MyCity » Ambulanta -> Arhiva Ambulante » Viruscina

Viruscina

Napisano na dan: 6.10.2012
1

Viruscina
Sledeća strana Pagination

Idi na vrh

Poslao: 06 Okt 2012 15:33
Idi na vrh
offline
  • Pridružio: 06 Okt 2012
  • Poruke: 8

Ljudi ubi me ovo

Poslao: 06 Okt 2012 15:46
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Pozdrav.

Potrebno je da ispratiš uputstvo i postaviš tražene izvještaje.

http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Poslao: 06 Okt 2012 16:22
Idi na vrh
offline
  • Pridružio: 06 Okt 2012
  • Poruke: 8

evo sta je naso OTL
mycity.rs/must-login.png

OTL logfile created on: 10/6/2012 4:01:43 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\gaca\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.89 Gb Total Physical Memory | 4.37 Gb Available Physical Memory | 55.37% Memory free
15.77 Gb Paging File | 11.31 Gb Available in Paging File | 71.71% Paging File free
Paging file location(s): c:\pagefile.sys 0 0e:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238.47 Gb Total Space | 108.64 Gb Free Space | 45.56% Space Free | Partition Type: NTFS
Drive G: | 931.51 Gb Total Space | 87.46 Gb Free Space | 9.39% Space Free | Partition Type: NTFS

Computer Name: GACA-PC | User Name: gaca | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/06 16:01:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gaca\Downloads\OTL (1).exe
PRC - [2012/08/28 19:21:20 | 001,136,480 | ---- | M] () -- C:\Program Files (x86)\mts mobilni internet\UpdateDog\LiveUpd.exe
PRC - [2012/08/28 19:21:20 | 000,239,968 | ---- | M] () -- C:\OnlineUpdate\ouc.exe
PRC - [2012/08/02 19:37:48 | 001,763,328 | ---- | M] (Software Security System) -- C:\Program Files\Lucidlogix Technologies\VIRTU MVP\Ekag20nt.exe
PRC - [2012/07/01 00:46:52 | 000,918,448 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
PRC - [2012/07/01 00:39:53 | 000,951,936 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2012/05/03 17:52:18 | 000,024,712 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
PRC - [2012/05/03 17:52:10 | 000,070,280 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
PRC - [2012/05/03 17:52:08 | 000,750,728 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe
PRC - [2012/05/03 17:52:08 | 000,071,816 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/04/04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/27 10:14:27 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/02/22 13:59:18 | 001,493,120 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.25\AsusFanControlService.exe
PRC - [2012/02/17 14:26:00 | 000,149,120 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2012/02/08 19:34:12 | 000,070,136 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE
PRC - [2012/02/07 17:53:34 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/02/07 17:53:32 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/02/07 17:52:04 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/02/02 14:13:32 | 004,878,680 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASC.exe
PRC - [2012/02/01 13:15:00 | 000,500,568 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2012/01/18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2012/01/17 11:07:58 | 000,505,736 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/01/06 08:54:30 | 002,056,192 | ---- | M] (Samsung Electronics.) -- C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe
PRC - [2011/12/29 16:43:30 | 000,620,376 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
PRC - [2011/11/18 17:14:48 | 000,788,992 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
PRC - [2011/11/11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/11/11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011/10/31 09:57:48 | 000,465,536 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
PRC - [2011/09/16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
PRC - [2011/05/20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/03/14 17:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2011/02/15 13:20:22 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
PRC - [2011/02/07 06:14:24 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
PRC - [2010/04/01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/03/13 09:55:42 | 000,057,344 | ---- | M] (MagicCute) -- C:\Windows\SysWOW64\Module_VDiskSvc.exe
PRC - [2009/12/09 16:01:20 | 000,606,208 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2008/10/01 17:28:56 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008/04/15 19:55:02 | 001,449,984 | ---- | M] () -- C:\Program Files (x86)\Samsung Network Printer Utilities\SyncThru Web Admin Service\SWAS.exe
PRC - [2008/01/31 18:12:04 | 000,634,880 | ---- | M] () -- C:\Program Files (x86)\Samsung Network Printer Utilities\SyncThru Web Admin Local Device Discovery\LocalDevDiscoveryPlugin.exe
PRC - [2008/01/31 18:06:40 | 001,060,864 | ---- | M] () -- C:\Program Files (x86)\Samsung Network Printer Utilities\SyncThru Web Admin Service Driver Management\SWASDriverManagementPlugin.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/25 11:42:58 | 000,460,312 | ---- | M] () -- C:\Users\gaca\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppgooglenaclpluginchrome.dll
MOD - [2012/09/25 11:42:57 | 012,278,808 | ---- | M] () -- C:\Users\gaca\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
MOD - [2012/09/25 11:42:55 | 004,005,912 | ---- | M] () -- C:\Users\gaca\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
MOD - [2012/09/25 11:41:39 | 000,578,072 | ---- | M] () -- C:\Users\gaca\AppData\Local\Google\Chrome\Application\22.0.1229.79\libglesv2.dll
MOD - [2012/09/25 11:41:38 | 000,123,416 | ---- | M] () -- C:\Users\gaca\AppData\Local\Google\Chrome\Application\22.0.1229.79\libegl.dll
MOD - [2012/09/25 11:41:27 | 000,156,712 | ---- | M] () -- C:\Users\gaca\AppData\Local\Google\Chrome\Application\22.0.1229.79\avutil-51.dll
MOD - [2012/09/25 11:41:26 | 000,275,496 | ---- | M] () -- C:\Users\gaca\AppData\Local\Google\Chrome\Application\22.0.1229.79\avformat-54.dll
MOD - [2012/09/25 11:41:24 | 002,168,360 | ---- | M] () -- C:\Users\gaca\AppData\Local\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll
MOD - [2012/05/03 17:51:06 | 000,051,848 | ---- | M] () -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
MOD - [2011/11/18 17:14:48 | 000,788,992 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
MOD - [2011/11/11 14:09:20 | 000,336,408 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2011/11/11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2011/08/25 14:02:18 | 001,425,920 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
MOD - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
MOD - [2011/04/21 16:54:40 | 000,347,024 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\madexcept_.bpl
MOD - [2011/04/21 16:54:40 | 000,179,088 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\madbasic_.bpl
MOD - [2011/04/21 16:54:40 | 000,046,480 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\maddisAsm_.bpl
MOD - [2011/03/31 15:36:56 | 000,128,000 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
MOD - [2011/03/31 15:36:56 | 000,111,616 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.dll
MOD - [2011/03/31 15:36:56 | 000,076,800 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_SAP_WIN7.dll
MOD - [2011/03/31 15:36:46 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
MOD - [2011/02/15 13:20:22 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
MOD - [2011/02/15 13:20:08 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
MOD - [2011/02/15 13:20:02 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
MOD - [2011/02/15 13:19:44 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll
MOD - [2011/02/15 13:19:30 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll
MOD - [2011/02/15 13:19:20 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll
MOD - [2011/02/07 06:14:24 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
MOD - [2011/02/07 06:14:22 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTMUI.dll
MOD - [2011/02/07 06:14:18 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSSHooks.dll
MOD - [2011/02/07 06:14:16 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTUI.dll
MOD - [2011/02/07 06:14:14 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTFC.dll
MOD - [2010/07/27 06:37:16 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTTSH.dll
MOD - [2010/07/27 06:37:16 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTTSH.dll
MOD - [2010/05/07 19:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2010/05/07 19:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2010/05/07 19:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2010/05/07 19:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2010/05/07 19:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/12/09 16:01:20 | 000,606,208 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe


========== Services (SafeList) ==========

SRV:64bit: - [2012/09/26 20:34:33 | 001,576,848 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe -- (VSSERV)
SRV:64bit: - [2012/09/11 11:17:38 | 000,065,344 | ---- | M] (Bitdefender) [Disabled | Stopped] -- C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe -- (BdDesktopParental)
SRV:64bit: - [2012/07/03 12:19:59 | 000,068,416 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe -- (UPDATESRV)
SRV:64bit: - [2012/06/25 18:45:56 | 000,095,184 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe -- (SafeBox)
SRV:64bit: - [2012/06/11 19:19:14 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/04/06 01:48:54 | 000,158,208 | ---- | M] (Samsung Electronics) [On_Demand | Stopped] -- C:\Windows\SysNative\SUPDSvc2.exe -- (Samsung UPD Service2)
SRV:64bit: - [2012/02/08 19:34:06 | 000,343,032 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe -- (NitroDriverReadSpool2)
SRV:64bit: - [2012/02/02 22:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2011/08/15 17:38:50 | 000,178,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/28 19:21:20 | 000,239,968 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\mts mobilni internet\UpdateDog\ouc.exe -- (mts mobilni internet. RunOuc)
SRV - [2012/07/01 00:46:52 | 000,918,448 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe -- (asComSvc)
SRV - [2012/07/01 00:39:53 | 000,951,936 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2012/05/03 17:52:18 | 000,024,712 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe -- (Guard Agent)
SRV - [2012/05/03 17:52:10 | 000,070,280 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe -- (EaseUS Agent)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/04/04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/04/01 20:46:56 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/19 16:44:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/02/22 13:59:18 | 001,493,120 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.25\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2012/02/17 14:26:00 | 000,149,120 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2012/02/08 19:34:12 | 000,070,136 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2012/02/07 17:53:34 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/02/07 17:53:32 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/02/07 17:52:04 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/02/01 13:15:00 | 000,500,568 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2012/01/18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2011/05/20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/03/14 17:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2010/12/28 10:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files (x86)\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV - [2010/12/14 17:17:12 | 000,128,928 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/13 09:55:42 | 000,057,344 | ---- | M] (MagicCute) [Auto | Running] -- C:\Windows\SysWOW64\Module_VDiskSvc.exe -- (MCsVirtualDisk)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/04/15 19:55:02 | 001,449,984 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Samsung Network Printer Utilities\SyncThru Web Admin Service\SWAS.exe -- (SWAS_Core)
SRV - [2008/01/31 18:12:04 | 000,634,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Samsung Network Printer Utilities\SyncThru Web Admin Local Device Discovery\LocalDevDiscoveryPlugin.exe -- (SWAS_Srv_LDD)
SRV - [2008/01/31 18:06:40 | 001,060,864 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Samsung Network Printer Utilities\SyncThru Web Admin Service Driver Management\SWASDriverManagementPlugin.exe -- (SWAS_Srv_DriverManagement)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/29 18:24:10 | 000,145,696 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\gzflt.sys -- (gzflt)
DRV:64bit: - [2012/08/28 19:21:20 | 000,421,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV:64bit: - [2012/08/28 19:21:20 | 000,221,312 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2012/08/28 19:21:20 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2012/08/28 19:21:20 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2012/08/23 17:07:34 | 000,082,384 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bdsandbox.sys -- (BDSandBox)
DRV:64bit: - [2012/08/02 19:48:58 | 000,075,592 | ---- | M] (Lucidlogix Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtuWDDM.sys -- (VirtuWDDM)
DRV:64bit: - [2012/07/06 15:21:55 | 000,093,160 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV:64bit: - [2012/07/02 15:21:40 | 000,350,160 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos)
DRV:64bit: - [2012/06/13 14:01:30 | 000,577,248 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2012/06/13 14:01:28 | 000,700,384 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2012/06/11 20:59:38 | 010,248,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/06/11 18:26:14 | 000,367,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/05/03 17:52:02 | 000,189,576 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EuFdDisk.sys -- (EUFDDISK)
DRV:64bit: - [2012/05/03 17:52:00 | 000,048,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EUBKMON.sys -- (EUBKMON)
DRV:64bit: - [2012/05/03 17:51:54 | 000,019,592 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\eudskacs.sys -- (EUDSKACS)
DRV:64bit: - [2012/05/03 17:51:52 | 000,058,504 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\eubakup.sys -- (EUBAKUP)
DRV:64bit: - [2012/04/17 14:34:26 | 000,076,944 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bdvedisk.sys -- (BDVEDISK)
DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/03/27 10:13:18 | 000,789,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/03/27 10:13:18 | 000,356,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/03/27 10:13:17 | 000,019,224 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/03/19 16:32:04 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/03/01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/23 14:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/01/18 15:56:08 | 000,019,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2012/01/18 15:56:06 | 000,013,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2012/01/18 08:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUVC64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 08:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012/01/06 10:44:12 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:64bit: - [2011/12/05 21:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/25 15:00:36 | 000,258,736 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avchv.sys -- (avchv)
DRV:64bit: - [2011/11/14 20:16:37 | 000,103,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2011/11/10 01:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/11/03 11:10:42 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/11/03 11:10:42 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/10/07 12:34:20 | 000,141,896 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASUSumsc.sys -- (ASUSumsc)
DRV:64bit: - [2011/10/07 12:34:20 | 000,024,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASUSstpt.sys -- (ASUSstpt)
DRV:64bit: - [2011/08/15 14:32:10 | 000,146,736 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/07/20 03:37:56 | 000,342,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2011/05/25 08:09:17 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/05/18 09:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/04/20 03:07:48 | 001,930,240 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2011/03/14 11:29:46 | 000,313,136 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx)
DRV:64bit: - [2011/03/14 11:29:46 | 000,024,880 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91cons.sys -- (mv91cons)
DRV:64bit: - [2011/02/08 01:06:42 | 000,056,968 | ---- | M] (NetFilterSDK.com) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\networx.sys -- (networx)
DRV:64bit: - [2011/02/01 21:23:36 | 000,031,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv)
DRV:64bit: - [2010/12/29 04:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/12/25 23:18:05 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/11/25 06:59:16 | 000,694,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2010/11/08 14:57:58 | 000,014,464 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiChargerPlus.sys -- (AiChargerPlus)
DRV:64bit: - [2010/11/06 00:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/09/07 04:37:26 | 000,121,432 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2010/08/18 02:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2010/07/27 10:45:46 | 000,180,224 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/07/27 10:45:46 | 000,078,848 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/05/15 00:00:28 | 000,271,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvpopf64.sys -- (lvpopf64)
DRV:64bit: - [2010/05/07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010/05/07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010/02/12 07:10:12 | 000,066,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GenericMount.sys -- (GenericMount)
DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/04/22 09:53:36 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Entech64.sys -- (ENTECH64)
DRV:64bit: - [2007/08/13 20:48:52 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2007/01/05 15:53:32 | 000,018,560 | ---- | M] (Thomson Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetRcaCmNTamd64.sys -- (USB_NDIS)
DRV - [2012/02/20 17:45:58 | 000,021,568 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\PerformanceTest\DirectIo.sys -- (DIRECTIO)
DRV - [2010/05/27 02:43:00 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2010/03/13 09:54:24 | 000,036,352 | ---- | M] (MagicCute) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\mcsvdisk.sys -- (MCsVDisk)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = maxiwe.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = search.phpnuke.org/?lang=en&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{D727F612-F968-446D-837E-255A6F3CCD78}: "URL" = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1708250
IE - HKLM\..\SearchScopes\{DBEE7798-4CF1-4EF4-A27A-0E14EA6160A8}: "URL" = search.phpnuke.org/?lang=en&q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = maxiwe.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 19 8C 42 A6 83 A3 CB 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_en
IE - HKCU\..\SearchScopes\{D727F612-F968-446D-837E-255A6F3CCD78}: "URL" = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1708250
IE - HKCU\..\SearchScopes\{DBEE7798-4CF1-4EF4-A27A-0E14EA6160A8}: "URL" = search.phpnuke.org/?lang=en&q={searchTerms}
IE - HKCU\..\SearchScopes\{E91BBCA3-61BF-4421-AF5B-DFF7ED1A37B8}: "URL" = search.yahoo.com/search?fr=chr-greentree_ie.....811&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\gaca\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\gaca\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2013\BDTBEXT [2012/10/03 06:22:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.12\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/08/26 22:39:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2012/10/03 06:22:33 | 000,000,000 | ---D | M]

[2011/05/17 20:13:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gaca\AppData\Roaming\Mozilla\Extensions
[2011/05/17 20:13:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gaca\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/08/12 17:06:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gaca\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2012/08/12 17:06:47 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\gaca\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com

========== Chrome ==========

CHR - homepage: benchmark.rs/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: benchmark.rs/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\gaca\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\gaca\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\gaca\AppData\Local\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\gaca\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
CHR - plugin: (Enabled) = C:\Users\gaca\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Fast save = C:\Users\gaca\AppData\Local\Google\Chrome\User Data\Default\Extensions\acodbpdcfefbclikhgofkmnckeibnhfc\1.1_0\
CHR - Extension: YouTube = C:\Users\gaca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\gaca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: BitAccelerator = C:\Users\gaca\AppData\Local\Google\Chrome\User Data\Default\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl\1.1_0\
CHR - Extension: Adobe Flash Version 12 = C:\Users\gaca\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmdkfiknoepgjgkkoekijiaafnmdmdjf\3.2.2_1\
CHR - Extension: Gmail = C:\Users\gaca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/10/03 09:17:31 | 000,000,355 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NetWorx] "e:\Program Files\NetWorx\networx.exe" /auto File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [VIRTU MVP] C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [EaseUs Tray] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe (CHENGDU YIWO Tech Development Co., Ltd)
O4 - HKLM..\Run: [EaseUs Watch] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe (CHENGDU YIWO Tech Development Co., Ltd)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start File not found
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [USB 3.0 Boost Service] E:\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe File not found
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [MSIDLL] C:\Windows\SysWOW64\rundll32.exe msinkz32.dll,TEgVkX File not found
O4 - Startup: C:\Users\gaca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk = C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Jigsaw%20Puzzle%20Platinum/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Jigsaw%20Puzzle%20Platinum/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1EF0084F-7587-4E5A-9126-86B4084F3378}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4F681205-DA7C-4B23-9A9E-5EBA31668AE8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{753819D7-AE7A-4909-ADC8-DC9CEFA095FE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BD95B79-90AD-460D-9B17-5D8A6D90AD6C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F836782-8774-4889-A3C3-9B6E0A0B9E57}: NameServer = 195.178.38.3 195.178.38.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{910781FB-881D-4723-983E-C17427185607}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C0FEC6D-9E2A-44B9-BC7E-6865C8B3EB2A}: NameServer = 195.178.38.3 195.178.38.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E34AFF1-A8F2-416C-BB22-22356BBA8861}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\appinit_dll.dll) - C:\Windows\SysNative\appinit_dll.dll (Lucidlogix Inc.)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\appinit_dll.dll) - C:\Windows\SysWOW64\appinit_dll.dll (Lucidlogix Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper:
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/04 20:28:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/10/04 20:28:11 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/10/04 20:28:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/10/04 19:42:14 | 000,000,000 | ---D | C] -- C:\Users\gaca\AppData\Roaming\Malwarebytes
[2012/10/04 19:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/10/03 21:50:56 | 000,000,000 | ---D | C] -- C:\Users\gaca\AppData\Roaming\SpeedyPC Software
[2012/10/03 21:50:56 | 000,000,000 | ---D | C] -- C:\Users\gaca\AppData\Roaming\DriverCure
[2012/10/03 21:50:36 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2012/10/03 21:30:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegistryNuke 2012
[2012/10/03 21:30:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegistryNuke 2012
[2012/10/03 20:54:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced PC Tweaker
[2012/10/03 20:54:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Advanced PC Tweaker
[2012/10/03 10:26:44 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/10/03 10:26:44 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/10/03 10:26:43 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/10/03 10:15:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegUtility
[2012/10/03 10:15:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegUtility
[2012/10/03 09:13:05 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/10/03 08:12:04 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012/10/03 08:11:56 | 000,000,000 | ---D | C] -- C:\Users\gaca\AppData\Roaming\IObit
[2012/10/03 08:11:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 5
[2012/10/03 08:11:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2012/10/03 07:31:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/10/03 07:31:38 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/10/03 07:31:38 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/10/03 07:31:17 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/10/03 07:30:58 | 001,460,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/10/03 07:30:58 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/10/03 07:29:16 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/10/03 07:29:16 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/10/03 07:29:16 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/10/03 07:28:05 | 005,473,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/10/03 07:28:05 | 003,970,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/10/03 07:28:05 | 003,915,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/10/03 07:27:55 | 000,736,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/10/03 07:27:54 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/10/03 07:27:54 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/10/03 07:27:54 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/10/03 07:27:54 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/10/03 07:27:54 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/10/03 07:27:54 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/10/03 07:27:54 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/10/03 07:27:54 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/10/03 07:27:54 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/10/03 07:27:54 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/10/03 07:27:54 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/10/03 07:27:54 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/10/03 07:27:54 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/10/03 07:27:54 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/10/03 07:27:44 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/10/03 07:27:44 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/10/03 07:27:44 | 000,609,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/10/03 07:27:34 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/10/03 07:27:34 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/10/03 07:27:34 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/10/03 07:27:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/10/03 07:27:34 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/10/03 07:23:05 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2012/10/03 07:23:05 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/10/03 07:23:05 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/10/03 07:23:05 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2012/10/03 07:23:05 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/10/03 07:20:43 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/10/03 07:20:40 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/10/03 07:20:35 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/10/03 07:20:34 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/10/03 07:20:26 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/10/03 07:20:26 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/10/03 07:20:26 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/10/03 07:20:25 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/10/03 07:20:21 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/10/03 07:20:21 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/10/03 07:18:14 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/10/03 07:18:10 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/10/03 07:18:10 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/10/03 07:17:58 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/10/03 07:17:58 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/10/03 07:17:58 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2012/10/03 07:17:58 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2012/10/03 07:17:58 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/10/03 07:17:58 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2012/10/03 07:17:58 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/10/03 07:17:58 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2012/10/03 07:17:57 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2012/10/03 07:17:57 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2012/10/03 07:17:53 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/10/03 07:17:52 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/10/03 07:15:57 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/10/03 07:15:57 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/10/03 07:15:57 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/10/03 07:15:57 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/10/03 07:15:57 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/10/03 07:15:57 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/10/03 07:15:57 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/10/03 07:15:57 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/10/03 07:15:57 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/10/03 07:15:52 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/10/03 07:15:52 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/10/03 07:15:52 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/10/03 07:15:51 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/10/03 07:15:51 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/10/03 07:15:51 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/10/03 07:15:51 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/10/03 07:15:51 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/10/03 07:15:51 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/10/03 07:15:51 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/10/03 07:15:51 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/10/03 07:15:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/10/03 07:15:51 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/10/03 07:15:51 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/10/03 07:15:51 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/10/03 07:15:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/10/03 07:15:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/10/03 07:15:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/10/03 07:15:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/10/03 07:15:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/10/03 07:15:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/10/03 07:15:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/10/03 07:15:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/10/03 07:15:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/10/03 07:15:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/10/03 07:15:50 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/10/03 07:15:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/10/03 07:15:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/10/03 07:15:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/10/03 07:15:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/10/03 07:15:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/10/03 07:15:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/10/03 07:15:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/10/03 07:15:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/10/03 07:15:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/10/03 07:15:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/10/03 07:15:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/10/03 07:15:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/10/03 07:15:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/10/03 07:15:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/10/03 07:15:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/10/03 07:15:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/10/03 07:15:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/10/03 07:15:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/10/03 07:15:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/10/03 07:15:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/10/03 07:15:04 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/10/03 07:15:04 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/10/03 07:14:24 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/10/03 07:14:24 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/10/03 07:13:51 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/10/03 07:13:51 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/10/03 07:13:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/10/03 07:13:46 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/10/03 07:13:46 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/10/03 07:13:46 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012/10/03 07:13:46 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012/10/03 07:13:46 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/10/03 07:13:46 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/10/03 07:13:43 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/10/03 07:13:37 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/10/03 07:13:37 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/10/03 07:13:37 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/10/03 07:13:37 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/10/03 07:13:33 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/10/03 07:13:33 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/10/03 07:13:33 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/10/03 07:13:33 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/10/03 07:13:33 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/10/03 07:13:33 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/10/03 07:13:33 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/10/03 07:13:20 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2012/10/03 07:13:19 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012/10/03 07:13:19 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2012/10/03 07:13:19 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012/10/03 07:13:15 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012/10/03 07:13:15 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012/10/03 07:13:15 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/10/03 07:13:15 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/10/03 07:13:15 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012/10/03 07:13:15 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/10/03 07:12:19 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2012/10/03 07:12:19 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2012/10/03 07:12:12 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2012/10/03 07:12:12 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2012/10/03 07:12:10 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2012/10/03 07:12:06 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2012/10/03 07:12:06 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2012/10/03 07:12:01 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2012/10/03 07:11:57 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2012/10/03 07:11:57 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2012/10/03 07:11:54 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2012/10/03 07:11:50 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2012/10/03 07:11:50 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2012/10/03 07:11:50 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2012/10/03 07:11:50 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2012/10/03 07:11:50 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2012/10/03 07:11:50 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2012/10/03 07:11:50 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2012/10/03 07:11:50 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2012/10/03 07:11:30 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2012/10/03 07:11:30 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2012/10/03 07:11:30 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2012/10/03 07:11:29 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2012/10/03 07:11:22 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2012/10/03 07:11:17 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2012/10/03 07:11:08 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2012/10/03 07:11:03 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2012/10/03 07:10:53 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2012/10/03 07:10:05 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2012/10/03 07:10:05 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2012/10/03 07:09:58 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/10/03 07:09:58 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/10/03 07:09:58 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2012/10/03 07:09:46 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2012/10/03 07:09:39 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2012/10/03 07:09:39 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2012/10/03 06:42:29 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/10/03 06:42:29 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/10/03 06:42:29 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2012/10/03 06:42:29 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2012/10/03 06:41:09 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/10/03 06:41:09 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/10/03 06:41:09 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/10/03 06:41:07 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/10/03 06:41:07 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/10/03 06:41:07 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/10/03 06:41:07 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/10/03 06:41:07 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/10/03 06:22:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2013
[2012/10/03 06:22:44 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2012/10/03 06:22:37 | 000,076,944 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys
[2012/10/03 06:22:29 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\capicom.dll
[2012/10/03 06:22:29 | 000,093,160 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\BdfNdisf6.sys
[2012/10/03 06:22:29 | 000,082,384 | ---- | C] (BitDefender SRL) -- C:\Windows\SysNative\drivers\bdsandbox.sys
[2012/10/03 06:22:27 | 000,577,248 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2012/10/03 06:22:27 | 000,258,736 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
[2012/10/03 06:22:26 | 000,700,384 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2012/10/03 06:19:21 | 000,000,000 | ---D | C] -- C:\Users\gaca\AppData\Roaming\Bitdefender
[2012/10/03 06:19:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2012/10/03 06:18:03 | 000,000,000 | ---D | C] -- C:\Users\gaca\AppData\Roaming\QuickScan
[2012/10/03 06:16:37 | 000,350,160 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
[2012/10/03 06:16:37 | 000,145,696 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys
[2012/10/03 06:16:37 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2012/10/03 06:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2012/10/01 23:47:33 | 000,000,000 | ---D | C] -- C:\OnlineUpdate
[2012/10/01 23:47:33 | 000,000,000 | ---D | C] -- C:\log
[2012/10/01 05:46:28 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/09/26 20:21:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HyperChem Release 8.0
[2012/09/26 20:21:18 | 000,000,000 | ---D | C] -- C:\Users\gaca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\POV-Ray for Windows v3.62
[2012/09/26 20:21:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\POV-Ray for Windows v3.62
[2012/09/26 20:21:17 | 000,000,000 | ---D | C] -- C:\Users\gaca\Documents\POV-Ray
[2012/09/26 20:21:08 | 000,057,856 | ---- | C] (Rainbow Technologies, Inc.) -- C:\Windows\SysWow64\CAITF32.DLL
[2012/09/26 20:21:08 | 000,056,832 | ---- | C] (Rainbow Technologies, Inc.) -- C:\Windows\SysWow64\CALAUNCH.EXE
[2012/09/26 20:21:08 | 000,000,000 | ---D | C] -- C:\Windows\Rainbow Technologies
[2012/09/26 20:21:00 | 000,995,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAJT200.DLL
[2012/09/26 20:21:00 | 000,935,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB40016.DLL
[2012/09/26 20:21:00 | 000,543,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DAO2516.DLL
[2012/09/26 20:21:00 | 000,536,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OC25.DLL
[2012/09/26 20:21:00 | 000,415,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrepl35.dll
[2012/09/26 20:21:00 | 000,286,720 | ---- | C] (Bits Per Second Ltd) -- C:\Windows\SysWow64\GSW.EXE
[2012/09/26 20:21:00 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd2x35.dll
[2012/09/26 20:21:00 | 000,168,512 | ---- | C] (Hypercube, Inc.) -- C:\Windows\SysWow64\MOLREND.VBX
[2012/09/26 20:21:00 | 000,086,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VBDB16.DLL
[2012/09/26 20:21:00 | 000,076,336 | ---- | C] (Desaware) -- C:\Windows\SysWow64\SBC.VBX
[2012/09/26 20:21:00 | 000,074,864 | ---- | C] (Desaware) -- C:\Windows\SysWow64\DWSPYDLL.DLL
[2012/09/26 20:21:00 | 000,072,192 | ---- | C] (Bits Per Second Ltd) -- C:\Windows\SysWow64\GSWDLL.DLL
[2012/09/26 20:21:00 | 000,070,800 | ---- | C] (Bits Per Second Ltd) -- C:\Windows\SysWow64\GRAPH.VBX
[2012/09/26 20:21:00 | 000,064,432 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\SysWow64\THREED.VBX
[2012/09/26 20:21:00 | 000,053,552 | ---- | C] (Hypercube, Inc.) -- C:\Windows\SysWow64\HCDZMAT.DLL
[2012/09/26 20:21:00 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OLE2PROX.DLL
[2012/09/26 20:21:00 | 000,045,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GRID.VBX
[2012/09/26 20:21:00 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VAEN21.OLB
[2012/09/26 20:21:00 | 000,023,184 | ---- | C] (Hypercube, Inc.) -- C:\Windows\SysWow64\HCDSYSTM.DLL
[2012/09/26 20:21:00 | 000,022,528 | ---- | C] (Outrider Systems, Inc.) -- C:\Windows\SysWow64\SPIN.VBX
[2012/09/26 20:21:00 | 000,018,288 | ---- | C] (Hypercube, Inc.) -- C:\Windows\SysWow64\TILE.VBX
[2012/09/26 20:21:00 | 000,015,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSJETINT.DLL
[2012/09/26 20:21:00 | 000,015,840 | ---- | C] (Thuridion Software Engineering, Inc.) -- C:\Windows\SysWow64\PICCLIP.VBX
[2012/09/26 20:21:00 | 000,013,648 | ---- | C] (Hypercube, Inc.) -- C:\Windows\SysWow64\BIGDDE.VBX
[2012/09/26 20:21:00 | 000,012,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SCP.DLL
[2012/09/26 20:21:00 | 000,011,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSJETERR.DLL
[2012/09/26 20:21:00 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\STKIT416.DLL
[2012/09/26 20:21:00 | 000,002,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VBAJET.DLL
[2012/09/26 20:20:59 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSVBVM50.DLL
[2012/09/26 20:20:59 | 001,050,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjet35.dll
[2012/09/26 20:20:59 | 000,608,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMCTL32.OCX
[2012/09/26 20:20:59 | 000,525,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DBGRID32.OCX
[2012/09/26 20:20:59 | 000,244,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSFLXGRD.OCX
[2012/09/26 20:20:59 | 000,210,944 | ---- | C] (Bits Per Second Ltd) -- C:\Windows\SysWow64\GRAPH32.OCX
[2012/09/26 20:20:59 | 000,209,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tabctl32.ocx
[2012/09/26 20:20:59 | 000,200,704 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\SysWow64\Threed32.ocx
[2012/09/26 20:20:59 | 000,200,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DBLIST32.OCX
[2012/09/26 20:20:59 | 000,144,384 | ---- | C] (Desaware) -- C:\Windows\SysWow64\ANIBTN32.OCX
[2012/09/26 20:20:59 | 000,123,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjint35.dll
[2012/09/26 20:20:59 | 000,118,272 | ---- | C] (Microhelp, Inc.) -- C:\Windows\SysWow64\KEYSTA32.OCX
[2012/09/26 20:20:59 | 000,110,592 | ---- | C] (TechSmith Corporation) -- C:\Windows\SysWow64\tsccvid.dll
[2012/09/26 20:20:59 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Grid32.ocx
[2012/09/26 20:20:59 | 000,084,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSOUTL32.OCX
[2012/09/26 20:20:59 | 000,081,920 | ---- | C] (Hypercube, Inc.) -- C:\Windows\SysWow64\hapi.dll
[2012/09/26 20:20:59 | 000,063,488 | ---- | C] (MicroHelp, Inc.) -- C:\Windows\SysWow64\GAUGE32.OCX
[2012/09/26 20:20:59 | 000,052,736 | ---- | C] (Outrider Systems, Inc.) -- C:\Windows\SysWow64\SPIN32.OCX
[2012/09/26 20:20:59 | 000,026,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CTL3D.DLL
[2012/09/26 20:20:59 | 000,024,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjter35.dll
[2012/09/26 20:20:58 | 000,720,384 | ---- | C] (Bits Per Second Ltd) -- C:\Windows\SysWow64\GSPROP32.DLL
[2012/09/26 20:20:58 | 000,636,032 | ---- | C] (Bits Per Second Ltd) -- C:\Windows\SysWow64\GRAPHS32.OCX
[2012/09/26 20:20:58 | 000,417,792 | ---- | C] (Bits Per Second Ltd) -- C:\Windows\SysWow64\GSW32.EXE
[2012/09/26 20:20:58 | 000,237,568 | ---- | C] (Bits Per Second Ltd) -- C:\Windows\SysWow64\GSWAG32.DLL
[2012/09/26 20:20:58 | 000,147,456 | ---- | C] (Bits Per Second Ltd) -- C:\Windows\SysWow64\GSWDLL32.DLL
[2012/09/26 20:20:58 | 000,107,008 | ---- | C] (Bits Per Second Ltd) -- C:\Windows\SysWow64\GSJPG32.DLL
[2012/09/26 20:20:58 | 000,102,912 | ---- | C] (Bits Per Second Ltd) -- C:\Windows\SysWow64\GSPNG32.DLL
[2012/09/26 20:20:58 | 000,000,000 | ---D | C] -- C:\Hyper80
[2012/09/26 07:39:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YTD Toolbar
[2012/09/26 05:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\CorelDRAW Graphics Suite X6
[2012/09/26 04:59:31 | 000,000,000 | ---D | C] -- C:\Users\gaca\AppData\Roaming\PTC
[2012/09/26 04:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\PTC
[2012/09/26 04:56:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PTC
[2012/09/26 04:56:47 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll
[2012/09/26 04:52:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mathcad
[2012/09/26 03:58:30 | 000,000,000 | ---D | C] -- C:\Users\gaca\Desktop\Downloads
[2012/09/20 04:29:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EASEUS Data Recovery Wizard Professional 5.5.1
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\gaca\Documents\*.tmp files -> C:\Users\gaca\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/06 16:00:58 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/06 16:00:58 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/06 15:55:57 | 000,000,433 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2012/10/06 15:55:39 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/06 15:55:35 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC.job
[2012/10/06 15:55:33 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/06 15:55:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/06 15:52:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/06 15:11:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1753427418-3210929312-250935365-1000UA.job
[2012/10/06 15:11:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1753427418-3210929312-250935365-1000Core.job
[2012/10/05 18:00:00 | 000,000,464 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2012/10/04 20:28:12 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/03 22:09:50 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\One-Click Tweak.job
[2012/10/03 21:30:34 | 000,001,050 | ---- | M] () -- C:\Users\Public\Desktop\RegistryNuke 2012.lnk
[2012/10/03 20:54:14 | 000,001,089 | ---- | M] () -- C:\Users\gaca\Desktop\Advanced PC Tweaker.lnk
[2012/10/03 20:54:14 | 000,001,044 | ---- | M] () -- C:\Users\gaca\Desktop\Advanced PC Tweaker 1-Click Tweak.lnk
[2012/10/03 19:31:22 | 004,981,832 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/10/03 10:15:42 | 000,001,015 | ---- | M] () -- C:\Users\gaca\Application Data\Microsoft\Internet Explorer\Quick Launch\RegUtility.lnk
[2012/10/03 10:15:42 | 000,000,991 | ---- | M] () -- C:\Users\Public\Desktop\RegUtility.lnk
[2012/10/03 09:17:31 | 000,000,355 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ussclean
[2012/10/03 09:17:31 | 000,000,355 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/10/03 09:16:42 | 000,042,664 | ---- | M] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2012/10/03 08:11:56 | 000,001,232 | ---- | M] () -- C:\Users\Public\Desktop\Uninstaller.lnk
[2012/10/03 08:11:56 | 000,001,181 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012/10/03 06:23:19 | 000,672,869 | ---- | M] () -- C:\ProgramData\1349237768.bdinstall.bin
[2012/10/03 06:22:58 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2012/10/03 06:22:51 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01
[2012/10/03 06:22:51 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr
[2012/10/03 06:22:51 | 000,000,684 | -H-- | M] () -- C:\bdr-cf01
[2012/10/03 06:22:46 | 000,002,241 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2012/10/03 06:22:46 | 000,002,122 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2013.lnk
[2012/10/03 06:22:46 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/09/28 04:47:02 | 000,000,438 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version2.job
[2012/09/26 20:25:30 | 000,001,026 | ---- | M] () -- C:\Users\gaca\Desktop\chem - Shortcut.lnk
[2012/09/26 20:23:00 | 000,001,025 | ---- | M] () -- C:\Windows\SysWow64\sysprst.tgz
[2012/09/26 20:23:00 | 000,001,025 | ---- | M] () -- C:\Windows\SysWow64\sysprst.dll
[2012/09/26 20:23:00 | 000,000,217 | ---- | M] () -- C:\Windows\SysWow64\lsprst.tgz
[2012/09/26 20:23:00 | 000,000,203 | ---- | M] () -- C:\Windows\SysWow64\lsprst.dll
[2012/09/26 20:21:18 | 000,002,375 | ---- | M] () -- C:\Users\gaca\Desktop\POV-Ray for Windows v3.62.lnk
[2012/09/26 20:21:18 | 000,000,701 | ---- | M] () -- C:\Users\gaca\Desktop\Sample POV-Ray 3.6 Scenes.lnk
[2012/09/26 19:12:10 | 000,002,440 | ---- | M] () -- C:\Users\gaca\Desktop\Google Chrome.lnk
[2012/09/26 04:52:39 | 000,002,010 | ---- | M] () -- C:\Users\gaca\Application Data\Microsoft\Internet Explorer\Quick Launch\Mathcad 15.lnk
[2012/09/26 04:52:39 | 000,001,986 | ---- | M] () -- C:\Users\Public\Desktop\Mathcad 15.lnk
[2012/09/20 04:29:54 | 000,001,319 | ---- | M] () -- C:\Users\Public\Desktop\EASEUS Data Recovery Wizard Professional 5.5.1.lnk
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\gaca\Documents\*.tmp files -> C:\Users\gaca\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/04 20:28:12 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/03 21:30:34 | 000,001,050 | ---- | C] () -- C:\Users\Public\Desktop\RegistryNuke 2012.lnk
[2012/10/03 20:54:20 | 000,000,522 | ---- | C] () -- C:\Windows\tasks\One-Click Tweak.job
[2012/10/03 20:54:14 | 000,001,089 | ---- | C] () -- C:\Users\gaca\Desktop\Advanced PC Tweaker.lnk
[2012/10/03 20:54:14 | 000,001,044 | ---- | C] () -- C:\Users\gaca\Desktop\Advanced PC Tweaker 1-Click Tweak.lnk
[2012/10/03 10:15:42 | 000,001,015 | ---- | C] () -- C:\Users\gaca\Application Data\Microsoft\Internet Explorer\Quick Launch\RegUtility.lnk
[2012/10/03 10:15:42 | 000,000,991 | ---- | C] () -- C:\Users\Public\Desktop\RegUtility.lnk
[2012/10/03 10:06:09 | 000,000,334 | ---- | C] () -- C:\Windows\tasks\SpeedUpMyPC.job
[2012/10/03 09:16:42 | 000,042,664 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2012/10/03 08:11:56 | 000,001,232 | ---- | C] () -- C:\Users\Public\Desktop\Uninstaller.lnk
[2012/10/03 08:11:56 | 000,001,181 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012/10/03 06:23:19 | 000,672,869 | ---- | C] () -- C:\ProgramData\1349237768.bdinstall.bin
[2012/10/03 06:22:58 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2012/10/03 06:22:51 | 000,000,684 | -H-- | C] () -- C:\bdr-cf01
[2012/10/03 06:22:46 | 000,002,241 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2012/10/03 06:22:46 | 000,002,122 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2013.lnk
[2012/10/03 06:22:46 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/10/03 06:19:18 | 002,510,608 | -H-- | C] () -- C:\bdr-bz01
[2012/10/03 06:19:18 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr
[2012/10/03 06:19:17 | 037,134,407 | -H-- | C] () -- C:\bdr-im01.gz
[2012/10/03 06:19:17 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01
[2012/09/26 20:25:30 | 000,001,026 | ---- | C] () -- C:\Users\gaca\Desktop\chem - Shortcut.lnk
[2012/09/26 20:23:00 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprst.tgz
[2012/09/26 20:23:00 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprst.dll
[2012/09/26 20:23:00 | 000,000,217 | ---- | C] () -- C:\Windows\SysWow64\lsprst.tgz
[2012/09/26 20:23:00 | 000,000,203 | ---- | C] () -- C:\Windows\SysWow64\lsprst.dll
[2012/09/26 20:21:18 | 000,002,375 | ---- | C] () -- C:\Users\gaca\Desktop\POV-Ray for Windows v3.62.lnk
[2012/09/26 20:21:18 | 000,000,701 | ---- | C] () -- C:\Users\gaca\Desktop\Sample POV-Ray 3.6 Scenes.lnk
[2012/09/26 20:21:00 | 000,089,300 | ---- | C] () -- C:\Windows\SysWow64\HCDTRULE.DLL
[2012/09/26 20:21:00 | 000,040,128 | ---- | C] () -- C:\Windows\SysWow64\SPECT.VBX
[2012/09/26 20:21:00 | 000,028,113 | ---- | C] () -- C:\Windows\SysWow64\OLE2.REG
[2012/09/26 20:21:00 | 000,018,688 | ---- | C] () -- C:\Windows\SysWow64\CMDIALOG.VBX
[2012/09/26 20:21:00 | 000,014,933 | ---- | C] () -- C:\Windows\SysWow64\VSHARE.386
[2012/09/26 20:20:59 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\thapi.dll
[2012/09/26 04:52:39 | 000,002,010 | ---- | C] () -- C:\Users\gaca\Application Data\Microsoft\Internet Explorer\Quick Launch\Mathcad 15.lnk
[2012/09/26 04:52:39 | 000,001,986 | ---- | C] () -- C:\Users\Public\Desktop\Mathcad 15.lnk
[2012/09/20 04:29:54 | 000,001,319 | ---- | C] () -- C:\Users\Public\Desktop\EASEUS Data Recovery Wizard Professional 5.5.1.lnk
[2012/07/19 23:51:23 | 001,558,432 | ---- | C] () -- C:\Windows\TotalUninstaller.exe
[2012/07/18 01:04:42 | 000,043,520 | ---- | C] () -- C:\Windows\RmCableNTamd64.exe
[2012/07/05 03:01:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/06/11 18:50:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/06/11 18:50:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/06/01 02:49:23 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012/05/28 19:56:51 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
[2012/05/22 20:33:44 | 000,120,132 | ---- | C] () -- C:\Users\gaca\toma-rakija.jpg
[2012/05/22 20:33:44 | 000,047,036 | ---- | C] () -- C:\Users\gaca\tomislav-nikolic.jpg
[2012/05/22 20:33:44 | 000,038,190 | ---- | C] () -- C:\Users\gaca\v181508p0.jpg
[2012/05/10 16:35:16 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/04/06 02:14:11 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/03/19 16:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/03/19 16:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/03/19 15:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012/02/02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2012/01/18 08:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/01/18 08:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/01/18 08:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011/11/08 03:02:13 | 000,019,570 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2011/11/07 23:08:38 | 000,508,224 | ---- | C] () -- C:\Windows\SysWow64\ICCProfiles.dll
[2011/09/13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/09/10 13:22:17 | 005,134,320 | ---- | C] () -- C:\Windows\PE_Rom.dll
[2011/09/07 18:42:33 | 000,003,385 | ---- | C] () -- C:\Users\gaca\uniginehigh570_940_2300_4.5G.html
[2011/09/07 07:16:09 | 000,003,385 | ---- | C] () -- C:\Users\gaca\uniginemax480WB_910_2300_4.5G.html
[2011/09/07 07:08:04 | 000,003,385 | ---- | C] () -- C:\Users\gaca\uniginemax480WB_900_2300_4.5G.html
[2011/09/07 07:00:48 | 000,003,385 | ---- | C] () -- C:\Users\gaca\uniginemax480WB_890_2300_4.5G.html
[2011/09/07 06:46:43 | 000,003,385 | ---- | C] () -- C:\Users\gaca\unigine480WB_890_2300_4.5G.html
[2011/09/06 20:04:02 | 000,003,380 | ---- | C] () -- C:\Users\gaca\unigine480WB_890_2100_4.5G.html
[2011/09/06 19:56:51 | 000,003,380 | ---- | C] () -- C:\Users\gaca\unigine480WB_900_2000_4.5G.html
[2011/08/13 16:32:22 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/08/07 21:29:25 | 000,003,385 | ---- | C] () -- C:\Users\gaca\uniginehigh570_920_2300_4.5G.html
[2011/08/07 21:20:43 | 000,003,384 | ---- | C] () -- C:\Users\gaca\unigineh570_900_1980_4.5G.html
[2011/08/07 20:38:46 | 000,003,384 | ---- | C] () -- C:\Users\gaca\uniginehigh570_900_1980_3.6G.html
[2011/08/07 20:14:41 | 000,003,380 | ---- | C] () -- C:\Users\gaca\unigine570_920_2300_4.5G.html
[2011/08/07 20:07:55 | 000,003,380 | ---- | C] () -- C:\Users\gaca\unigine570_900_1980_4.5G.html
[2011/08/07 19:36:15 | 000,003,380 | ---- | C] () -- C:\Users\gaca\unigine570_920_2300_3.6G.html
[2011/08/07 19:06:28 | 000,003,380 | ---- | C] () -- C:\Users\gaca\unigine570_930_2200_3.6G.html
[2011/08/07 18:10:55 | 000,003,380 | ---- | C] () -- C:\Users\gaca\unigine570_900_1980_3.6G.html
[2011/08/07 18:01:47 | 000,003,380 | ---- | C] () -- C:\Users\gaca\unigine570_900_2300_3.6G.html
[2011/08/07 17:20:36 | 000,003,380 | ---- | C] () -- C:\Users\gaca\unigine_20110807na 3.6G.html
[2011/07/30 05:22:01 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/07/16 23:41:43 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/07/16 23:41:43 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/07/16 23:41:43 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/07/16 23:41:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/07/16 23:41:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/05/20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/05/17 20:13:28 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/04/09 21:46:24 | 000,524,288 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/04/09 21:46:24 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/04/09 21:46:24 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/04/09 21:46:24 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/04/09 21:46:24 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/25 01:05:33 | 000,015,108 | ---- | C] () -- C:\Users\gaca\AppData\Roaming\AF3E.5AA
[2011/02/01 07:54:20 | 000,014,464 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2011/02/01 07:52:31 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011/02/01 07:52:30 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011/02/01 07:00:57 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011/02/01 07:00:55 | 000,049,041 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011/01/26 01:07:20 | 000,008,192 | R--- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/01/06 06:22:08 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2010/12/31 09:16:30 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/12/28 23:38:34 | 000,003,429 | ---- | C] () -- C:\Users\gaca\unigine570_950_2200na 4_2.html
[2010/12/28 23:28:38 | 000,003,429 | ---- | C] () -- C:\Users\gaca\unigine570_950_2000na 4_2.html
[2010/12/26 17:46:19 | 000,003,429 | ---- | C] () -- C:\Users\gaca\unigine570_929_2300na4_2.html
[2010/12/25 00:29:10 | 000,000,079 | ---- | C] () -- C:\Users\gaca\AppData\Local\CrystalDiskMark30.ini
[2005/01/01 00:29:53 | 000,000,017 | ---- | C] () -- C:\Users\gaca\AppData\Local\resmon.resmoncfg

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:4FC01C57
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:8DFE5191
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D2F2F703

< End of report >

Poslao: 06 Okt 2012 16:24
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Nedostaje Extras.txt izvještaj.

Poslao: 06 Okt 2012 16:27
Idi na vrh
offline
  • Pridružio: 06 Okt 2012
  • Poruke: 8

Kako se on dobija

Poslao: 06 Okt 2012 16:57
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Napisano: 06 Okt 2012 16:37

gaca1961 ::Kako se on dobija

Taj izvještaj se dobija uz OTL.txt i trebalo bi da se nalazi na Desktopu ukoliko je OTL pokrenut sa Desktopa kao što stoji u uputstvu. Ti si ga pokrenuo iz Download foldera.

Dopuna: 06 Okt 2012 16:57

Vidim da si pokretao ComboFix. ComboFix nije dijagnostički alat poput ovih iz uputstva za otvaranje teme i njegovim nepravilnim rukovanjem možeš oštetiti sistem. Ubuduće pokreći ComboFix samo na zahtjev helpera koji je stručnjak u ovoj oblasti i koji zna šta radi.

Kopiraj u poruku njegov izvještaj koj ise nalazi na sljedećoj lokaciji.

C:\ComboFix.txt

Poslao: 06 Okt 2012 17:10
Idi na vrh
offline
  • Pridružio: 06 Okt 2012
  • Poruke: 8

evo i extatra i combo


mycity.rs/must-login.png

mycity.rs/must-login.png

Poslao: 06 Okt 2012 18:18
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

U toku riješavanja slučaja, zamolio bih te da se pridržavaš sljedećeg:
Detaljno čitati moja uputstva ( ili uputstva kolega koji će me zamjenjivati) i raditi isključivo po njima;
Ne tražiti istovremeno pomoć na drugom mjestu;
Nemoj koristiti druge programe za uklanjanje malware-a, osim onih za koje budeš dobio uputstvo;
U toku intervencije ne koristiti USB memorijske uređaje, dok to ne budem zatražio;
Ukoliko ne odgovorim u roku od 48h, osvježi temu novim post-om;
Ukoliko se ne javiš u roku od 5 dana, zatvorićemo slučaj.
Za više informacija o pravilima Ambulante MyCity foruma: LINK



Arrow

Preuzmi sUBs-ov ComboFix sa sljedeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati fajl, odaberi Desktop i klikni Save.



Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix;
u prozoru koji se otvori klikni "I Agree".
U toku rada, ComboFix će:provjeriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Iskopiraj izvještaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obilježeni tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.

Napomena:Izvještaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primjetiš da izvještaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje fajla C:\ComboFix.txt uz poruku.

Poslao: 06 Okt 2012 18:56
Idi na vrh
offline
  • Pridružio: 06 Okt 2012
  • Poruke: 8

Evo combo


ComboFix 12-10-04.02 - gaca 10/06/2012 18:32:13.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.8077.5985 [GMT 2:00]
Running from: c:\users\gaca\Downloads\ComboFix.exe
AV: Bitdefender Antivirus *Disabled/Updated* {98CD50CE-5097-4098-9669-6C401FB3969C}
FW: Bitdefender Firewall *Disabled* {A0F6D1EB-1AF8-41C0-BD36-C575E160D1E7}
SP: Bitdefender Antispyware *Disabled/Updated* {23ACB12A-76AD-4F16-ACD9-57326434DC21}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\prefs.js
c:\programdata\1349237768.bdinstall.bin
c:\users\gaca\AppData\Roaming\Microsoft\Windows\Templates\1028.msi
c:\users\gaca\AppData\Roaming\Microsoft\Windows\Templates\1031.msi
c:\users\gaca\AppData\Roaming\Microsoft\Windows\Templates\1033.msi
c:\users\gaca\AppData\Roaming\Microsoft\Windows\Templates\1036.msi
c:\users\gaca\AppData\Roaming\Microsoft\Windows\Templates\1041.msi
c:\users\gaca\AppData\Roaming\Microsoft\Windows\Templates\2052.msi
c:\users\gaca\Documents\~WRL0074.tmp
c:\users\gaca\Documents\~WRL0761.tmp
c:\windows\SysWow64\local.txt
c:\windows\SysWow64\lsprst.dll
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-09-06 to 2012-10-06 )))))))))))))))))))))))))))))))
.
.
2012-10-06 16:35 . 2012-10-06 16:35 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-10-06 16:35 . 2012-10-06 16:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-06 16:14 . 2012-10-06 16:14 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{88844A70-FB67-4400-99C5-47D70311BA87}\offreg.dll
2012-10-06 16:07 . 2012-10-06 16:07 -------- d-----w- C:\_OTL
2012-10-04 18:28 . 2012-10-04 18:28 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-04 18:28 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-04 17:42 . 2012-10-04 17:42 -------- d-----w- c:\users\gaca\AppData\Roaming\Malwarebytes
2012-10-04 17:41 . 2012-10-04 17:41 -------- d-----w- c:\programdata\Malwarebytes
2012-10-03 19:50 . 2012-10-03 19:50 -------- d-----w- c:\users\gaca\AppData\Roaming\SpeedyPC Software
2012-10-03 19:50 . 2012-10-03 19:50 -------- d-----w- c:\users\gaca\AppData\Roaming\DriverCure
2012-10-03 19:50 . 2012-10-04 18:18 -------- d-----w- c:\programdata\SpeedyPC Software
2012-10-03 19:30 . 2012-10-03 19:50 -------- d-----w- c:\program files (x86)\RegistryNuke 2012
2012-10-03 18:54 . 2012-10-03 20:05 -------- d-----w- c:\program files (x86)\Advanced PC Tweaker
2012-10-03 08:34 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll
2012-10-03 08:34 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2012-10-03 08:26 . 2012-03-01 06:54 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-10-03 08:26 . 2012-03-01 06:40 80896 ----a-w- c:\windows\system32\imagehlp.dll
2012-10-03 08:26 . 2012-03-01 05:49 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-10-03 08:26 . 2012-03-01 05:45 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-10-03 08:26 . 2012-03-01 06:45 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-10-03 08:26 . 2012-03-01 06:35 5120 ----a-w- c:\windows\system32\wmi.dll
2012-10-03 08:26 . 2012-03-01 05:40 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-10-03 08:15 . 2012-10-03 08:15 -------- d-----w- c:\program files (x86)\RegUtility
2012-10-03 07:16 . 2012-10-03 07:16 42664 ----a-w- c:\windows\SysWow64\drivers\fsbts.sys
2012-10-03 06:43 . 2012-09-18 22:58 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{88844A70-FB67-4400-99C5-47D70311BA87}\mpengine.dll
2012-10-03 06:24 . 2012-08-30 22:43 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-10-03 06:12 . 2012-10-03 06:12 -------- d-----w- c:\programdata\IObit
2012-10-03 06:11 . 2012-10-03 06:11 -------- d-----w- c:\users\gaca\AppData\Roaming\IObit
2012-10-03 06:11 . 2012-10-03 06:11 -------- d-----w- c:\program files (x86)\IObit
2012-10-03 05:31 . 2012-07-04 22:04 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-10-03 05:31 . 2012-07-04 22:01 58880 ----a-w- c:\windows\system32\browcli.dll
2012-10-03 05:31 . 2012-07-04 22:01 136704 ----a-w- c:\windows\system32\browser.dll
2012-10-03 05:31 . 2012-07-04 21:23 41472 ----a-w- c:\windows\SysWow64\browcli.dll
2012-10-03 05:31 . 2012-05-14 05:20 956416 ----a-w- c:\windows\system32\localspl.dll
2012-10-03 05:31 . 2012-06-06 05:50 2003968 ----a-w- c:\windows\system32\msxml6.dll
2012-10-03 05:31 . 2012-06-06 05:50 1880064 ----a-w- c:\windows\system32\msxml3.dll
2012-10-03 05:31 . 2012-06-06 05:09 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-10-03 05:31 . 2012-06-06 05:09 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-10-03 05:30 . 2012-04-24 05:59 182272 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-03 05:30 . 2012-04-24 05:59 1460224 ----a-w- c:\windows\system32\crypt32.dll
2012-10-03 05:30 . 2012-04-24 05:59 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-03 05:30 . 2012-04-24 04:47 139264 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-03 05:30 . 2012-04-24 04:47 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-03 05:30 . 2012-04-24 04:47 1156608 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-03 05:29 . 2012-06-09 05:30 14165504 ----a-w- c:\windows\system32\shell32.dll
2012-10-03 05:29 . 2012-04-26 05:34 76288 ----a-w- c:\windows\system32\rdpwsx.dll
2012-10-03 05:29 . 2012-04-26 05:34 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-10-03 05:29 . 2012-04-26 05:28 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-10-03 05:29 . 2012-04-28 03:50 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-10-03 05:28 . 2012-04-02 05:24 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-10-03 05:28 . 2012-04-02 04:40 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-10-03 05:28 . 2012-05-04 16:52 5473136 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-03 05:28 . 2012-05-04 10:03 3970928 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-10-03 05:28 . 2012-05-04 10:03 3915632 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-10-03 05:23 . 2012-03-03 06:29 1541120 ----a-w- c:\windows\system32\DWrite.dll
2012-10-03 05:23 . 2012-03-03 06:29 320512 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-10-03 05:23 . 2012-03-03 06:29 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2012-10-03 05:23 . 2012-03-03 06:29 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2012-10-03 05:23 . 2012-03-03 06:29 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-10-03 05:23 . 2012-03-03 05:40 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-10-03 05:23 . 2012-03-03 05:40 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2012-10-03 05:23 . 2012-03-03 05:40 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-10-03 05:23 . 2012-03-03 05:40 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2012-10-03 05:23 . 2012-03-03 05:40 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2012-10-03 05:18 . 2011-11-05 05:17 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-03 05:18 . 2011-11-05 04:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-10-03 05:18 . 2011-10-26 05:19 43520 ----a-w- c:\windows\system32\csrsrv.dll
2012-10-03 05:18 . 2011-10-15 06:25 723456 ----a-w- c:\windows\system32\EncDec.dll
2012-10-03 05:18 . 2011-10-15 05:48 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2012-10-03 05:18 . 2011-10-01 05:28 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2012-10-03 05:18 . 2011-10-01 04:43 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2012-10-03 05:15 . 2011-06-15 09:58 212992 ----a-w- c:\windows\system32\odbctrac.dll
2012-10-03 05:14 . 2011-04-29 03:13 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2012-10-03 05:14 . 2011-04-29 03:12 399872 ----a-w- c:\windows\system32\drivers\srv2.sys
2012-10-03 05:14 . 2011-04-29 03:12 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2012-10-03 05:14 . 2011-04-27 02:57 102400 ----a-w- c:\windows\system32\drivers\dfsc.sys
2012-10-03 05:14 . 2011-05-03 05:21 976896 ----a-w- c:\windows\system32\inetcomm.dll
2012-10-03 05:14 . 2011-05-03 04:50 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2012-10-03 05:14 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2012-10-03 05:14 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2012-10-03 05:12 . 2010-12-18 06:11 714752 ----a-w- c:\windows\system32\kerberos.dll
2012-10-03 05:11 . 2010-08-21 06:38 1024512 ----a-w- c:\windows\system32\wmpmde.dll
2012-10-03 05:10 . 2010-05-19 19:48 144384 ----a-w- c:\windows\system32\cdd.dll
2012-10-03 05:09 . 2009-10-31 06:34 2870272 ----a-w- c:\windows\explorer.exe
2012-10-03 05:09 . 2009-10-31 05:45 2614272 ----a-w- c:\windows\SysWow64\explorer.exe
2012-10-03 05:09 . 2009-10-28 06:24 389632 ----a-w- c:\windows\system32\winlogon.exe
2012-10-03 05:09 . 2009-08-29 07:50 46592 ----a-w- c:\windows\system32\msasn1.dll
2012-10-03 05:09 . 2009-08-29 06:57 34816 ----a-w- c:\windows\SysWow64\msasn1.dll
2012-10-03 05:09 . 2009-09-03 07:36 1975296 ----a-w- c:\windows\system32\CertEnroll.dll
2012-10-03 05:09 . 2009-09-03 07:04 1320960 ----a-w- c:\windows\SysWow64\CertEnroll.dll
2012-10-03 04:42 . 2012-02-15 06:27 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-10-03 04:42 . 2012-02-15 05:44 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-10-03 04:42 . 2012-02-15 04:46 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-10-03 04:42 . 2010-01-09 07:19 139264 ----a-w- c:\windows\system32\cabview.dll
2012-10-03 04:42 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2012-10-03 04:41 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-10-03 04:41 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-10-03 04:41 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-10-03 04:41 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-10-03 04:41 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-10-03 04:41 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-10-03 04:41 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-10-03 04:41 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-10-03 04:41 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-10-03 04:22 . 2012-10-03 04:44 -------- d-----w- c:\programdata\BDLogging
2012-10-03 04:22 . 2012-04-17 12:34 76944 ----a-w- c:\windows\system32\drivers\bdvedisk.sys
2012-10-03 04:22 . 2012-08-23 15:07 82384 ----a-w- c:\windows\system32\drivers\bdsandbox.sys
2012-10-03 04:22 . 2012-07-06 13:21 93160 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys
2012-10-03 04:22 . 2007-04-11 09:11 511328 ----a-w- c:\windows\capicom.dll
2012-10-03 04:22 . 2012-06-13 12:01 577248 ----a-w- c:\windows\system32\drivers\avckf.sys
2012-10-03 04:22 . 2011-11-25 13:00 258736 ----a-w- c:\windows\system32\drivers\avchv.sys
2012-10-03 04:22 . 2012-06-13 12:01 700384 ----a-w- c:\windows\system32\drivers\avc3.sys
2012-10-03 04:19 . 2012-10-03 04:44 -------- d-----w- c:\users\gaca\AppData\Roaming\Bitdefender
2012-10-03 04:19 . 2012-10-03 04:22 -------- d-----w- c:\programdata\Bitdefender
2012-10-03 04:18 . 2012-10-03 04:18 -------- d-----w- c:\users\gaca\AppData\Roaming\QuickScan
2012-10-03 04:16 . 2012-10-03 04:19 -------- d-----w- c:\program files\Bitdefender
2012-10-03 04:16 . 2012-08-29 16:24 145696 ----a-w- c:\windows\system32\drivers\gzflt.sys
2012-10-03 04:16 . 2012-07-02 13:21 350160 ----a-w- c:\windows\system32\drivers\trufos.sys
2012-10-03 04:15 . 2012-10-03 04:16 -------- d-----w- c:\program files\Common Files\Bitdefender
2012-10-01 21:47 . 2012-10-06 16:10 -------- d-----w- C:\OnlineUpdate
2012-10-01 21:47 . 2012-10-02 21:47 -------- d-----w- C:\log
2012-10-01 03:46 . 2012-10-01 03:46 -------- d-----w- c:\windows\Sun
2012-09-26 18:23 . 2012-09-26 18:23 1025 ----a-w- c:\windows\SysWow64\sysprst.dll
2012-09-26 18:20 . 2002-10-17 22:00 110592 ----a-w- c:\windows\SysWow64\tsccvid.dll
2012-09-26 18:19 . 2003-11-10 16:14 729088 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-28 17:21 . 2012-08-28 16:59 98816 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2012-08-28 17:21 . 2012-08-28 16:59 86016 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2012-08-28 17:21 . 2012-08-28 16:59 69632 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2012-08-28 17:21 . 2012-08-28 16:59 421376 ----a-w- c:\windows\system32\drivers\ewusbwwan.sys
2012-08-28 17:21 . 2012-08-28 16:59 32768 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2012-08-28 17:21 . 2012-08-28 16:59 28672 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2012-08-28 17:21 . 2012-08-28 16:59 221312 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2012-08-28 17:21 . 2012-08-28 16:59 22016 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys
2012-08-28 17:21 . 2012-08-28 16:59 212992 ----a-w- c:\windows\system32\drivers\ew_juwwanecm.sys
2012-08-28 17:21 . 2012-08-28 16:59 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2012-08-28 17:21 . 2012-08-28 16:59 1490656 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2012-08-28 17:21 . 2012-08-28 16:59 13952 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2012-08-28 17:21 . 2012-08-28 16:59 117248 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2012-08-28 17:21 . 2012-08-28 16:59 1001472 ----a-w- c:\windows\system32\drivers\mod7700.sys
2012-08-02 17:49 . 2012-08-22 14:40 419144 ----a-w- c:\windows\SysWow64\appinit_dll.dll
2012-08-02 17:48 . 2012-08-22 14:40 75592 ----a-w- c:\windows\system32\drivers\VirtuWDDM.sys
2012-08-02 17:48 . 2012-08-22 14:40 464200 ----a-w- c:\windows\system32\appinit_dll.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-05-16 39408]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]
"Advanced SystemCare 5"="c:\program files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-12-29 620376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-16 115048]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2011-10-31 465536]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-27 291608]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704]
"EaseUs Watch"="c:\program files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe" [2012-05-03 71816]
"EaseUs Tray"="c:\program files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe" [2012-05-03 750728]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-12-09 606208]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-10-01 640376]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"="c:\program files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-12-29 620376]
.
c:\users\gaca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Samsung SSD Magician.lnk - c:\program files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe [2012-4-6 2056192]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe [2012-7-2 788992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\appinit_dll.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys [x]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;e:\program files (x86)\HWiNFO32\HWiNFO64A.SYS [x]
R2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [2012-06-30 918448]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 136176]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;d:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
R2 mts mobilni internet. RunOuc;mts mobilni internet. OUC;c:\program files (x86)\mts mobilni internet\UpdateDog\ouc.exe [2012-08-28 239968]
R2 SkypeUpdate;Skype Updater;e:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 253600]
R3 ALSysIO;ALSysIO;c:\users\gaca\AppData\Local\Temp\ALSysIO64.sys [x]
R3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys [x]
R3 ASUSstpt;ASUS USB 3.0 Boost Storage Driver (Storage Driver);c:\windows\system32\DRIVERS\ASUSstpt.sys [2011-10-07 24648]
R3 ASUSumsc;ASUS USB 3.0 Boost Storage Driver (WDM);c:\windows\system32\DRIVERS\ASUSumsc.sys [2011-10-07 141896]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2012-06-13 577248]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2012-08-23 82384]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files (x86)\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616]
R3 DIRECTIO;DIRECTIO;c:\program files (x86)\PerformanceTest\DirectIo.sys [2012-02-20 21568]
R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys [2008-04-22 12744]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2012-08-28 117248]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [2012-08-28 421376]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-12-14 128928]
R3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys [2010-02-12 66608]
R3 GPU-Z;GPU-Z;c:\users\gaca\AppData\Local\Temp\GPU-Z.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 136176]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2010-05-14 271712]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]
R3 MCsVDisk;MagicCute Virtual Disk Driver;c:\windows\system32\DRIVERS\mcsvdisk.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-07-27 78848]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-07-27 180224]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-05-25 174184]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [2011-02-01 31152]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2012-01-18 19936]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2012-01-18 13280]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-29 412776]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888]
R3 Samsung UPD Service2;Samsung UPD Service2;c:\windows\System32\SUPDSvc2.exe [2012-04-05 158208]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USB_NDIS;RCA USB Digital Cable Modem Driver;c:\windows\system32\DRIVERS\NetRcaCmNTamd64.sys [2007-01-05 18560]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-08-15 146736]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2011-08-15 117040]
R4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [2012-09-11 65344]
S0 AiChargerPlus;ASUS Charger Plus Driver;c:\windows\system32\DRIVERS\AiChargerPlus.sys [2010-11-08 14464]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys [2012-01-06 49760]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2012-06-13 700384]
S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [2012-05-03 58504]
S0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [2012-05-03 48776]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys [2012-08-29 145696]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
S0 mv91cons;Marvell 91xx Config Device Driver;c:\windows\system32\DRIVERS\mv91cons.sys [2011-03-14 24880]
S0 mvs91xx;mvs91xx;c:\windows\system32\DRIVERS\mvs91xx.sys [2011-03-14 313136]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-25 834544]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2012-07-06 93160]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-14 103504]
S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [2012-04-17 76944]
S1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [2012-05-03 19592]
S1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys [2012-05-03 189576]
S1 networx;networx;c:\windows\system32\drivers\networx.sys [2011-02-07 56968]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-08-15 224048]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-08-15 128816]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-02-01 500568]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-06-11 239616]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-06-30 951936]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-02-17 149120]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.00.25\AsusFanControlService.exe [2012-02-22 1493120]
S2 EaseUS Agent;EaseUS Agent Service;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2012-05-03 70280]
S2 Guard Agent;Guard Agent Service;c:\program files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [2012-05-03 24712]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [2011-03-14 346976]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2011-08-15 178344]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-07 161560]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 MCsVirtualDisk;MCsVirtualDisk;c:\windows\system32\Module_VDiskSvc.exe [x]
S2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [2012-02-08 343032]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE [2012-02-08 70136]
S2 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [2012-06-25 95184]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2007-08-13 11576]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
S2 SWAS_Core;SyncThru Web Admin Service;c:\program files (x86)\Samsung Network Printer Utilities\SyncThru Web Admin Service\SWAS.exe [2008-04-15 1449984]
S2 SWAS_Srv_DriverManagement;SyncThru Web Admin Service Driver Management;c:\program files (x86)\Samsung Network Printer Utilities\SyncThru Web Admin Service Driver Management\SWASDriverManagementPlugin.exe [2008-01-31 1060864]
S2 SWAS_Srv_LDD;SyncThru Web Admin Service Local Device Discovery;c:\program files (x86)\Samsung Network Printer Utilities\SyncThru Web Admin Local Device Discovery\LocalDevDiscoveryPlugin.exe [2008-01-31 634880]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-07 363800]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe [2012-07-03 68416]
S3 AiCharger;AiCharger;SysWow64\drivers\AiCharger.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-06-11 367616]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-11-03 130536]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-11-03 395752]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2011-04-20 1930240]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [2011-11-25 258736]
S3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [2011-07-20 342704]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2012-08-28 86016]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-05-27 160768]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys [2010-08-18 26136]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-05 331264]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
S3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
S3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys [2010-05-27 14648]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-08-15 165680]
S3 VirtuWDDM;VirtuWDDM;c:\windows\system32\DRIVERS\VirtuWDDM.sys [2012-08-02 75592]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 18:46]
.
2012-10-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 20:58]
.
2012-10-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 20:58]
.
2012-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1753427418-3210929312-250935365-1000Core.job
- c:\users\gaca\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-20 19:33]
.
2012-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1753427418-3210929312-250935365-1000UA.job
- c:\users\gaca\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-20 19:33]
.
2012-10-03 c:\windows\Tasks\One-Click Tweak.job
- c:\program files (x86)\Advanced PC Tweaker\OneClick.exe [2012-10-03 08:02]
.
2012-10-06 c:\windows\Tasks\ParetoLogic Registration.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2012-09-28 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2008-02-22 10:25]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]
@="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"
[HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]
2012-06-29 09:19 268760 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]
@="{342DAA0B-D796-460D-8566-901E08A1CCAD}"
[HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]
2012-06-29 09:19 268760 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]
@="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"
[HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]
2012-06-29 09:19 268760 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]
@="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"
[HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]
2012-06-29 09:19 268760 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-12-28 6457960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
"VIRTU MVP"="c:\program files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe" [2012-08-02 3097416]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"Bdagent"="c:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2012-10-03 1544912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\appinit_dll.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.maxiwe.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://search.phpnuke.org/?lang=en&q={searchTerms}
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Search the Web - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} -
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{8F836782-8774-4889-A3C3-9B6E0A0B9E57}: NameServer = 195.178.38.3 195.178.38.8
TCP: Interfaces\{9C0FEC6D-9E2A-44B9-BC7E-6865C8B3EB2A}: NameServer = 195.178.38.3 195.178.38.8
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-LogMeIn Hamachi Ui - d:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
Wow6432Node-HKLM-Run-USB 3.0 Boost Service - e:\ai suite ii\USB 3.0 Boost\U3BoostSvr.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-NetWorx - e:\program files\NetWorx\networx.exe
AddRemove-38DFB2FF-77AD-4074-8C1A-AA51C538B68D - e:\program files (x86)\HWBOT Unigine Heaven Benchmark Application103\uninstall.exe
AddRemove-AIDA64 Extreme Edition_is1 - e:\program files (x86)\FinalWire\AIDA64 Extreme Edition\unins000.exe
AddRemove-Alien vs. Triangles - e:\program files (x86)\NVIDIA Corporation\NVIDIA Demos\Alien vs. Triangles\uninstall.exe
AddRemove-Call of Duty: Black Ops_is1 - e:\program files (x86)\Activision\Call of Duty - Black Ops\unins000.exe
AddRemove-eMule - e:\program files (x86)\eMule\Uninstall.exe
AddRemove-eMule Plus_is1 - e:\program files (x86)\eMule2\unins000.exe
AddRemove-Endless City - e:\program files (x86)\NVIDIA Corporation\NVIDIA Demos\Endless City\uninstall.exe
AddRemove-Fraps - e:\fraps\uninstall.exe
AddRemove-Gadwin PrintScreen Professional - e:\program files (x86)\Gadwin Systems\PrintScreenPro\Uninstall.exe
AddRemove-HD Tune Pro_is1 - e:\program files (x86)\HD Tune Pro\unins000.exe
AddRemove-LinX - e:\program files (x86)\LinX\Uninstall.exe
AddRemove-Magic ISO Maker v5.5 (build 0281) - e:\progra~2\MagicISO\UNWISE.EXE
AddRemove-Monday Night Combat_is1 - e:\program files (x86)\Uber Entertainment\Monday Night Combat\unins000.exe
AddRemove-PhotoScape - e:\program files (x86)\PhotoScape\uninstall.exe
AddRemove-Phpnuke Downloader Adobe Flash Player (Firefox, Chrome y Opera) - c:\program files (x86)\Phpnuke Downloader\Phpnuke Downloader Adobe Flash Player (Firefox
AddRemove-Test Drive Unlimited 2_is1 - e:\program files (x86)\Atari\TDU2\Uninstall\unins000.exe
AddRemove-WinRAR archiver - e:\program files (x86)\WinRAR\uninstall.exe
AddRemove-{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010} - d:\program files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe
AddRemove-{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC} - d:\program files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe
AddRemove-{B531E735-8ED5-4270-ACCE-3809086FBD02}_is1 - e:\program files (x86)\Batman Arkham City\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-10-06 18:37:11
ComboFix-quarantined-files.txt 2012-10-06 16:37
ComboFix2.txt 2011-07-16 21:46
.
Pre-Run: 118,658,248,704 bytes free
Post-Run: 119,340,138,496 bytes free
.
- - End Of File - - 5CD6E71949B2B0DE184823C84399E84E

mycity.rs/must-login.png

Poslao: 06 Okt 2012 19:15
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow

Otvori Notepad i iskopiraj sljedeći tekst:

DeQuarantine::
C:\QooBox\Quarantine\c\windows\SysWow64\URTTemp
Quit::


Snimi na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sljedećoj poruci log koji bude bio napravljen na kraju čišćenja/skeniranja.



Question

Da li si koristio registry cleaner-e ili alate za optimizaciju sistema prije nego što se počela pojavljivati greška koja se nalazi na postavljenom screentshotu?

MyCity » Ambulanta -> Arhiva Ambulante » Viruscina

Ko je trenutno na forumu
 

Ukupno su 1075 korisnika na forumu :: 53 registrovanih, 9 sakrivenih i 1013 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., Apok, babaroga, bankulen, Batinas, Bobrock1, Bokiboks, bokisha253, Boris90, cenejac111, cifra, CikaKURE, cincarin, comi_pfc, Denaya, Dimitrise93, dragoljub11987, drimer, Georgius, ginjica, HrcAk47, ikan, ILGromovnik, JOntra, Još malo pa deda, Karla, Krvava Devetka, ladro, Lucije Kvint, Marko Marković, mercedesamg, mikrimaus, milenko crazy north, milutin134, moldway, mrav pesadinac, nebidrag, nenad81, Nobunaga, rasok, Ripanjac, RJ, Rogan33, royst33, stalja, Sumadija34, vathra, Vladko, voja64, wolf431, wolverined4, YugoSlav