OTL logfile created on: 23/04/2012 02:02:04 - Run 2
OTL by OldTimer - Version 3.2.40.0     Folder = C:\Users\win7\Downloads\Programs
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
 
1,87 Gb Total Physical Memory | 0,82 Gb Available Physical Memory | 43,62% Memory free
3,75 Gb Paging File | 1,77 Gb Available in Paging File | 47,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 135,13 Gb Total Space | 98,74 Gb Free Space | 73,07% Space Free | Partition Type: NTFS
Drive F: | 97,65 Gb Total Space | 13,99 Gb Free Space | 14,33% Space Free | Partition Type: NTFS
 
Computer Name: WIN7-PC | User Name: win7 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012/04/23 01:46:16 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\win7\Downloads\Programs\OTL.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/03/14 18:38:14 | 000,913,752 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2012/03/06 19:39:50 | 000,574,296 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
PRC - [2012/01/30 18:41:26 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2012/01/05 16:29:38 | 002,771,470 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe
PRC - [2012/01/04 15:26:46 | 001,606,488 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2011/12/14 16:50:06 | 005,407,850 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe
PRC - [2011/10/14 08:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe
PRC - [2011/10/14 08:01:48 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2011/05/10 18:02:20 | 000,181,248 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Polipo\polipo.exe
PRC - [2011/03/02 17:20:58 | 000,224,256 | ---- | M] () -- C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
PRC - [2010/09/30 21:58:18 | 003,249,504 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2010/05/25 16:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2010/01/15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/11/19 19:15:46 | 000,583,016 | ---- | M] (Sony Corporation) -- C:\PROGRAM FILES (X86)\SONY\CONTENT TRANSFER\CONTENTTRANSFERWMDETECTOR.EXE
PRC - [2009/08/29 08:00:12 | 000,966,656 | ---- | M] () -- C:\Users\win7\Local Settings\Apps\F.lux\flux.exe
PRC - [2008/01/15 16:18:10 | 000,016,200 | R--- | M] () -- C:\PROGRAM FILES (X86)\COREL\COREL PAINT SHOP PRO PHOTO X2\CORELIOMONITOR.EXE
PRC - [2007/12/10 15:55:26 | 000,323,584 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe
PRC - [2007/06/05 14:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\SysWOW64\PSIService.exe
PRC - [2007/04/19 12:32:08 | 000,225,280 | ---- | M] (ATK0100) -- C:\Program Files (x86)\ATK Hotkey\Hcontrol.exe
PRC - [2007/02/05 19:13:14 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\ATK Hotkey\ASLDRSrv.exe
PRC - [2007/01/17 20:26:36 | 007,708,672 | ---- | M] () -- C:\Programmi\ATKOSD2\ATKOSD2.exe
PRC - [2006/12/18 18:26:26 | 002,420,736 | ---- | M] () -- C:\Program Files (x86)\ATK Hotkey\ATKOSD.exe
PRC - [2006/12/04 11:58:18 | 000,675,840 | ---- | M] (Sonix) -- C:\Windows\vsnp2std.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012/04/14 11:07:55 | 008,797,344 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2012/01/05 16:29:38 | 002,771,470 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe
MOD - [2011/12/14 16:50:06 | 005,407,850 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe
MOD - [2011/08/19 17:33:28 | 000,047,960 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll
MOD - [2011/05/10 18:02:20 | 000,181,248 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Polipo\polipo.exe
MOD - [2011/05/10 18:02:20 | 000,076,800 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Polipo\libgnurx-0.dll
MOD - [2011/02/14 23:02:58 | 002,417,664 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtCore4.dll
MOD - [2010/03/07 05:31:36 | 000,024,110 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\mingwm10.dll
MOD - [2010/02/10 18:36:20 | 009,565,184 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtGui4.dll
MOD - [2010/02/10 18:11:00 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtNetwork4.dll
MOD - [2010/02/10 18:08:16 | 000,398,336 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtXml4.dll
MOD - [2009/08/29 08:00:12 | 000,966,656 | ---- | M] () -- C:\Users\win7\Local Settings\Apps\F.lux\flux.exe
MOD - [2009/06/22 20:42:42 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\libgcc_s_dw2-1.dll
MOD - [2008/01/15 16:18:10 | 000,016,200 | R--- | M] () -- C:\PROGRAM FILES (X86)\COREL\COREL PAINT SHOP PRO PHOTO X2\CORELIOMONITOR.EXE
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2012/01/10 20:50:10 | 000,787,968 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV - [2012/04/14 11:07:56 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/13 14:59:46 | 000,409,232 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/14 18:38:14 | 000,913,752 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2012/03/11 21:13:24 | 002,815,496 | ---- | M] (COMODO) [Auto | Running] -- C:\Programmi\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2012/02/29 09:17:56 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/21 16:18:00 | 000,076,288 | ---- | M] (Freemake) [Auto | Stopped] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2012/01/11 10:31:21 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2011/10/14 08:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/10/14 08:01:48 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/06/13 22:21:14 | 000,343,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2011/04/27 18:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Programmi\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 18:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programmi\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/03/02 17:20:58 | 000,224,256 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe -- (DirMngr)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/01/09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/06/05 14:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing)
SRV - [2007/02/05 19:13:14 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012/04/03 14:19:10 | 000,147,248 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:[b]64bit:[/b] - [2012/03/12 11:11:14 | 000,564,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2012/03/09 04:30:58 | 003,580,928 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2012/03/02 19:05:53 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/01/11 09:49:52 | 000,013,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2012/01/10 21:03:38 | 000,086,528 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssn64.sys -- (rimsptsk)
DRV:[b]64bit:[/b] - [2012/01/10 20:50:26 | 000,017,168 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV:[b]64bit:[/b] - [2012/01/10 20:50:11 | 003,535,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2011/04/27 16:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/26 19:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:[b]64bit:[/b] - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010/09/29 22:53:37 | 000,091,936 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:[b]64bit:[/b] - [2010/09/01 10:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:[b]64bit:[/b] - [2009/10/26 16:36:22 | 001,202,688 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\smserial.sys -- (smserial)
DRV:[b]64bit:[/b] - [2009/07/23 22:03:10 | 000,052,736 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtnic64.sys -- (RTL8023x64)
DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008/02/13 13:17:10 | 000,686,592 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207)
DRV:[b]64bit:[/b] - [2007/01/20 12:38:06 | 012,324,224 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://alawar.pl
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-498801108-1609876238-1518314518-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-498801108-1609876238-1518314518-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-498801108-1609876238-1518314518-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKU\S-1-5-21-498801108-1609876238-1518314518-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D8 E9 AA 33 C6 CF CC 01  [binary data]
IE - HKU\S-1-5-21-498801108-1609876238-1518314518-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-498801108-1609876238-1518314518-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-498801108-1609876238-1518314518-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKU\S-1-5-21-498801108-1609876238-1518314518-1000\..\SearchScopes,DefaultScope = {7DCC174C-569D-45F8-A19B-4C8DAA89EA69}
IE - HKU\S-1-5-21-498801108-1609876238-1518314518-1000\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=IT&install_date=20120111&user_guid=AFD7B94BBF2447C382715B5CF99A58C8&machine_id=735ce0fb30e1399bc60e66beff5d04f8&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
IE - HKU\S-1-5-21-498801108-1609876238-1518314518-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-498801108-1609876238-1518314518-1000\..\SearchScopes\{3620B923-A887-4F3C-B243-39C8E2CABE3F}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=NRO&o=101917&src=kw&q={searchTerms}&locale=&apn_ptnrs=EV&apn_dtid=YYYYYYYYIT&apn_uid=A4194E72-24C3-450F-AA33-116F6F09D31F&apn_sauid=719E9794-DB2A-4E25-BBC5-6F70287F41FD
IE - HKU\S-1-5-21-498801108-1609876238-1518314518-1000\..\SearchScopes\{62DB489C-60F9-4CDA-A446-EE7B05816295}: "URL" = http://www.google.com/search?hl=en&q={searchTerms}&rlz=
IE - HKU\S-1-5-21-498801108-1609876238-1518314518-1000\..\SearchScopes\{7DCC174C-569D-45F8-A19B-4C8DAA89EA69}: "URL" = http://it.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=642886&p={searchTerms}
IE - HKU\S-1-5-21-498801108-1609876238-1518314518-1000\..\SearchScopes\{CA253015-B3BB-4CB4-873F-F7062DA1DD39}: "URL" = http://start.funmoods.com/results.php?f=4&a=make&q={searchTerms}
IE - HKU\S-1-5-21-498801108-1609876238-1518314518-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 8118
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.socks_version: 4
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8118
FF - prefs.js..network.proxy.type: 1
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/02 22:51:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\win7\AppData\Roaming\IDM\idmmzcc3 [2012/04/22 22:43:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\win7\AppData\Roaming\IDM\idmmzcc3 [2012/04/22 22:43:45 | 000,000,000 | ---D | M]
 
[2012/04/02 22:51:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\win7\AppData\Roaming\mozilla\Extensions
[2012/04/23 00:27:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\4zd13z8j.default\extensions
[2012/04/23 00:27:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\4zd13z8j.default\extensions\staged
[2012/04/02 22:51:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
() (No name found) -- C:\USERS\WIN7\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4ZD13Z8J.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\WIN7\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4ZD13Z8J.DEFAULT\EXTENSIONS\{E0204BD5-9D31-402B-A99D-A6AA8FFEBDCA}.XPI
[2012/03/13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/13 07:36:36 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012/03/13 07:36:36 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012/03/13 07:36:36 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012/03/13 07:36:36 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012/03/13 07:36:36 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012/03/13 07:36:36 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - Extension: No name found = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: No name found = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: No name found = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
 
O1 HOSTS File: ([2012/04/22 22:27:31 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programmi\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - No CLSID value found.
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:[b]64bit:[/b] - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [PAC207_Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [SMSERIAL] C:\Programmi\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [snp2std] C:\Windows\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [snp2std] C:\Windows\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKU\S-1-5-21-498801108-1609876238-1518314518-1000..\Run: [Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-498801108-1609876238-1518314518-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-498801108-1609876238-1518314518-1000..\Run: [F.lux] C:\Users\win7\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKU\S-1-5-21-498801108-1609876238-1518314518-1000..\Run: [IDMan] C:\PROGRAM FILES (X86)\INTERNET DOWNLOAD MANAGER\IDMAN.EXE (Tonec Inc.)
O4 - HKU\S-1-5-21-498801108-1609876238-1518314518-1000..\Run: [Vidalia] C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-498801108-1609876238-1518314518-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-498801108-1609876238-1518314518-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSecurityTab = 1
O7 - HKU\S-1-5-21-498801108-1609876238-1518314518-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:[b]64bit:[/b] - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:[b]64bit:[/b] - Extra context menu item: Œci¹gnij przez IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Œci¹gnij wszystkie linki przez IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Œci¹gnij zawartoœæ wideo FLV przez IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Œci¹gnij przez IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Œci¹gnij wszystkie linki przez IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Œci¹gnij zawartoœæ wideo FLV przez IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O9:[b]64bit:[/b] - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found
O9 - Extra Button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Key error. File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.70.152.15 212.52.97.15
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B9023BD-8055-43DA-B23E-FFCAEECF728D}: DhcpNameServer = 193.70.152.15 212.52.97.15
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B9023BD-8055-43DA-B23E-FFCAEECF728D}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{829D866D-7FF2-4F1D-81F4-9BA5501E06A7}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ADC5515D-D894-4826-AF13-B8C0478CCC2E}: NameServer = 8.26.56.26,156.154.70.22
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml - No CLSID value found
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programmi\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/04/22 23:59:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2012/04/22 23:59:00 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2012/04/22 23:34:34 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/04/22 22:43:14 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/04/22 22:32:51 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/04/22 22:14:32 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/04/22 18:27:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/04/22 18:27:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/04/22 00:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trust Webcam 14881
[2012/04/22 00:00:12 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\amcap.exe
[2012/04/21 23:48:40 | 000,000,000 | ---D | C] -- C:\AULOGS
[2012/04/21 20:42:13 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/04/21 20:42:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/04/21 20:14:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2012/04/21 19:09:49 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012/04/21 19:09:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012/04/21 19:08:48 | 002,605,400 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012/04/21 19:08:47 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
[2012/04/21 19:08:47 | 000,836,544 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2012/04/21 19:08:47 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012/04/21 19:08:47 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012/04/21 19:08:47 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
[2012/04/21 19:08:47 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
[2012/04/21 19:08:46 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012/04/21 19:08:46 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012/04/21 19:08:45 | 000,220,776 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2012/04/21 19:08:44 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012/04/21 19:08:44 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2012/04/21 19:08:44 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2012/04/21 19:08:44 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2012/04/21 19:08:44 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012/04/21 19:08:43 | 002,670,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012/04/21 19:08:43 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012/04/21 19:08:41 | 003,608,680 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012/04/21 19:08:41 | 000,824,424 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012/04/21 19:08:41 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012/04/21 19:08:41 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012/04/21 19:08:41 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012/04/21 19:08:41 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2012/04/21 19:08:40 | 002,886,656 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2012/04/21 19:08:40 | 001,251,432 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012/04/21 19:08:40 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012/04/21 19:08:40 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012/04/21 19:08:40 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012/04/21 19:08:40 | 000,102,504 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2012/04/21 19:08:40 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012/04/21 19:08:39 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2012/04/21 19:08:39 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2012/04/21 19:08:39 | 000,137,056 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2012/04/21 19:08:39 | 000,075,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2012/04/21 19:08:38 | 000,396,632 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2012/04/21 19:08:38 | 000,120,160 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2012/04/21 19:08:37 | 008,363,864 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2012/04/21 19:08:37 | 001,247,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2012/04/21 19:08:36 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012/04/21 19:08:36 | 000,978,776 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2012/04/21 19:08:35 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2012/04/21 19:08:35 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2012/04/21 19:08:35 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012/04/21 19:08:27 | 002,528,832 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012/04/21 19:08:26 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012/04/21 19:08:26 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012/04/21 19:08:26 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2012/04/21 19:08:26 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012/04/21 19:08:26 | 000,537,456 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2012/04/21 19:08:26 | 000,524,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2012/04/21 19:08:26 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012/04/21 19:08:26 | 000,449,392 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2012/04/21 19:08:26 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012/04/21 19:08:25 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012/04/21 19:08:25 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012/04/21 19:08:25 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012/04/21 19:08:25 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012/04/21 19:08:25 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012/04/21 19:08:25 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2012/04/21 19:08:24 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012/04/21 19:08:24 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012/04/21 19:08:18 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012/04/21 19:08:17 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012/04/21 19:06:15 | 000,052,736 | ---- | C] (Realtek Semiconductor Corporation                           ) -- C:\Windows\SysNative\drivers\Rtnic64.sys
[2012/04/21 19:06:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012/04/21 19:03:35 | 003,580,928 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2012/04/21 19:03:34 | 000,442,528 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvs.dll
[2012/04/21 19:03:34 | 000,063,648 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvui.dll
[2012/04/21 19:03:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nn-NO
[2012/04/21 19:03:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atheros
[2012/04/21 19:02:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2012/04/21 18:58:58 | 000,000,000 | ---D | C] -- C:\AMD
[2012/04/21 18:56:26 | 000,000,000 | ---D | C] -- C:\Aktualizacja ster
[2012/04/21 16:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\RegCure
[2012/04/21 16:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegCure
[2012/04/21 16:08:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegCure
[2012/04/21 01:44:25 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Local\{97A2FB48-8025-4EF3-87FE-7C9D2E5A84A8}
[2012/04/21 01:44:12 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Local\{829A8C49-953B-4528-A3CE-9BF5B10D2A82}
[2012/04/21 01:43:58 | 000,000,000 | ---D | C] -- C:\Users\win7\Tracing
[2012/04/21 01:34:10 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Local\Windows Live
[2012/04/21 01:34:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012/04/21 01:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012/04/21 00:29:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trust
[2012/04/21 00:29:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PAC207
[2012/04/20 23:59:30 | 000,000,000 | ---D | C] -- C:\Directx
[2012/04/20 23:10:56 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Roaming\Skype
[2012/04/20 23:10:35 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/04/20 23:10:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/04/20 23:03:14 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012/04/20 23:03:14 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012/04/20 23:03:14 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012/04/20 23:03:14 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012/04/20 23:03:13 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012/04/20 23:03:13 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012/04/20 23:03:12 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012/04/20 23:03:11 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012/04/20 23:03:09 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012/04/20 23:03:09 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012/04/20 23:03:08 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012/04/20 23:03:06 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012/04/20 23:03:06 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012/04/20 23:03:06 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012/04/20 23:03:06 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012/04/20 23:03:05 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012/04/20 23:03:05 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012/04/20 23:03:04 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012/04/20 23:03:04 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012/04/20 23:03:03 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012/04/20 23:03:03 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012/04/20 23:03:01 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012/04/20 23:03:01 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012/04/20 23:03:00 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2012/04/20 23:02:59 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012/04/20 23:02:59 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012/04/20 23:02:58 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2012/04/20 23:02:58 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2012/04/20 23:02:57 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012/04/20 23:02:57 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012/04/20 23:02:56 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2012/04/20 23:02:55 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012/04/20 23:02:55 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2012/04/20 23:02:55 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012/04/20 23:02:55 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2012/04/20 23:02:54 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012/04/20 23:02:54 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012/04/20 23:02:52 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012/04/20 23:02:52 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012/04/20 23:02:52 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012/04/20 23:02:52 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012/04/20 23:02:51 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012/04/20 23:02:51 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012/04/20 23:02:50 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012/04/20 23:02:50 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012/04/20 23:02:49 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012/04/20 23:02:49 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012/04/20 23:02:49 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012/04/20 23:02:49 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012/04/20 23:02:47 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012/04/20 23:02:46 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012/04/20 23:02:46 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012/04/20 23:02:46 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012/04/20 23:02:46 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012/04/20 23:02:44 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012/04/20 23:02:44 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012/04/20 23:02:44 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012/04/20 23:02:44 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012/04/20 23:02:42 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012/04/20 23:02:42 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012/04/20 23:02:42 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012/04/20 23:02:42 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012/04/20 23:02:41 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012/04/20 23:02:41 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012/04/20 23:02:40 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012/04/20 23:02:40 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012/04/20 23:02:40 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012/04/20 23:02:40 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012/04/20 23:02:38 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012/04/20 23:02:38 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012/04/20 23:02:37 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012/04/20 23:02:37 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012/04/20 23:02:36 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012/04/20 23:02:36 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012/04/20 23:02:35 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012/04/20 23:02:35 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012/04/20 23:02:35 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012/04/20 23:02:35 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012/04/20 23:02:33 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012/04/20 23:02:33 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012/04/20 23:02:33 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012/04/20 23:02:33 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012/04/20 23:02:32 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012/04/20 23:02:32 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012/04/20 23:02:31 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012/04/20 23:02:31 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012/04/20 23:02:29 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012/04/20 23:02:29 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012/04/20 23:02:29 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012/04/20 23:02:29 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012/04/20 23:02:27 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012/04/20 23:02:27 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012/04/20 23:02:27 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012/04/20 23:02:27 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012/04/20 23:02:26 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012/04/20 23:02:26 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012/04/20 23:02:25 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012/04/20 23:02:25 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012/04/20 23:02:23 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012/04/20 23:02:23 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012/04/20 23:02:23 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012/04/20 23:02:23 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012/04/20 23:02:22 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012/04/20 23:02:22 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012/04/20 23:02:21 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012/04/20 23:02:21 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012/04/20 23:02:20 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012/04/20 23:02:20 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012/04/20 23:02:20 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012/04/20 23:02:20 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012/04/20 23:02:18 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012/04/20 23:02:17 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012/04/20 23:02:17 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012/04/20 23:02:17 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012/04/20 23:02:17 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012/04/20 23:02:15 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012/04/20 23:02:15 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012/04/20 23:02:15 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012/04/20 23:02:15 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012/04/20 23:02:14 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012/04/20 23:02:13 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012/04/20 23:02:13 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012/04/20 23:02:11 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012/04/20 23:02:11 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012/04/20 23:02:10 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012/04/20 23:02:10 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012/04/20 23:02:10 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012/04/20 23:02:10 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012/04/20 23:02:09 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012/04/20 23:02:09 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012/04/20 23:02:08 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012/04/20 23:02:08 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012/04/20 23:02:06 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012/04/20 23:02:06 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012/04/20 23:02:06 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012/04/20 23:02:06 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012/04/20 23:02:05 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012/04/20 23:02:05 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012/04/20 23:02:04 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012/04/20 23:02:04 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012/04/20 16:45:54 | 000,000,000 | ---D | C] -- C:\MATS
[2012/04/19 19:30:41 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Roaming\ChemTable Software
[2012/04/19 19:26:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Full Uninstall
[2012/04/19 19:26:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Full Uninstall
[2012/04/19 19:26:18 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Local\ChemTable Software
[2012/04/19 19:26:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Life
[2012/04/19 19:26:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Registry Life
[2012/04/19 01:38:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trust
[2012/04/19 00:05:47 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Local\FixItCenter
[2012/04/18 23:59:21 | 000,000,000 | ---D | C] -- C:\Windows\MATS
[2012/04/18 23:59:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2012/04/18 18:05:02 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Local\Tracker Software
[2012/04/18 17:17:44 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Local\ElevatedDiagnostics
[2012/04/18 16:33:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/04/18 16:31:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012/04/18 01:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
[2012/04/18 01:01:38 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Roaming\Win7codecs
[2012/04/18 01:01:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Win7codecs
[2012/04/18 00:59:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Win7codecs
[2012/04/17 00:05:18 | 000,686,592 | ---- | C] (PixArt Imaging Inc.) -- C:\Windows\SysNative\drivers\PFC027.SYS
[2012/04/17 00:05:17 | 000,008,704 | ---- | C] (PixArt Imaging Inc.) -- C:\Windows\SysNative\CoInst_080213.dll
[2012/04/17 00:03:50 | 000,000,000 | ---D | C] -- C:\Windows\PixArt
[2012/04/14 23:58:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2012/04/14 23:58:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2012/04/13 23:39:38 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2012/04/13 23:39:36 | 002,074,576 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2012/04/13 23:39:35 | 001,533,904 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2012/04/13 15:03:30 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Local\GNU
[2012/04/13 15:03:19 | 000,000,000 | ---D | C] -- C:\Users\win7\.kde
[2012/04/13 15:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gpg4win
[2012/04/13 15:00:32 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Roaming\gnupg
[2012/04/13 15:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\GNU
[2012/04/13 15:00:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GNU
[2012/04/12 03:02:35 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/12 03:02:35 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/12 03:02:32 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/12 03:02:32 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/12 03:02:32 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/12 03:02:32 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/12 03:02:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/12 03:02:31 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/12 03:02:30 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/12 03:02:29 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/12 03:02:29 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/12 02:58:23 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/12 02:58:22 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/12 02:58:21 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/07 18:22:30 | 000,000,000 | ---D | C] -- C:\Users\win7\VirtualBox VMs
[2012/04/07 18:20:06 | 000,000,000 | ---D | C] -- C:\Users\win7\.VirtualBox
[2012/04/07 18:16:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2012/04/07 18:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012/04/03 14:19:10 | 000,147,248 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys
[2012/04/03 14:19:08 | 000,320,816 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\VBoxNetFltNobj.dll
[2012/04/03 00:58:32 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Roaming\Tor
[2012/04/03 00:58:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vidalia Bundle
[2012/04/03 00:58:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vidalia Bundle
[2012/04/03 00:58:22 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Roaming\Vidalia
[2012/04/02 22:51:43 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Roaming\Mozilla
[2012/04/02 22:51:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/04/02 17:24:43 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Local\Mozilla
[2012/03/28 01:17:39 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Roaming\vlc
[2012/03/28 01:12:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Readon
[2012/03/24 21:08:27 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012/03/24 21:08:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Delta Force Helikopter w Ogniu
[2012/03/24 21:05:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Delta Force Helikopter w Ogniu
[2012/03/24 20:37:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wanadoo Edition
[2012/03/24 20:37:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wanadoo Edition
[2012/03/24 20:37:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/03/24 14:48:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/03/24 14:48:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/04/23 01:27:22 | 000,001,146 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/23 01:07:01 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/23 00:59:53 | 001,547,974 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/23 00:59:53 | 000,700,670 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2012/04/23 00:59:53 | 000,618,108 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/23 00:59:53 | 000,128,764 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2012/04/23 00:59:53 | 000,107,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/23 00:14:28 | 000,028,128 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/23 00:14:28 | 000,028,128 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/23 00:07:11 | 000,001,142 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/23 00:07:00 | 000,000,022 | ---- | M] () -- C:\Windows\S.dirmngr
[2012/04/23 00:06:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/23 00:06:36 | 1509,376,000 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/22 22:27:31 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/04/22 18:41:33 | 000,000,408 | ---- | M] () -- C:\Windows\SysWow64\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
[2012/04/22 18:27:03 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/04/21 23:51:54 | 000,020,470 | ---- | M] () -- C:\Windows\SysWow64\domainbackup.reg
[2012/04/21 17:00:00 | 000,000,412 | ---- | M] () -- C:\Windows\tasks\RegCure Program Check.job
[2012/04/21 16:38:28 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\RegCure.job
[2012/04/21 01:29:08 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012/04/18 16:33:00 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/04/18 04:18:41 | 001,569,264 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/16 14:53:15 | 000,002,984 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2012/04/16 14:53:15 | 000,000,088 | RHS- | M] () -- C:\Windows\SysWow64\7DF40FF60F.sys
[2012/04/14 11:07:56 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/04/14 11:07:56 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/04/14 11:07:29 | 008,741,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/04/14 00:53:59 | 000,023,112 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2012/04/13 23:35:18 | 001,423,618 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/04/03 14:19:10 | 000,147,248 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys
[2012/04/03 14:19:08 | 000,320,816 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\VBoxNetFltNobj.dll
[2012/03/27 19:16:24 | 000,272,629 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/04/23 00:07:00 | 000,000,022 | ---- | C] () -- C:\Windows\S.dirmngr
[2012/04/22 18:27:03 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/04/22 00:00:15 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini
[2012/04/22 00:00:15 | 000,013,022 | ---- | C] () -- C:\Windows\snp2std.src
[2012/04/22 00:00:13 | 000,151,552 | ---- | C] ( ) -- C:\Windows\rsnp2std.dll
[2012/04/21 23:51:54 | 000,020,470 | ---- | C] () -- C:\Windows\SysWow64\domainbackup.reg
[2012/04/21 19:08:40 | 000,272,629 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012/04/21 19:06:15 | 000,067,584 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2012/04/21 16:38:28 | 000,000,346 | ---- | C] () -- C:\Windows\tasks\RegCure.job
[2012/04/21 16:08:11 | 000,000,412 | ---- | C] () -- C:\Windows\tasks\RegCure Program Check.job
[2012/04/21 01:29:08 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012/04/18 23:59:24 | 000,000,943 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Fix it Center.lnk
[2012/04/18 16:33:00 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/04/13 23:39:39 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2012/04/13 23:39:39 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2012/04/13 23:39:38 | 000,002,125 | ---- | C] () -- C:\Windows\UDB.zip
[2012/04/13 23:39:38 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2012/04/13 23:39:38 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2012/04/13 23:34:43 | 001,423,618 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2012/04/12 17:02:21 | 000,023,112 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2012/04/02 22:51:33 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/03/30 13:37:55 | 000,000,408 | ---- | C] () -- C:\Windows\SysWow64\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
[2012/03/22 23:05:27 | 000,000,017 | ---- | C] () -- C:\Users\win7\AppData\Local\resmon.resmoncfg
[2012/03/22 19:01:32 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/03/17 17:36:40 | 000,000,088 | RHS- | C] () -- C:\Windows\SysWow64\7DF40FF60F.sys
[2012/03/17 16:54:34 | 000,002,984 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2012/03/15 07:40:28 | 004,826,112 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2012/03/12 12:47:13 | 000,003,584 | ---- | C] () -- C:\Users\win7\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/12 11:19:03 | 000,000,000 | ---- | C] () -- C:\Windows\setup32.INI
[2012/03/01 16:04:03 | 000,000,139 | ---- | C] () -- C:\ProgramData\log.sflog
[2012/01/11 18:56:54 | 000,151,552 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2std.dll
[2012/01/11 10:35:03 | 001,569,264 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/11 10:32:07 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2012/01/09 20:45:18 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/12/07 20:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012/04/20 22:38:34 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\AIMP3
[2012/02/23 17:35:59 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\AnvSoft
[2012/04/19 19:30:41 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\ChemTable Software
[2012/04/19 03:44:55 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\DAEMON Tools Lite
[2012/04/22 20:15:39 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\DMCache
[2012/03/21 01:17:11 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\GHISLER
[2012/04/13 19:03:36 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\gnupg
[2012/04/22 22:43:43 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\IDM
[2012/03/21 22:52:48 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\IObit
[2012/01/11 22:10:25 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Opera
[2012/01/17 16:18:07 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Sahmon Games
[2012/02/15 18:02:20 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Tibo Software
[2012/04/18 16:04:29 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Win7codecs
[2012/04/21 17:00:00 | 000,000,412 | ---- | M] () -- C:\Windows\Tasks\RegCure Program Check.job
[2012/04/21 16:38:28 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\RegCure.job
[2012/04/17 06:27:40 | 000,032,548 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:2398E95B
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >