prosim o kontrolu

[Márty84]

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[arkan]

spravil som vsetko presne podla navodu - program som spustil ako spravca, no vypisalo mi, ze nevie na ploche vytvorit subor cmd.bat. a zrejme program prestal pracovat. posledna hlaska na programe je Manual File Scan - Looking in folder: ... a nic sa nedeje.

[Márty84]

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

[arkan]

OTL.txt
OTL logfile created on: 3/12/2013 9:30:06 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Janik\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

3.24 Gb Total Physical Memory | 1.86 Gb Available Physical Memory | 57.51% Memory free
6.48 Gb Paging File | 4.99 Gb Available in Paging File | 76.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 229.22 Gb Total Space | 130.28 Gb Free Space | 56.83% Space Free | Partition Type: NTFS
Drive D: | 7.40 Gb Total Space | 0.01 Gb Free Space | 0.20% Space Free | Partition Type: NTFS
Drive K: | 227.13 Gb Total Space | 62.08 Gb Free Space | 27.33% Space Free | Partition Type: NTFS
Drive N: | 931.51 Gb Total Space | 229.54 Gb Free Space | 24.64% Space Free | Partition Type: NTFS
Drive Q: | 931.28 Gb Total Space | 529.18 Gb Free Space | 56.82% Space Free | Partition Type: FAT32

Computer Name: JANIK-HP | User Name: Janik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/12 20:41:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Janik\Desktop\OTL.exe
PRC - [2013/02/10 13:01:16 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2013/02/10 04:20:39 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/02/10 01:35:07 | 001,821,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013/02/10 01:35:07 | 000,866,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013/02/09 18:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/02/07 14:06:07 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2013/02/07 14:05:51 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013/02/07 14:05:50 | 000,385,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013/02/07 14:05:50 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/12/18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/08 00:37:37 | 001,990,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012/11/08 00:37:11 | 006,756,048 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2012/09/08 11:56:46 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\windows\explorer.exe
PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\taskhost.exe
PRC - [2009/06/18 18:29:12 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
PRC - [2007/05/10 13:18:26 | 000,835,584 | ---- | M] () -- C:\windows\vsnpstd3.exe


========== Modules (No Company Name) ==========

MOD - [2013/03/12 20:10:46 | 014,717,144 | ---- | M] () -- C:\windows\System32\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013/02/10 13:01:19 | 000,835,584 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll
MOD - [2013/02/10 13:01:19 | 000,312,832 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2013/02/10 13:01:19 | 000,158,208 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2013/02/10 13:01:19 | 000,101,888 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2013/02/10 13:01:19 | 000,096,256 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2013/02/10 13:01:19 | 000,094,208 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2013/02/10 13:01:19 | 000,093,696 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2013/02/10 13:01:19 | 000,073,728 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2013/02/10 13:01:19 | 000,067,072 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2013/02/10 13:01:19 | 000,062,976 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2013/02/10 13:01:19 | 000,057,344 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2013/02/10 13:01:19 | 000,038,912 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2011/11/26 12:27:31 | 000,043,520 | ---- | M] () -- C:\windows\System32\CmdLineExt03.dll
MOD - [2007/05/10 13:18:26 | 000,835,584 | ---- | M] () -- C:\windows\vsnpstd3.exe


========== Services (SafeList) ==========

SRV - [2013/03/12 20:10:47 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/11 17:56:21 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/25 07:39:32 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/02/10 04:20:39 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/02/09 18:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/02/07 14:06:07 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/02/07 14:05:50 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/12/18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/08 00:37:37 | 001,990,464 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2012/09/08 11:56:46 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2012/08/01 15:07:16 | 000,724,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/18 13:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011/09/09 17:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/07/24 15:13:09 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009/07/14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/07/14 02:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/06/18 18:29:12 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgvmodem.sys -- (LGVMODEM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtport.sys -- (LgBttPort)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btcombus.sys -- (BTCOMBUS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btcomport.sys -- (BTCOM)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (azod6eky)
DRV - [2013/02/10 04:20:39 | 008,944,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/12/11 15:30:18 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/12/11 15:30:18 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/11/14 13:43:20 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012/11/08 00:37:56 | 000,082,952 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2012/11/08 00:37:55 | 000,036,072 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012/11/08 00:37:54 | 000,494,416 | ---- | M] (COMODO) [File_System | System | Running] -- C:\windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012/10/12 14:47:07 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012/08/27 14:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012/06/27 14:18:52 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2011/07/22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/01/20 16:27:26 | 000,011,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2010/09/26 19:53:10 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2010/09/26 19:52:42 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010/09/26 19:52:42 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2010/05/12 11:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\FlashUSB.sys -- (FlashUSB)
DRV - [2010/04/06 17:33:10 | 000,025,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2010/04/06 17:32:48 | 000,023,048 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2010/04/06 17:32:44 | 000,020,104 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/03 09:15:12 | 010,526,464 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\snpstd3.sys -- (SNPSTD3)
DRV - [2009/05/16 03:15:14 | 000,214,024 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/05/16 03:15:14 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\mfeavfk.sys -- (MfeAVFK)
DRV - [2009/05/16 03:15:14 | 000,055,336 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\System32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2009/05/16 03:15:14 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\mfebopk.sys -- (MfeBOPK)
DRV - [2009/05/16 03:15:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\mferkdk.sys -- (MfeRKDK)
DRV - [2008/10/21 08:22:48 | 000,114,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\s0017mdm.sys -- (s0017mdm)
DRV - [2008/10/21 08:22:48 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\s0017unic.sys -- (s0017unic)
DRV - [2008/10/21 08:22:48 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\s0017mgmt.sys -- (s0017mgmt)
DRV - [2008/10/21 08:22:48 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\s0017obex.sys -- (s0017obex)
DRV - [2008/10/21 08:22:48 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\s0017bus.sys -- (s0017bus)
DRV - [2008/10/21 08:22:48 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\s0017nd5.sys -- (s0017nd5)
DRV - [2008/10/21 08:22:48 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV - [2007/05/11 03:10:50 | 000,034,704 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2007/05/09 01:59:40 | 000,036,496 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2007/03/05 06:00:04 | 000,027,792 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007/03/05 05:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2007/03/05 05:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\BtHidMgr.sys -- (BTHidMgr)
DRV - [2007/03/05 05:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\VBTEnum.sys -- (BTHidEnum)
DRV - [2007/03/05 05:53:18 | 000,044,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\VCommMgr.sys -- (VcommMgr)
DRV - [2007/03/05 05:52:18 | 000,034,448 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\VComm.sys -- (VComm)
DRV - [2004/08/09 12:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004/08/09 12:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004/07/19 15:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\windows\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2003/12/01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\windows\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [1996/04/03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{4A4D6CF3-E3AF-4AB5-99EE-F3600602F6B6}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sme.sk/
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\..\SearchScopes\{4A4D6CF3-E3AF-4AB5-99EE-F3600602F6B6}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - No CLSID value found
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\..\SearchScopes\{4A4D6CF3-E3AF-4AB5-99EE-F3600602F6B6}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.sme.sk"
FF - prefs.js..extensions.enabledAddons: browserprotect%40browserprotect.com:1.1.3
FF - prefs.js..extensions.enabledAddons: flvmoviesdownloader%40rzll:1.43
FF - prefs.js..extensions.enabledAddons: netvideohunter%40netvideohunter.com:1.9.5
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: %7BEF522540-89F5-46b9-B6FE-1829E2B572C6%7D:6.1
FF - prefs.js..extensions.enabledAddons: zoompage%40DW-dev:5.3
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.8.2
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130129
FF - prefs.js..extensions.enabledAddons: %7Bbee6eb20-01e0-ebd1-da83-080329fb9a3a%7D:1.28
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14
FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.5.4.2
FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.9.1
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.5.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc;version=0.8.6d: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}: C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/11 17:56:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/11 17:56:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/11 17:56:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/11 17:56:20 | 000,000,000 | ---D | M]

[2011/03/27 19:11:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Janik\AppData\Roaming\mozilla\Extensions
[2010/07/24 13:56:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Janik\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013/03/11 19:43:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Janik\AppData\Roaming\mozilla\Firefox\Profiles\f1fx2f9i.default\extensions
[2013/02/01 18:40:29 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Janik\AppData\Roaming\mozilla\Firefox\Profiles\f1fx2f9i.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013/02/27 07:38:02 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Janik\AppData\Roaming\mozilla\Firefox\Profiles\f1fx2f9i.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/03/11 19:43:28 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Janik\AppData\Roaming\mozilla\Firefox\Profiles\f1fx2f9i.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2013/03/11 19:43:31 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Janik\AppData\Roaming\mozilla\Firefox\Profiles\f1fx2f9i.default\extensions\firefox@ghostery.com
[2012/10/24 12:58:20 | 000,000,000 | ---D | M] (FlashCatch) -- C:\Users\Janik\AppData\Roaming\mozilla\Firefox\Profiles\f1fx2f9i.default\extensions\flashcatch-amo@flashcatch.com
[2012/10/24 12:58:23 | 000,000,000 | ---D | M] ("NetVideoHunter") -- C:\Users\Janik\AppData\Roaming\mozilla\Firefox\Profiles\f1fx2f9i.default\extensions\netvideohunter@netvideohunter.com
[2013/03/11 19:43:31 | 000,275,665 | ---- | M] () (No name found) -- C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\extensions\artur.dubovoy@gmail.com.xpi
[2012/02/04 17:59:46 | 000,047,822 | ---- | M] () (No name found) -- C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\extensions\browserprotect@browserprotect.com.xpi
[2011/10/27 15:22:14 | 000,014,838 | ---- | M] () (No name found) -- C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\extensions\flvmoviesdownloader@rzll.xpi
[2012/08/07 17:56:30 | 000,172,839 | ---- | M] () (No name found) -- C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\extensions\requestpolicy@requestpolicy.com.xpi
[2012/12/15 20:11:51 | 000,051,527 | ---- | M] () (No name found) -- C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\extensions\zoompage@DW-dev.xpi
[2013/03/11 19:43:28 | 000,348,483 | ---- | M] () (No name found) -- C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2013/03/11 17:55:34 | 000,531,283 | ---- | M] () (No name found) -- C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012/12/11 16:27:15 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2012/02/04 17:59:46 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/02/06 20:37:55 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2013/03/02 12:31:46 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012/11/07 19:08:53 | 000,045,219 | ---- | M] () (No name found) -- C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}.xpi
[2012/08/07 18:08:18 | 000,002,342 | ---- | M] () -- C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\searchplugins\icq-search.xml
[2012/07/02 19:05:00 | 000,000,950 | ---- | M] () -- C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\searchplugins\icqplugin-4.xml
[2012/08/07 17:58:36 | 000,000,950 | ---- | M] () -- C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\searchplugins\icqplugin-5.xml
[2013/03/11 17:56:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/03/11 17:56:21 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/10/11 05:38:25 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2012/10/11 05:38:25 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2012/10/11 05:38:25 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2012/10/11 05:38:25 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2012/10/11 05:38:26 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2012/10/11 05:38:26 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2013/03/12 20:32:17 | 000,001,016 | ---- | M]) - C:\windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [snpstd3] C:\windows\vsnpstd3.exe ()
O4 - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002..\RunOnce: [mctadmin] C:\windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1E3759D-CF7A-4EFE-902D-8D5A2BEBD0F8}: NameServer = 172.22.35.254,88.212.10.21
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a98bf741-b041-11e0-ae7d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a98bf741-b041-11e0-ae7d-806e6f6e6963}\Shell\AutoRun\command - "" = O:\RunGame.exe
O33 - MountPoints2\{c386d540-3ab5-11e0-b1b6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c386d540-3ab5-11e0-b1b6-806e6f6e6963}\Shell\AutoRun\command - "" = F:\RunGame.exe
O33 - MountPoints2\{eab9f578-f418-11df-adc2-001fcf20552a}\Shell - "" = AutoRun
O33 - MountPoints2\{eab9f578-f418-11df-adc2-001fcf20552a}\Shell\AutoRun\command - "" = F:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\Windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.VP60 - C:\windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.WMV3 - C:\Windows\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013/03/12 21:28:33 | 000,000,000 | ---D | C] -- C:\Users\Janik\Desktop\Nový priečinok
[2013/03/12 20:41:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Janik\Desktop\OTL.exe
[2013/03/12 20:15:33 | 000,000,000 | ---D | C] -- C:\Users\Janik\Desktop\RK_Quarantine
[2013/03/11 17:56:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/03/07 20:02:44 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2013/03/07 20:02:36 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013/03/07 20:02:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/07 20:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/03/07 05:28:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013/03/06 22:58:58 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/03/06 22:58:46 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/03/06 22:58:46 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/03/06 22:58:46 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/03/06 22:56:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/03/06 22:54:47 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/03/06 22:54:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/03/06 22:45:37 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2013/03/06 22:43:44 | 020,534,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2013/03/06 22:43:44 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2013/03/06 22:43:44 | 008,944,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2013/03/06 22:43:44 | 007,964,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2013/03/06 22:43:44 | 006,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2013/03/06 22:43:44 | 002,726,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2013/03/06 22:43:44 | 001,990,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2013/03/06 22:43:44 | 001,012,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3220294.dll
[2013/03/06 22:43:44 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco3220162.dll
[2013/03/06 17:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2013/03/02 20:13:46 | 000,000,000 | ---D | C] -- C:\Windows\sk
[2013/03/02 20:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2013/03/02 20:09:14 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2013/03/02 19:34:18 | 000,000,000 | ---D | C] -- C:\719d46c04a31d909d6f0
[2013/03/02 19:21:57 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2013/03/02 15:26:23 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KoshyJohn.com
[2013/03/02 15:26:18 | 000,000,000 | ---D | C] -- C:\Users\Janik\AppData\Roaming\KoshyJohn.com
[2013/02/13 09:17:01 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/02/13 09:17:00 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/02/13 09:17:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/02/13 09:17:00 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/02/13 09:17:00 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/02/13 09:16:59 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/02/13 09:16:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/02/13 09:16:58 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/02/13 08:59:26 | 000,187,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2013/02/13 08:59:25 | 003,957,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/02/13 08:59:25 | 003,902,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/02/13 08:59:24 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/02/13 08:59:19 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2013/02/13 08:59:19 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013/02/13 08:59:19 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013/02/13 08:59:19 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013/02/13 08:59:19 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013/02/13 08:59:19 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013/02/13 08:59:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/02/13 08:59:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013/02/13 08:59:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013/02/13 08:59:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013/02/13 08:59:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013/02/13 08:59:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013/02/13 08:59:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/02/13 08:59:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/02/13 08:59:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013/02/13 08:59:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/13 08:59:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013/02/13 08:59:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013/02/13 08:59:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013/02/13 08:59:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013/02/13 08:59:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/02/13 08:59:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013/02/13 08:59:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013/02/13 08:59:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013/02/13 08:59:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013/02/13 08:59:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/02/13 08:59:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013/02/13 08:59:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013/02/13 08:59:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013/02/13 08:59:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2010/06/02 21:36:01 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe680B.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/12 21:31:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/03/12 21:31:45 | 000,015,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/12 21:31:45 | 000,015,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/12 21:24:40 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/12 21:24:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/12 21:20:44 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/12 21:10:05 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/12 20:41:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Janik\Desktop\OTL.exe
[2013/03/12 20:14:49 | 000,816,640 | ---- | M] () -- C:\Users\Janik\Desktop\RogueKiller.exe
[2013/03/12 20:10:46 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/03/12 20:10:46 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/03/11 19:45:24 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJanik.job
[2013/03/11 12:01:39 | 000,660,198 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/03/11 12:01:39 | 000,121,204 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/03/11 12:01:39 | 000,060,754 | ---- | M] () -- C:\Windows\System32\perfh01B.dat
[2013/03/11 12:01:39 | 000,020,978 | ---- | M] () -- C:\Windows\System32\perfc01B.dat
[2013/03/06 22:58:38 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013/03/06 22:58:38 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013/03/06 22:58:38 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/03/06 22:58:38 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/03/06 22:58:38 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/03/06 22:58:38 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/03/02 20:11:15 | 000,000,020 | ---- | M] () -- C:\Windows\đóě
[2013/03/02 14:24:50 | 000,107,008 | ---- | M] () -- C:\Users\Janik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/02/25 20:31:07 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013/02/13 09:36:52 | 000,409,624 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[arkan]

========== Files Created - No Company Name ==========

[2013/03/12 20:46:37 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/03/12 20:14:49 | 000,816,640 | ---- | C] () -- C:\Users\Janik\Desktop\RogueKiller.exe
[2013/03/02 20:12:36 | 000,001,253 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2013/03/02 20:11:48 | 000,001,322 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2013/03/02 20:11:15 | 000,000,020 | ---- | C] () -- C:\Windows\đóě
[2013/01/06 14:24:07 | 000,000,073 | ---- | C] () -- C:\Users\Janik\AppData\Roaming\LSV6.dat
[2012/10/07 14:34:31 | 000,000,104 | ---- | C] () -- C:\Windows\BsMobileModel.ini
[2012/06/25 09:59:04 | 000,000,093 | ---- | C] () -- C:\Users\Janik\AppData\Local\fusioncache.dat
[2012/06/24 13:34:40 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012/06/17 17:30:00 | 000,000,000 | ---- | C] () -- C:\ProgramData\Automatic Filter
[2012/06/17 17:27:07 | 000,000,000 | ---- | C] () -- C:\ProgramData\Audio Units
[2012/06/17 17:22:34 | 000,009,583 | ---- | C] () -- C:\Users\Janik\AppData\Local\recently-used.xbel
[2012/01/09 13:14:00 | 000,835,584 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2012/01/09 13:14:00 | 000,339,968 | ---- | C] () -- C:\Windows\tsnpstd3.exe
[2012/01/09 13:13:59 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\rsnpstd3.dll
[2012/01/09 13:13:59 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2012/01/09 13:13:59 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll
[2012/01/09 13:13:59 | 000,053,248 | ---- | C] ( ) -- C:\Windows\csnpstd3.dll
[2012/01/09 13:13:59 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2011/11/21 19:47:50 | 000,002,828 | ---- | C] () -- C:\Users\Janik\AppData\Local\config.dat
[2011/10/27 06:51:34 | 000,001,286 | ---- | C] () -- C:\Windows\System32\.ini
[2011/07/19 05:52:32 | 000,000,000 | ---- | C] () -- C:\Users\Janik\AppData\Local\{53EBDDF3-438C-40F5-8AAE-6168EE7F7930}
[2011/07/17 19:49:29 | 000,000,000 | ---- | C] () -- C:\Users\Janik\AppData\Local\{05439CD3-BB65-48DD-825E-43964122CA77}
[2011/07/02 22:23:58 | 000,000,000 | ---- | C] () -- C:\Users\Janik\AppData\Local\{4A86BDA2-62F2-46B6-A358-06F719C334DF}
[2011/06/24 07:27:03 | 000,000,000 | ---- | C] () -- C:\Users\Janik\AppData\Local\{38E0F407-ACB5-4913-AD65-35576E7516F6}
[2011/05/21 17:21:47 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Flags
[2011/05/21 17:21:47 | 000,000,268 | RH-- | C] () -- C:\Users\Janik\AppData\Roaming\File Templates
[2011/05/21 17:21:47 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLck.DAT
[2011/05/21 17:21:42 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Flange Saw
[2011/05/21 17:21:42 | 000,000,268 | RH-- | C] () -- C:\Users\Janik\AppData\Roaming\Filesystems
[2011/05/21 17:19:56 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLbx.DAT
[2011/05/07 11:25:57 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2011/05/07 11:25:57 | 000,000,000 | ---- | C] () -- C:\Users\Janik\AppData\Roaming\Automator
[2011/05/07 11:24:54 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2011/05/07 11:24:54 | 000,000,000 | ---- | C] () -- C:\Users\Janik\AppData\Roaming\Authentication
[2010/08/09 20:21:15 | 000,007,605 | ---- | C] () -- C:\Users\Janik\AppData\Local\resmon.resmoncfg
[2010/08/01 11:15:44 | 000,004,990 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe
[2010/06/05 15:33:51 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/06/05 15:33:51 | 000,000,008 | RHS- | C] () -- C:\ProgramData\41FB2F4279.sys
[2010/05/16 16:39:59 | 000,022,328 | ---- | C] () -- C:\Users\Janik\AppData\Roaming\PnkBstrK.sys
[2010/04/18 14:12:52 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/04/10 13:05:00 | 000,107,008 | ---- | C] () -- C:\Users\Janik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010/12/19 18:14:54 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\ACD Systems
[2013/03/10 14:24:51 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\AIMP3
[2011/11/05 15:43:04 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\AnvSoft
[2011/07/20 20:03:55 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Canneverbe Limited
[2010/08/01 11:15:44 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Carambis
[2013/03/11 19:37:01 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\DAEMON Tools Lite
[2010/12/07 22:09:10 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Dropbox
[2013/02/11 12:43:29 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\DVDVideoSoft
[2011/10/30 17:33:44 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\eM Client
[2011/07/03 10:54:15 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\GHISLER
[2013/02/24 21:06:03 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\ICQ
[2012/04/11 06:35:03 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\ICQ Search
[2010/10/20 20:27:51 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\InterVideo
[2010/11/06 14:31:01 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\IrfanView
[2010/10/11 14:58:33 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\KompoZer
[2013/03/02 15:26:18 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\KoshyJohn.com
[2011/01/25 19:03:26 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Leadertech
[2011/11/05 15:38:52 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Leawo
[2012/02/10 15:15:45 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\MMToolz
[2012/05/07 20:02:39 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\MySQL
[2011/05/21 17:21:48 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Nikon
[2012/09/30 15:08:34 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Nokia
[2012/09/30 15:08:34 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Nokia Suite
[2012/04/25 15:48:06 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Opera
[2012/09/23 10:54:46 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\PC Suite
[2012/10/23 16:01:32 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\PCToolsFirewallPlus
[2012/06/17 14:32:40 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\PhotoFiltre 7
[2013/01/02 10:28:12 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\pokerth
[2010/05/23 17:49:12 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\QIP
[2012/03/09 18:01:59 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Sony
[2011/12/01 21:06:05 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\TeamViewer
[2010/07/24 13:56:00 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Thunderbird
[2013/03/07 05:30:12 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\TuneUp Software
[2012/05/19 09:38:47 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Ubisoft
[2012/12/09 17:14:39 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\VitySoft
[2010/07/03 18:36:15 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\WinBatch
[2010/10/28 14:53:35 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\XnView

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 05:53:46 | 000,032,558 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2011/04/05 17:42:06 | 000,000,918 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011/04/05 17:42:06 | 000,000,922 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/02/07 19:55:15 | 000,000,320 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForJanik.job
[2012/08/08 14:58:31 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\windows\System32\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Users\Janik\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110120T152103296267\gencdrom\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\windows\System32\drivers\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\windows\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\windows\System32\hal.dll
[2009/07/14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\windows\System32\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/06/21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011/09/29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011/04/25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013/01/03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2011/09/29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013/01/04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2012/03/30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011/09/29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011/04/25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013/01/03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012/03/30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011/04/25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012/03/30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011/06/21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010/06/14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010/06/14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2013/01/04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\windows\System32\drivers\tcpip.sys
[2013/01/04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2011/06/21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011/06/21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012/03/30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\windows\System32\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\windows\System32\winlogon.exe
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[21 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\*.tmp files -> C:\Windows\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010/12/19 18:14:54 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\ACD Systems
[2012/01/28 15:26:32 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Adobe
[2013/03/10 14:24:51 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\AIMP3
[2011/11/05 15:43:04 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\AnvSoft
[2012/02/12 09:01:29 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Apple Computer
[2012/10/02 16:37:06 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Avira
[2011/07/20 20:03:55 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Canneverbe Limited
[2010/08/01 11:15:44 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Carambis
[2010/06/05 15:33:50 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Corel
[2013/03/11 19:37:01 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\DAEMON Tools Lite
[2010/12/07 22:09:10 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Dropbox
[2010/10/20 20:23:17 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\dvdcss
[2013/02/11 12:43:29 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\DVDVideoSoft
[2011/10/30 17:33:44 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\eM Client
[2011/05/21 16:48:27 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\FastStone
[2011/07/03 10:54:15 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\GHISLER
[2010/04/09 20:46:37 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\GRETECH
[2011/10/09 12:45:12 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Hewlett-Packard
[2011/07/26 20:50:47 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\HP Drivers Update Utility
[2011/10/09 12:40:01 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\hpqLog
[2013/02/24 21:06:03 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\ICQ
[2012/04/11 06:35:03 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\ICQ Search
[2010/04/09 15:43:48 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Identities
[2012/01/09 13:13:49 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\InstallShield
[2010/10/20 20:27:51 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\InterVideo
[2010/11/06 14:31:01 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\IrfanView
[2010/10/11 14:58:33 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\KompoZer
[2013/03/02 15:26:18 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\KoshyJohn.com
[2011/01/25 19:03:26 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Leadertech
[2011/11/05 15:38:52 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Leawo
[2013/03/03 18:05:47 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Macromedia
[2010/09/06 19:03:48 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Malwarebytes
[2009/07/14 08:48:18 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Media Center Programs
[2012/01/29 13:05:59 | 000,000,000 | --SD | M] -- C:\Users\Janik\AppData\Roaming\Microsoft
[2012/02/10 15:15:45 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\MMToolz
[2010/04/18 10:49:37 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Mozilla
[2012/05/07 20:02:39 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\MySQL
[2010/10/06 20:04:55 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Nero
[2011/05/21 17:21:48 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Nikon
[2012/09/30 15:08:34 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Nokia
[2012/09/30 15:08:34 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Nokia Suite
[2013/02/02 18:46:37 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\NVIDIA
[2012/04/25 15:48:06 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Opera
[2012/09/23 10:54:46 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\PC Suite
[2012/10/23 16:01:32 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\PCToolsFirewallPlus
[2012/06/17 14:32:40 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\PhotoFiltre 7
[2013/01/02 10:28:12 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\pokerth
[2010/05/23 17:49:12 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\QIP
[2010/07/13 19:55:33 | 000,000,000 | RH-D | M] -- C:\Users\Janik\AppData\Roaming\SecuROM
[2013/03/07 20:05:41 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Skype
[2011/06/19 15:01:55 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\skypePM
[2012/03/09 18:01:59 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Sony
[2012/02/05 17:33:54 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\SUPERAntiSpyware.com
[2011/12/01 21:06:05 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\TeamViewer
[2010/07/24 13:56:00 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Thunderbird
[2013/03/07 05:30:12 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\TuneUp Software
[2012/05/19 09:38:47 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\Ubisoft
[2012/12/09 17:14:39 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\VitySoft
[2010/06/05 00:47:13 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\vlc
[2010/07/03 18:36:15 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\WinBatch
[2010/04/09 16:22:42 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\WinRAR
[2010/10/28 14:53:35 | 000,000,000 | ---D | M] -- C:\Users\Janik\AppData\Roaming\XnView

< %APPDATA%\*.exe /s >
[2013/01/26 11:26:10 | 007,629,568 | ---- | M] (AIMP DevTeam) -- C:\Users\Janik\AppData\Roaming\AIMP3\UpdateInstaller.exe
[2007/03/22 11:46:42 | 000,126,976 | ---- | M] () -- C:\Users\Janik\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2013/01/02 07:04:03 | 000,945,399 | ---- | M] (KoshyJohn.com) -- C:\Users\Janik\AppData\Roaming\KoshyJohn.com\neoSearch\neoSearch.exe
[2013/03/12 20:03:08 | 000,000,000 | ---- | M] () -- C:\Users\Janik\AppData\Roaming\KoshyJohn.com\neoSearch\nS_tray.exe
[2013/01/02 07:04:03 | 000,945,399 | ---- | M] (KoshyJohn.com) -- C:\Users\Janik\AppData\Roaming\KoshyJohn.com\neoSearch\res\tray\nS_tray.exe
[2013/03/06 22:54:29 | 000,054,776 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Janik\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011/08/29 10:31:39 | 000,010,134 | R--- | M] () -- C:\Users\Janik\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2012/05/21 18:21:01 | 000,158,000 | ---- | M] () -- C:\Users\Janik\AppData\Roaming\Mozilla\Firefox\Profiles\f1fx2f9i.default\FlashGot.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013/03/12 21:10:05 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/03/12 21:24:40 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/03/12 21:20:44 | 000,000,922 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/03/11 19:45:24 | 000,000,320 | ---- | M] () -- C:\Windows\Tasks\HPCeeScheduleForJanik.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013/03/12 21:31:45 | 000,015,200 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/12 21:31:45 | 000,015,200 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/12 20:10:46 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2013/03/12 20:10:46 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2013/03/11 12:01:39 | 000,121,204 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2013/03/11 12:01:39 | 000,020,978 | ---- | M] () -- C:\Windows\system32\perfc01B.dat
[2013/03/11 12:01:39 | 000,660,198 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2013/03/11 12:01:39 | 000,060,754 | ---- | M] () -- C:\Windows\system32\perfh01B.dat
[2013/03/11 12:01:39 | 000,854,162 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2013/02/06 15:51:42 | 017,951,635 | ---- | M] () -- \$RECYCLE.BIN\S-1-5-21-1164406201-2790629215-1452491615-1001\$RTDW5N5\Dead Space 3 working crack\Dead Space 3 Crack.zip
[2012/05/05 14:38:42 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat
[2012/03/16 18:55:06 | 000,000,962 | ---- | M] () -- \Users\Janik\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fapasscracker.com%2Ffavicon.png
[2012/03/16 18:55:46 | 000,000,704 | ---- | M] () -- \Users\Janik\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.rarpasswordcracker.com%2Ffavicon.png
[2012/12/09 17:14:39 | 000,005,369 | ---- | M] () -- \Users\Janik\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp
[2013/03/10 15:40:49 | 005,838,240 | ---- | M] () -- \Users\Janik\Downloads\Call-of-Duty-Black-Ops-2-crack.rar
[2013/03/10 16:36:14 | 007,773,543 | ---- | M] () -- \Users\Janik\Downloads\call.of.duty.black.ops.2.crack.rar
[2013/03/10 16:15:21 | 010,663,965 | ---- | M] () -- \Users\Janik\Downloads\Dead-Space-3-CRACK.rar

< *keygen* /s >

< *loader* /s >
[2013/02/07 14:05:52 | 000,052,960 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.dll
[2013/02/07 14:05:53 | 000,232,816 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2013/02/07 14:05:54 | 001,714,400 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloadergui.dll
[2006/10/26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010/09/25 12:33:10 | 001,933,161 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp\loader-00.fbrb
[2010/09/25 12:33:11 | 005,968,346 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_01\loader-00.fbrb
[2010/09/25 12:33:12 | 005,755,952 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_02\loader-00.fbrb
[2010/09/25 12:33:19 | 055,099,465 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_03\loader-00.fbrb
[2010/09/25 12:33:19 | 002,954,487 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_04\loader-00.fbrb
[2010/09/25 12:33:25 | 047,101,846 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_05\loader-00.fbrb
[2010/09/25 12:33:32 | 050,561,194 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_06\loader-00.fbrb
[2010/09/25 12:33:39 | 055,282,402 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_07\loader-00.fbrb
[2010/09/25 12:33:46 | 049,203,256 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_08\loader-00.fbrb
[2010/09/25 12:33:52 | 047,279,340 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_09\loader-00.fbrb
[2010/09/25 12:33:59 | 049,418,362 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_10\loader-00.fbrb
[2010/09/25 12:28:14 | 017,474,214 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_01\loader-00.fbrb
[2010/09/25 12:28:19 | 016,173,085 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_02\loader-00.fbrb
[2010/09/25 12:28:28 | 017,335,818 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_04\loader-00.fbrb
[2010/09/25 12:28:31 | 008,013,580 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_05_domination\loader-00.fbrb
[2010/09/25 12:28:32 | 008,013,580 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_05_overrun\loader-00.fbrb
[2010/09/25 12:28:33 | 008,007,355 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_05_tdm\loader-00.fbrb
[2010/09/25 12:28:35 | 008,004,561 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_06_domination\loader-00.fbrb
[2010/09/25 12:28:36 | 008,004,561 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_06_overrun\loader-00.fbrb
[2010/09/25 12:28:37 | 007,984,585 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_06_tdm\loader-00.fbrb
[2010/09/25 12:28:38 | 008,008,365 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_08_domination\loader-00.fbrb
[2010/09/25 12:28:38 | 008,008,365 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_08_overrun\loader-00.fbrb
[2010/09/25 12:28:41 | 008,022,594 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_08_tdm\loader-00.fbrb
[2010/09/25 12:28:42 | 007,967,707 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_09_domination\loader-00.fbrb
[2010/09/25 12:28:45 | 007,967,707 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_09_overrun\loader-00.fbrb
[2010/09/25 12:28:46 | 007,988,318 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_09_tdm\loader-00.fbrb
[2010/09/25 12:28:46 | 008,033,103 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_10_domination\loader-00.fbrb
[2010/09/25 12:28:48 | 008,033,103 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_10_overrun\loader-00.fbrb
[2010/09/25 12:28:49 | 008,018,170 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_10_tdm\loader-00.fbrb
[2012/05/04 22:42:40 | 000,043,889 | ---- | M] () -- \Program Files\GIMP 2\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-svg.dll
[2011/03/08 08:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2009/10/06 10:47:16 | 000,053,248 | ---- | M] () -- \Program Files\Hewlett-Packard\HP Setup\ContentDownloader.exe
[2009/10/06 10:39:10 | 000,005,974 | ---- | M] () -- \Program Files\Hewlett-Packard\HP Setup\ContentDownloader.exe.config
[2011/03/22 21:19:58 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011/03/22 21:19:58 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011/03/22 21:19:58 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\MUICoreLib\xtraLoader.swf
[2011/04/11 19:19:28 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\icq_profile\preloader.html
[2011/03/22 21:20:38 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\profile_forms\preloader.html
[2011/03/22 21:20:39 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\profile_lightboxs\preloader.html
[2012/04/11 06:34:01 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012/04/11 06:34:01 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012/04/11 06:34:01 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.7\imApp\theme\MUICoreLib\xtraLoader.swf
[2012/04/20 10:29:39 | 000,002,886 | ---- | M] () -- \Program Files\ICQ7.7\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2012/04/11 06:34:16 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.7\Xtraz\icq\content\profile_lightboxs\preloader.html
[2012/06/19 17:11:35 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012/06/19 17:11:35 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012/06/19 17:11:34 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012/06/19 17:11:45 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2012/11/01 09:32:14 | 000,057,224 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012/09/04 23:34:12 | 000,083,848 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012/06/18 12:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/06/18 12:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2006/10/24 22:14:34 | 001,012,736 | ---- | M] () -- \SWSETUP\Office12.BCM\BCM.en-us\Loader\SBALoader.msi
[2012/06/18 12:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/06/18 12:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012/02/04 18:33:08 | 000,040,660 | ---- | M] () -- \Users\Janik\AppData\Local\Opera\Opera\widgets\fastesttube-youtube-video-downloader-1.5.4-1.oex
[2012/12/19 17:56:36 | 000,053,126 | ---- | M] () -- \Users\Janik\AppData\Local\Opera\Opera\widgets\flash-video-downloader-1.5-1.oex
[2012/04/26 15:00:10 | 000,009,051 | ---- | M] () -- \Users\Janik\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012/04/26 15:00:10 | 000,016,119 | ---- | M] () -- \Users\Janik\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012/04/26 15:00:10 | 000,018,434 | ---- | M] () -- \Users\Janik\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012/04/26 15:00:10 | 000,009,283 | ---- | M] () -- \Users\Janik\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012/04/26 15:00:10 | 000,001,699 | ---- | M] () -- \Users\Janik\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\NewsLoader.js
[2012/09/25 19:59:52 | 000,008,386 | ---- | M] () -- \Users\Janik\AppData\Roaming\DVDVideoSoft\backup\FreeYTVDownloader\FreeYTVDownloaderProfile.xml
[2011/10/27 15:22:14 | 000,014,838 | ---- | M] () -- \Users\Janik\AppData\Roaming\Mozilla\Firefox\Profiles\f1fx2f9i.default\extensions\flvmoviesdownloader@rzll.xpi
[2011/01/09 03:07:46 | 000,000,695 | ---- | M] () -- \Users\Janik\Desktop\Sisa\fatcow-hosting-icons-3000\fatcow-hosting-icons-3000\16x16\swf_loader.png
[2011/01/09 03:04:20 | 000,001,314 | ---- | M] () -- \Users\Janik\Desktop\Sisa\fatcow-hosting-icons-3000\fatcow-hosting-icons-3000\32x32\swf_loader.png
[2013/01/04 05:43:53 | 000,003,584 | -H-- | M] () -- \windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \windows\System32\dmloader.dll
[2012/10/04 09:12:02 | 000,012,532 | ---- | M] () -- \windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009/07/14 05:54:01 | 000,003,532 | ---- | M] () -- \windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009/07/14 05:56:40 | 000,002,883 | ---- | M] () -- \windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 05:56:40 | 000,033,344 | ---- | M] () -- \windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009/07/14 05:56:40 | 000,029,776 | ---- | M] () -- \windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2010/04/09 20:31:07 | 000,004,225 | ---- | M] () -- \windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2010/04/09 20:31:07 | 000,507,568 | ---- | M] () -- \windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winload.exe_75835076
[2010/04/09 20:31:07 | 000,442,920 | ---- | M] () -- \windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winresume.exe_85cd1215
[2009/07/14 03:17:38 | 000,002,894 | ---- | M] () -- \windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:17:38 | 000,017,472 | ---- | M] () -- \windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/14 03:29:12 | 000,002,883 | ---- | M] () -- \windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 02:47:46 | 000,004,225 | ---- | M] () -- \windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/08/19 08:38:48 | 000,004,225 | ---- | M] () -- \windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009/08/19 08:21:21 | 000,004,225 | ---- | M] () -- \windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2009/07/14 02:52:31 | 000,002,894 | ---- | M] () -- \windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 07:22:35 | 000,003,584 | -H-- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 06:45:50 | 000,003,584 | -H-- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:19:58 | 000,003,584 | -H-- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/18 12:09:17 | 000,003,584 | -H-- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:45:38 | 000,003,584 | -H-- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:56:23 | 000,003,584 | -H-- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:43:53 | 000,003,584 | -H-- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 06:50:16 | 000,003,584 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:12:45 | 000,003,584 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:42:56 | 000,003,584 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:48:05 | 000,003,584 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:44:10 | 000,003,584 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:39:49 | 000,003,584 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 07:13:36 | 000,003,584 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 06:47:28 | 000,003,584 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:32:13 | 000,003,584 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:40:37 | 000,003,584 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:45:15 | 000,003,584 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:15:40 | 000,003,584 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:56:06 | 000,003,584 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:23:16 | 000,003,584 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:29:45 | 000,003,584 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:46:37 | 000,003,584 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:43:16 | 000,003,584 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >
[2009/11/13 05:37:38 | 000,037,641 | ---- | M] () -- \Program Files\Electronic Arts\The Saboteur\DLC\01\France\EditNodes\EditNodes.pack

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2012/04/22 08:38:28 | 000,000,479 | ---- | M] () -- \Program Files\Expert Lotto 5\expertlotto\update\backup\netbeans\config\Modules\com-expertlotto-serialization-api.xml
[2004/03/22 19:55:28 | 000,017,133 | ---- | M] () -- \Program Files\IVT Corporation\BlueSoleil\driver\PCMCIA\Others\SocketSerialBT.inf
[2004/03/22 19:55:28 | 000,017,133 | ---- | M] () -- \Program Files\IVT Corporation\BlueSoleil\driver\PCMCIA\Socket\SocketSerialBT.inf
[2012/04/11 00:15:28 | 000,434,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll
[2012/05/09 19:36:13 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll
[2012/10/06 11:54:25 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012/06/28 15:25:24 | 000,000,024 | ---- | M] () -- \ProgramData\Solidshield\361F0237BE7E5793B9BDFEC1657C6962\serial.txt
[2012/06/28 15:25:24 | 000,000,024 | ---- | M] () -- \Users\All Users\Solidshield\361F0237BE7E5793B9BDFEC1657C6962\serial.txt
[2013/01/17 17:33:39 | 000,000,811 | ---- | M] () -- \Users\Janik\AppData\Local\Opera\Opera\icons\http%3A%2F%2Feserial.cz%2Ffavicon%2Fdapch.png
[2013/01/09 20:29:36 | 000,000,842 | ---- | M] () -- \Users\Janik\AppData\Local\Opera\Opera\icons\http%3A%2F%2Feserial.cz%2Ffavicon%2Fdexter.png
[2013/01/24 20:08:42 | 000,000,878 | ---- | M] () -- \Users\Janik\AppData\Local\Opera\Opera\icons\http%3A%2F%2Feserial.cz%2Ffavicon%2Ffuturama.png
[2013/01/10 17:15:00 | 000,000,824 | ---- | M] () -- \Users\Janik\AppData\Local\Opera\Opera\icons\http%3A%2F%2Feserial.cz%2Ffavicon%2Fhimym.png
[2013/01/10 17:15:19 | 000,000,655 | ---- | M] () -- \Users\Janik\AppData\Local\Opera\Opera\icons\http%3A%2F%2Feserial.cz%2Ffavicon%2Fhouse.png
[2013/01/19 22:35:03 | 000,000,960 | ---- | M] () -- \Users\Janik\AppData\Local\Opera\Opera\icons\http%3A%2F%2Feserial.cz%2Ffavicon%2Fpratele.png
[2013/02/27 15:48:26 | 000,000,938 | ---- | M] () -- \Users\Janik\AppData\Local\Opera\Opera\icons\http%3A%2F%2Feserial.cz%2Ffavicon%2Fspartakus.png
[2013/01/17 17:34:02 | 000,000,944 | ---- | M] () -- \Users\Janik\AppData\Local\Opera\Opera\icons\http%3A%2F%2Feserial.cz%2Ffavicon%2Ftvt.png
[2013/01/06 16:53:41 | 000,000,667 | ---- | M] () -- \Users\Janik\AppData\Local\Opera\Opera\icons\http%3A%2F%2Ffiles.film-serial.sk%2F200000505-787b079730%2Fikona.png
[2013/02/23 11:42:45 | 000,000,650 | ---- | M] () -- \Users\Janik\AppData\Local\Opera\Opera\icons\http%3A%2F%2Ffiles.theunit-serial.webnode.sk%2F200000074-e0544e14ed%2FTheUnit%20black.png
[2013/03/05 20:30:09 | 000,000,673 | ---- | M] () -- \Users\Janik\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialycz.cz%2Fwp-content%2Fuploads%2Ffavicon1.png
[2012/11/27 15:52:13 | 000,000,581 | ---- | M] () -- \Users\Janik\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialzone.cz%2Ffavicon.png
[2012/11/27 18:00:02 | 000,000,544 | ---- | M] () -- \Users\Janik\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.sledujuserialy.cz%2Ffavicon.png
[2012/10/29 16:52:46 | 000,000,338 | ---- | M] () -- \Users\Janik\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.xserialy.cz%2Fimg%2Ffavicon2.png
[2013/01/19 22:29:13 | 000,005,251 | ---- | M] () -- \Users\Janik\AppData\Local\Opera\Opera\icons\www.xserialy.cz.idx
[2012/06/24 13:36:18 | 000,131,072 | ---- | M] () -- \windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/06 11:54:25 | 000,970,752 | ---- | M] () -- \windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/01/09 15:49:14 | 002,347,008 | ---- | M] () -- \windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\428143857fa1c250d50ec55132dd8a2f\System.Runtime.Serialization.ni.dll
[2013/01/09 15:48:30 | 000,310,784 | ---- | M] () -- \windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb60d17f642ddd80e019687c1e02ba17\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/01/09 15:54:23 | 000,311,296 | ---- | M] () -- \windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\77abf1693d291d374b58ffbbfe36d4dd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/01/09 15:54:18 | 002,647,040 | ---- | M] () -- \windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll
[2013/01/09 15:55:53 | 000,009,216 | ---- | M] () -- \windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\058c3947c450591cb81643529cfd5ca7\System.Xml.Serialization.ni.dll
[2004/03/22 19:55:28 | 000,017,133 | ---- | M] () -- \windows\inf\SocketSerialBT.inf
[2013/02/13 09:16:10 | 000,122,264 | ---- | M] () -- \windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/02/13 09:16:08 | 001,026,936 | ---- | M] () -- \windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/02/13 09:16:16 | 000,011,120 | ---- | M] () -- \windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2003/02/21 06:26:56 | 000,131,072 | ---- | M] () -- \windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/06 11:54:26 | 000,970,752 | ---- | M] () -- \windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 13:16:28 | 001,026,936 | ---- | M] () -- \windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 13:16:28 | 000,122,264 | ---- | M] () -- \windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 15:48:20 | 000,011,120 | ---- | M] () -- \windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \windows\System32\serialui.dll
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \windows\System32\drivers\serial.sys
[2009/07/14 03:09:30 | 000,010,240 | ---- | M] () -- \windows\System32\drivers\en-US\serial.sys.mui
[2009/07/13 23:13:45 | 001,068,032 | ---- | M] () -- \windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009/07/13 23:09:18 | 000,031,232 | ---- | M] () -- \windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2010/01/16 00:32:45 | 000,005,120 | ---- | M] () -- \windows\System32\sk-SK\serialui.dll.mui
[2009/07/14 03:18:03 | 000,002,762 | ---- | M] () -- \windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 03:18:03 | 000,015,952 | ---- | M] () -- \windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2010/01/16 00:32:56 | 000,005,120 | ---- | M] () -- \windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 03:18:51 | 000,015,360 | ---- | M] () -- \windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 02:52:33 | 000,002,226 | ---- | M] () -- \windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2012/10/06 19:07:20 | 000,002,226 | ---- | M] () -- \windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009.manifest
[2012/10/06 19:58:54 | 000,002,226 | ---- | M] () -- \windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01.manifest
[2009/07/14 03:28:14 | 000,000,531 | ---- | M] () -- \windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012/10/06 18:14:05 | 000,000,531 | ---- | M] () -- \windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_en-us_8f6cbf57bf7f3b35.manifest
[2012/10/06 18:18:21 | 000,000,531 | ---- | M] () -- \windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_en-us_789f01abd926b52d.manifest
[2009/07/14 02:51:52 | 000,001,985 | ---- | M] () -- \windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2012/10/06 19:11:48 | 000,001,985 | ---- | M] () -- \windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c.manifest
[2012/10/06 20:03:01 | 000,001,985 | ---- | M] () -- \windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34.manifest
[2009/07/14 02:49:26 | 000,002,762 | ---- | M] () -- \windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 02:45:27 | 000,000,866 | ---- | M] () -- \windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009/07/14 02:57:53 | 000,002,260 | ---- | M] () -- \windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2012/10/06 19:09:38 | 000,002,260 | ---- | M] () -- \windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e.manifest
[2012/10/06 20:00:53 | 000,002,260 | ---- | M] () -- \windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 22:14:06 | 000,970,752 | ---- | M] () -- \windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2012/10/06 11:54:26 | 000,970,752 | ---- | M] () -- \windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009\System.Runtime.Serialization.dll
[2012/10/06 11:57:06 | 000,970,752 | ---- | M] () -- \windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01\System.Runtime.Serialization.dll
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2012/10/06 11:54:25 | 000,970,752 | ---- | M] () -- \windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c\System.Runtime.Serialization.dll
[2012/10/06 11:57:05 | 000,970,752 | ---- | M] () -- \windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34\System.Runtime.Serialization.dll
[2009/07/13 23:13:45 | 001,068,032 | ---- | M] () -- \windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2010/01/16 00:32:45 | 000,005,120 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009/07/14 03:09:30 | 000,010,240 | ---- | M] () -- \windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_07e2c405948a55f4\serial.sys.mui
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009/07/13 23:09:18 | 000,031,232 | ---- | M] () -- \windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2012/10/06 11:54:25 | 000,970,752 | ---- | M] () -- \windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e\System.Runtime.Serialization.dll
[2012/10/06 11:57:05 | 000,970,752 | ---- | M] () -- \windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 6168 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DBC416F8
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:C31F31E6

< End of report >

[arkan]

OTL Extras logfile created on: 3/12/2013 9:30:06 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Janik\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

3.24 Gb Total Physical Memory | 1.86 Gb Available Physical Memory | 57.51% Memory free
6.48 Gb Paging File | 4.99 Gb Available in Paging File | 76.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 229.22 Gb Total Space | 130.28 Gb Free Space | 56.83% Space Free | Partition Type: NTFS
Drive D: | 7.40 Gb Total Space | 0.01 Gb Free Space | 0.20% Space Free | Partition Type: NTFS
Drive K: | 227.13 Gb Total Space | 62.08 Gb Free Space | 27.33% Space Free | Partition Type: NTFS
Drive N: | 931.51 Gb Total Space | 229.54 Gb Free Space | 24.64% Space Free | Partition Type: NTFS
Drive Q: | 931.28 Gb Total Space | 529.18 Gb Free Space | 56.82% Space Free | Partition Type: FAT32

Computer Name: JANIK-HP | User Name: Janik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6759BB0F-F68C-499E-9B2F-490C6AF4399F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{CD678B62-50BD-414B-99E1-5CE11033FA80}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04655617-6D8D-4985-8805-2390150D9866}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{1574D94C-B585-47FD-9EFA-6E3B6F84E2A1}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{1BB0A12A-CF32-4519-B10C-60F9F14B916F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{24349DA8-CC50-4616-AE80-2202DB92FD06}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{4CE66211-20F2-4978-A1D5-746D558EFEC8}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{64BDB009-81E6-4201-9CD0-DF8820733589}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"{6E1D4212-629C-457F-B22D-408122E16500}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{6FC410D9-282B-4A0B-A37A-7558A74BDBD5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{75CD1D10-A1C8-4B27-9CF3-05A174D0AE4D}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"{794A8E36-541B-4177-9580-515E867833BA}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"{862F6E9B-7BB9-48F6-A0E1-ACE9D27B3051}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{A3FF7B7C-BAAD-455E-A5E5-9BFC55876775}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"{BD507378-C3EA-4879-B4D3-C78B186595E2}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"{CCB00B85-94E4-4EB1-913F-82E481CDC0A1}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{F744D3CC-7DC7-40FF-B7F4-9B661B2CCF58}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{FAB33CD0-0DC3-41C5-9D8F-4E236AAD07DB}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{065D5505-3821-4C2E-BB6C-FE66A7E7CB4F}" = USB Flash Port Driver
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{167A1F6A-9BF2-4B24-83DB-C6D659F680EA}" = Media Go
"{1E6219D4-027E-47EE-AB83-DD2F26E31A32}" = HP Setup
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{438BB9B4-65FE-4626-91D9-A8F57B18001D}" = Bluesoleil2.6.0.8 Release 070517
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}" = The Saboteur™
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{7390478C-8581-415E-92E9-2997D9306B81}" = PC Connectivity Solution
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROPLUS_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROPLUS_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A89768CF-CD21-44FD-A723-16D5A8557415}" = NEF Codec
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95A76C9-6F65-477E-83A0-9F884B6DC21B}" = TuneUp Utilities Language Pack (en-US)
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovládač 3D Vision 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision radič ovládača 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Softvér systému s podporou technológie PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizácie NVIDIA 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E62381A7-B1C1-4121-8262-84D38C77786C}" = COMODO Internet Security
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = Trust Webcam
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.136
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"7D6D030B3D73FCCA3D4E45319380F315DFBE7A54" = Windows Driver Package - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AIMP3" = AIMP3
"Avira AntiVir Desktop" = Avira Free Antivirus
"Call of Duty Black Ops II_is1" = Call of Duty Black Ops II
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"EADM" = EA Download Manager
"FastStone Image Viewer" = FastStone Image Viewer 4.5
"GIMP-2_is1" = GIMP 2.8.0
"GOM Player" = GOM Player
"Infineon USB driver_is1" = Infineon USB driver 1.0.0.6
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.8.0 (Full)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 19.0.2 (x86 sk)" = Mozilla Firefox 19.0.2 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.14.1738" = Opera 12.14
"PDF Complete" = PDF Complete Special Edition
"PokerTH 1.0" = PokerTH
"PROPLUS" = Microsoft Office Professional Plus 2007
"Steam App 43110" = Metro 2033
"Totalcmd" = Total Commander (Remove or Repair)
"UT2004" = Unreal Tournament 2004
"VLC media player" = VideoLAN VLC media player 0.8.6d
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1164406201-2790629215-1452491615-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2005" = QIP 2005 8095

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2005" = QIP 2005 8095

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10. 3. 2013 9:27:52 | Computer Name = Janik-HP | Source = Windows Search Service | ID = 3028
Description =

Error - 10. 3. 2013 9:27:52 | Computer Name = Janik-HP | Source = Windows Search Service | ID = 3058
Description =

Error - 10. 3. 2013 9:27:52 | Computer Name = Janik-HP | Source = Windows Search Service | ID = 7010
Description =

Error - 10. 3. 2013 9:31:35 | Computer Name = Janik-HP | Source = Application Hang | ID = 1002
Description = The program CCleaner.exe version 3.28.0.1913 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1314 Start
Time: 01ce1d936c75a1ca Termination Time: 3 Application Path: C:\Program Files\CCleaner\CCleaner.exe

Report
Id: c76e57a3-8986-11e2-a504-001fcf20552a

Error - 10. 3. 2013 10:07:40 | Computer Name = Janik-HP | Source = System Restore | ID = 8193
Description =

Error - 10. 3. 2013 12:37:50 | Computer Name = Janik-HP | Source = VSS | ID = 8194
Description =

Error - 10. 3. 2013 14:53:19 | Computer Name = Janik-HP | Source = Windows Backup | ID = 4104
Description =

Error - 11. 3. 2013 4:38:03 | Computer Name = Janik-HP | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: TuneUpUtilitiesService32.exe, verzia: 13.0.3020.6,
časová značka: 0x510a3acc Názov chybového modulu: IMM32.DLL, verzia: 6.1.7600.16385,
časová značka: 0x4a5bda07 Kód výnimky: 0xc0000005 Odstup chyby: 0x00001468 Identifikácia
chybného procesu: 0x9bc Čas spustenia chybnej aplikácie: 0x01ce1e3315b7a203 Cesta
chybnej aplikácie: C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
Cesta
chybného modulu: C:\Windows\system32\IMM32.DLL Identifikácia hlásenia: fc7224f7-8a26-11e2-9ad4-001fcf20552a

Error - 12. 3. 2013 14:10:59 | Computer Name = Janik-HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\totalcmd\TCUNIN64.EXE".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 12. 3. 2013 14:11:42 | Computer Name = Janik-HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Sony\sony
pc companion\Drivers\DPInst64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

[ Hewlett-Packard Events ]
Error - 28. 1. 2011 12:19:17 | Computer Name = Janik-HP | Source = Hewlett-Packard | ID = 0
Description = sk-SK Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a()

Error - 27. 2. 2011 5:59:09 | Computer Name = Janik-HP | Source = Hewlett-Packard | ID = 0
Description = sk-SK Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a()

Error - 3. 4. 2011 3:19:22 | Computer Name = Janik-HP | Source = Hewlett-Packard | ID = 0
Description = sk-SK Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a()

Error - 29. 5. 2011 4:34:57 | Computer Name = Janik-HP | Source = Hewlett-Packard | ID = 0
Description = sk-SK Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a()

Error - 10. 7. 2011 1:41:05 | Computer Name = Janik-HP | Source = Hewlett-Packard | ID = 0
Description = sk-SK Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a()

[ OSession Events ]
Error - 21. 9. 2010 13:57:02 | Computer Name = Janik-HP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 627 seconds with 180 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 12. 3. 2013 15:02:40 | Computer Name = Janik-HP | Source = Application Popup | ID = 875
Description = Driver sfhlp01.sys has been blocked from loading.

Error - 12. 3. 2013 15:02:40 | Computer Name = Janik-HP | Source = Application Popup | ID = 875
Description = Driver prosync1.sys has been blocked from loading.

Error - 12. 3. 2013 15:02:40 | Computer Name = Janik-HP | Source = Application Popup | ID = 875
Description = Driver prohlp02.sys has been blocked from loading.

Error - 12. 3. 2013 15:02:43 | Computer Name = Janik-HP | Source = Application Popup | ID = 875
Description = Driver prodrv06.sys has been blocked from loading.

Error - 12. 3. 2013 15:03:05 | Computer Name = Janik-HP | Source = Service Control Manager | ID = 7026
Description = Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému
zlyhali pri načítaní: prodrv06 prohlp02 prosync1 sfhlp01

Error - 12. 3. 2013 16:24:15 | Computer Name = Janik-HP | Source = Application Popup | ID = 875
Description = Driver sfhlp01.sys has been blocked from loading.

Error - 12. 3. 2013 16:24:15 | Computer Name = Janik-HP | Source = Application Popup | ID = 875
Description = Driver prosync1.sys has been blocked from loading.

Error - 12. 3. 2013 16:24:15 | Computer Name = Janik-HP | Source = Application Popup | ID = 875
Description = Driver prohlp02.sys has been blocked from loading.

Error - 12. 3. 2013 16:24:18 | Computer Name = Janik-HP | Source = Application Popup | ID = 875
Description = Driver prodrv06.sys has been blocked from loading.

Error - 12. 3. 2013 16:24:40 | Computer Name = Janik-HP | Source = Service Control Manager | ID = 7026
Description = Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému
zlyhali pri načítaní: prodrv06 prohlp02 prosync1 sfhlp01


< End of report >

[Márty84]

Najdete tento soubor C:\Program Files\trend micro\Janik.exe , kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Kliknete na Main menu a na Do a system scan only
U techto radku dejte vlevo zatrzitko

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1164406201-2790629215-1452491615-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1164406201-2790629215-1452491615-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP8095\qip.exe (HKCU)

Kliknete na nápis Fix checked a potvrdte




Vypnete antivir, at nebrani programu v praci, pripadne to udelejte v nouzovem rezimu.
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:services
!SASCORE
AdobeARMservice
gupdate
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gupdatem
mfehidk
MfeAVFK
mfetdik
MfeBOPK
MfeRKDK

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForJanik.job
C:\windows\System32\drivers\mfehidk.sys
C:\windows\System32\drivers\mfeavfk.sys
C:\windows\System32\drivers\mfetdik.sys
C:\windows\System32\drivers\mfebopk.sys
C:\windows\System32\drivers\mferkdk.sys

:otl
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (azod6eky)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes\{4A4D6CF3-E3AF-4AB5-99EE-F3600602F6B6}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\..\SearchScopes\{4A4D6CF3-E3AF-4AB5-99EE-F3600602F6B6}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - No CLSID value found
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\..\SearchScopes\{4A4D6CF3-E3AF-4AB5-99EE-F3600602F6B6}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - user.js - File not found
[2012/08/07 18:08:18 | 000,002,342 | ---- | M] () -- C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\searchplugins\icq-search.xml
[2012/07/02 19:05:00 | 000,000,950 | ---- | M] () -- C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\searchplugins\icqplugin-4.xml
[2012/08/07 17:58:36 | 000,000,950 | ---- | M] () -- C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\searchplugins\icqplugin-5.xml
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKU\S-1-5-21-1164406201-2790629215-1452491615-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[21 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\*.tmp files -> C:\Windows\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\*.tmp -> ]
@Alternate Data Stream - 6168 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DBC416F8
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:C31F31E6

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] /64

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[arkan]

log po restarte:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57616 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Janik
->Temp folder emptied: 2596201 bytes
->Temporary Internet Files folder emptied: 10221907 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 55597981 bytes
->Opera cache emptied: 2039537 bytes
->Flash cache emptied: 58314 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1799486 bytes
RecycleBin emptied: 20786789901 bytes

Total Files Cleaned = 19,893.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Janik
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service !SASCORE stopped successfully!
Service !SASCORE deleted successfully!
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Error: Unable to stop service mfehidk!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mfehidk deleted successfully.
Service MfeAVFK stopped successfully!
Service MfeAVFK deleted successfully!
Error: Unable to stop service mfetdik!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mfetdik deleted successfully.
Service MfeBOPK stopped successfully!
Service MfeBOPK deleted successfully!
Service MfeRKDK stopped successfully!
Service MfeRKDK deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\HPCeeScheduleForJanik.job moved successfully.
C:\windows\System32\drivers\mfehidk.sys moved successfully.
C:\windows\System32\drivers\mfeavfk.sys moved successfully.
C:\windows\System32\drivers\mfetdik.sys moved successfully.
C:\windows\System32\drivers\mfebopk.sys moved successfully.
C:\windows\System32\drivers\mferkdk.sys moved successfully.
========== OTL ==========
Error: No service named azod6eky was found to stop!
Service\Driver key azod6eky not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4A4D6CF3-E3AF-4AB5-99EE-F3600602F6B6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4A4D6CF3-E3AF-4AB5-99EE-F3600602F6B6}\ not found.
Registry value HKEY_USERS\S-1-5-21-1164406201-2790629215-1452491615-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-21-1164406201-2790629215-1452491615-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry key HKEY_USERS\S-1-5-21-1164406201-2790629215-1452491615-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1164406201-2790629215-1452491615-1001\Software\Microsoft\Internet Explorer\SearchScopes\{4A4D6CF3-E3AF-4AB5-99EE-F3600602F6B6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4A4D6CF3-E3AF-4AB5-99EE-F3600602F6B6}\ not found.
Registry key HKEY_USERS\S-1-5-21-1164406201-2790629215-1452491615-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\First Home Page| /E : value set successfully!
HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1164406201-2790629215-1452491615-1002\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1164406201-2790629215-1452491615-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1164406201-2790629215-1452491615-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry value HKEY_USERS\S-1-5-21-1164406201-2790629215-1452491615-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry key HKEY_USERS\S-1-5-21-1164406201-2790629215-1452491615-1002\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1164406201-2790629215-1452491615-1002\Software\Microsoft\Internet Explorer\SearchScopes\{4A4D6CF3-E3AF-4AB5-99EE-F3600602F6B6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4A4D6CF3-E3AF-4AB5-99EE-F3600602F6B6}\ not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\searchplugins\icq-search.xml moved successfully.
C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\Janik\AppData\Roaming\mozilla\firefox\profiles\f1fx2f9i.default\searchplugins\icqplugin-5.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0BF43445-2F28-4351-9252-17FE6E806AA0} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BF43445-2F28-4351-9252-17FE6E806AA0}\ not found.
Registry value HKEY_USERS\S-1-5-21-1164406201-2790629215-1452491615-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-1164406201-2790629215-1452491615-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-1164406201-2790629215-1452491615-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//about.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Exclude.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//LanguageSelection.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Message.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyAgttryCmd.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyAgttryNag.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyNotification.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//NOCLessUpdate.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//quarantine.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//ScanNow.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//strings.vbs/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Template.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Update.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//VirFound.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\*\ deleted successfully.
Invalid CLSID key: *
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\*\ not found.
Invalid CLSID key: *
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\betavscan\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\betavscan\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\vs\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\vs\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\www\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\www\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A98.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF5E2.tmp folder deleted successfully.
C:\Windows\Installer\MSI105.tmp deleted successfully.
C:\Windows\Installer\MSI478E.tmp deleted successfully.
C:\Windows\Installer\MSI48D7.tmp deleted successfully.
C:\Windows\Installer\MSI6C35.tmp deleted successfully.
C:\Windows\Installer\MSI6D3F.tmp deleted successfully.
C:\Windows\Installer\MSI7ABA.tmp deleted successfully.
C:\Windows\Installer\MSI9920.tmp deleted successfully.
C:\Windows\Installer\MSI9F69.tmp- folder deleted successfully.
C:\Windows\Installer\MSIA437.tmp deleted successfully.
C:\Windows\Installer\MSIA541.tmp deleted successfully.
C:\Windows\Installer\MSIA62C.tmp deleted successfully.
C:\Windows\Installer\MSIA6BA.tmp deleted successfully.
C:\Windows\Installer\MSIBAE8.tmp deleted successfully.
C:\Windows\Installer\MSIBC4D.tmp deleted successfully.
C:\Windows\Installer\MSID1B2.tmp deleted successfully.
C:\Windows\Installer\MSID2CC.tmp deleted successfully.
C:\Windows\Installer\MSID434.tmp deleted successfully.
C:\Windows\Installer\MSIE7C1.tmp deleted successfully.
C:\Windows\Installer\MSIE9C2.tmp deleted successfully.
C:\Windows\Installer\MSIEAAF.tmp deleted successfully.
C:\Windows\Installer\MSIF81C.tmp deleted successfully.
C:\Windows\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\upd7F.tmp deleted successfully.
ADS C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh deleted successfully.
ADS C:\ProgramData\TEMP:DBC416F8 deleted successfully.
ADS C:\ProgramData\TEMP:C31F31E6 deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] /6\ not found.

OTL by OldTimer - Version 3.2.69.0 log created on 03132013_164911

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Márty84]

Dejte novy log z RSIT

[arkan]

RSIT log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Janik at 2013-03-13 18:12:23
Microsoft Windows 7 Home Premium
System drive C: has 151 GB (64%) free of 235 GB
Total RAM: 3319 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:12:37, on 13. 3. 2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\windows\vsnpstd3.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\Janik\AppData\Local\Opera\Opera\temporary_downloads\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Janik.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sme.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKUS\S-1-5-21-1164406201-2790629215-1452491615-1002\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1164406201-2790629215-1452491615-1002\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent (User 'UpdatusUser')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D1E3759D-CF7A-4EFE-902D-8D5A2BEBD0F8}: NameServer = 172.22.35.254,88.212.10.21
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 5700 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Janik\AppData\Roaming\Mozilla\Firefox\Profiles\f1fx2f9i.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.sme.sk"

"{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}"=C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files\Sony\Media Go\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc;version=0.8.6d]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Users\Janik\AppData\Roaming\Mozilla\Firefox\Profiles\f1fx2f9i.default\extensions\
firefox@ghostery.com
flashcatch-amo@flashcatch.com
netvideohunter@netvideohunter.com
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{bee6eb20-01e0-ebd1-da83-080329fb9a3a}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-06 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-06 170912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"snpstd3"=C:\Windows\vsnpstd3.exe [2007-05-10 835584]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-02-07 385248]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-11-08 6756048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.7\ICQ.exe [2012-04-11 127040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.divxa32"=msaud32_divx.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.WMV3"=wmv9vcm.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-13 16:49:11 ----D---- C:\_OTL
2013-03-13 05:19:20 ----A---- C:\Windows\system32\wininet.dll
2013-03-13 05:19:20 ----A---- C:\Windows\system32\vbscript.dll
2013-03-13 05:19:20 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-13 05:19:20 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-13 05:19:20 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-13 05:19:20 ----A---- C:\Windows\system32\jscript.dll
2013-03-13 05:19:20 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-13 05:19:20 ----A---- C:\Windows\system32\ieui.dll
2013-03-13 05:19:19 ----A---- C:\Windows\system32\urlmon.dll
2013-03-13 05:19:19 ----A---- C:\Windows\system32\url.dll
2013-03-13 05:19:19 ----A---- C:\Windows\system32\jscript9.dll
2013-03-13 05:19:19 ----A---- C:\Windows\system32\iertutil.dll
2013-03-13 05:19:18 ----A---- C:\Windows\system32\mshtml.dll
2013-03-13 05:19:18 ----A---- C:\Windows\system32\ieframe.dll
2013-03-12 20:01:29 ----A---- C:\AdwCleaner[S1].txt
2013-03-12 19:59:31 ----A---- C:\AdwCleaner[R2].txt
2013-03-12 17:35:19 ----A---- C:\AdwCleaner[R1].txt
2013-03-11 17:56:19 ----D---- C:\Program Files\Mozilla Firefox
2013-03-07 20:02:44 ----A---- C:\Windows\system32\browserchoice.exe
2013-03-07 20:02:36 ----RD---- C:\Program Files\Skype
2013-03-07 20:02:36 ----D---- C:\Program Files\Common Files\Skype
2013-03-07 05:28:40 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-03-06 22:58:58 ----A---- C:\Windows\system32\javaws.exe
2013-03-06 22:58:46 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-03-06 22:58:46 ----A---- C:\Windows\system32\javaw.exe
2013-03-06 22:58:46 ----A---- C:\Windows\system32\java.exe
2013-03-06 22:45:37 ----D---- C:\Program Files\AGEIA Technologies
2013-03-06 22:43:44 ----A---- C:\Windows\system32\nvopencl.dll
2013-03-06 22:43:44 ----A---- C:\Windows\system32\nvoglv32.dll
2013-03-06 22:43:44 ----A---- C:\Windows\system32\nvdispgenco3220162.dll
2013-03-06 22:43:44 ----A---- C:\Windows\system32\nvdispco3220294.dll
2013-03-06 22:43:44 ----A---- C:\Windows\system32\nvcuvid.dll
2013-03-06 22:43:44 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-03-06 22:43:44 ----A---- C:\Windows\system32\nvcuda.dll
2013-03-06 22:43:44 ----A---- C:\Windows\system32\nvcompiler.dll
2013-03-06 22:43:44 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-03-06 17:11:48 ----D---- C:\ProgramData\Origin
2013-03-02 20:13:46 ----D---- C:\Windows\sk
2013-03-02 20:11:15 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2013-03-02 20:09:14 ----D---- C:\Program Files\Windows Live
2013-03-02 19:34:18 ----D---- C:\719d46c04a31d909d6f0
2013-03-02 19:21:57 ----D---- C:\Windows\CheckSur
2013-03-02 15:26:18 ----D---- C:\Users\Janik\AppData\Roaming\KoshyJohn.com

======List of files/folders modified in the last 1 month======

2013-03-13 18:12:31 ----D---- C:\Windows\Temp
2013-03-13 18:12:28 ----D---- C:\Program Files\trend micro
2013-03-13 17:57:12 ----D---- C:\Windows\system32\config
2013-03-13 17:29:03 ----D---- C:\Windows\Prefetch
2013-03-13 16:53:14 ----D---- C:\ProgramData\NVIDIA
2013-03-13 16:52:22 ----SHD---- C:\Windows\Installer
2013-03-13 16:51:56 ----D---- C:\Windows\Tasks
2013-03-13 16:51:56 ----D---- C:\Windows\system32\drivers
2013-03-13 16:49:41 ----SHD---- C:\System Volume Information
2013-03-13 16:49:19 ----D---- C:\Windows\system32\drivers\etc
2013-03-13 16:49:18 ----D---- C:\windows
2013-03-13 05:24:28 ----D---- C:\Windows\winsxs
2013-03-13 05:23:54 ----D---- C:\Windows\system32\migration
2013-03-13 05:23:54 ----D---- C:\Windows\System32
2013-03-13 05:23:54 ----D---- C:\Program Files\Internet Explorer
2013-03-13 05:23:50 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-13 05:21:10 ----D---- C:\Windows\debug
2013-03-13 05:21:10 ----A---- C:\Windows\system32\MRT.exe
2013-03-13 05:21:03 ----SHD---- C:\Config.Msi
2013-03-13 05:21:03 ----D---- C:\ProgramData\Microsoft Help
2013-03-13 05:19:55 ----D---- C:\Windows\system32\catroot2
2013-03-13 05:19:55 ----D---- C:\Windows\system32\catroot
2013-03-12 20:10:46 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-03-12 20:01:35 ----RD---- C:\Program Files
2013-03-12 20:01:35 ----D---- C:\ProgramData\ICQ
2013-03-12 19:57:29 ----D---- C:\Program Files\Emsisoft Anti-Malware
2013-03-12 18:38:34 ----D---- C:\Windows\inf
2013-03-12 05:35:47 ----D---- C:\Windows\system32\Tasks
2013-03-11 19:45:04 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-03-11 19:37:01 ----D---- C:\Users\Janik\AppData\Roaming\DAEMON Tools Lite
2013-03-11 19:37:01 ----D---- C:\Program Files\Steam
2013-03-11 19:36:59 ----D---- C:\Windows\Logs
2013-03-11 12:01:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-10 18:04:44 ----D---- C:\Program Files\Common Files\Steam
2013-03-10 17:38:39 ----RSD---- C:\Windows\assembly
2013-03-10 16:41:41 ----SD---- C:\ProgramData\Microsoft
2013-03-10 16:39:56 ----D---- C:\Program Files\Common Files
2013-03-10 16:39:13 ----D---- C:\ProgramData\Nero
2013-03-10 16:33:38 ----D---- C:\Program Files\FileHippo.com
2013-03-10 14:24:51 ----D---- C:\Users\Janik\AppData\Roaming\AIMP3
2013-03-07 20:05:41 ----D---- C:\Users\Janik\AppData\Roaming\Skype
2013-03-07 20:04:45 ----D---- C:\Program Files\Microsoft Office
2013-03-07 20:02:41 ----D---- C:\ProgramData\Skype
2013-03-07 05:40:51 ----D---- C:\ProgramData\PDFC
2013-03-07 05:35:33 ----D---- C:\ProgramData\Comodo Downloader
2013-03-07 05:35:32 ----SHD---- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2013-03-07 05:35:32 ----HDC---- C:\ProgramData\{ADCC9DAF-34D1-4565-92F1-DDB872DCF596}
2013-03-07 05:35:32 ----D---- C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837}
2013-03-07 05:35:32 ----D---- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2013-03-07 05:35:31 ----SHD---- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-03-07 05:35:31 ----SHD---- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2013-03-07 05:35:31 ----HDC---- C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
2013-03-07 05:35:31 ----D---- C:\ProgramData\{4BC12378-A8EB-4DBE-AFD8-B5A9D2CDFEC7}
2013-03-07 05:35:31 ----D---- C:\ProgramData\{44AFD825-9603-4521-9447-A6E1C5CA2F3D}
2013-03-07 05:30:12 ----D---- C:\Users\Janik\AppData\Roaming\TuneUp Software
2013-03-07 05:30:12 ----D---- C:\ProgramData\TuneUp Software
2013-03-07 05:28:40 ----HD---- C:\ProgramData
2013-03-07 05:17:06 ----D---- C:\Program Files\WinRAR
2013-03-07 05:17:06 ----D---- C:\Program Files\Defraggler
2013-03-06 22:58:38 ----A---- C:\Windows\system32\npDeployJava1.dll
2013-03-06 22:58:38 ----A---- C:\Windows\system32\deployJava1.dll
2013-03-06 22:58:36 ----D---- C:\Program Files\Java
2013-03-06 22:56:46 ----D---- C:\Program Files\Google
2013-03-06 22:54:46 ----D---- C:\Program Files\Common Files\Adobe AIR
2013-03-06 22:46:46 ----D---- C:\Windows\system32\DriverStore
2013-03-06 22:45:45 ----D---- C:\Program Files\NVIDIA Corporation
2013-03-06 22:45:07 ----D---- C:\Temp
2013-03-06 21:03:53 ----D---- C:\Windows\Downloaded Program Files
2013-03-04 07:36:25 ----D---- C:\Windows\Panther
2013-03-03 18:05:47 ----D---- C:\Users\Janik\AppData\Roaming\Macromedia
2013-03-02 20:09:07 ----D---- C:\Program Files\Common Files\microsoft shared
2013-03-02 18:31:28 ----D---- C:\Windows\system32\EventProviders
2013-03-02 15:48:24 ----D---- C:\Program Files\CCleaner
2013-03-02 14:58:23 ----D---- C:\totalcmd
2013-02-25 20:31:02 ----HD---- C:\Program Files\InstallShield Installation Information
2013-02-24 21:06:03 ----D---- C:\Users\Janik\AppData\Roaming\ICQ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2010-04-06 20104]
R0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys [2007-03-05 20880]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys [2007-03-05 35600]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2009-06-05 330264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-10-12 477240]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-12-11 134336]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2012-11-14 36552]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-11-08 494416]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2012-11-08 36072]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2012-11-08 82952]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2012-08-27 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-12-11 83944]
R3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-09-07 3187816]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-09-26 27632]
R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys [2004-08-09 114016]
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys [2004-07-19 7040]
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTCOM;Bluetooth Serial port driver; C:\Windows\system32\DRIVERS\btcomport.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\Windows\System32\Drivers\btcombus.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2007-05-09 36496]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393216]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2010-04-06 25864]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2006-11-20 78128]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2006-11-20 80688]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2006-11-20 16560]
S3 FlashUSB;FlashUSB; C:\Windows\system32\DRIVERS\FlashUSB.sys [2010-05-12 16896]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-09-26 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-09-26 25512]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2010-04-06 23048]
S3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys []
S3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys []
S3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-27 19072]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\Windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\Windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\Windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\Windows\system32\DRIVERS\snpstd3.sys [2009-07-03 10526464]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2011-01-20 11232]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-02-07 110816]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-02-07 86752]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2009-07-14 20480]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-08 1990464]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-02-10 634144]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-10 1266464]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2009-06-18 635416]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-02-09 383264]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-11 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-08-01 724888]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2013-02-25 543144]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-24 1343400]
S4 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S4 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S4 hpqwmiex;HP Software Framework Service; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]

-----------------EOF-----------------

[Márty84]

Najdete tento soubor C:\Program Files\trend micro\Janik.exe , kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Kliknete na Main menu a na Do a system scan only
U techto radku dejte vlevo zatrzitko

Kód: Vybrat vše

O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)

Kliknete na nápis Fix checked a potvrdte




Vsechny tyto programy - vcetne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

[arkan]

tak spravil som vsetko podla navodu. pc sa mi zda sviznejsie. start je vyrazne rychlejsi. ale verte ci nie. moj problem so service packom pretrvava stale. ta ista chyba, to iste prerusenie stahovania. ak to skusim zo stiahnuteho suboru tak to iste prerusenie instalacie. myslel som ze po tom vsetkom cisteni a odinstalovani uz mu nemoze branit nic.

mate este nejaky napad ako by som ho mohol nainstalovat?

a samozrejme dakujem za pomoc a rady za tieto dva dni

[Márty84]

To me vubec neprekvapuje. Rudy prece vi co dela. Jak uz psal on, je treba kontaktovat technickou podporu microsoftu a zeptat se primo jich, co ta chyba znamena. Oni by meli vedet nejlepe co s tim.
Jinak to jeste muzete zkusit v nouzovem rezimu s praci v siti, nekdy to pomuze

No a protoze log uz je cisty, myslim, ze mame hotovo a muzeme tema uzavrit. Nebo jeste ne?

[arkan]

nemyslel som to tak, ze vasmu kolegovi neverim, ked som chcel dat este skontrolovat log. len som chcel mat istotu, ze u mna nie je nic co by tomu mohlo branit. a kedze sme tolko mazali a cistili, predsa len to nebolo zbytocne

takze dakujem este raz za pomoc a mozeme tu dat lock.

[Márty84]

Ja vim ze jste to tak nemyslel

Nemate zac.

Bylo by dobre, kdybyste pak dal vedet, co vam odpovedeli. Treba aspon napovi a pak s tim pujde neco udelat. Napiste to pak do toho tematu Rudymu

Tady tedy uzavreno

Mejte se a drzim palce