MyCity » Ambulanta -> Arhiva Ambulante » Exploit:JS/Blacole.BW

Exploit:JS/Blacole.BW

Napisano na dan: 15.2.2012

Exploit:JS/Blacole.BW

Idi na vrh

Poslao: 15 Feb 2012 02:05
Idi na vrh
offline
  • Pridružio: 20 Jul 2011
  • Poruke: 44

[Link mogu videti samo ulogovani korisnici]
posle skidanja zakrpi sa windows update-a i restartovanja racunara MS antivirus mi je nasao ovaj virus meni je cudno to sto se isti taj virus nasao i na kompjuter moje sestre posle skidanja zakrpi ona isto koristi ie9 i ms ali koristi racunar na totalno drugaci nacin pa mi je cudno da je zakacila isti.
OTL logfile created on: 2/15/2012 2:00:18 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\laki\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Serbia and Montenegro (Former) | Language: SRL | Date Format: d.M.yyyy

3.91 Gb Total Physical Memory | 2.15 Gb Available Physical Memory | 55.15% Memory free
7.81 Gb Paging File | 5.87 Gb Available in Paging File | 75.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 273.09 Gb Total Space | 238.34 Gb Free Space | 87.27% Space Free | Partition Type: NTFS

Computer Name: LAKI-PC | User Name: laki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/15 01:59:28 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\laki\Downloads\OTL.exe
PRC - [2012/02/12 21:05:52 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/11/30 17:10:34 | 000,100,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
PRC - [2011/11/30 17:10:32 | 000,092,800 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
PRC - [2011/11/30 14:28:56 | 001,550,496 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2011/10/04 00:17:40 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/13 22:33:14 | 002,317,312 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2011/07/22 00:49:10 | 005,716,608 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/12/21 03:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/12/21 03:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/10/07 23:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2010/01/15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/12/15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/11/02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/06/19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/08/14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/08 14:26:23 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\93df5ea9646ad11a21517e4ab1d803d9\UIAutomationTypes.ni.dll
MOD - [2012/02/08 14:26:23 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\bb1d36ae26e7cadf563061596682e747\UIAutomationProvider.ni.dll
MOD - [2012/02/08 14:24:26 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2012/01/27 09:49:31 | 000,429,040 | ---- | M] () -- C:\Users\laki\AppData\Local\Google\Chrome\Application\17.0.963.46\ppgooglenaclpluginchrome.dll
MOD - [2012/01/27 09:49:29 | 003,772,912 | ---- | M] () -- C:\Users\laki\AppData\Local\Google\Chrome\Application\17.0.963.46\pdf.dll
MOD - [2012/01/27 09:48:06 | 000,122,880 | ---- | M] () -- C:\Users\laki\AppData\Local\Google\Chrome\Application\17.0.963.46\avutil-51.dll
MOD - [2012/01/27 09:48:05 | 000,222,208 | ---- | M] () -- C:\Users\laki\AppData\Local\Google\Chrome\Application\17.0.963.46\avformat-53.dll
MOD - [2012/01/27 09:48:03 | 001,746,944 | ---- | M] () -- C:\Users\laki\AppData\Local\Google\Chrome\Application\17.0.963.46\avcodec-53.dll
MOD - [2012/01/27 06:41:13 | 008,593,056 | ---- | M] () -- C:\Users\laki\AppData\Local\Google\Chrome\Application\17.0.963.46\gcswf32.dll
MOD - [2011/11/30 14:28:56 | 000,211,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/11/01 00:16:22 | 003,190,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2011/09/13 22:33:14 | 001,163,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
MOD - [2011/03/29 23:33:52 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2010/11/05 02:58:16 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010/11/05 02:58:10 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2010/11/05 02:58:06 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2010/11/05 02:53:28 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2010/11/05 02:53:24 | 005,279,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2010/11/05 02:53:24 | 004,218,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MOD - [2009/11/02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009/06/10 22:14:43 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/03/04 01:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/01/31 15:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/11/30 17:10:32 | 000,092,800 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/12/21 03:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/12/21 03:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/12/15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/11/03 18:09:48 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2011/11/03 18:09:22 | 012,310,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/10/03 23:49:32 | 002,770,944 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/10/03 18:48:40 | 000,394,728 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/10/03 18:48:38 | 000,129,512 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/08/02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/05/05 13:32:56 | 001,439,792 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/04/26 04:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 12:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/08/24 10:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/07/20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/05/23 17:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011/09/07 18:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\laki\Desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/"

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\laki\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\laki\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/11 18:38:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/02/06 00:12:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\laki\AppData\Roaming\Mozilla\Extensions
[2012/02/08 16:23:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\laki\AppData\Roaming\Mozilla\Firefox\Profiles\mefktikh.default\extensions
[2012/02/08 16:23:54 | 000,000,000 | ---D | M] (Qualys BrowserCheck) -- C:\Users\laki\AppData\Roaming\Mozilla\Firefox\Profiles\mefktikh.default\extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D}
[2012/02/06 00:46:14 | 000,000,000 | ---D | M] (WOT) -- C:\Users\laki\AppData\Roaming\Mozilla\Firefox\Profiles\mefktikh.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/02/06 00:49:47 | 000,000,000 | ---D | M] (Translate This!) -- C:\Users\laki\AppData\Roaming\Mozilla\Firefox\Profiles\mefktikh.default\extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack
[2012/02/06 00:51:10 | 000,002,113 | ---- | M] () -- C:\Users\laki\AppData\Roaming\Mozilla\Firefox\Profiles\mefktikh.default\searchplugins\google-translate-auto---sr.xml
[2012/02/06 00:12:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\LAKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MEFKTIKH.DEFAULT\EXTENSIONS\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.XPI
() (No name found) -- C:\USERS\LAKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MEFKTIKH.DEFAULT\EXTENSIONS\{3D7EB24F-2740-49DF-8937-200B1CC08F8A}.XPI
() (No name found) -- C:\USERS\LAKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MEFKTIKH.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\LAKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MEFKTIKH.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
() (No name found) -- C:\USERS\LAKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MEFKTIKH.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
() (No name found) -- C:\USERS\LAKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MEFKTIKH.DEFAULT\EXTENSIONS\STEFANVANDAMME@STEFANVD.NET.XPI
[2012/02/11 18:38:30 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/01/29 14:36:35 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/01/29 14:36:35 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\laki\AppData\Local\Google\Chrome\Application\17.0.963.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\laki\AppData\Local\Google\Chrome\Application\17.0.963.46\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\laki\AppData\Local\Google\Chrome\Application\17.0.963.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Qualys BrowserCheck Plugin (Enabled) = C:\Users\laki\AppData\Local\Google\Chrome\User Data\Default\Extensions\iekpjhkjhpbabigpoojijebfpficekjp\1.3.41.1_0\npqbc.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\laki\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Turn Off the Lights = C:\Users\laki\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.0.0.51_0\
CHR - Extension: WOT = C:\Users\laki\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.2.11_0\
CHR - Extension: YouTube = C:\Users\laki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google Search = C:\Users\laki\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Bookmarks Menu = C:\Users\laki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffmdedmghpoipeldijkdlcckdpempkdi\3.4.7_0\
CHR - Extension: AdBlock = C:\Users\laki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.17_0\
CHR - Extension: Qualys BrowserCheck = C:\Users\laki\AppData\Local\Google\Chrome\User Data\Default\Extensions\iekpjhkjhpbabigpoojijebfpficekjp\1.3.41.1_0\
CHR - Extension: Gmail = C:\Users\laki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKCU..\Run: [Clock Widget (HTC Home)] C:\Program Files (x86)\HTC Home\Clock.exe ()
O4 - Startup: C:\Users\laki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [Link mogu videti samo ulogovani korisnici] (Qualys BrowserCheck)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_30)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} [Link mogu videti samo ulogovani korisnici] (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1B1DD499-92D1-4B00-B3F7-90CB0038C9F0}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/15 01:16:23 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/02/15 01:14:50 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Local\Deployment
[2012/02/15 01:14:50 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Local\Apps
[2012/02/15 00:52:28 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/02/15 00:49:48 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/02/15 00:49:48 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/02/15 00:49:47 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/02/15 00:49:46 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/02/15 00:49:46 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/02/15 00:49:46 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/02/15 00:49:46 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/02/15 00:49:46 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/02/15 00:49:46 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/02/15 00:49:45 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/02/15 00:49:45 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/02/15 00:48:19 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/02/15 00:47:57 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/02/15 00:47:57 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/02/15 00:47:50 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/02/15 00:39:36 | 000,000,000 | ---D | C] -- C:\Intel
[2012/02/15 00:38:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2012/02/15 00:37:34 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2012/02/13 23:54:56 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Local\ElevatedDiagnostics
[2012/02/13 20:04:49 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\Mirillis
[2012/02/13 20:04:49 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Local\Mirillis
[2012/02/13 20:04:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Mirillis
[2012/02/12 21:03:51 | 000,000,000 | -HSD | C] -- C:\aws
[2012/02/12 21:03:51 | 000,000,000 | ---D | C] -- C:\Users\laki\Documents\ASUS WebStorage
[2012/02/12 18:30:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/02/12 18:30:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/02/10 22:18:53 | 000,000,000 | ---D | C] -- C:\Users\laki\Documents\The KMPlayer
[2012/02/10 22:12:02 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
[2012/02/10 22:11:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The KMPlayer
[2012/02/10 00:59:31 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HTC Home
[2012/02/10 00:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC Home
[2012/02/10 00:59:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTC Home
[2012/02/09 23:25:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2012/02/09 23:19:12 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\uTorrent
[2012/02/09 14:35:30 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Local\Google
[2012/02/08 13:59:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2012/02/08 13:28:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012/02/08 13:28:19 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Local\Adobe
[2012/02/08 13:28:15 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2012/02/08 13:28:15 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/02/08 13:28:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2012/02/08 13:27:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/02/08 13:27:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/02/08 13:27:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/02/08 13:18:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/02/07 20:10:53 | 000,000,000 | ---D | C] -- C:\Users\laki\Documents\Rainmeter
[2012/02/07 20:10:53 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\Rainmeter
[2012/02/07 20:10:50 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rainmeter
[2012/02/07 20:10:49 | 000,000,000 | ---D | C] -- C:\Program Files\Rainmeter
[2012/02/07 04:50:32 | 000,000,000 | ---D | C] -- C:\Rainmeter
[2012/02/07 04:40:05 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\CyberLink
[2012/02/07 04:35:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ASUS_Screensaver dir
[2012/02/06 22:34:32 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2012/02/06 22:34:31 | 002,615,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012/02/06 22:34:31 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012/02/06 22:34:31 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012/02/06 22:34:31 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2012/02/06 22:34:31 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2012/02/06 22:34:31 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2012/02/06 22:34:30 | 003,744,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012/02/06 22:34:30 | 002,684,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2012/02/06 22:34:30 | 001,969,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012/02/06 22:34:30 | 000,100,456 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2012/02/06 22:08:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2012/02/06 21:18:56 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\Skype
[2012/02/06 21:18:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/02/06 21:18:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/02/06 21:18:47 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/02/06 21:18:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/02/06 00:12:48 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\Mozilla
[2012/02/06 00:12:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/02/03 02:27:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/02/03 02:27:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/02/03 02:27:23 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/02/03 02:27:23 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/02/03 02:27:23 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/02/03 02:27:23 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/02/03 02:27:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/02/02 22:28:16 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/02/02 22:28:15 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/02/02 21:57:25 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Local\Diagnostics
[2012/02/01 23:59:09 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\ASUS WebStorage
[2012/02/01 23:58:04 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Local\Power2Go
[2012/02/01 23:57:45 | 000,000,000 | R--D | C] -- C:\Users\laki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/02/01 23:57:45 | 000,000,000 | R--D | C] -- C:\Users\laki\Searches
[2012/02/01 23:57:45 | 000,000,000 | R--D | C] -- C:\Users\laki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/02/01 23:57:44 | 000,000,000 | -H-D | C] -- C:\Users\laki\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/02/01 23:57:37 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\Identities
[2012/02/01 23:57:34 | 000,000,000 | R--D | C] -- C:\Users\laki\Contacts
[2012/02/01 23:57:32 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Local\VirtualStore
[2012/02/01 23:57:23 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\Google
[2012/02/01 23:57:12 | 000,000,000 | ---D | C] -- C:\ProgramData\FolderView
[2012/02/01 23:57:11 | 000,000,000 | -H-D | C] -- C:\ASUS.DAT
[2012/02/01 23:56:44 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Local\ASUS
[2012/02/01 23:56:42 | 000,000,000 | -HSD | C] -- C:\Users\laki\AppData\Local\Temporary Internet Files
[2012/02/01 23:56:42 | 000,000,000 | -HSD | C] -- C:\Users\laki\Templates
[2012/02/01 23:56:42 | 000,000,000 | -HSD | C] -- C:\Users\laki\Start Menu
[2012/02/01 23:56:42 | 000,000,000 | -HSD | C] -- C:\Users\laki\SendTo
[2012/02/01 23:56:42 | 000,000,000 | -HSD | C] -- C:\Users\laki\Recent
[2012/02/01 23:56:42 | 000,000,000 | -HSD | C] -- C:\Users\laki\PrintHood
[2012/02/01 23:56:42 | 000,000,000 | -HSD | C] -- C:\Users\laki\NetHood
[2012/02/01 23:56:42 | 000,000,000 | -HSD | C] -- C:\Users\laki\Documents\My Videos
[2012/02/01 23:56:42 | 000,000,000 | -HSD | C] -- C:\Users\laki\Documents\My Pictures
[2012/02/01 23:56:42 | 000,000,000 | -HSD | C] -- C:\Users\laki\Documents\My Music
[2012/02/01 23:56:42 | 000,000,000 | -HSD | C] -- C:\Users\laki\My Documents
[2012/02/01 23:56:42 | 000,000,000 | -HSD | C] -- C:\Users\laki\Local Settings
[2012/02/01 23:56:42 | 000,000,000 | -HSD | C] -- C:\Users\laki\AppData\Local\History
[2012/02/01 23:56:42 | 000,000,000 | -HSD | C] -- C:\Users\laki\Cookies
[2012/02/01 23:56:42 | 000,000,000 | -HSD | C] -- C:\Users\laki\Application Data
[2012/02/01 23:56:42 | 000,000,000 | -HSD | C] -- C:\Users\laki\AppData\Local\Application Data
[2012/02/01 23:56:41 | 000,000,000 | --SD | C] -- C:\Users\laki\AppData\Roaming\Microsoft
[2012/02/01 23:56:41 | 000,000,000 | R--D | C] -- C:\Users\laki\Videos
[2012/02/01 23:56:41 | 000,000,000 | R--D | C] -- C:\Users\laki\Saved Games
[2012/02/01 23:56:41 | 000,000,000 | R--D | C] -- C:\Users\laki\Pictures
[2012/02/01 23:56:41 | 000,000,000 | R--D | C] -- C:\Users\laki\Music
[2012/02/01 23:56:41 | 000,000,000 | R--D | C] -- C:\Users\laki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/02/01 23:56:41 | 000,000,000 | R--D | C] -- C:\Users\laki\Links
[2012/02/01 23:56:41 | 000,000,000 | R--D | C] -- C:\Users\laki\Favorites
[2012/02/01 23:56:41 | 000,000,000 | R--D | C] -- C:\Users\laki\Downloads
[2012/02/01 23:56:41 | 000,000,000 | R--D | C] -- C:\Users\laki\Documents
[2012/02/01 23:56:41 | 000,000,000 | R--D | C] -- C:\Users\laki\Desktop
[2012/02/01 23:56:41 | 000,000,000 | R--D | C] -- C:\Users\laki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/02/01 23:56:41 | 000,000,000 | -H-D | C] -- C:\Users\laki\AppData
[2012/02/01 23:56:41 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Local\Temp
[2012/02/01 23:56:41 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Local\Microsoft
[2012/02/01 23:56:41 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\Media Center Programs
[2012/02/01 23:56:41 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2012/02/01 20:14:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
[2012/02/01 19:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2012/02/01 17:42:38 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\Apple Computer
[2012/02/01 17:42:38 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Local\Apple Computer
[2012/02/01 17:42:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/02/01 17:42:08 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2012/02/01 17:42:08 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2012/02/01 17:42:08 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012/02/01 17:41:50 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/02/01 17:41:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/02/01 17:41:50 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/02/01 17:41:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/02/01 17:41:50 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/02/01 17:41:18 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Local\Apple
[2012/02/01 17:41:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/02/01 17:41:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/02/01 17:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/02/01 17:41:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/02/01 17:40:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/02/01 17:40:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/02/01 11:23:27 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012/02/01 11:23:27 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/02/01 11:23:27 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012/02/01 11:23:26 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012/02/01 11:23:26 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012/02/01 11:23:26 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/02/01 11:23:26 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012/02/01 11:23:22 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012/02/01 11:23:21 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012/02/01 09:22:29 | 000,000,000 | ---D | C] -- C:\eSupport
[2012/02/01 08:40:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2012/02/01 08:40:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2012/02/01 08:40:48 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/02/01 08:38:24 | 000,379,520 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\FBAgent.exe
[2012/02/01 08:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2012/02/01 08:38:04 | 003,058,304 | ---- | C] (ASUS) -- C:\Windows\AsScrPro.exe
[2012/02/01 08:38:02 | 000,155,648 | ---- | C] (ASUSTeK) -- C:\Windows\SysWow64\ACEngSvr.exe
[2012/02/01 08:36:56 | 002,770,944 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2012/02/01 08:36:56 | 002,770,944 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys
[2012/02/01 08:36:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
[2012/02/01 08:36:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros
[2012/02/01 08:36:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virage Logic, Corp
[2012/02/01 08:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\SonicFocus
[2012/02/01 08:36:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012/02/01 08:36:04 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012/02/01 08:35:53 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012/02/01 08:35:53 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012/02/01 08:35:53 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012/02/01 08:35:53 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012/02/01 08:35:53 | 000,180,048 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFProc64.dll
[2012/02/01 08:35:53 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012/02/01 08:35:53 | 000,086,352 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFComm64.dll
[2012/02/01 08:35:53 | 000,083,792 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFSAPO64.dll
[2012/02/01 08:35:53 | 000,082,768 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFHAPO64.dll
[2012/02/01 08:35:53 | 000,082,768 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFDAPO64.dll
[2012/02/01 08:35:53 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012/02/01 08:35:52 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012/02/01 08:35:52 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012/02/01 08:35:52 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012/02/01 08:35:52 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012/02/01 08:35:52 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012/02/01 08:35:52 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012/02/01 08:35:52 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012/02/01 08:35:52 | 000,097,896 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2012/02/01 08:35:52 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012/02/01 08:35:51 | 002,132,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012/02/01 08:35:51 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012/02/01 08:35:51 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012/02/01 08:35:51 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012/02/01 08:35:51 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012/02/01 08:35:50 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012/02/01 08:35:50 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012/02/01 08:35:50 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012/02/01 08:35:50 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012/02/01 08:35:50 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012/02/01 08:35:50 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012/02/01 08:35:50 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012/02/01 08:35:50 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012/02/01 08:35:50 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012/02/01 08:35:50 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012/02/01 08:35:50 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012/02/01 08:35:50 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012/02/01 08:35:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012/02/01 08:35:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/02/01 08:35:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012/02/01 08:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AmUStor
[2012/02/01 08:34:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AmIcoSingLun
[2012/02/01 08:33:14 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2012/02/01 08:32:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012/02/01 08:32:32 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2012/02/01 08:32:31 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/02/01 08:32:24 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012/02/01 08:32:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012/02/01 08:32:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2012/02/01 08:31:05 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012/02/01 08:31:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012/02/01 08:29:23 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifsutil.dll
[2012/02/01 08:29:23 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifsutil.dll
[2012/02/01 08:28:50 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/02/01 08:28:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
[2012/02/01 08:23:18 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/02/01 03:10:56 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\qualys
[2012/02/01 02:42:30 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/02/01 02:42:30 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/02/01 02:42:02 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/02/01 02:42:01 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/02/01 02:42:00 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/02/01 02:41:59 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/02/01 02:41:59 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/02/01 02:41:59 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/02/01 02:41:58 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/02/01 02:41:58 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/02/01 02:41:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/02/01 02:41:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/02/01 02:41:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/02/01 02:41:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/02/01 02:41:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/02/01 02:41:57 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/02/01 02:41:57 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/02/01 02:41:57 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/02/01 02:41:57 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/02/01 02:41:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/02/01 02:41:57 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/02/01 02:41:57 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/02/01 02:41:57 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/02/01 02:41:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/02/01 02:41:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/02/01 02:41:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/02/01 02:41:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/02/01 02:41:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/02/01 02:41:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/02/01 02:41:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/02/01 02:41:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/02/01 02:41:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/02/01 02:41:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/02/01 02:41:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/02/01 02:41:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/02/01 02:41:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/02/01 02:41:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/02/01 02:41:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/02/01 02:41:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/02/01 02:41:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/02/01 02:41:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/02/01 02:41:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/02/01 02:41:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/02/01 02:41:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/02/01 02:41:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/02/01 02:41:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/02/01 02:41:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/02/01 02:41:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/02/01 02:41:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/02/01 02:41:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/02/01 02:41:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/02/01 02:41:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/02/01 02:41:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/02/01 02:41:53 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/02/01 02:41:52 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/02/01 02:41:52 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/02/01 02:41:52 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/02/01 02:41:52 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/02/01 02:41:51 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/02/01 02:41:51 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/02/01 02:41:51 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/02/01 02:41:51 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/02/01 02:41:50 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/02/01 02:41:50 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/02/01 02:41:50 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/02/01 02:41:50 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/02/01 02:41:49 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/02/01 02:41:49 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/02/01 02:41:48 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/02/01 02:41:48 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/02/01 02:41:46 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/02/01 02:41:45 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/02/01 02:41:45 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/02/01 02:41:45 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/02/01 02:41:45 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/02/01 02:41:45 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/02/01 02:41:43 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/02/01 02:41:43 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/02/01 02:41:43 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/02/01 02:41:42 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/02/01 02:41:39 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/02/01 02:41:39 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/02/01 02:41:39 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/02/01 02:41:39 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/02/01 02:41:39 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/02/01 02:41:39 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/02/01 02:41:38 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/02/01 02:41:38 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/02/01 02:41:38 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/02/01 02:41:38 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/02/01 02:41:38 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/02/01 02:41:35 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/02/01 02:41:35 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/02/01 02:41:33 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/02/01 02:41:30 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/02/01 02:41:30 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/02/01 02:41:29 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/02/01 02:41:29 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/02/01 02:40:57 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/02/01 02:40:56 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/02/01 02:40:56 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/02/01 02:40:38 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/02/01 02:38:30 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/02/01 02:38:30 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/02/01 02:38:29 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/02/01 02:38:29 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/02/01 02:38:29 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/02/01 02:38:29 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/02/01 01:34:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/02/01 01:34:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/02/01 01:21:57 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/02/01 01:16:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/02/01 01:16:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/02/01 01:16:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/02/01 00:43:16 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Local\Mozilla
[2012/02/01 00:37:48 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\FLEXnet
[2012/02/01 00:27:16 | 000,000,000 | ---D | C] -- C:\Users\laki\Documents\ASUS
[2012/02/01 00:27:08 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2012/02/01 00:23:16 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\Nuance
[2012/02/01 00:23:15 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\Zeon
[2012/02/01 00:16:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012/02/01 00:09:58 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Local\SoftGrid Client
[2012/02/01 00:09:57 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\SoftGrid Client
[2012/02/01 00:09:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/02/01 00:09:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/02/01 00:09:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2012/02/01 00:09:02 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\TP
[2012/02/01 00:07:59 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012/02/01 00:07:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2012/02/01 00:06:13 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\Macromedia
[2012/02/01 00:06:13 | 000,000,000 | ---D | C] -- C:\Users\laki\AppData\Roaming\Adobe
[2012/01/31 20:56:28 | 000,000,000 | ---D | C] -- C:\Users\laki\Documents\e-book

========== Files - Modified Within 30 Days ==========

[2012/02/15 02:02:00 | 000,000,954 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/15 01:20:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4014433784-2057604997-1407747067-1000UA.job
[2012/02/15 01:20:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4014433784-2057604997-1407747067-1000Core.job
[2012/02/15 01:06:45 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/15 01:06:45 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/15 00:59:49 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/15 00:59:38 | 000,269,400 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/02/15 00:59:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/15 00:59:08 | 3145,826,304 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/15 00:56:28 | 000,751,688 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/02/15 00:56:28 | 000,629,964 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/02/15 00:56:28 | 000,111,326 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/02/15 00:55:40 | 000,753,982 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/15 00:43:39 | 000,015,428 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2012/02/12 21:05:52 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
[2012/02/12 20:57:20 | 000,001,337 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/02/10 01:23:44 | 000,002,104 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/02/09 23:25:34 | 000,000,971 | ---- | M] () -- C:\Users\laki\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/02/08 16:30:21 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/02/08 13:59:00 | 000,001,864 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012/02/07 20:10:50 | 000,001,730 | ---- | M] () -- C:\Users\laki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2012/02/03 21:48:34 | 000,000,017 | ---- | M] () -- C:\Users\laki\AppData\Local\resmon.resmoncfg
[2012/02/03 02:27:16 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/02/03 02:27:16 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/02/03 02:27:16 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/02/03 02:27:16 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/02/01 23:57:06 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe
[2012/02/01 23:56:07 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
[2012/02/01 19:53:24 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/02/01 08:54:20 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/02/01 08:54:20 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/02/01 08:40:37 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTEK_K54C_V20_WIN7.MRK
[2012/02/01 08:33:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012/02/01 01:34:30 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/02/01 00:05:22 | 000,001,443 | ---- | M] () -- C:\Users\laki\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

========== Files Created - No Company Name ==========

[2012/02/15 01:15:11 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4014433784-2057604997-1407747067-1000UA.job
[2012/02/15 01:15:10 | 000,000,852 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4014433784-2057604997-1407747067-1000Core.job
[2012/02/15 00:44:19 | 000,001,083 | ---- | C] () -- C:\setup.iss
[2012/02/10 14:15:39 | 000,269,400 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/02/09 23:25:34 | 000,000,971 | ---- | C] () -- C:\Users\laki\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/02/08 13:28:15 | 000,001,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012/02/08 13:28:01 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/02/07 20:10:50 | 000,001,730 | ---- | C] () -- C:\Users\laki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2012/02/07 18:48:21 | 006,615,036 | -H-- | C] () -- C:\Users\laki\Documents\laki.rar
[2012/02/06 22:34:30 | 000,200,468 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012/02/06 00:12:46 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/02/03 21:48:34 | 000,000,017 | ---- | C] () -- C:\Users\laki\AppData\Local\resmon.resmoncfg
[2012/02/01 23:57:51 | 000,001,415 | ---- | C] () -- C:\Users\laki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/02/01 23:57:46 | 000,001,449 | ---- | C] () -- C:\Users\laki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/02/01 23:56:42 | 000,000,290 | ---- | C] () -- C:\Users\laki\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/02/01 23:56:42 | 000,000,272 | ---- | C] () -- C:\Users\laki\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/02/01 19:53:24 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/02/01 17:41:18 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/02/01 08:40:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTEK_K54C_V20_WIN7.MRK
[2012/02/01 08:40:03 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2012/02/01 08:38:24 | 000,002,104 | ---- | C] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/02/01 08:38:24 | 000,001,337 | ---- | C] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/02/01 08:38:24 | 000,000,105 | ---- | C] () -- C:\Windows\SysNative\FastBoot.ini
[2012/02/01 08:38:24 | 000,000,080 | ---- | C] () -- C:\Windows\SysNative\Defrag.ini
[2012/02/01 08:38:24 | 000,000,052 | ---- | C] () -- C:\Windows\SysNative\RemoveFont.ini
[2012/02/01 08:38:24 | 000,000,015 | ---- | C] () -- C:\Windows\SysNative\BootTime.ini
[2012/02/01 08:37:30 | 000,003,116 | ---- | C] () -- C:\Windows\SysNative\wimfltr.inf
[2012/02/01 08:36:56 | 000,463,634 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf
[2012/02/01 08:36:56 | 000,070,753 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat
[2012/02/01 08:35:32 | 000,015,428 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2012/02/01 08:33:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012/02/01 08:32:46 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012/02/01 08:23:18 | 3145,826,304 | -HS- | C] () -- C:\hiberfil.sys
[2012/02/01 01:34:30 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/02/01 01:34:25 | 000,001,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/02/01 00:09:21 | 000,753,982 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/01 00:05:22 | 000,001,443 | ---- | C] () -- C:\Users\laki\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/03 18:09:24 | 000,217,536 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/11/03 18:09:22 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/11/03 18:09:16 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/10/18 04:50:57 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011/10/18 04:50:05 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/10/18 04:49:50 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2009/07/29 06:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/02/26 07:50:32 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config

< End of report >



Poslao: 15 Feb 2012 02:57
Idi na vrh
offline
  • Pridružio: 20 Jul 2011
  • Poruke: 44

da li sam ja mozda ovoliko post ostavio neke licne podatke ili neke stvari koje bi mogle mozda da se zloupotrijebe ili nemam pojma sta?Smile



Poslao: 15 Feb 2012 03:20
Idi na vrh
offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Pozdrav blablaa!





blablaa ::da li sam ja mozda ovoliko post ostavio neke licne podatke ili neke stvari koje bi mogle mozda da se zloupotrijebe ili nemam pojma sta?Smile



Licne podatke nisi ostavio.
Iz izvestaja vidimo ime tvog racunara/naloga, osnovnu konfiguraciju racunara (npr koliko imas RAM memorije), informacije o operativnom sistemu (tipa verzija, service pack, itd), informacije o instaliranim aplikacijama na sistemu i njihovim folderima/fajlovima. U svakom slucaju, tvoja privatnost nije narusena niti ce biti narusena tokom ovog slucaja. Ovo je jedini moguci nacin da mi dobijemo nama potrebne konkretne informacije da bi smo mogli da ti pomognemo tj. proverimo da li postoji aktivan malware na sistemu i uklonimo ga. Mozde ce nam u toku slucaju zatrebati jos neke informacije koje ne postoje u prilozenom izvestaju, pa ces to naknadno dostaviti.


Svaki drugi vid resavanja slucaja, bez izvestaja dijagnostickih alata, bi trajao jako dugo i bilo bi skroz neprakticno. Npr kako da ti objasnimo da uklonis odredjeni malware kada ti ne znas ni gde se on nalazi? Ako ti ne znas, kako cemo mi znati. Ovako, izvestaj je tu ... crno na belo. Mogucnost za gresku su minimalne.


Inace, postoje ovlasceni servisi za resavanje problema sa racunarom ukoliko ti ovakav vid pomoci ne odgovara, tako da uvek mozes obratiti njima za pomoc - mi ovo radimo dobrotvorno (citaj: besplatno) i od ovoga nemamo nista sem zadovoljstva (i gubljenje vremena). Mislis da, ako ti je racunar u ovlascenom servisu, privatnost nije narusena? Hm ...


Dok ne dobijes konkretan odgovor u ovoj temi od mene ili mojih kolega (potrebno je da izanaliziramo izvestaj), upoznaj se sa pravilnikom Ambulante i radom iste. Potrebno je da procitas sledece teme:

[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]






Pozdrav,
goran9888 (AMF Tim)

Poslao: 15 Feb 2012 03:26
Idi na vrh
offline
  • Pridružio: 20 Jul 2011
  • Poruke: 44

ok hvala na odgovoru.

Poslao: 15 Feb 2012 23:12
Idi na vrh
offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3898
  • Gde živiš: Novi Sad,Klisa

Tvoj racunar je cist sto se malware-a tice.

Ta detekcija, koju je tvoj Anti Virus prijavio, je ustvari bila False Positive (lazna uzbuna) koja je resena narednim azuriranjem Microsoft Security Essentials-a.


MyCity » Ambulanta -> Arhiva Ambulante » Exploit:JS/Blacole.BW

Ko je trenutno na forumu
 

Ukupno su 1151 korisnika na forumu :: 18 registrovanih, 1 sakriven i 1132 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 1MAP, bestguarder, blue, DJUNTA, DuškoMraz, hyla, knutveliki, kondenzator, lcc, Lucije Kvint, MarsRed, Neutral-M, ping15, profor, Sase, Shajlok, TheDictator, zule2