Poprosím o kontrolu

Zpráva

hinatahyuuga · #1 Příspěvek od **hinatahyuuga** » 15 čer 2012 09:12

Zdravím, noťas sa chova celkom normalne až na to že je spomalený tak poprosím kontrolu logu dakujem.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Blajz at 2012-06-15 09:53:29
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 118 GB (39%) free of 305 GB
Total RAM: 3066 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:53:45, on 15. 6. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Blajz\Downloads\RSIT.exe
C:\Program Files\trend micro\Blajz.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14672
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Blajz\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games – Texas Holdem Poker) - http://zone.msn.com/bingame/zpagames/zp ... b79352.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v ... 102118.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe

--
End of file - 8604 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-280847252-1547578034-3754843991-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-280847252-1547578034-3754843991-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default

prefs.js - "browser.startup.homepage" - "http://eu.ask.com/?l=dis&o=14672"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900, testpilot@labs.mozilla.com:1.0.6, {000F1EA4-5E08-4564-A29B-29076F63A37A}:1.0.3.148, plugin@gameplaylabs.com:1.0, plugin2@gameplaylabs.com:2.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - "http://search.babylon.com/?babsrc=SP_&q ... =1.4.35.10&"

"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"m3ffxtbr@mywebsearch.com"=C:\Program Files\MyWebSearch\bar\1.bin
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox 4.0 Beta 11\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox 4.0 Beta 11\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox 4.0 Beta 11\plugins\
np-mswmp.dll
npdeployJava1.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox 4.0 Beta 11\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\extensions\
ffxtlbr@babylon.com
plugin2@gameplaylabs.com
{000F1EA4-5E08-4564-A29B-29076F63A37A}

C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\searchplugins\
askcom.xml
mywebsearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-25 98304]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-11 287800]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Blajz\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-13 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-04-04 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Blajz\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Blajz\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-13 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-16 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-02-28 1987976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhilipsSongbirdLauncher]
C:\Program Files\Philips\Philips Songbird\extensions\philips-autoplay@philips.com\application\PhilipsSongbirdLauncher.exe [2011-07-07 346624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun]
C:\Program Files\WebcamMax\WebcamMax.exe [2011-04-28 6052592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Blajz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk]
C:\PROGRA~1\PDANET~1\PdaNetPC.exe [2011-04-29 477736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2010-11-20 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=4294967263

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsvid.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"VIDC.FMVC"=fmcodec.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-06-15 09:53:29 ----D---- C:\rsit
2012-06-15 09:53:09 ----D---- C:\ProgramData\Battle.net
2012-06-13 13:13:14 ----D---- C:\Program Files\Doxxbet
2012-05-29 14:32:56 ----D---- C:\Program Files\EaseUS
2012-05-26 10:29:31 ----D---- C:\Users\Blajz\AppData\Roaming\Stardock
2012-05-26 10:29:18 ----HDC---- C:\ProgramData\{EA77F737-0FEA-4800-BD99-D6AF1051C7A9}
2012-05-26 10:29:09 ----D---- C:\ProgramData\Stardock
2012-05-26 10:29:09 ----D---- C:\Program Files\Stardock
2012-05-21 23:47:10 ----A---- C:\Users\Blajz\AppData\Roaming\room_v3.dat
2012-05-21 21:00:00 ----D---- C:\Users\Blajz\AppData\Roaming\GarenaPlus
2012-05-21 20:59:45 ----D---- C:\Program Files\Garena Plus
2012-05-21 20:59:41 ----D---- C:\ProgramData\GarenaMessenger
2012-05-19 11:52:24 ----D---- C:\Users\Blajz\AppData\Roaming\QIP

======List of files/folders modified in the last 1 month======

2012-06-15 09:53:40 ----D---- C:\Windows\Prefetch
2012-06-15 09:53:36 ----D---- C:\Windows\Temp
2012-06-15 09:53:30 ----D---- C:\Program Files\trend micro
2012-06-15 09:53:09 ----D---- C:\ProgramData
2012-06-14 11:47:54 ----D---- C:\Users\Blajz\AppData\Roaming\Skype
2012-06-14 10:19:17 ----D---- C:\Windows\system32\DriverStore
2012-06-13 13:13:14 ----RD---- C:\Program Files
2012-06-12 23:38:45 ----D---- C:\Users\Blajz\AppData\Roaming\Hamachi
2012-06-12 20:04:05 ----D---- C:\Windows
2012-06-11 09:13:57 ----D---- C:\Windows\System32
2012-06-11 09:13:57 ----D---- C:\Windows\inf
2012-06-11 09:13:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-06-10 18:47:38 ----D---- C:\Users\Blajz\AppData\Roaming\uTorrent
2012-06-10 08:28:30 ----SHD---- C:\Windows\Installer
2012-06-10 08:28:30 ----D---- C:\Config.Msi
2012-06-10 08:28:08 ----D---- C:\ProgramData\Skype
2012-06-09 14:19:07 ----D---- C:\Windows\system32\NDF
2012-06-07 14:35:30 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 11
2012-06-04 10:29:23 ----D---- C:\ProgramData\Tunngle
2012-06-04 07:02:30 ----D---- C:\Users\Blajz\AppData\Roaming\.minecraft
2012-06-02 07:13:25 ----D---- C:\Windows\system32\Tasks
2012-06-02 07:13:24 ----D---- C:\Windows\Tasks
2012-06-01 17:03:25 ----D---- C:\Program Files\Hero Editor
2012-06-01 17:02:01 ----D---- C:\games
2012-05-29 14:50:13 ----SHD---- C:\System Volume Information
2012-05-28 13:21:08 ----D---- C:\Windows\system32\config
2012-05-26 13:24:22 ----HD---- C:\Program Files\InstallShield Installation Information
2012-05-26 10:33:35 ----RSD---- C:\Windows\assembly
2012-05-26 10:29:35 ----D---- C:\Windows\Microsoft.NET
2012-05-26 01:14:54 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-05-26 01:14:30 ----D---- C:\Windows\system32\catroot2
2012-05-24 14:02:36 ----D---- C:\Program Files\uTorrent
2012-05-21 20:58:07 ----D---- C:\Program Files\Tunngle
2012-05-21 20:58:03 ----D---- C:\Users\Blajz\AppData\Roaming\Tunngle
2012-05-21 01:14:30 ----D---- C:\Users\Blajz\AppData\Roaming\Mozilla
2012-05-19 11:52:23 ----D---- C:\Program Files\QIP 2012

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-28 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-03-07 44376]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-03-07 612184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-03-07 337880]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-03-07 53848]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-03-07 20696]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-03-07 57688]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-02-23 281760]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-02-23 25888]
R2 npkcrypt;npkcrypt; \??\C:\Program Files\NCsoft\Lineage II\system\npkcrypt.sys [2012-03-31 23217]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 6650368]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-11-26 231936]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2010-04-12 15664]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-01-15 17480]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-25 15544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]
R3 pneteth;PdaNet Broadband; C:\Windows\system32\DRIVERS\pneteth.sys [2010-09-02 13312]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 6650368]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 catchme;catchme; \??\C:\Users\Blajz\AppData\Local\Temp\catchme.sys []
S3 CFcatchme;CFcatchme; \??\C:\Users\Blajz\AppData\Local\Temp\CFcatchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys []
S3 ggsemc;Sony Ericsson USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2006-03-01 8704]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-11-26 176128]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 1373576]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ProtexisLicensing;ProtexisLicensing; C:\Program Files\Common Files\Protexis\License Service\PSIService.exe [2006-11-02 174656]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-06-05 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-26 257696]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-04 129976]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2011-03-28 4323256]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2012-04-19 736104]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-27 1343400]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-08 271920]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 15 čer 2012 20:07

Zdravim a pekny vecer preji

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

hinatahyuuga · #3 Příspěvek od **hinatahyuuga** » 16 čer 2012 17:30

nakoľko su moc dlhé tak ich prikladam tuna

#4 Příspěvek od **vyosek** » 17 čer 2012 11:10

Rozdelte OTL.txt do vice prispevku, lepe se to lusti...

Dekuju

hinatahyuuga · #5 Příspěvek od **hinatahyuuga** » 18 čer 2012 11:25

OTL logfile created on: 16. 6. 2012 14:09:34 - Run 1
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\Blajz\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

2,99 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 64,97% Memory free
5,99 Gb Paging File | 4,65 Gb Available in Paging File | 77,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,02 Gb Total Space | 115,61 Gb Free Space | 38,79% Space Free | Partition Type: NTFS

Computer Name: BLAJZ-PC | User Name: Blajz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012/06/16 14:07:26 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Blajz\Downloads\OTL.exe
PRC - [2012/04/04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/07 02:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/02/28 17:38:56 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012/02/28 17:38:52 | 001,373,576 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011/12/07 13:16:29 | 001,047,096 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011/06/01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/26 04:54:28 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010/11/26 04:54:00 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/11/11 15:00:54 | 000,076,856 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe

========== Modules (No Company Name) ==========

MOD - [2012/02/27 12:48:30 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\42ae8760f0a74ab774e82a64368aa1f6\System.Web.ni.dll
MOD - [2012/02/27 12:48:22 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
MOD - [2012/02/27 12:46:54 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll
MOD - [2012/02/27 12:46:30 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
MOD - [2012/02/27 12:45:40 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/02/27 12:45:27 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/02/27 12:45:25 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2012/02/27 09:02:53 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/12/07 13:16:28 | 000,411,192 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\ppgooglenaclpluginchrome.dll
MOD - [2011/12/07 13:16:27 | 003,767,864 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\pdf.dll
MOD - [2011/12/07 13:14:56 | 000,122,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\avutil-51.dll
MOD - [2011/12/07 13:14:55 | 000,222,280 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\avformat-53.dll
MOD - [2011/12/07 13:14:53 | 001,746,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\avcodec-53.dll
MOD - [2011/12/07 09:22:33 | 008,593,056 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\gcswf32.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/11/25 22:41:00 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/11/13 03:54:29 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010/11/13 03:54:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2009/07/14 10:43:19 | 000,159,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_cs_b77a5c561934e089\System.Xml.resources.dll

========== Win32 Services (SafeList) ==========

SRV - [2012/06/05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/26 01:14:54 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/04 20:55:32 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/19 22:23:38 | 000,736,104 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012/04/04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/03/07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/02/28 17:38:52 | 001,373,576 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/02/27 08:40:16 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/06/12 12:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011/06/01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/03/28 21:51:25 | 004,323,256 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010/11/26 04:54:00 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Start_Pending] -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe -- (ProtexisLicensing)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva391.sys -- (XDva391)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena Plus\Room\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Blajz\AppData\Local\Temp\CFcatchme.sys -- (CFcatchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Blajz\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (alpd8x0m)
DRV - [2012/03/31 09:44:00 | 000,023,217 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | Auto | Running] -- C:\Program Files\NCSoft\Lineage II\System\npkcrypt.sys -- (npkcrypt)
DRV - [2012/03/07 02:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/07 02:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/07 02:02:14 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012/03/07 02:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/07 02:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/03/07 02:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/05/13 19:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2011/05/13 19:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2011/02/23 22:22:51 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2011/02/23 22:22:50 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011/01/15 14:41:22 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010/12/28 13:02:41 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/11/26 06:19:20 | 006,650,368 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010/11/26 06:19:20 | 006,650,368 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010/11/26 04:16:26 | 000,231,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/11/20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/09/02 18:49:08 | 000,013,312 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pneteth.sys -- (pneteth)
DRV - [2010/02/25 01:02:30 | 000,015,544 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBTTN.sys -- (HBtnKey)
DRV - [2010/01/13 16:36:40 | 006,755,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Ovladač adaptéru Intel(R)
DRV - [2009/09/16 08:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/14 00:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/14 00:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2009/04/29 08:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2008/05/16 13:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 13:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 13:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 13:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 13:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2006/03/01 11:25:12 | 000,008,704 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14672
IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTe ... &AF=100908
IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..\SearchScopes\{0F9B94DA-CA7D-4E9D-8329-565810AAAE14}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..\SearchScopes\{8FA77A21-2597-40A0-8C20-055384FAF1ED}: "URL" = http://websearch.ask.com/redirect?clien ... 8FB533BAE8&
IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://eu.ask.com/?l=dis&o=14672"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: testpilot@labs.mozilla.com:1.0.6
FF - prefs.js..extensions.enabledItems: {000F1EA4-5E08-4564-A29B-29076F63A37A}:1.0.3.148
FF - prefs.js..extensions.enabledItems: plugin@gameplaylabs.com:1.0
FF - prefs.js..extensions.enabledItems: plugin2@gameplaylabs.com:2.0
FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=SP_&q ... =1.4.35.10&"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll ()
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Blajz\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Blajz\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Blajz\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Blajz\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/17 21:13:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/02/03 20:33:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/02/03 20:33:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/03/17 11:29:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 11\components [2012/05/04 20:55:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 11\plugins [2012/05/12 09:05:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/17 21:13:07 | 000,000,000 | ---D | M]

[2011/07/07 18:53:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blajz\AppData\Roaming\Mozilla\Extensions
[2011/07/07 18:53:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blajz\AppData\Roaming\Mozilla\Extensions\songbird@songbirdnest.com
[2012/05/02 19:48:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\extensions
[2011/02/23 22:04:20 | 000,000,000 | ---D | M] () -- C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2011/11/08 22:33:44 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\extensions\ffxtlbr@babylon.com
[2011/03/26 02:25:08 | 000,000,000 | ---D | M] (GamePlayLabs Plugin) -- C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\extensions\plugin2@gameplaylabs.com
[2011/03/04 20:30:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles0vrvzzak.default\extensions
[2011/03/04 20:30:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles0vrvzzak.default\extensions\plugin@gameplaylabs.com
[2011/11/17 20:25:44 | 000,002,333 | ---- | M] () -- C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\searchplugins\askcom.xml
[2011/04/16 21:48:13 | 000,009,968 | ---- | M] () -- C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\searchplugins\mywebsearch.xml
[2011/04/11 14:16:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/09 16:32:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/01/09 16:32:26 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox 4.0 Beta 11\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: SOE Web Installer (Enabled) = C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: pikachu theme = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\amdbigfofckhdmnfjapophoghiallgop\1.1_0\
CHR - Extension: YouTube = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Facebook Me-Gusta Button = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\caampdmalollkcdgdiilgpimcbfjfmoe\1.51_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: DivX HiQ = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.0.900_0\
CHR - Extension: avast! WebRep = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Papas Taco Mia = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiikafgiafimfmkjhkfekhohoiofbbkd\1_0\
CHR - Extension: Papa s Freezeria = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcinkdemkfpjccmjedbnnincjeanmokp\1.0_0\
CHR - Extension: Super Rush = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhhmjkhhgbcpimhiminpffolkbmfmedh\3.2_0\
CHR - Extension: Kontrola e-mailu Google = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.0.900_0\
CHR - Extension: Nyan Cat Lost In Space = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocolcbginmpjiobmipdgimnpeplgbghg\1.2_0\
CHR - Extension: Gmail = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2011/12/27 11:05:59 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = -33
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, Inc.)
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/bingame/zpagames/zp ... b79352.cab (MSN Games – Texas Holdem Poker)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v ... 102118.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B423338-881E-4A75-9DAB-69D55012A4F7}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6DF1CF6-093A-418F-9850-175E9EFDCE6A}: DhcpNameServer = 7.254.254.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FMVC - C:\Windows\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012/06/15 09:53:29 | 000,000,000 | ---D | C] -- C:\rsit
[2012/06/15 09:53:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012/06/13 13:14:37 | 000,000,000 | ---D | C] -- C:\Users\Blajz\.filestore
[2012/06/13 13:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doxxbet
[2012/06/13 13:13:14 | 000,000,000 | ---D | C] -- C:\Program Files\Doxxbet
[2010/11/03 12:33:35 | 000,695,296 | ---- | C] (AnjoCaido) -- C:\Users\Blajz\AppData\Roaming\MinecraftSP.exe
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\Blajz\Desktop\*.tmp files -> C:\Users\Blajz\Desktop\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012/06/16 14:14:00 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-280847252-1547578034-3754843991-1000UA.job
[2012/06/16 14:12:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/06/16 14:00:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/16 14:00:29 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/16 08:02:40 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-280847252-1547578034-3754843991-1000Core.job
[2012/06/15 09:35:32 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/15 09:35:32 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/15 09:27:32 | 2411,409,408 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/13 13:13:24 | 000,001,999 | ---- | M] () -- C:\Users\Public\Desktop\Doxxbet.lnk
[2012/06/13 01:38:30 | 000,045,270 | ---- | M] () -- C:\Users\Blajz\AppData\Roaming\room_v3.dat
[2012/06/11 09:13:57 | 000,669,932 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012/06/11 09:13:57 | 000,663,858 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/11 09:13:57 | 000,145,816 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012/06/11 09:13:57 | 000,125,988 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/09 17:30:08 | 002,753,249 | ---- | M] () -- C:\Users\Blajz\Desktop\IMG.pdf
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\Blajz\Desktop\*.tmp files -> C:\Users\Blajz\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/16 14:12:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/06/13 13:13:24 | 000,001,999 | ---- | C] () -- C:\Users\Public\Desktop\Doxxbet.lnk
[2012/06/09 17:29:51 | 002,753,249 | ---- | C] () -- C:\Users\Blajz\Desktop\IMG.pdf
[2012/05/21 23:47:10 | 000,045,270 | ---- | C] () -- C:\Users\Blajz\AppData\Roaming\room_v3.dat
[2012/04/22 13:22:14 | 000,032,912 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2012/04/18 00:51:58 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2012/04/18 00:51:58 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2012/04/18 00:51:58 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2012/04/09 00:47:33 | 000,065,536 | ---- | C] () -- C:\Windows\IFinst27.exe
[2011/12/27 15:05:40 | 000,000,037 | -HS- | C] () -- C:\Users\Blajz\AppData\Local\1754111884ee9ab5277ca00.95260103
[2011/12/02 09:30:20 | 000,000,300 | ---- | C] () -- C:\Windows\game.ini
[2011/12/01 13:43:25 | 000,000,061 | ---- | C] () -- C:\Windows\7THLEVEL.INI
[2011/11/04 15:31:33 | 000,000,000 | ---- | C] () -- C:\Users\Blajz\AppData\Local\{4798CEE8-BB0E-418C-86CD-2A9FD8B6EE7F}
[2011/11/04 15:29:37 | 000,000,000 | ---- | C] () -- C:\Users\Blajz\AppData\Local\{E4310EB1-BDD3-42FD-94A6-4CC25710A509}
[2011/10/13 17:31:46 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2011/09/28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/09/11 14:00:25 | 000,000,056 | ---- | C] () -- C:\Windows\kgt2k.INI
[2011/08/30 13:11:04 | 060,517,755 | ---- | C] () -- C:\Users\Blajz\AppData\Roaming\.minecraft.rar
[2011/08/30 07:31:25 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/08/30 07:29:55 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/07/25 15:28:39 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011/07/19 23:42:05 | 000,000,000 | ---- | C] () -- C:\Users\Blajz\AppData\Local\{F4280094-501F-498F-8B04-FAC26FD94B77}
[2011/06/30 20:10:12 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2011/05/18 20:46:42 | 000,002,828 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2011/05/18 20:46:42 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\9AAF32CF5F.sys
[2011/04/12 16:53:13 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011/04/11 16:09:15 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/04/11 16:09:14 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/04/11 16:09:14 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/04/11 16:09:14 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/04/11 16:09:14 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/03/05 12:20:08 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2011/02/23 22:22:51 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2011/02/23 22:22:50 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2011/02/20 14:35:23 | 000,016,896 | ---- | C] () -- C:\Users\Blajz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/01 12:51:06 | 000,000,533 | ---- | C] () -- C:\Windows\eReg.dat
[2011/01/19 08:09:37 | 000,000,442 | ---- | C] () -- C:\Windows\hpomdl27.dat.temp
[2011/01/17 21:09:33 | 000,164,639 | ---- | C] () -- C:\Windows\hpoins27.dat
[2011/01/17 21:09:33 | 000,000,442 | ---- | C] () -- C:\Windows\hpomdl27.dat
[2011/01/17 16:54:30 | 000,008,213 | ---- | C] () -- C:\Users\Blajz\AppData\Local\SRDownloader.err
[2011/01/17 16:38:16 | 000,001,080 | ---- | C] () -- C:\Users\Blajz\AppData\Local\SRDownloader.nast
[2011/01/10 01:59:19 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2011/01/08 14:18:45 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/01/08 13:12:46 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/12/29 13:51:17 | 000,000,093 | ---- | C] () -- C:\Users\Blajz\AppData\Local\fusioncache.dat
[2010/12/27 18:18:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/09/28 22:07:36 | 000,224,001 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010/09/17 21:17:00 | 000,002,888 | ---- | C] () -- C:\Windows\System32\atipblag.dat

hinatahyuuga · #6 Příspěvek od **hinatahyuuga** » 18 čer 2012 11:25

OTL logfile created on: 16. 6. 2012 14:09:34 - Run 1
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\Blajz\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

2,99 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 64,97% Memory free
5,99 Gb Paging File | 4,65 Gb Available in Paging File | 77,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,02 Gb Total Space | 115,61 Gb Free Space | 38,79% Space Free | Partition Type: NTFS

Computer Name: BLAJZ-PC | User Name: Blajz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012/06/16 14:07:26 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Blajz\Downloads\OTL.exe
PRC - [2012/04/04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/07 02:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/02/28 17:38:56 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012/02/28 17:38:52 | 001,373,576 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011/12/07 13:16:29 | 001,047,096 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011/06/01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/26 04:54:28 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010/11/26 04:54:00 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/11/11 15:00:54 | 000,076,856 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe

========== Modules (No Company Name) ==========

MOD - [2012/02/27 12:48:30 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\42ae8760f0a74ab774e82a64368aa1f6\System.Web.ni.dll
MOD - [2012/02/27 12:48:22 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
MOD - [2012/02/27 12:46:54 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll
MOD - [2012/02/27 12:46:30 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
MOD - [2012/02/27 12:45:40 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/02/27 12:45:27 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/02/27 12:45:25 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2012/02/27 09:02:53 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/12/07 13:16:28 | 000,411,192 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\ppgooglenaclpluginchrome.dll
MOD - [2011/12/07 13:16:27 | 003,767,864 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\pdf.dll
MOD - [2011/12/07 13:14:56 | 000,122,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\avutil-51.dll
MOD - [2011/12/07 13:14:55 | 000,222,280 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\avformat-53.dll
MOD - [2011/12/07 13:14:53 | 001,746,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\avcodec-53.dll
MOD - [2011/12/07 09:22:33 | 008,593,056 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.63\gcswf32.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/11/25 22:41:00 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/11/13 03:54:29 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010/11/13 03:54:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2009/07/14 10:43:19 | 000,159,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_cs_b77a5c561934e089\System.Xml.resources.dll

========== Win32 Services (SafeList) ==========

SRV - [2012/06/05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/26 01:14:54 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/04 20:55:32 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/19 22:23:38 | 000,736,104 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012/04/04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/03/07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/02/28 17:38:52 | 001,373,576 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/02/27 08:40:16 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/06/12 12:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011/06/01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/03/28 21:51:25 | 004,323,256 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010/11/26 04:54:00 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Start_Pending] -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe -- (ProtexisLicensing)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva391.sys -- (XDva391)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena Plus\Room\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Blajz\AppData\Local\Temp\CFcatchme.sys -- (CFcatchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Blajz\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (alpd8x0m)
DRV - [2012/03/31 09:44:00 | 000,023,217 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | Auto | Running] -- C:\Program Files\NCSoft\Lineage II\System\npkcrypt.sys -- (npkcrypt)
DRV - [2012/03/07 02:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/07 02:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/07 02:02:14 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012/03/07 02:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/07 02:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/03/07 02:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/05/13 19:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2011/05/13 19:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2011/02/23 22:22:51 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2011/02/23 22:22:50 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011/01/15 14:41:22 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010/12/28 13:02:41 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/11/26 06:19:20 | 006,650,368 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010/11/26 06:19:20 | 006,650,368 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010/11/26 04:16:26 | 000,231,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/11/20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/09/02 18:49:08 | 000,013,312 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pneteth.sys -- (pneteth)
DRV - [2010/02/25 01:02:30 | 000,015,544 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBTTN.sys -- (HBtnKey)
DRV - [2010/01/13 16:36:40 | 006,755,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Ovladač adaptéru Intel(R)
DRV - [2009/09/16 08:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/14 00:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/14 00:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2009/04/29 08:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2008/05/16 13:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 13:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 13:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 13:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 13:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2006/03/01 11:25:12 | 000,008,704 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14672
IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTe ... &AF=100908
IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..\SearchScopes\{0F9B94DA-CA7D-4E9D-8329-565810AAAE14}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..\SearchScopes\{8FA77A21-2597-40A0-8C20-055384FAF1ED}: "URL" = http://websearch.ask.com/redirect?clien ... 8FB533BAE8&
IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://eu.ask.com/?l=dis&o=14672"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: testpilot@labs.mozilla.com:1.0.6
FF - prefs.js..extensions.enabledItems: {000F1EA4-5E08-4564-A29B-29076F63A37A}:1.0.3.148
FF - prefs.js..extensions.enabledItems: plugin@gameplaylabs.com:1.0
FF - prefs.js..extensions.enabledItems: plugin2@gameplaylabs.com:2.0
FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=SP_&q ... =1.4.35.10&"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll ()
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Blajz\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Blajz\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Blajz\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Blajz\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/17 21:13:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/02/03 20:33:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/02/03 20:33:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/03/17 11:29:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 11\components [2012/05/04 20:55:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 11\plugins [2012/05/12 09:05:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/17 21:13:07 | 000,000,000 | ---D | M]

[2011/07/07 18:53:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blajz\AppData\Roaming\Mozilla\Extensions
[2011/07/07 18:53:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blajz\AppData\Roaming\Mozilla\Extensions\songbird@songbirdnest.com
[2012/05/02 19:48:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\extensions
[2011/02/23 22:04:20 | 000,000,000 | ---D | M] () -- C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2011/11/08 22:33:44 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\extensions\ffxtlbr@babylon.com
[2011/03/26 02:25:08 | 000,000,000 | ---D | M] (GamePlayLabs Plugin) -- C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\extensions\plugin2@gameplaylabs.com
[2011/03/04 20:30:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles0vrvzzak.default\extensions
[2011/03/04 20:30:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles0vrvzzak.default\extensions\plugin@gameplaylabs.com
[2011/11/17 20:25:44 | 000,002,333 | ---- | M] () -- C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\searchplugins\askcom.xml
[2011/04/16 21:48:13 | 000,009,968 | ---- | M] () -- C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\searchplugins\mywebsearch.xml
[2011/04/11 14:16:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/09 16:32:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/01/09 16:32:26 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox 4.0 Beta 11\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: SOE Web Installer (Enabled) = C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: pikachu theme = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\amdbigfofckhdmnfjapophoghiallgop\1.1_0\
CHR - Extension: YouTube = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Facebook Me-Gusta Button = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\caampdmalollkcdgdiilgpimcbfjfmoe\1.51_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: DivX HiQ = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.0.900_0\
CHR - Extension: avast! WebRep = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Papas Taco Mia = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiikafgiafimfmkjhkfekhohoiofbbkd\1_0\
CHR - Extension: Papa s Freezeria = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcinkdemkfpjccmjedbnnincjeanmokp\1.0_0\
CHR - Extension: Super Rush = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhhmjkhhgbcpimhiminpffolkbmfmedh\3.2_0\
CHR - Extension: Kontrola e-mailu Google = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.0.900_0\
CHR - Extension: Nyan Cat Lost In Space = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocolcbginmpjiobmipdgimnpeplgbghg\1.2_0\
CHR - Extension: Gmail = C:\Users\Blajz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2011/12/27 11:05:59 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = -33
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, Inc.)
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/bingame/zpagames/zp ... b79352.cab (MSN Games – Texas Holdem Poker)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v ... 102118.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B423338-881E-4A75-9DAB-69D55012A4F7}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6DF1CF6-093A-418F-9850-175E9EFDCE6A}: DhcpNameServer = 7.254.254.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FMVC - C:\Windows\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012/06/15 09:53:29 | 000,000,000 | ---D | C] -- C:\rsit
[2012/06/15 09:53:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012/06/13 13:14:37 | 000,000,000 | ---D | C] -- C:\Users\Blajz\.filestore
[2012/06/13 13:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doxxbet
[2012/06/13 13:13:14 | 000,000,000 | ---D | C] -- C:\Program Files\Doxxbet
[2010/11/03 12:33:35 | 000,695,296 | ---- | C] (AnjoCaido) -- C:\Users\Blajz\AppData\Roaming\MinecraftSP.exe
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\Blajz\Desktop\*.tmp files -> C:\Users\Blajz\Desktop\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012/06/16 14:14:00 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-280847252-1547578034-3754843991-1000UA.job
[2012/06/16 14:12:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/06/16 14:00:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/16 14:00:29 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/16 08:02:40 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-280847252-1547578034-3754843991-1000Core.job
[2012/06/15 09:35:32 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/15 09:35:32 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/15 09:27:32 | 2411,409,408 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/13 13:13:24 | 000,001,999 | ---- | M] () -- C:\Users\Public\Desktop\Doxxbet.lnk
[2012/06/13 01:38:30 | 000,045,270 | ---- | M] () -- C:\Users\Blajz\AppData\Roaming\room_v3.dat
[2012/06/11 09:13:57 | 000,669,932 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012/06/11 09:13:57 | 000,663,858 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/11 09:13:57 | 000,145,816 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012/06/11 09:13:57 | 000,125,988 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/09 17:30:08 | 002,753,249 | ---- | M] () -- C:\Users\Blajz\Desktop\IMG.pdf
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\Blajz\Desktop\*.tmp files -> C:\Users\Blajz\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/16 14:12:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/06/13 13:13:24 | 000,001,999 | ---- | C] () -- C:\Users\Public\Desktop\Doxxbet.lnk
[2012/06/09 17:29:51 | 002,753,249 | ---- | C] () -- C:\Users\Blajz\Desktop\IMG.pdf
[2012/05/21 23:47:10 | 000,045,270 | ---- | C] () -- C:\Users\Blajz\AppData\Roaming\room_v3.dat
[2012/04/22 13:22:14 | 000,032,912 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2012/04/18 00:51:58 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2012/04/18 00:51:58 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2012/04/18 00:51:58 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2012/04/09 00:47:33 | 000,065,536 | ---- | C] () -- C:\Windows\IFinst27.exe
[2011/12/27 15:05:40 | 000,000,037 | -HS- | C] () -- C:\Users\Blajz\AppData\Local\1754111884ee9ab5277ca00.95260103
[2011/12/02 09:30:20 | 000,000,300 | ---- | C] () -- C:\Windows\game.ini
[2011/12/01 13:43:25 | 000,000,061 | ---- | C] () -- C:\Windows\7THLEVEL.INI
[2011/11/04 15:31:33 | 000,000,000 | ---- | C] () -- C:\Users\Blajz\AppData\Local\{4798CEE8-BB0E-418C-86CD-2A9FD8B6EE7F}
[2011/11/04 15:29:37 | 000,000,000 | ---- | C] () -- C:\Users\Blajz\AppData\Local\{E4310EB1-BDD3-42FD-94A6-4CC25710A509}
[2011/10/13 17:31:46 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2011/09/28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/09/11 14:00:25 | 000,000,056 | ---- | C] () -- C:\Windows\kgt2k.INI
[2011/08/30 13:11:04 | 060,517,755 | ---- | C] () -- C:\Users\Blajz\AppData\Roaming\.minecraft.rar
[2011/08/30 07:31:25 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/08/30 07:29:55 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/07/25 15:28:39 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011/07/19 23:42:05 | 000,000,000 | ---- | C] () -- C:\Users\Blajz\AppData\Local\{F4280094-501F-498F-8B04-FAC26FD94B77}
[2011/06/30 20:10:12 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2011/05/18 20:46:42 | 000,002,828 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2011/05/18 20:46:42 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\9AAF32CF5F.sys
[2011/04/12 16:53:13 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011/04/11 16:09:15 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/04/11 16:09:14 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/04/11 16:09:14 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/04/11 16:09:14 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/04/11 16:09:14 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/03/05 12:20:08 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2011/02/23 22:22:51 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2011/02/23 22:22:50 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2011/02/20 14:35:23 | 000,016,896 | ---- | C] () -- C:\Users\Blajz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/01 12:51:06 | 000,000,533 | ---- | C] () -- C:\Windows\eReg.dat
[2011/01/19 08:09:37 | 000,000,442 | ---- | C] () -- C:\Windows\hpomdl27.dat.temp
[2011/01/17 21:09:33 | 000,164,639 | ---- | C] () -- C:\Windows\hpoins27.dat
[2011/01/17 21:09:33 | 000,000,442 | ---- | C] () -- C:\Windows\hpomdl27.dat
[2011/01/17 16:54:30 | 000,008,213 | ---- | C] () -- C:\Users\Blajz\AppData\Local\SRDownloader.err
[2011/01/17 16:38:16 | 000,001,080 | ---- | C] () -- C:\Users\Blajz\AppData\Local\SRDownloader.nast
[2011/01/10 01:59:19 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2011/01/08 14:18:45 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/01/08 13:12:46 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/12/29 13:51:17 | 000,000,093 | ---- | C] () -- C:\Users\Blajz\AppData\Local\fusioncache.dat
[2010/12/27 18:18:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/09/28 22:07:36 | 000,224,001 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010/09/17 21:17:00 | 000,002,888 | ---- | C] () -- C:\Windows\System32\atipblag.dat

hinatahyuuga · #7 Příspěvek od **hinatahyuuga** » 18 čer 2012 11:29

========== LOP Check ==========

[2011/10/17 09:04:50 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\.craftbukkit
[2012/06/04 07:02:30 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\.minecraft
[2012/03/02 00:14:36 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Ableton
[2011/08/05 12:51:06 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Bioshock2
[2012/03/02 00:34:30 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Cycling '74
[2010/12/28 13:22:20 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\DAEMON Tools Lite
[2011/07/12 07:59:54 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\DarksporeData
[2012/03/09 14:56:43 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\FileZilla
[2012/01/30 23:32:55 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\GameHouse
[2012/06/13 00:31:33 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\GarenaPlus
[2011/12/04 23:31:34 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\GetRightToGo
[2011/12/27 13:07:48 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\ICQ
[2011/07/22 00:46:59 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\IDoser
[2011/01/27 09:12:18 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Kalypso Media
[2012/03/01 21:59:33 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Korg
[2011/05/04 21:30:44 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Leadertech
[2011/11/09 09:21:22 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Lionhead Studios
[2011/05/29 21:38:06 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Need for Speed World
[2012/02/14 17:06:35 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\NetworkTunnel
[2012/03/02 00:34:30 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\PACE Anti-Piracy
[2011/07/07 18:53:17 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Philips-Songbird
[2012/02/13 15:56:06 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Pokemon Online
[2011/05/03 22:12:18 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Propellerhead Software
[2012/05/19 11:52:40 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\QIP
[2011/03/03 10:11:32 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Red Alert 3
[2011/12/25 14:31:56 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Rovio
[2011/05/18 23:17:40 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/05/26 10:29:31 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Stardock
[2012/02/13 14:25:59 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Teeworlds
[2012/01/19 22:21:15 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\TS3Client
[2012/05/21 20:58:03 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Tunngle
[2010/12/30 15:57:43 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Ubisoft
[2012/06/10 18:47:38 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\uTorrent
[2011/09/27 15:38:08 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\VitySoft
[2011/05/12 00:00:47 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\WebcamMax
[2011/12/27 15:05:39 | 000,000,000 | -HSD | M] -- C:\Users\Blajz\AppData\Roaming\wyUpdate AU
[2011/02/24 13:58:59 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Zoner
[2012/02/15 09:12:43 | 000,032,588 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\ERDNT\cache\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009/07/14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/06/21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\ERDNT\cache\tcpip.sys
[2011/06/21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011/09/29 18:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011/04/25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010/11/20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2011/09/29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011/09/29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\System32\drivers\tcpip.sys
[2011/09/29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011/04/25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011/04/25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011/06/21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010/06/14 08:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\SoftwareDistribution\Download\a7e65db68b5e23ac70eb66bce38e4cf4\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010/06/14 08:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\SoftwareDistribution\Download\a7e65db68b5e23ac70eb66bce38e4cf4\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011/06/21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011/06/21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\ERDNT\cache\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[10 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011/10/17 09:04:50 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\.craftbukkit
[2012/06/04 07:02:30 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\.minecraft
[2012/03/02 00:14:36 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Ableton
[2011/05/18 23:17:42 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Adobe
[2011/05/18 23:17:40 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Adobe Mini Bridge CS5
[2011/03/29 14:47:53 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Ahead
[2010/12/29 13:24:37 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\ATI
[2011/08/05 12:51:06 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Bioshock2
[2011/06/06 08:24:55 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Corel
[2012/03/02 00:34:30 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Cycling '74
[2010/12/28 13:22:20 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\DAEMON Tools Lite
[2011/07/12 07:59:54 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\DarksporeData
[2011/02/19 10:32:34 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\DivX
[2012/03/09 14:56:43 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\FileZilla
[2012/01/30 23:32:55 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\GameHouse
[2012/06/13 00:31:33 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\GarenaPlus
[2011/12/04 23:31:34 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\GetRightToGo
[2012/06/12 23:38:45 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Hamachi
[2011/05/27 07:46:54 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\HP
[2011/12/27 13:07:48 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\ICQ
[2010/12/27 18:24:20 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Identities
[2011/07/22 00:46:59 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\IDoser
[2011/12/18 17:37:15 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\InstallShield
[2011/01/27 09:12:18 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Kalypso Media
[2012/03/01 21:59:33 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Korg
[2011/05/04 21:30:44 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Leadertech
[2011/11/09 09:21:22 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Lionhead Studios
[2010/12/28 12:03:56 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Macromedia
[2011/04/11 15:10:24 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Malwarebytes
[2009/07/14 11:20:06 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Media Center Programs
[2012/02/26 13:30:15 | 000,000,000 | --SD | M] -- C:\Users\Blajz\AppData\Roaming\Microsoft
[2012/05/21 01:14:30 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Mozilla
[2011/05/29 21:38:06 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Need for Speed World
[2011/03/12 15:51:00 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Nero
[2012/02/14 17:06:35 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\NetworkTunnel
[2012/03/02 00:34:30 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\PACE Anti-Piracy
[2011/07/07 18:53:17 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Philips-Songbird
[2012/02/13 15:56:06 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Pokemon Online
[2011/05/03 22:12:18 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Propellerhead Software
[2012/05/19 11:52:40 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\QIP
[2012/03/10 13:57:14 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Realore All My Gods
[2011/03/03 10:11:32 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Red Alert 3
[2011/12/25 14:31:56 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Rovio
[2010/12/29 01:37:23 | 000,000,000 | RH-D | M] -- C:\Users\Blajz\AppData\Roaming\SecuROM
[2012/06/16 14:34:33 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Skype
[2011/05/28 09:53:29 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\skypePM
[2011/05/18 23:17:40 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/05/26 10:29:31 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Stardock
[2012/02/13 14:25:59 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Teeworlds
[2012/01/19 22:21:15 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\TS3Client
[2012/05/21 20:58:03 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Tunngle
[2010/12/30 15:57:43 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Ubisoft
[2012/06/10 18:47:38 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\uTorrent
[2011/09/27 15:38:08 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\VitySoft
[2012/03/04 00:00:42 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\vlc
[2011/05/12 00:00:47 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\WebcamMax
[2010/12/28 16:15:50 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\WinRAR
[2011/12/27 15:05:39 | 000,000,000 | -HSD | M] -- C:\Users\Blajz\AppData\Roaming\wyUpdate AU
[2011/02/24 13:58:59 | 000,000,000 | ---D | M] -- C:\Users\Blajz\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2010/10/20 16:00:02 | 000,695,296 | ---- | M] (AnjoCaido) -- C:\Users\Blajz\AppData\Roaming\MinecraftSP.exe
[2011/03/01 15:26:14 | 000,270,848 | ---- | M] (Teckda) -- C:\Users\Blajz\AppData\Roaming\.minecraft\Minecraft Cracked.exe
[2010/10/21 03:00:02 | 000,695,296 | ---- | M] (AnjoCaido) -- C:\Users\Blajz\AppData\Roaming\.minecraft\Minecraft Updater.exe
[2010/09/25 11:15:25 | 000,232,159 | ---- | M] () -- C:\Users\Blajz\AppData\Roaming\.minecraft\Minecraft.exe
[2012/01/04 19:08:02 | 000,290,835 | ---- | M] () -- C:\Users\Blajz\AppData\Roaming\.minecraft\Uninstall.exe
[2011/07/21 11:51:41 | 000,695,296 | ---- | M] (AnjoCaido) -- C:\Users\Blajz\AppData\Roaming\.minecraft\bin\Minecraft.exe
[2012/01/20 18:03:10 | 000,005,430 | R--- | M] () -- C:\Users\Blajz\AppData\Roaming\Microsoft\Installer\{03840E8D-A75E-4C49-ADFC-09A867C7F943}\_532EEF936FFAE0ABE2522D.exe
[2012/01/20 18:03:10 | 000,005,430 | R--- | M] () -- C:\Users\Blajz\AppData\Roaming\Microsoft\Installer\{03840E8D-A75E-4C49-ADFC-09A867C7F943}\_A290953C7595C4E6A1FDBA.exe
[2011/06/06 08:24:16 | 000,010,134 | R--- | M] () -- C:\Users\Blajz\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe
[2011/06/06 08:24:16 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Blajz\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
[2010/05/28 11:22:44 | 000,375,296 | ---- | M] () -- C:\Users\Blajz\AppData\Roaming\Philips-Songbird\Profiles\yxyt72pn.default\extensions\philips-branding@philips.com\chrome\content\autolauncher\PhilipsDeviceListener.exe
[2010/05/28 11:22:44 | 000,062,464 | ---- | M] (Philips) -- C:\Users\Blajz\AppData\Roaming\Philips-Songbird\Profiles\yxyt72pn.default\extensions\philips-branding@philips.com\chrome\content\autolauncher\RunNonElevated32.exe
[2010/05/28 11:22:44 | 000,063,488 | ---- | M] (Philips) -- C:\Users\Blajz\AppData\Roaming\Philips-Songbird\Profiles\yxyt72pn.default\extensions\philips-branding@philips.com\chrome\content\autolauncher\RunNonElevated64.exe
[2010/05/10 02:27:46 | 000,102,400 | ---- | M] () -- C:\Users\Blajz\AppData\Roaming\Philips-Songbird\Profiles\yxyt72pn.default\extensions\philips-branding@philips.com\payload\gogear@songbirdnest.com\platform\WINNT_x86-msvc\lib\sbACMEFirmwareRPCServer.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012/06/16 14:33:16 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012/06/16 08:02:40 | 000,000,894 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-280847252-1547578034-3754843991-1000Core.job
[2012/06/16 14:14:00 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-280847252-1547578034-3754843991-1000UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010/12/28 13:02:41 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012/06/15 09:35:32 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/15 09:35:32 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\Blajz\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011/09/13 20:46:49 | 000,136,176 | ---- | M] (Google Inc.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2010/11/20 14:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2011/12/07 13:16:29 | 001,047,096 | ---- | M] (Google Inc.) MD5=78D76239DF5A161C702FDECC7D6E4863 -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/06/16 14:12:59 | 000,000,512 | ---- | M] () MD5=F108E3810CD69AF9FD9B1FB5ADC6B3B7 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2008/07/01 13:43:52 | 000,067,756 | ---- | M] () -- \games\Cstrike\cstrike\sound\misc\cracker1.wav
[2008/12/26 00:24:10 | 000,023,012 | ---- | M] () -- \games\Cstrike\cstrike\sound\misc\cracker1.wav.ztmp
[2010/09/29 17:09:54 | 000,062,368 | ---- | M] () -- \games\Magic Workstation\Crack for Magic Workstation.rar
[2005/03/08 11:30:56 | 000,092,827 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite 13\Custom Data\Bumpmap\Cracks.cpt
[2005/03/08 11:30:58 | 000,016,068 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite 13\Custom Data\Canvas\cracks2c.pcx
[2005/03/08 11:31:08 | 000,010,560 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite 13\Custom Data\Tiles\CRACKS2M.CPT
[2006/09/21 15:21:18 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_1
[2006/09/21 15:21:16 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_2
[2006/09/21 15:21:18 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_3
[2006/09/21 15:21:16 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_4
[2006/09/26 13:04:34 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_1
[2006/09/21 15:21:14 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_2
[2006/09/27 19:47:30 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_3
[2006/09/26 13:04:36 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_4
[2006/09/21 15:21:16 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x2_1
[2006/09/27 16:23:02 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x4_1
[2006/09/21 15:21:12 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x5_1
[2006/09/21 13:29:28 | 000,017,494 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce01
[2006/09/21 13:29:32 | 000,017,494 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce02
[2006/09/21 13:29:40 | 000,017,494 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce03
[2006/09/21 13:29:28 | 000,017,494 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce04
[2006/09/21 13:29:28 | 000,017,494 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce05
[2006/09/21 13:29:38 | 000,017,490 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedTree
[2011/03/01 15:26:14 | 000,270,848 | ---- | M] () -- \Users\Blajz\AppData\Roaming\.minecraft\Minecraft Cracked.exe
[2012/01/04 19:08:02 | 000,000,984 | ---- | M] () -- \Users\Blajz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft Cracked\Start Minecraft Cracked.lnk
[2012/01/04 19:08:02 | 000,000,944 | ---- | M] () -- \Users\Blajz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft Cracked\Uninstall Minecraft Cracked.lnk
[2012/03/01 23:51:56 | 000,017,459 | ---- | M] () -- \Users\Blajz\AppData\Roaming\uTorrent\Ableton Live 8.2.2 (CRACKED) [theLEAK].torrent
[2012/03/10 12:03:27 | 000,012,149 | ---- | M] () -- \Users\Blajz\AppData\Roaming\uTorrent\All My Gods - Full PreCracked - Foxy Games.torrent
[2011/12/27 23:04:28 | 000,019,264 | ---- | M] () -- \Users\Blajz\AppData\Roaming\uTorrent\Angry Birds - Christmas Edition - Seasons 2.0 HD - FULL + Key and Crack.torrent
[2010/12/29 19:39:13 | 000,033,549 | ---- | M] () -- \Users\Blajz\AppData\Roaming\uTorrent\Assassins Creed 2 [Multi9] [PCDVD9][WITH CRACK] [www.soloestreno.com].torrent
[2011/12/01 21:33:02 | 000,034,858 | ---- | M] () -- \Users\Blajz\AppData\Roaming\uTorrent\Call of duty 4 Modern Warfare incl. Crack + Serials.torrent
[2011/03/12 11:57:56 | 000,022,268 | ---- | M] () -- \Users\Blajz\AppData\Roaming\uTorrent\F.E.A.R.Clone.and.Crack.1.torrent
[2011/03/12 11:57:25 | 000,022,268 | ---- | M] () -- \Users\Blajz\AppData\Roaming\uTorrent\F.E.A.R.Clone.and.Crack.torrent
[2012/01/04 19:06:30 | 000,014,713 | ---- | M] () -- \Users\Blajz\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.0.0.zip.torrent
[2011/04/11 22:19:12 | 000,003,009 | ---- | M] () -- \Users\Blajz\AppData\Roaming\uTorrent\Sacred_Crack_V2.11.2__Fix2__Skilling_fix_.rar.torrent
[2011/10/02 04:08:26 | 000,000,407 | ---- | M] () -- \Users\Blajz\Desktop\MINECRAFT-1.1-bukkit-server\plugins\Essentials\userdata\dieselcracksho.yml
[2011/09/27 13:43:40 | 000,000,397 | ---- | M] () -- \Users\Blajz\Desktop\MINECRAFT-1.1-bukkit-server\plugins\Essentials\userdata\grahamcracka2000.yml
[2012/03/01 20:50:15 | 000,001,187 | ---- | M] () -- \Users\Blajz\Documents\Ableton\Library\Presets\Audio Effects\Vinyl Distortion\Crack.adv
[2012/03/01 20:39:16 | 000,006,762 | ---- | M] () -- \Users\Blajz\Documents\Ableton\Library\Presets\Instruments\Instrument Rack\Guitars and Plucked\Synthetic\Lead-Cracker.adg

< *keygen* /s >
[2011/05/14 23:54:30 | 000,040,753 | ---- | M] () -- \Users\Blajz\AppData\Roaming\uTorrent\Corel Draw X5 with Keygen.torrent
[2011/05/14 23:39:18 | 000,020,840 | ---- | M] () -- \Users\Blajz\AppData\Roaming\uTorrent\Corel-Draw-X5_with_Keygen.1.torrent
[2011/05/14 18:48:33 | 000,020,748 | ---- | M] () -- \Users\Blajz\AppData\Roaming\uTorrent\Corel-Draw-X5_with_Keygen.torrent
[2011/05/03 19:56:06 | 000,080,317 | ---- | M] () -- \Users\Blajz\AppData\Roaming\uTorrent\Reason 5 + Keys & Keygen.torrent

< *loader* /s >
[2011/08/04 16:53:16 | 001,402,176 | ---- | M] () -- \games\Company of heroes\RelicDownloader\RelicDownloader.exe
[2011/08/04 16:53:16 | 000,001,632 | ---- | M] () -- \games\Company of heroes\RelicDownloader\Locale\English\RelicDownloader.English.ucs
[2003/09/15 16:02:00 | 000,169,384 | ---- | M] () -- \games\Cstrike\cstrike\models\qloader.mdl
[2003/09/15 15:55:50 | 000,352,548 | ---- | M] () -- \games\Cstrike\valve\models\loader.mdl
[2003/09/15 15:56:04 | 000,012,764 | ---- | M] () -- \games\Cstrike\valve\sound\ambience\loader_hydra1.wav
[2003/09/15 15:56:04 | 000,012,164 | ---- | M] () -- \games\Cstrike\valve\sound\ambience\loader_step1.wav
[2011/05/28 10:05:24 | 000,004,068 | ---- | M] () -- \games\Need For Speed World\Data\GFX\_RadialFlareLoader_Double.gfx
[2011/05/17 23:22:21 | 000,098,816 | ---- | M] () -- \games\warcraft 126\Warcraft III\euroloader.exe
[2011/05/06 18:47:43 | 000,000,046 | ---- | M] () -- \games\warcraft 126\Warcraft III\euroloader.txt
[2011/04/10 14:37:49 | 002,070,207 | ---- | M] () -- \games\WOW Kopirvatelny\WOW\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
[2009/03/09 09:53:01 | 000,003,026 | ---- | M] () -- \games\WOW Kopirvatelny\WOW\Data\enGB\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2009/03/09 09:53:02 | 000,004,261 | ---- | M] () -- \games\WOW Kopirvatelny\WOW\Data\enGB\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2009/06/23 16:48:39 | 002,172,400 | ---- | M] () -- \games\WOW\BackgroundDownloader.exe
[2009/03/09 09:53:01 | 000,003,026 | ---- | M] () -- \games\WOW\Data\enGB\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2009/03/09 09:53:02 | 000,004,261 | ---- | M] () -- \games\WOW\Data\enGB\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2010/03/10 19:57:16 | 000,026,916 | ---- | M] () -- \games\WOW\Logs\Downloader.log
[2010/03/09 04:28:40 | 005,297,608 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010/03/09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010/03/09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2010/11/19 11:51:28 | 000,118,784 | ---- | M] () -- \Program Files\Bethesda Softworks\Oblivion\obse_loader.exe
[2010/11/19 11:51:28 | 000,118,784 | ---- | M] () -- \Program Files\Bethesda Softworks\Oblivion\obse_steam_loader.dll
[2008/01/05 13:06:02 | 000,000,728 | ---- | M] () -- \Program Files\Bethesda Softworks\Oblivion\NifViewer\MeshLoader.cs
[2008/01/05 13:06:02 | 000,003,841 | ---- | M] () -- \Program Files\Bethesda Softworks\Oblivion\NifViewer\MeshLoader.Designer.cs
[2008/01/05 13:06:02 | 000,005,814 | ---- | M] () -- \Program Files\Bethesda Softworks\Oblivion\NifViewer\MeshLoader.resx
[2009/10/10 08:58:14 | 000,004,666 | R--- | M] () -- \Program Files\Bethesda Softworks\Oblivion\src\obse\loader\loader.vcproj
[2009/10/10 08:58:14 | 000,000,468 | R--- | M] () -- \Program Files\Bethesda Softworks\Oblivion\src\obse\loader\obse_loader.manifest.xml
[2009/10/10 08:58:14 | 000,003,414 | R--- | M] () -- \Program Files\Bethesda Softworks\Oblivion\src\obse\loader_common\loader_common.vcproj
[2009/10/10 08:59:20 | 000,004,677 | R--- | M] () -- \Program Files\Bethesda Softworks\Oblivion\src\obse\steam_loader\steam_loader.vcproj
[2007/05/08 19:46:20 | 000,177,712 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2010/10/07 05:36:40 | 000,265,552 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010/10/07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2006/10/10 11:31:42 | 000,132,648 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite 13\Programs\PCULoader.exe
[2012/04/24 03:21:30 | 000,038,400 | ---- | M] () -- \Program Files\Garena Plus\FileLoader.dll
[2012/02/22 10:52:16 | 002,609,664 | ---- | M] () -- \Program Files\Garena Plus\ggdownloader.dll
[2012/05/30 07:55:21 | 000,081,272 | ---- | M] () -- \Program Files\Garena Plus\bbtalk\BTalkLoader.exe
[2009/05/21 21:21:18 | 000,007,507 | ---- | M] () -- \Program Files\HP\Digital Imaging\HelpViewer\Resources\Loader.swf
[2009/09/20 13:15:26 | 000,030,776 | ---- | M] () -- \Program Files\HP\Digital Imaging\smart web printing\RsrcLoaderLib.dll
[2009/09/20 13:15:26 | 000,002,713 | ---- | M] () -- \Program Files\HP\Digital Imaging\smart web printing\MozillaAddOn3\xre\components\uriloader.xpt
[2011/12/05 02:01:01 | 000,005,795 | ---- | M] () -- \Program Files\ICQ6.5\Packages\atlas\Skins\AtlasSkin\images\XtraPreloader\loader.jpg
[2011/12/05 02:01:01 | 000,004,089 | ---- | M] () -- \Program Files\ICQ6.5\Packages\atlas\Skins\AtlasSkin\images\XtraPreloader\loader.swf
[2008/11/19 11:28:08 | 000,005,795 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.jpg
[2008/11/19 11:28:08 | 000,004,089 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.swf
[2011/12/05 02:01:55 | 000,003,479 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\content\contact_list\preloader04.swf
[2011/12/05 02:01:22 | 000,552,798 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\theme\game_center\loaderBkg.png
[2009/05/31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2010/04/12 03:49:04 | 000,008,073 | ---- | M] () -- \Program Files\Philips\Philips Songbird\components\sbAutoDownloader.js
[2010/04/12 03:44:20 | 000,015,591 | ---- | M] () -- \Program Files\Philips\Philips Songbird\components\sbFileDownloader.js
[2010/01/29 07:43:52 | 000,071,008 | ---- | M] () -- \Program Files\Reality Pump\Two Worlds II\PhysXLoader.dll
[2008/02/25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2010/12/24 10:42:08 | 002,152,448 | ---- | M] () -- \Program Files\WebcamMax\ShareUploader.exe
[2009/06/02 02:16:57 | 000,114,688 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2009/09/15 00:48:10 | 000,070,936 | ---- | M] () -- \ProgramData\AMD\2K Games\Gearbox Software\Borderlands\Binaries\PhysXLocal\PhysXLoader.dll
[2012/02/15 14:28:30 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/02/15 14:28:30 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2009/09/15 00:48:10 | 000,070,936 | ---- | M] () -- \Users\All Users\AMD\2K Games\Gearbox Software\Borderlands\Binaries\PhysXLocal\PhysXLoader.dll
[2012/02/15 14:28:30 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/02/15 14:28:30 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2011/03/16 18:02:43 | 000,008,213 | ---- | M] () -- \Users\Blajz\AppData\Local\SRDownloader.err
[2011/03/16 18:05:27 | 000,001,080 | ---- | M] () -- \Users\Blajz\AppData\Local\SRDownloader.nast
[2012/06/12 15:03:38 | 000,000,652 | ---- | M] () -- \Users\Blajz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7SF7TP55\AdLoader[1].htm
[2012/06/14 10:31:16 | 000,000,652 | ---- | M] () -- \Users\Blajz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K84FB8ZS\AdLoader[1].htm
[2012/06/15 22:12:43 | 000,000,652 | ---- | M] () -- \Users\Blajz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K84FB8ZS\AdLoader[2].htm
[2012/06/13 13:15:37 | 000,001,008 | ---- | M] () -- \Users\Blajz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K84FB8ZS\preloader-mask[1].png
[2012/06/12 15:03:38 | 000,010,519 | ---- | M] () -- \Users\Blajz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RKDIQ0H6\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[1].js
[2012/06/12 23:27:01 | 000,010,519 | ---- | M] () -- \Users\Blajz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RKDIQ0H6\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[2].js
[2012/06/13 13:15:37 | 000,001,138 | ---- | M] () -- \Users\Blajz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RKDIQ0H6\preloader[1].gif
[2011/01/27 20:25:29 | 000,000,144 | ---- | M] () -- \Users\Blajz\AppData\Local\VirtualStore\Program Files\Bethesda Softworks\Oblivion\obse_loader.log
[2012/01/29 14:54:29 | 000,002,778 | ---- | M] () -- \Users\Blajz\AppData\Roaming\.minecraft\ModLoader.txt
[2011/08/31 19:29:42 | 000,008,412 | ---- | M] () -- \Users\Blajz\AppData\Roaming\.minecraft\ModLoader.txt.1
[2012/01/29 14:54:25 | 000,000,153 | ---- | M] () -- \Users\Blajz\AppData\Roaming\.minecraft\config\ModLoader.cfg
[2011/09/15 04:09:54 | 000,041,357 | ---- | M] () -- \Users\Blajz\AppData\Roaming\.minecraft\mod\ModLoader.class
[2011/09/15 04:09:54 | 000,041,357 | ---- | M] () -- \Users\Blajz\AppData\Roaming\.minecraft\modloader\ModLoader.class
[2011/12/04 23:31:18 | 000,000,000 | ---- | M] () -- \Users\Blajz\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_Menu_Creator.data
[2011/03/12 15:19:54 | 000,000,000 | ---- | M] () -- \Users\Blajz\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_Nero_7_Lite.data
[2011/04/10 14:38:10 | 000,010,272 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\Logs\Downloader.log
[2010/03/24 21:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010/03/24 21:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2009/07/14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012/02/02 15:15:04 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2011/12/27 11:55:20 | 000,003,530 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009/07/14 10:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009/07/14 10:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009/07/14 10:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2011/04/11 15:10:47 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2011/04/11 15:10:47 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2011/04/11 15:10:47 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2011/08/30 16:30:45 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011/08/30 16:30:45 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011/08/30 16:30:45 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/14 10:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009/07/13 18:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/08/19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009/08/19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010/11/20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 1218 bytes -> C:\ProgramData\Microsoft:cXDwMSL5Sih14HX6t6JKZOmsqo
@Alternate Data Stream - 1137 bytes -> C:\ProgramData\Microsoft:dFwni7kYrhvAaRMWroj9b9y

< End of report >

#8 Příspěvek od **vyosek** » 18 čer 2012 11:38

Mohu mit dotaz, proc si bezny uzivatel kupuje nejvyssi licenci Windows Ultimate, ktera je urcena spise pro velke korporace, kdyz stejne nevyuzije nic vic nez nabizi verze Home Premium

A nebo byla "koupena" nekde na internetu

hinatahyuuga · #9 Příspěvek od **hinatahyuuga** » 18 čer 2012 12:46

win sa len tvari ako legalny a prečo ? ked som win instaloval nezistil som si podrobnosti o verziach ...a odvtedy nebol preinstalovany

#10 Příspěvek od **vyosek** » 18 čer 2012 12:49

Tvari ale je cracknuty

Nebo tomu aspon z 95% nektere radky napovidaji, takze se ptam - koupil jste si licenci nebo nekde proste sehnal bez zakoupeni licence

hinatahyuuga · #11 Příspěvek od **hinatahyuuga** » 18 čer 2012 12:59

nie nekupoval som si licenciu, zohnal som si ju na nete

je to problém ze nemam legalnu licenciu ??

#12 Příspěvek od **vyosek** » 18 čer 2012 13:08

Pravidla fora bych rekl ze jsou jasna ne?

Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.

hinatahyuuga · #13 Příspěvek od **hinatahyuuga** » 18 čer 2012 13:37

tento účet mám už dost dlho a kopu krát mi tu veľa ludi pomohlo a nikdy som sa nestretol s tym ze by niekomu vadilo ze mam nelegalny win v kompe

mám to teda chápať tak že tu na fore nemam čakat pomoc pokial si win nekupim ??

#14 Příspěvek od **vyosek** » 18 čer 2012 13:49

Crack je tam prokazatelny, tentokrat to dokoncim, kdyz jsem to nacal, ale priste bude pomoc odmitnuta

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva391.sys -- (XDva391)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena Plus\Room\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Blajz\AppData\Local\Temp\CFcatchme.sys -- (CFcatchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Blajz\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (alpd8x0m)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14672
IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=100908
IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..\SearchScopes\{0F9B94DA-CA7D-4E9D-8329-565810AAAE14}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
IE - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..\SearchScopes\{8FA77A21-2597-40A0-8C20-055384FAF1ED}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=T8&apn_dtid=YYYYYYYYSK&apn_uid=c0e0d591-2fb7-4015-89a0-334874ad28d1&apn_sauid=CF7533DA-156F-4E32-AFB2-E58FB533BAE8&
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=SP_&q={searchTerms}&mntrId=340e47460000000000007a790514e7db&tlver=1.4.35.10&"
[2011/11/08 22:33:44 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\extensions\ffxtlbr@babylon.com
[2011/11/17 20:25:44 | 000,002,333 | ---- | M] () -- C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\searchplugins\askcom.xml
[2011/04/16 21:48:13 | 000,009,968 | ---- | M] () -- C:\Users\Blajz\AppData\Roaming\Mozilla\Firefox\Profiles\0vrvzzak.default\searchplugins\mywebsearch.xml
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-280847252-1547578034-3754843991-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[10 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]
[2012/06/16 14:33:16 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012/06/16 08:02:40 | 000,000,894 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-280847252-1547578034-3754843991-1000Core.job
[2012/06/16 14:14:00 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-280847252-1547578034-3754843991-1000UA.job
@Alternate Data Stream - 1218 bytes -> C:\ProgramData\Microsoft:cXDwMSL5Sih14HX6t6JKZOmsqo
@Alternate Data Stream - 1137 bytes -> C:\ProgramData\Microsoft:dFwni7kYrhvAaRMWroj9b9y

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]

:files
c:\Users\Blajz\AppData\Roaming\uTorrent\*crack*
c:\Users\Blajz\AppData\Roaming\uTorrent\*keygen*
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

hinatahyuuga · #15 Příspěvek od **hinatahyuuga** » 18 čer 2012 13:49

Ide o to že tento notebook je kupovaný z druhej ruky a od originalu tam bol Win Vista ale po jeho kupeni bol v stave ze som musel vymeniť hdd a preinstalovať win ,cize original serial nemam k dispozicii

VIRY.CZ

Poprosím o kontrolu

Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu

Re: Poprosím o kontrolu