suite X5
[2013/02/27 07:47:42 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msmpeg2vdec.dll
[2013/02/27 07:47:42 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msmpeg2vdec.dll
[2013/02/27 07:47:41 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIAnimation.dll
[2013/02/27 07:47:41 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIAnimation.dll
[2013/02/27 07:47:19 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2013/02/27 07:47:19 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2013/02/27 07:46:56 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/02/27 07:46:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/02/27 07:46:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/02/27 07:46:53 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll
[2013/02/27 07:46:53 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/02/27 07:46:53 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/02/27 07:46:53 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/02/27 07:46:53 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/02/27 07:46:53 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/02/27 07:46:52 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2013/02/27 07:46:52 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2013/02/27 07:46:51 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2013/02/27 07:46:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/02/27 07:46:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/02/27 07:46:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/02/27 07:46:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/02/27 07:46:49 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/02/27 07:46:49 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/02/27 07:46:49 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/02/27 07:46:49 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/02/27 07:46:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/02/27 07:46:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/02/27 07:46:47 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2013/02/27 07:46:47 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll
[2013/02/27 07:46:46 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2013/02/27 07:46:46 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
[2013/02/27 07:46:46 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2013/02/27 07:46:46 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10core.dll
[2013/02/27 07:46:45 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10.dll
[2013/02/27 07:46:45 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2013/02/27 07:46:44 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2013/02/27 07:46:42 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2013/02/27 07:46:41 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecsExt.dll
[2013/02/27 07:46:39 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2013/02/27 07:46:38 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\Users\nexter\Desktop\*.tmp files -> C:\Users\nexter\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/27 16:07:03 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/03/27 16:01:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\nexter\Desktop\OTL.exe
[2013/03/27 15:48:03 | 000,000,936 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/27 15:01:36 | 000,139,264 | ---- | M] () -- C:\Users\nexter\Desktop\SystemLook.exe
[2013/03/27 14:06:18 | 000,007,642 | ---- | M] () -- C:\Users\nexter\AppData\Local\Resmon.ResmonCfg
[2013/03/27 13:08:01 | 000,000,512 | ---- | M] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task a4fe0e06-17e0-4b9d-a39d-87e17e2a17e9.job
[2013/03/27 11:36:59 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/27 11:36:59 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/27 10:26:39 | 000,001,107 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/27 10:19:54 | 025,518,683 | ---- | M] () -- C:\Users\nexter\Documents\Firefox 19.0.2 (sk) - 2013-03-27.pcv
[2013/03/27 10:17:33 | 000,000,987 | ---- | M] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2013/03/27 10:16:20 | 000,000,336 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleFornexter.job
[2013/03/27 09:06:27 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/03/27 09:06:09 | 4016,496,640 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/27 08:16:38 | 000,003,392 | ---- | M] () -- C:\windows\wdict32.INI
[2013/03/27 06:48:25 | 000,000,512 | ---- | M] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task c388c850-fec6-47d6-87ec-607c3d4deb39.job
[2013/03/26 17:02:42 | 001,079,796 | ---- | M] () -- C:\acadminidump.dmp
[2013/03/25 17:29:07 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/03/25 17:29:06 | 000,002,024 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2013/03/25 17:01:12 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) -- C:\windows\SysNative\drivers\sptd.sys
[2013/03/25 09:48:59 | 000,783,374 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/03/25 09:48:59 | 000,655,838 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/03/25 09:48:59 | 000,122,710 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/03/23 16:43:48 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/23 16:13:45 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2013/03/23 14:58:39 | 000,781,383 | ---- | M] () -- C:\Users\nexter\Desktop\RSIT.exe
[2013/03/23 14:53:02 | 000,609,993 | ---- | M] () -- C:\Users\nexter\Desktop\adwcleaner.exe
[2013/03/23 14:13:56 | 000,106,712 | ---- | M] () -- C:\Users\nexter\Desktop\estet.jpg
[2013/03/23 11:32:27 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\nexter\Desktop\tdsskiller.exe
[2013/03/22 22:34:31 | 005,042,224 | R--- | M] (Swearware) -- C:\Users\nexter\Desktop\ComboFix.exe
[2013/03/22 22:33:17 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\nexter\Desktop\rkill (1).com
[2013/03/22 17:19:52 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt
[2013/03/15 15:40:38 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2013/03/15 15:40:37 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/03/15 15:40:37 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/03/15 15:40:37 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/03/15 15:40:37 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2013/03/15 15:40:37 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2013/03/15 15:40:37 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2013/03/15 15:40:37 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/03/15 15:40:37 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2013/03/15 15:40:37 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2013/03/15 15:40:37 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/03/15 15:40:37 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2013/03/15 15:40:37 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/03/15 15:40:37 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013/03/15 15:40:37 | 000,526,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/03/15 15:40:37 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2013/03/15 15:40:37 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2013/03/15 15:40:37 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/03/15 15:40:37 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2013/03/15 15:40:37 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2013/03/15 15:40:37 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/03/15 15:40:37 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/03/15 15:40:37 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2013/03/15 15:40:37 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2013/03/15 15:40:37 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2013/03/15 15:40:37 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2013/03/15 15:40:37 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/03/15 15:40:37 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2013/03/15 15:40:37 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2013/03/15 15:40:37 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2013/03/15 15:40:37 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2013/03/15 15:40:37 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2013/03/15 15:40:37 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2013/03/15 15:40:37 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/03/15 15:40:37 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/03/15 15:40:37 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2013/03/15 15:40:37 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2013/03/15 15:40:37 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2013/03/15 15:40:37 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2013/03/15 15:40:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2013/03/15 15:40:37 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/03/15 15:40:37 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2013/03/15 15:40:37 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/03/15 15:40:37 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2013/03/15 15:40:37 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/03/15 15:40:37 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2013/03/15 15:40:37 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2013/03/15 15:40:37 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/03/15 15:40:37 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2013/03/15 15:40:37 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2013/03/15 15:40:37 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/03/15 15:40:37 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2013/03/15 15:40:37 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/03/15 15:40:37 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2013/03/15 15:40:37 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2013/03/15 15:40:37 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/03/15 15:40:37 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2013/03/15 15:40:37 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/03/15 15:40:37 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2013/03/15 15:40:37 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2013/03/15 15:40:37 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2013/03/15 15:40:37 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/03/15 15:40:37 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/03/15 15:40:37 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2013/03/15 15:40:37 | 000,025,185 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2013/03/15 15:40:37 | 000,025,185 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2013/03/15 15:40:37 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2013/03/15 15:40:37 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2013/03/15 15:40:37 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2013/03/15 15:40:37 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2013/03/15 15:32:34 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/03/15 07:33:36 | 000,000,374 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts.ics
[2013/03/14 16:06:10 | 000,003,774 | ---- | M] () -- C:\windows\wtran32.INI
[2013/03/14 16:06:09 | 000,000,000 | ---- | M] () -- C:\windows\XXLGSC
[2013/03/14 12:51:43 | 000,002,143 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/13 16:09:43 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/03/13 16:09:43 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2013/03/07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2013/03/07 00:33:21 | 000,178,624 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2013/03/07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2013/03/07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys
[2013/03/07 00:33:21 | 000,065,336 | ---- | M] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2013/03/07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2013/03/07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys
[2013/03/07 00:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[2013/03/07 00:32:22 | 000,287,840 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2013/03/03 10:08:12 | 000,610,632 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\Users\nexter\Desktop\*.tmp files -> C:\Users\nexter\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/27 15:01:33 | 000,139,264 | ---- | C] () -- C:\Users\nexter\Desktop\SystemLook.exe
[2013/03/27 10:26:39 | 000,001,119 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/03/27 10:26:39 | 000,001,107 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/27 10:19:18 | 025,518,683 | ---- | C] () -- C:\Users\nexter\Documents\Firefox 19.0.2 (sk) - 2013-03-27.pcv
[2013/03/27 10:17:33 | 000,000,987 | ---- | C] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2013/03/26 17:02:09 | 001,079,796 | ---- | C] () -- C:\acadminidump.dmp
[2013/03/23 16:43:48 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/23 14:58:36 | 000,781,383 | ---- | C] () -- C:\Users\nexter\Desktop\RSIT.exe
[2013/03/23 14:13:55 | 000,106,712 | ---- | C] () -- C:\Users\nexter\Desktop\estet.jpg
[2013/03/23 13:08:56 | 000,000,512 | ---- | C] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task a4fe0e06-17e0-4b9d-a39d-87e17e2a17e9.job
[2013/03/23 13:08:49 | 000,000,512 | ---- | C] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task c388c850-fec6-47d6-87ec-607c3d4deb39.job
[2013/03/23 13:08:07 | 000,001,973 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/03/22 22:39:16 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013/03/22 22:39:16 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013/03/22 22:39:16 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013/03/22 22:39:16 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013/03/22 22:39:16 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013/03/22 22:14:15 | 000,609,993 | ---- | C] () -- C:\Users\nexter\Desktop\adwcleaner.exe
[2013/03/22 17:19:54 | 000,178,624 | ---- | C] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2013/03/22 17:19:52 | 000,065,336 | ---- | C] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2013/03/15 15:40:37 | 000,025,185 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2013/03/15 15:40:37 | 000,025,185 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2013/03/15 15:32:34 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/02/28 20:32:39 | 000,000,344 | ---- | C] () -- C:\Users\nexter\Desktop\eDANE – aplikácia sekcie daňovej FR SR pre podávanie daňových dokumentov .appref-ms
[2013/02/24 17:30:56 | 000,000,063 | ---- | C] () -- C:\windows\capture.ini
[2013/02/24 15:08:16 | 000,000,208 | ---- | C] () -- C:\Users\nexter\AppData\Local\SRDownloader.err
[2013/02/24 15:07:24 | 000,001,056 | ---- | C] () -- C:\Users\nexter\AppData\Local\SRDownloader.nast
[2012/09/26 19:57:14 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2012/09/26 19:57:14 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2012/09/26 19:57:14 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2012/09/26 19:57:14 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2012/07/04 06:34:16 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2012/07/04 06:34:16 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2012/04/18 19:39:10 | 000,028,672 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll
[2011/10/28 18:13:11 | 000,643,072 | ---- | C] ( ) -- C:\windows\SysWow64\lxecpmui.dll
[2011/10/28 18:13:11 | 000,364,544 | ---- | C] ( ) -- C:\windows\SysWow64\lxecinpa.dll
[2011/10/28 18:13:11 | 000,344,064 | ---- | C] () -- C:\windows\SysWow64\lxeccomx.dll
[2011/10/28 18:13:11 | 000,344,064 | ---- | C] ( ) -- C:\windows\SysWow64\lxeciesc.dll
[2011/10/28 18:13:11 | 000,106,496 | ---- | C] () -- C:\windows\SysWow64\lxecinsr.dll
[2011/10/28 18:13:11 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\lxecjswr.dll
[2011/10/28 18:13:11 | 000,036,864 | ---- | C] () -- C:\windows\SysWow64\lxeccur.dll
[2011/10/28 18:13:10 | 001,048,576 | ---- | C] ( ) -- C:\windows\SysWow64\lxecserv.dll
[2011/10/28 18:13:10 | 000,847,872 | ---- | C] ( ) -- C:\windows\SysWow64\lxecusb1.dll
[2011/10/28 18:13:10 | 000,323,584 | ---- | C] () -- C:\windows\SysWow64\lxecins.dll
[2011/10/28 18:13:10 | 000,262,144 | ---- | C] () -- C:\windows\SysWow64\lxecinsb.dll
[2011/10/28 18:13:10 | 000,253,952 | ---- | C] () -- C:\windows\SysWow64\lxeccu.dll
[2011/10/28 18:13:10 | 000,090,112 | ---- | C] () -- C:\windows\SysWow64\lxeccub.dll
[2011/10/28 18:13:09 | 000,802,816 | ---- | C] ( ) -- C:\windows\SysWow64\lxeccomc.dll
[2011/10/28 18:13:09 | 000,688,128 | ---- | C] ( ) -- C:\windows\SysWow64\lxechbn3.dll
[2011/10/28 18:13:09 | 000,598,696 | ---- | C] ( ) -- C:\windows\SysWow64\lxeccoms.exe
[2011/10/28 18:13:09 | 000,577,536 | ---- | C] ( ) -- C:\windows\SysWow64\lxeclmpm.dll
[2011/10/28 18:13:09 | 000,372,736 | ---- | C] ( ) -- C:\windows\SysWow64\lxeccomm.dll
[2011/10/28 18:13:09 | 000,324,264 | ---- | C] ( ) -- C:\windows\SysWow64\lxecih.exe
[2011/10/28 18:13:08 | 000,373,416 | ---- | C] ( ) -- C:\windows\SysWow64\lxeccfg.exe
[2011/10/21 07:44:10 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2011/09/26 11:49:14 | 000,004,096 | -H-- | C] () -- C:\Users\nexter\AppData\Local\keyfile3.drm
[2011/09/12 23:06:16 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011/07/04 14:53:39 | 000,007,168 | ---- | C] () -- C:\windows\SysWow64\drivers\StarOpen.sys
[2011/06/28 07:33:02 | 000,213,644 | ---- | C] () -- C:\windows\SysWow64\mlfcache.dat
[2011/06/14 15:33:37 | 000,036,363 | ---- | C] () -- C:\windows\CSTBox.INI
[2011/05/16 13:35:03 | 000,003,774 | ---- | C] () -- C:\windows\wtran32.INI
[2011/05/02 06:37:23 | 000,299,008 | ---- | C] () -- C:\windows\SysWow64\LXECsm.dll
[2011/05/02 06:37:23 | 000,024,064 | ---- | C] () -- C:\windows\SysWow64\LXECsmr.dll
[2011/04/26 08:24:45 | 000,770,442 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/04/26 07:51:46 | 000,003,392 | ---- | C] () -- C:\windows\wdict32.INI
[2011/04/23 15:03:35 | 000,007,642 | ---- | C] () -- C:\Users\nexter\AppData\Local\Resmon.ResmonCfg
[2011/04/22 19:05:43 | 000,000,056 | ---- | C] () -- C:\windows\SysWow64\ezsidmv.dat
[2011/04/22 18:51:33 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/06/27 12:05:35 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\Auslogics
[2013/02/16 16:43:32 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\Autodesk
[2012/12/22 14:32:46 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\avidemux
[2011/07/04 14:53:47 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\Canneverbe Limited
[2011/07/27 12:03:22 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\Canon
[2013/03/25 18:13:01 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\DAEMON Tools Lite
[2011/04/22 10:01:51 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\DigitalPersona
[2012/11/01 17:21:16 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\DVDVideoSoft
[2013/03/21 08:30:06 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\FileOpen
[2011/04/26 15:28:51 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\Foxit Software
[2011/07/04 13:52:28 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\GHISLER
[2012/07/24 19:36:52 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\HTC
[2012/07/24 19:16:38 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012/10/31 17:38:46 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\Infineon
[2011/10/27 13:22:36 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\IObit
[2012/09/27 17:20:21 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\MAGIX
[2011/11/20 17:20:09 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\Mobile Atlas Creator
[2012/06/07 19:32:40 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\mojosoft
[2012/07/10 11:29:30 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\MyPhoneExplorer
[2012/03/22 20:14:15 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\Outlook
[2013/01/17 09:45:34 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\PDF Architect
[2012/04/16 15:48:02 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\PhotoFiltre
[2012/08/22 12:05:37 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\PhotoFiltre Studio X
[2012/12/23 18:10:21 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\Publish Providers
[2013/03/23 15:08:29 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\QuickScan
[2012/10/17 19:17:33 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\Samsung
[2012/06/15 06:16:07 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\Soluto
[2012/12/23 18:10:15 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\Sony
[2012/02/21 20:51:02 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\TeamViewer
[2013/03/23 10:39:23 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\uTorrent
[2012/06/25 13:18:42 | 000,000,000 | ---D | M] -- C:\Users\nexter\AppData\Roaming\Xilisoft

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:07BF512B
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:A1EDB939
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:587EB586

< End of report >

personal compuper

Užívateľ

Užívateľ

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2

Napísal

personal compuper: 27.03.2013 17:09

Znovu spusť OTL
Do spodného okna skenovanie/opravy (Custom Scans/Repairs) vlož nasledujúce

Kód:

:OTL
IE - HKU\S-1-5-21-2184412465-192472027-3838285202-1002\..\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}: "URL" = http://badoo.com/startpage/?source=bsb&q={searchTerms}
IE - HKU\S-1-5-21-2184412465-192472027-3838285202-1002\..\SearchScopes\{CAA28645-68E2-4C39-A762-904A77D81BD9}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =827316&p={searchTerms}
IE - HKU\S-1-5-21-2184412465-192472027-3838285202-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{5C107638-26D5-4D6C-A04A-D9F6E9391E01}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{5C107638-26D5-4D6C-A04A-D9F6E9391E01}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2184412465-192472027-3838285202-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2184412465-192472027-3838285202-1002\..\SearchScopes,DefaultScope = {5C107638-26D5-4D6C-A04A-D9F6E9391E01}
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files (x86)\PC Translator\webie.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKU\S-1-5-21-2184412465-192472027-3838285202-1002..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
[1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\Users\nexter\Desktop\*.tmp files -> C:\Users\nexter\Desktop\*.tmp -> ]
:files
C:\Windows\system32\*.tmp.dll /s
C:\Windows\system32\drivers\*.tmp.dll /s
C:\Windows\system32\dllcache\*.tmp.dll /s
C:\Windows\system32\SET*.tmp /s
C:\Windows\*.tmp /s
%ALLUSERSPROFILE%\Local Settings\temp\*.*
C:\Documents and Settings\Jakub\Local Settings\temp\*.*
C:\Documents and Settings\Jakub\Data aplikací\temp\*.*
C:\Documents and Settings\Jakub\Application Data\temp\*.*
C:\Documents and Settings\All Users\Data aplikací\temp\*.*
C:\Documents and Settings\All Users\Application Data\temp\*.*
C:\Windows\temp\*.*
%TMP%\*.*
%TEMP%\*.* 
C:\Program Files (x86)\Spybot - Search & Destroy
C:\ProgramData\Spybot - Search & Destroy
C:\Users\nexter\Desktop\SystemLook.exe
C:\windows\tasks\SUPERAntiSpyware Scheduled Task c388c850-fec6-47d6-87ec-607c3d4deb39.job
C:\windows\tasks\Adobe Flash Player Updater.job
@C:\ProgramData\TEMP:07BF512B
@C:\ProgramData\TEMP:A1EDB939
@C:\ProgramData\TEMP:587EB586

:commands
[emptyjava]
[emptytemp]
[emptyflash]
[resethosts]
[purity]
[REBOOT]

Stlač tlačidlo Opraviť (RUN fix)
OTL vykoná prikazy zo scriptu reštartuje sa PC vyskoči log ten sem vlož .

nexter

Užívateľ

Užívateľ

Registrovaný: 18.11.09
Prihlásený: 16.04.18
Príspevky: 94
Témy: 18
Bydlisko: Ružomberok

Napísal autor témy Offline

nexter: 27.03.2013 20:44

Tu je log, akurat nie som si isty ci v togu co si poslal tu je JAKUB spravne:

C:\Documents and Settings\Jakub\Local Settings\temp\*.*
C:\Documents and Settings\Jakub\Data aplikací\temp\*.*
C:\Documents and Settings\Jakub\Application Data\temp\*.*

A tu je vypis logu:

All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-2184412465-192472027-3838285202-1002\Software\Microsoft\Internet Explorer\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A244612-A1F7-11E0-95C0-E71F4824019B}\ not found.
Registry key HKEY_USERS\S-1-5-21-2184412465-192472027-3838285202-1002\Software\Microsoft\Internet Explorer\SearchScopes\{CAA28645-68E2-4C39-A762-904A77D81BD9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAA28645-68E2-4C39-A762-904A77D81BD9}\ not found.
HKU\S-1-5-21-2184412465-192472027-3838285202-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5C107638-26D5-4D6C-A04A-D9F6E9391E01}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C107638-26D5-4D6C-A04A-D9F6E9391E01}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5C107638-26D5-4D6C-A04A-D9F6E9391E01}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C107638-26D5-4D6C-A04A-D9F6E9391E01}\ not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKU\S-1-5-21-2184412465-192472027-3838285202-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-2184412465-192472027-3838285202-1002\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2 removed from extensions.enabledAddons
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
File move failed. C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE7CD045-E861-484f-8273-0445EE161910}\ not found.
C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFC32E1D-EE75-4A48-BC60-104E11EE2431}\ deleted successfully.
C:\Program Files (x86)\PC Translator\webie.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QLBController deleted successfully.
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-2184412465-192472027-3838285202-1002\Software\Microsoft\Windows\CurrentVersion\Run\\SUPERAntiSpyware deleted successfully.
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//about.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Exclude.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//FWEvent.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//LanguageSelection.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Message.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyAgttryCmd.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyAgttryNag.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyNotification.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//NOCLessUpdate.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//quarantine.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//ScanNow.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//strings.vbs/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Template.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Update.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//VirFound.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\betavscan\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\vs\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\www\ deleted successfully.
Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}
C:\Windows\Downloaded Program Files\OnlineScanner.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
C:\windows\SysWow64\lMMLDeleteUserData42107612FX.tmp deleted successfully.
C:\Users\nexter\Desktop\~WRL1018.tmp deleted successfully.
========== FILES ==========
File\Folder C:\Windows\system32\*.tmp.dll not found.
File\Folder C:\Windows\system32\drivers\*.tmp.dll not found.
File\Folder C:\Windows\system32\dllcache\*.tmp.dll not found.
File\Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2461.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2624.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6037.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAF70.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBBC0.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCD0F.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD8A2.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDCF6.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE14B.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF07C.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP11ED.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2BC4.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP33EB.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B45.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7EC4.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8288.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8B7C.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8B82.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8B9B.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA507.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA9AE.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB455.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB681.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC3DD.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC883.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF9.tmp folder moved successfully.
C:\Windows\Installer\MSI1538.tmp moved successfully.
C:\Windows\Installer\MSI2C0E.tmp moved successfully.
C:\Windows\Installer\MSI4F9.tmp moved successfully.
C:\Windows\Installer\MSI5DD1.tmp moved successfully.
C:\Windows\Installer\MSI6B1.tmp moved successfully.
C:\Windows\Installer\MSI959B.tmp moved successfully.
C:\Windows\Installer\MSI95DB.tmp moved successfully.
C:\Windows\Installer\MSIB138.tmp moved successfully.
C:\Windows\Installer\MSIBE56.tmp moved successfully.
C:\Windows\Installer\MSIC26C.tmp moved successfully.
C:\Windows\Installer\MSIE64.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\2ea9831e17856e84683ddfa825ce04cb\BITEE98.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\5ce6e84d9f598e2c5ffe9f02ca9c3ea5\BITF05D.tmp moved successfully.
File/Folder C:\ProgramData\Local Settings\temp\*.* not found.
File\Folder C:\Documents and Settings\Jakub\Local Settings\temp\*.* not found.
File\Folder C:\Documents and Settings\Jakub\Data aplikací\temp\*.* not found.
File\Folder C:\Documents and Settings\Jakub\Application Data\temp\*.* not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\temp\*.* not found.
File\Folder C:\Documents and Settings\All Users\Application Data\temp\*.* not found.
C:\Windows\temp\ACLM_GeneratedProxy.cs moved successfully.
C:\Windows\temp\lpksetup-20130324-132744-0.log moved successfully.
C:\Windows\temp\lpksetup-20130325-071046-0.log moved successfully.
C:\Windows\temp\lpksetup-20130325-190423-0.log moved successfully.
C:\Windows\temp\lpksetup-20130326-204317-0.log moved successfully.
C:\Windows\temp\lpksetup-20130327-090735-0.log moved successfully.
C:\Windows\temp\MpCmdRun.log moved successfully.
C:\Windows\temp\MpSigStub.log moved successfully.
C:\Users\nexter\AppData\Local\Temp\AdobeARM.log moved successfully.
C:\Users\nexter\AppData\Local\Temp\alm.log moved successfully.
C:\Users\nexter\AppData\Local\Temp\amt.log moved successfully.
C:\Users\nexter\AppData\Local\Temp\Extract.exe moved successfully.
File move failed. C:\Users\nexter\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
C:\Users\nexter\AppData\Local\Temp\HPHKS_VolumeHigh.ico moved successfully.
C:\Users\nexter\AppData\Local\Temp\HPHKS_VolumeLow.ico moved successfully.
C:\Users\nexter\AppData\Local\Temp\HPSAActionItems.xml moved successfully.
C:\Users\nexter\AppData\Local\Temp\IMG1278.tmp moved successfully.
C:\Users\nexter\AppData\Local\Temp\is2CC6.tmp moved successfully.
C:\Users\nexter\AppData\Local\Temp\Np-C4E0.tmp moved successfully.
C:\Users\nexter\AppData\Local\Temp\SP59346.exe moved successfully.
C:\Users\nexter\AppData\Local\Temp\swtag.log moved successfully.
C:\Users\nexter\AppData\Local\Temp\tmp_grafx.jpg moved successfully.
C:\Users\nexter\AppData\Local\Temp\Transmittal_SITE-M021_019.xls moved successfully.
C:\Users\nexter\AppData\Local\Temp\trk2BBF.tmp moved successfully.
C:\Users\nexter\AppData\Local\Temp\trk7A6A.tmp moved successfully.
C:\Users\nexter\AppData\Local\Temp\trk996E.tmp moved successfully.
C:\Users\nexter\AppData\Local\Temp\trkEAE8.tmp moved successfully.
C:\Users\nexter\AppData\Local\Temp\VolumeHigh.ico moved successfully.
C:\Users\nexter\AppData\Local\Temp\VolumeLow.ico moved successfully.
C:\Users\nexter\AppData\Local\Temp\WMIBios.inf moved successfully.
C:\Users\nexter\AppData\Local\Temp\wmplog00.sqm moved successfully.
C:\Users\nexter\AppData\Local\Temp\wmplog01.sqm moved successfully.
C:\Users\nexter\AppData\Local\Temp\~DF97170BAE9BCC4580.TMP moved successfully.
C:\Users\nexter\AppData\Local\Temp\~DFCD1817ECCF754BE7.TMP moved successfully.
File move failed. C:\Users\nexter\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
C:\Program Files (x86)\Spybot - Search & Destroy\Help folder moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Recovery folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Logs folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy folder moved successfully.
C:\Users\nexter\Desktop\SystemLook.exe moved successfully.
C:\windows\tasks\SUPERAntiSpyware Scheduled Task c388c850-fec6-47d6-87ec-607c3d4deb39.job moved successfully.
C:\windows\tasks\Adobe Flash Player Updater.job moved successfully.
ADS C:\ProgramData\TEMP:07BF512B deleted successfully.
ADS C:\ProgramData\TEMP:A1EDB939 deleted successfully.
ADS C:\ProgramData\TEMP:587EB586 deleted successfully.
========== COMMANDS ==========

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: nexter
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0.00 mb

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: nexter
->Temp folder emptied: 5416037 bytes
->Temporary Internet Files folder emptied: 1063413 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 292981691 bytes
->Google Chrome cache emptied: 358182416 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 5183 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 81788189 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 732 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 95949 bytes
RecycleBin emptied: 105252 bytes

Total Files Cleaned = 705.00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: nexter
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 03272013_202540

Files\Folders moved on Reboot...
File\Folder C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll not found!
C:\Users\nexter\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\nexter\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

personal compuper

Užívateľ

Užívateľ

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2

Napísal

personal compuper: 27.03.2013 22:08

nastala nejaká zmena ?

Stránka: 1 z 2

[ Príspevkov: 31 ]

Choď na stránku: 1, 2 ďalšia

Obsah fóra » Software » Antivíry, bezpečnosť a sieť » Antivíry a antispywary » pomoc s http://adf.ly/Kwky2

Témy		Odpovede	Zobrazenia	Posledný príspevok
Podobné témy
	pomoc pomoc prosim nefunguje internet v Ovládače	7	1141	09.09.2017 20:37 Smith Wesson
	Pomoc pri pomoc pri skladaní PC - od 1 500 do 1 800 Eur (rozlíšenie 1440p) v PC zostavy	13	805	28.09.2023 20:23 johny314
	Pomoc v Zvuk	2	839	24.11.2007 17:30 optyx
	POMOC [ Choď na stránku: 1, 2 ] v Ostatné	30	2271	27.09.2009 20:01 workoholik16
	pomoc v PHP, ASP	2	788	02.02.2008 17:17 Punker661
	pomoc v Ostatné	13	953	08.08.2009 22:16 malcolm
	pomoc v HTML, XHTML, XML, CSS	1	375	18.10.2013 18:36 Ďuri
	pomoc v PHP, ASP	6	712	01.08.2008 16:27 Darkeye18
	Pomoc v ATI/AMD grafické karty	3	863	02.01.2008 7:51 Daron
	pomoc ! v Ovládače	1	957	18.08.2007 16:07 johny128
	pomoc v Monitory, televízory a projektory	2	875	19.02.2008 13:40 patqo_he
	Pomoc v Počítačové hry	2	588	13.06.2012 18:02 PepeTheDragon
	pomoc v ATI/AMD grafické karty	10	1061	10.01.2008 8:48 kasom
	Pomoc v Audio programy	4	941	05.02.2008 10:06 raikonen11
	POMOC ??? v Delphi, Visual Basic	2	1259	27.03.2008 14:32 Martinek6
	Pomoc! v Procesory	6	991	02.02.2008 18:27 Jaro

Nemôžete zakladať nové témy v tomto fóre
Nemôžete odpovedať na témy v tomto fóre
Nemôžete upravovať svoje príspevky v tomto fóre
Nemôžete mazať svoje príspevky v tomto fóre

Skočiť na:

Powered by phpBB Jarvis © 2005 - 2024 PCforum, webhosting by WebSupport, secured by GeoTrust, edited by JanoF
Ako väčšina webových stránok aj my používame cookies. Zotrvaním na webovej stránke súhlasíte, že ich môžeme používať.
Všeobecné podmienky, spracovanie osobných údajov a pravidlá fóra

pomoc s http://adf.ly/Kwky2

Podobné témy