Problem s myskou

[vyosek]

Zkuste prosim zopakovat v nouzovem rezimu

[BimboSK]

ok mam to nevsimol som si predtim ze tam bolo neco zaskrnute:


# AdwCleaner v2.300 - Logfile created 05/05/2013 at 15:22:30
# Updated 28/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : danusko - DANIEL-F4E3946F
# Boot Mode : Normal
# Running from : C:\Documents and Settings\danusko\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : IBUpdaterService
Stopped & Deleted : vToolbarUpdater14.2.0

***** [Files / Folders] *****

Deleted on reboot : C:\WINDOWS\system32\Zynga
Deleted on reboot : C:\WINDOWS\system32\Zynga
File Deleted : C:\DOCUME~1\danusko\LOCALS~1\Temp\Uninstall.exe
File Deleted : C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_home.sweetim.com_0.localstorage
File Deleted : C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_home.sweetim.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Deleted : C:\user.js
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Application Data\APN
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Application Data\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\danusko\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\danusko\Application Data\StatusWinks
Folder Deleted : C:\Documents and Settings\danusko\Local Settings\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\danusko\Local Settings\Application Data\P2P_Max
Folder Deleted : C:\Documents and Settings\danusko\Local Settings\Application Data\PackageAware
Folder Deleted : C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\DVDVideoSoftTB
Folder Deleted : C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\P2P_Max
Folder Deleted : C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\uTorrentControl_v2
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\spigot
Folder Deleted : C:\Program Files\IObit Apps Toolbar
Folder Deleted : C:\Program Files\Smart Driver Updater
Folder Deleted : C:\Program Files\Smiley Bar for Facebook
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\WINDOWS\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Folder Deleted : C:\WINDOWS\system32\WNLT

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\DVDVideoSoftTB
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{33AA308B-B565-4376-AC66-59EE9B6AD13E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72AE8426-3B8D-4EAD-B191-8D0AD1C62158}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B7D3E479-CC68-42B5-A338-938ECE35F419}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\P2P_Max
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Smiley Bar for Facebook
Key Deleted : HKCU\Software\Toolbar
Key Deleted : HKCU\Software\uTorrentControl_v2
Key Deleted : HKCU\Software\WhenU
Key Deleted : HKCU\Software\WhenUSave
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\XBTB01621
Key Deleted : HKCU\Software\XTTB00001
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\BFlix
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{471B163C-D832-47CF-87B9-70EC803DA402}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{745AD919-3AC5-4045-9507-6F42C961EEF3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\DVDVideoSoftTB
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BrowserCompanion
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDVideoSoftTB Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\incredibar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\searchya
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Smiley Bar for Facebook
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SpecialSavings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SweetIM Bundle by SweetPacks
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl_v2 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WNLT
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F3157AA407841454BB0C9BE8D1982BC9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smiley Bar for Facebook
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\P2P_Max
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKLM\Software\WNLT
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{72AE8426-3B8D-4EAD-B191-8D0AD1C62158}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B7D3E479-CC68-42B5-A338-938ECE35F419}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion [adv_i]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [statuswinks@StatusWinks]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{72AE8426-3B8D-4EAD-B191-8D0AD1C62158}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B7D3E479-CC68-42B5-A338-938ECE35F419}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion [adv_i]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [statuswinks@StatusWinks]

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.17128

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://www.crawler.com/search/dispatcher.aspx? ... tbid=66022 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - CustomizeSearch] = hxxp://search.v9.com/web/?utm_source=b&utm_medium=mlv&from=mlv&uid=SAMSUNGXHD250HJ_S0URJ9DPA61108&ts=1355422846 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - SearchAssistant] = hxxp://www.crawler.com/search/ie.aspx?tb_id=66022 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - CustomizeSearch] = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=66022 --> hxxp://www.google.com

-\\ Google Chrome v26.0.1410.64

File : C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.15.1748.0

File : C:\Documents and Settings\danusko\Application Data\Opera\Opera\operaprefs.ini

Deleted : Home URL=hxxp://mystart.incredibar.com/mb128?a=6PQGeaPp2k&i=26

*************************

AdwCleaner[R1].txt - [28228 octets] - [05/05/2013 15:09:31]
AdwCleaner[R2].txt - [28289 octets] - [05/05/2013 15:19:34]
AdwCleaner[R3].txt - [28350 octets] - [05/05/2013 15:22:18]
AdwCleaner[S1].txt - [27921 octets] - [05/05/2013 15:22:30]

########## EOF - C:\AdwCleaner[S1].txt - [27982 octets] ##########

[vyosek]

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

[BimboSK]

po vykonni tochto restardu som skusil spustit nejaku hru pri ktorej mi to robilo a uz mi to nerobi... ale ak tam vidite nejaku chybu este tak by som bol rad kebyze mi ju pomozete odstranit.

[vyosek]

Jeste tam toho hodne je, udelejte prosim ten OTL

[BimboSK]

trva to trosku dlksie tak nwm kedy bude log

[vyosek]

Ono delka skenovani je zavisla na vykonu PC ale predevsim na mnozstvi souboru, kterymi se OTL musim probrat...Pokud se nezasekne na vice jak 15 minut, tak jej nechte skenovat...

[BimboSK]

OTL logfile created on: 5. 5. 2013 15:42:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\danusko\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000041b | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy

1023,17 Mb Total Physical Memory | 633,45 Mb Available Physical Memory | 61,91% Memory free
2,40 Gb Paging File | 1,67 Gb Available in Paging File | 69,39% Paging File free
Paging file location(s): C:\pagefile.sys 1534 1534 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127,99 Gb Total Space | 45,85 Gb Free Space | 35,82% Space Free | Partition Type: NTFS

Computer Name: DANIEL-F4E3946F | User Name: danusko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.05.05 15:40:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\danusko\Desktop\OTL.exe
PRC - [2013.05.02 11:31:31 | 000,802,136 | ---- | M] (BitTorrent Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2013.04.28 20:40:36 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2013.04.28 20:10:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2013.04.28 20:09:47 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.04.28 20:09:40 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.04.28 20:09:39 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.04.24 20:55:11 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.04.15 15:27:46 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.01.29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007.10.22 11:13:26 | 009,438,488 | ---- | M] (Uniblue Software) -- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
PRC - [2007.09.12 18:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006.11.02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006.07.14 17:24:10 | 000,049,152 | ---- | M] (ZSMCSNAP) -- C:\WINDOWS\ZSSnp211.exe
PRC - [2006.07.04 15:16:32 | 000,049,152 | ---- | M] () -- C:\WINDOWS\Domino.exe


========== Modules (No Company Name) ==========

MOD - [2013.04.28 20:10:39 | 000,397,704 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2013.04.24 20:49:45 | 014,717,144 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2008.10.11 22:18:46 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.04.14 02:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.14 02:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006.11.02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2006.07.04 15:16:32 | 000,049,152 | ---- | M] () -- C:\WINDOWS\Domino.exe


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (LiveUpdate)
SRV - File not found [Auto | Stopped] -- -- (LiveUpdate Notice Ex)
SRV - File not found [On_Demand | Stopped] -- -- (ISPwdSvc)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.04.28 20:10:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.04.28 20:09:40 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.04.24 20:55:11 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.04.24 20:49:57 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.15 15:27:46 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.11.19 18:03:24 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2008.01.29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007.09.12 18:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2006.11.02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV - File not found [File_System | On_Demand | Stopped] -- -- (WinRing0_1_2_0)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (npkcrypt)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (ew_hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a6o5bay3)
DRV - [2013.04.28 20:10:57 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.04.28 20:10:57 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.04.28 20:10:57 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.04.28 20:10:57 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2013.02.18 17:01:06 | 000,033,112 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012.04.15 23:32:14 | 001,068,216 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\wcmvcam.sys -- (WCMVCAM)
DRV - [2011.12.20 09:39:28 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2011.12.13 19:27:30 | 007,069,288 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2011.12.06 05:42:18 | 007,490,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010.01.27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009.11.18 08:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 08:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.02.18 23:08:12 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.11.25 19:30:02 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008.03.03 13:00:00 | 000,043,392 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SiSGbeXP.sys -- (SiSGbeXP)
DRV - [2007.07.20 18:40:10 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2007.04.04 12:43:38 | 000,098,952 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716unic.sys -- (s716unic)
DRV - [2007.04.04 12:43:36 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716obex.sys -- (s716obex)
DRV - [2007.04.04 12:43:36 | 000,023,176 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716nd5.sys -- (s716nd5)
DRV - [2007.04.04 12:43:34 | 000,108,552 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mdm.sys -- (s716mdm)
DRV - [2007.04.04 12:43:34 | 000,100,360 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mgmt.sys -- (s716mgmt)
DRV - [2007.04.04 12:43:32 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mdfl.sys -- (s716mdfl)
DRV - [2007.04.04 12:43:20 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716bus.sys -- (s716bus)
DRV - [2006.12.28 18:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService)
DRV - [2006.07.25 12:47:56 | 000,391,791 | ---- | M] (ZSMC Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZS211.sys -- (ZSMC211)
DRV - [2006.02.17 21:34:24 | 000,083,344 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510obex.sys -- (k510obex)
DRV - [2006.02.17 21:34:22 | 000,085,408 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mgmt.sys -- (k510mgmt)
DRV - [2006.02.17 21:34:18 | 000,094,064 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mdm.sys -- (k510mdm)
DRV - [2006.02.17 21:34:16 | 000,008,336 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mdfl.sys -- (k510mdfl)
DRV - [2006.02.17 21:34:10 | 000,058,288 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510bus.sys -- (k510bus)
DRV - [2004.08.12 10:00:00 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2003.03.25 18:50:46 | 000,004,096 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\siside.sys -- (SiSide)
DRV - [2002.10.17 16:14:46 | 000,049,024 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\sisidex.sys -- (sisidex)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.phpnuke.org/?lang=en&cid= ... earchTerms}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searc ... 8&fr=b1ie7
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\{006EE305-1DF8-4D9D-BBDB-F93594A7272B}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\94A2AE90-7B04-4CE9-92A8-E74303397600: "URL" = http://searchya.com/?chnl=dcom-100&s=1& ... earchTerms}
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\C60EA454-FE12-4AF5-BCC6-ED86A369920E: "URL" = http://search.phpnuke.org/?lang=en&cid= ... earchTerms}
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\danusko\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: C:\Program Files\VDownloader\Addons\npVDownloader.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@vdownloader.com: C:\Program Files\VDownloader\Addons\FireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\SpecialSavings@SpecialSavings.com: C:\Documents and Settings\danusko\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\SpecialSavings@SpecialSavings.com: C:\Documents and Settings\danusko\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com


========== Chrome ==========

CHR - default_search_provider: Yahoo! (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yahoo.com/gossip?outpu ... earchTerms}
CHR - homepage: http://searchou.com/?id=08fc6c3e0000000 ... 1d60670258
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: (Enabled) = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.485_0\npbrowserext.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.5.0.11422_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: SpecialSavings = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1\
CHR - Extension: YouTube = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: PhpNuke Chrome Toolbar = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cngompmodgafkkffefbfbghhciijojjh\1.0_0\
CHR - Extension: Ebay Shopping Assistant by Spigot = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.0_0\
CHR - Extension: Smiley Bar for Facebook = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hgojaaaiddhmiiakpejiklijbalpckih\1.0.0.5\
CHR - Extension: Domain Error Assistant = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.1_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.8.0.12323_0\
CHR - Extension: Savings-Slider = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.3_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: Amazon Shopping Assistant by Spigot = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006.02.28 14:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (phpnuke Helper Object) - {890CA547-B66C-48BF-9663-DBE0BFDC7D0C} - C:\Program Files\phpnuke\phpnuke\1.8.12.7\bh\phpnuke.dll (PHPNuke.org)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (CPrintEnhancer Object) - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll (Hewlett-Packard Co.)
O2 - BHO: (no name) - {da30eff8-ccc6-4162-a20d-67402a26a215} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {F6104497-54FD-4688-9162-5115CC8AB0FB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKLM\..\Toolbar: (phpnuke Toolbar) - {7B206A1E-933F-4A50-9E60-5167598BDB03} - C:\Program Files\phpnuke\phpnuke\1.8.12.7\phpnukeTlbr.dll (PHPNuke.org)
O3 - HKLM\..\Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O3 - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Domino] C:\WINDOWS\Domino.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" File not found
O4 - HKLM..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe (ZSMCSNAP)
O4 - HKU\S-1-5-21-507921405-1965331169-839522115-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-507921405-1965331169-839522115-1004..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe (Uniblue Software)
O4 - HKU\S-1-5-21-507921405-1965331169-839522115-1004..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: &Download All using 4shared Desktop - Reg Error: Value error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 File not found
O13 - DefaultPrefix: http://www.myhottersearchbox.com/not_found_world/?url=
O13 - www Prefix: http://www.myhottersearchbox.com/not_found_world/?url=
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/sh ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 7525730171 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06728A1F-98EC-42DB-8952-4247E69AAD07}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuálna domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\danusko\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\danusko\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.12.26 20:57:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{35f7ec8a-0051-11e0-b475-001d60670258}\Shell - "" = AutoRun
O33 - MountPoints2\{35f7ec8a-0051-11e0-b475-001d60670258}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{778e6220-288b-11e0-b4c8-001d60670258}\Shell\AutoRun\command - "" = i00dvoym.exe
O33 - MountPoints2\{778e6220-288b-11e0-b4c8-001d60670258}\Shell\open\Command - "" = i00dvoym.exe
O33 - MountPoints2\{e447b5f4-fca5-11df-b467-001d60670258}\Shell - "" = AutoRun
O33 - MountPoints2\{e447b5f4-fca5-11df-b467-001d60670258}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{e6fb1942-6496-11de-b01f-001d60670258}\Shell - "" = AutoRun
O33 - MountPoints2\{e6fb1942-6496-11de-b01f-001d60670258}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.05.05 15:40:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\danusko\Desktop\OTL.exe
[2013.05.05 15:00:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.05.05 15:00:03 | 000,000,000 | ---D | C] -- C:\JRT
[2013.05.05 14:59:47 | 000,545,926 | ---- | C] (Oleg N. Scherbakov) -- C:\Documents and Settings\danusko\Desktop\JRT.exe
[2013.05.05 14:57:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013.05.04 21:12:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.05.04 21:12:16 | 000,000,000 | ---D | C] -- C:\rsit
[2013.05.02 18:20:30 | 000,000,000 | ---D | C] -- C:\Riot Games
[2013.05.02 18:20:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\NewFeature1
[2013.05.02 16:31:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\danusko\Desktop\League of Legends
[2013.05.02 16:31:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\danusko\Local Settings\Application Data\PMB Files
[2013.05.02 16:31:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PMB Files
[2013.05.02 16:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2013.04.29 19:09:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{D76294E6-03B8-4971-AF2E-3F846161A690}
[2013.04.29 19:08:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
[2013.04.29 19:01:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\danusko\Application Data\IObit
[2013.04.29 17:51:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\danusko\Application Data\.minecraft
[2013.04.28 20:19:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\danusko\Application Data\Avira
[2013.04.28 20:12:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Avira
[2013.04.28 20:12:03 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2013.04.28 20:12:02 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2013.04.28 20:12:01 | 000,135,136 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013.04.28 20:12:01 | 000,084,744 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2013.04.28 20:11:56 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2013.04.28 20:11:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
[7 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
[42 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[283 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.05.05 15:48:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.05.05 15:47:16 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.05.05 15:40:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\danusko\Desktop\OTL.exe
[2013.05.05 15:26:36 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.05 15:26:34 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
[2013.05.05 15:26:32 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job
[2013.05.05 15:26:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.05.05 15:16:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.05 15:04:21 | 000,237,056 | ---- | M] () -- C:\Documents and Settings\danusko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.05 14:59:54 | 000,628,743 | ---- | M] () -- C:\Documents and Settings\danusko\Desktop\adwcleaner.exe
[2013.05.05 14:59:48 | 000,545,926 | ---- | M] (Oleg N. Scherbakov) -- C:\Documents and Settings\danusko\Desktop\JRT.exe
[2013.05.04 23:17:23 | 008,570,861 | ---- | M] () -- C:\Documents and Settings\danusko\Desktop\Majk Spirit Celeste Buckingham I Was Wrong .mp3
[2013.05.04 21:12:04 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\danusko\Desktop\RSIT.exe
[2013.05.04 19:00:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\RMSchedule.job
[2013.05.03 15:17:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.05.02 18:49:36 | 000,001,616 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Play League of Legends.lnk
[2013.05.02 08:28:09 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.05.02 00:39:51 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
[2013.05.01 14:23:09 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\danusko\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013.05.01 14:23:09 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Google Chrome.lnk
[2013.04.30 20:07:06 | 046,130,875 | ---- | M] () -- C:\Documents and Settings\danusko\Desktop\Jak Ziskat Na Facebooku Tisice Lajku [mp3s.nadruhou.net].mp4
[2013.04.29 17:56:47 | 000,000,997 | ---- | M] () -- C:\Documents and Settings\danusko\Desktop\Odkaz na Minecraft.lnk
[2013.04.28 20:12:58 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Avira Control Center.lnk
[2013.04.28 20:10:57 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013.04.28 20:10:57 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2013.04.28 20:10:57 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2013.04.28 20:10:57 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2013.04.28 20:03:39 | 002,092,792 | ---- | M] () -- C:\Documents and Settings\danusko\Desktop\avira_free_antivirus.exe
[42 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[283 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.05.05 15:48:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.05.05 14:59:54 | 000,628,743 | ---- | C] () -- C:\Documents and Settings\danusko\Desktop\adwcleaner.exe
[2013.05.04 23:04:03 | 008,570,861 | ---- | C] () -- C:\Documents and Settings\danusko\Desktop\Majk Spirit Celeste Buckingham I Was Wrong .mp3
[2013.05.04 21:12:04 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\danusko\Desktop\RSIT.exe
[2013.05.02 18:49:36 | 000,001,616 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Play League of Legends.lnk
[2013.05.01 14:23:09 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\danusko\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013.04.30 20:05:03 | 046,130,875 | ---- | C] () -- C:\Documents and Settings\danusko\Desktop\Jak Ziskat Na Facebooku Tisice Lajku [mp3s.nadruhou.net].mp4
[2013.04.29 17:56:46 | 000,000,997 | ---- | C] () -- C:\Documents and Settings\danusko\Desktop\Odkaz na Minecraft.lnk
[2013.04.28 20:12:58 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Avira Control Center.lnk
[2013.04.28 20:03:38 | 002,092,792 | ---- | C] () -- C:\Documents and Settings\danusko\Desktop\avira_free_antivirus.exe
[2013.04.13 21:25:17 | 000,045,194 | ---- | C] () -- C:\Documents and Settings\danusko\Application Data\room_v3.dat
[2013.01.15 00:36:11 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\IDEproperty.dll
[2013.01.15 00:21:25 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2012.12.14 16:31:15 | 000,139,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2012.12.14 16:31:15 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\danusko\Application Data\PnkBstrK.sys
[2012.12.14 16:30:58 | 000,282,104 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2012.12.14 16:30:50 | 000,076,888 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2012.12.09 22:06:31 | 000,362,104 | ---- | C] () -- C:\WINDOWS\System32\dmwu(2)(2).exe
[2012.12.09 22:06:31 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\ImHttpComm(2)(2).dll
[2012.09.16 14:59:26 | 001,156,400 | ---- | C] () -- C:\WINDOWS\System32\dmwu.exe
[2012.09.16 14:59:26 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\ImHttpComm.dll
[2012.06.20 16:59:20 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.04.26 15:21:35 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2012.04.26 15:21:34 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2012.04.26 15:21:33 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2012.04.26 15:21:32 | 000,608,507 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2012.03.31 19:22:54 | 000,000,321 | ---- | C] () -- C:\WINDOWS\WPE PRO.INI
[2011.12.09 22:00:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011.12.09 15:43:15 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011.12.05 23:04:00 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll
[2011.12.05 23:03:52 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011.11.20 13:37:21 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\OVDecoder.dll
[2011.09.18 09:44:50 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\danusko\Local Settings\Application Data\fusioncache.dat
[2011.01.18 16:53:33 | 000,001,550 | ---- | C] () -- C:\Documents and Settings\danusko\.recently-used.xbel
[2009.08.05 15:02:00 | 000,007,983 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\LUUnInstall.LiveUpdate
[2009.07.06 12:06:19 | 000,000,083 | ---- | C] () -- C:\Documents and Settings\danusko\Local Settings\Application Data\X-Plane Installer.prf
[2009.02.13 10:16:12 | 000,000,298 | ---- | C] () -- C:\Documents and Settings\danusko\post.bat
[2008.08.24 22:38:31 | 000,237,056 | ---- | C] () -- C:\Documents and Settings\danusko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.05.23 21:01:13 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\QTSBandwidthCache

========== ZeroAccess Check ==========

[2008.05.06 17:45:41 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 02:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 14:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 02:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009.01.16 15:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\132EE
[2011.01.13 21:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\B31C
[2013.01.26 16:20:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Common Files
[2011.10.17 19:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DatacardService
[2013.02.01 16:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DriverGenius
[2009.11.12 09:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\E2DE
[2013.05.02 22:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Electronic Arts
[2008.06.18 19:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
[2013.04.24 19:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\GarenaMessenger
[2012.12.09 16:02:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Hi-Rez Studios
[2010.01.29 18:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ICQ
[2010.05.01 13:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\InterAction studios
[2013.05.05 14:57:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
[2011.12.08 17:51:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MAGIX
[2013.05.02 22:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Origin
[2013.05.04 13:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PMB Files
[2009.07.06 10:58:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PopCap Games
[2012.12.15 20:52:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sony
[2009.01.20 21:42:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\tcpIQ
[2012.06.12 19:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2013.02.19 08:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WarThunder
[2013.04.29 19:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
[2013.05.05 14:57:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013.04.29 19:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{D76294E6-03B8-4971-AF2E-3F846161A690}
[2013.04.24 19:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\(2).minecraft
[2012.09.22 20:30:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\.DreamPvP
[2013.05.05 15:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\.minecraft
[2012.12.15 14:38:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\.techniclauncher
[2013.05.05 15:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\AIMP3
[2013.02.23 14:01:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Audacity
[2012.02.14 17:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\BANDISOFT
[2008.12.21 11:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\BearShare
[2008.07.04 19:25:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Camfrog
[2012.12.17 20:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2008.11.25 19:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\DAEMON Tools
[2011.11.21 20:26:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\DVDVideoSoft
[2011.10.31 13:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\GetRightToGo
[2008.09.24 13:56:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Groove Games
[2010.10.15 18:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\gtk-2.0
[2010.03.28 08:22:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\ICQ
[2008.05.10 09:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\ICQ Toolbar
[2010.01.11 19:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Image Zone Express
[2013.05.02 22:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\IObit
[2009.12.05 22:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\LimeWire
[2012.03.13 22:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\LolClient
[2011.11.20 13:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\MAGIX
[2008.12.23 14:15:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\MSNInstaller
[2009.02.14 14:23:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Opera
[2012.06.20 17:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Oracle
[2013.02.23 21:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\phpnuke
[2010.01.11 19:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Printer Info Cache
[2012.12.15 21:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Publish Providers
[2008.05.06 20:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Teleca
[2011.12.08 17:38:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\TS3Client
[2011.10.25 15:58:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\ts3overlay
[2013.04.24 19:37:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Uniblue
[2013.05.05 15:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\uTorrent
[2012.08.18 18:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\wargaming.net
[2013.01.22 23:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\WebcamMax

========== Purity Check ==========



========== Custom Scans ==========

< >
[2008.05.05 19:07:31 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2008.05.05 19:12:56 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2008.05.06 17:42:53 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2012.04.09 17:15:25 | 000,000,258 | ---- | C] () -- C:\WINDOWS\Tasks\RMSchedule.job
[2012.04.23 21:52:49 | 000,000,256 | ---- | C] () -- C:\WINDOWS\Tasks\Game_Booster_Startup.job
[2012.04.28 17:39:41 | 000,000,922 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.04.28 17:39:42 | 000,000,926 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.08.12 23:59:34 | 000,000,830 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.01.26 16:21:32 | 000,000,282 | ---- | C] () -- C:\WINDOWS\Tasks\Game_Booster_AutoUpdate.job
[2013.02.20 19:45:07 | 000,000,274 | ---- | C] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
[2013.02.20 19:45:07 | 000,000,396 | ---- | C] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job

< >

< MD5 for: ATAPI.SYS >
[2012.06.19 12:18:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:atapi.sys
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2012.06.19 12:18:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2012.06.19 12:18:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\atapi.sys
[2006.02.28 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\autochk.exe
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2006.02.28 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2012.06.19 12:18:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:cdrom.sys
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2012.06.19 12:18:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2012.06.19 12:18:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.02.28 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\explorer.exe
[2007.06.13 13:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 12:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2006.02.28 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: HAL.DLL >
[2012.06.19 12:18:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:hal.dll
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2012.06.19 12:18:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2012.06.19 12:18:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\hal.dll
[2006.02.28 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: SCECLI.DLL >
[2006.02.28 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.06 13:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008.04.14 02:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 02:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2008.04.14 02:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\services.exe
[2009.02.06 19:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.06 12:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.06 13:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009.02.06 13:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.06 13:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
[2006.02.28 14:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2006.02.28 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.02.28 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2006.02.28 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.02.28 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
[3 C:\WINDOWS\Help\*.tmp files -> C:\WINDOWS\Help\*.tmp -> ]
[5 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\*.tmp files -> C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\08630a0e5836d849898d98e89992b3cd\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\08630a0e5836d849898d98e89992b3cd\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\96f29619e0ff5e71f060c3d1b020bc59\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\96f29619e0ff5e71f060c3d1b020bc59\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\c07cb237ab881113fd0619bb5a943eb6\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\c07cb237ab881113fd0619bb5a943eb6\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\c2e00646665a917d011788961ec91bb1\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\c2e00646665a917d011788961ec91bb1\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\c7ba1508bd1b493e7587bda8b8e4698a\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\c7ba1508bd1b493e7587bda8b8e4698a\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\e328b680249aea473aa35daaa83f5244\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\e328b680249aea473aa35daaa83f5244\*.tmp -> ]
[283 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\Adobe\Director\*.tmp files -> C:\WINDOWS\system32\Adobe\Director\*.tmp -> ]
[3 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[42 C:\WINDOWS\system32\dllcache\*.tmp files -> C:\WINDOWS\system32\dllcache\*.tmp -> ]
[14 C:\WINDOWS\system32\Setup\*.tmp files -> C:\WINDOWS\system32\Setup\*.tmp -> ]
[17 C:\WINDOWS\system32\wbem\*.tmp files -> C:\WINDOWS\system32\wbem\*.tmp -> ]
[97 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

[BimboSK]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2009.01.16 15:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\132EE
[2012.12.17 20:02:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
[2008.05.06 17:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
[2013.04.28 20:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
[2011.01.13 21:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\B31C
[2009.10.28 18:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Blizzard
[2013.01.26 16:20:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Common Files
[2011.10.17 19:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DatacardService
[2013.02.01 16:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DriverGenius
[2009.11.12 09:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\E2DE
[2013.05.02 22:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Electronic Arts
[2008.06.18 19:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
[2013.04.24 19:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\GarenaMessenger
[2008.05.06 17:14:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Hewlett-Packard
[2012.12.09 16:02:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Hi-Rez Studios
[2008.05.06 17:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HP
[2008.05.06 17:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HPSSUPPLY
[2010.01.29 18:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ICQ
[2008.11.22 19:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\InstallShield
[2010.05.01 13:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\InterAction studios
[2013.05.05 14:57:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
[2011.12.08 17:51:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MAGIX
[2013.01.31 00:29:59 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
[2010.05.11 19:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
[2011.10.28 21:52:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton
[2011.10.28 21:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\NortonInstaller
[2013.05.02 22:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Origin
[2013.05.04 13:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PMB Files
[2009.07.06 10:58:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PopCap Games
[2013.04.24 20:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype
[2012.12.15 20:52:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sony
[2011.10.20 14:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sun
[2009.08.05 15:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec
[2009.01.20 21:42:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\tcpIQ
[2012.06.12 19:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2013.02.19 08:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WarThunder
[2008.05.06 17:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WEBREG
[2013.04.29 19:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
[2013.05.05 14:57:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013.04.29 19:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{D76294E6-03B8-4971-AF2E-3F846161A690}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2013.02.24 01:04:26 | 011,123,520 | ---- | M] (Electronic Arts) -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Electronic Arts\Need for Speed World\Data\nfsw.exe
[2008.11.22 19:17:49 | 009,843,864 | ---- | M] (Macrovision Corporation) -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Plugins\Plugins\95F12167483D466CABC98CAFE4B4FD93\CT4SKypePlugIn20_Multi_Media.exe
[2008.11.22 19:17:49 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Plugins\Plugins\95F12167483D466CABC98CAFE4B4FD93\RLLauncher.exe
[2013.04.15 15:27:46 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

< %APPDATA%\*. >
[2013.04.24 19:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\(2).minecraft
[2012.09.22 20:30:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\.DreamPvP
[2013.05.05 16:31:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\.minecraft
[2012.12.15 14:38:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\.techniclauncher
[2012.12.17 20:02:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Adobe
[2008.08.24 22:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\AdobeUM
[2013.05.05 16:14:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\AIMP3
[2013.04.29 19:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Apple Computer
[2008.11.22 15:24:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\ATI
[2013.02.23 14:01:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Audacity
[2013.04.28 20:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Avira
[2012.02.14 17:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\BANDISOFT
[2008.12.21 11:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\BearShare
[2008.07.04 19:25:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Camfrog
[2012.12.17 20:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2010.03.12 15:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Corel
[2008.11.25 19:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\DAEMON Tools
[2010.05.11 18:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\dvdcss
[2011.11.21 20:26:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\DVDVideoSoft
[2011.10.31 13:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\GetRightToGo
[2008.10.25 11:51:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Google
[2008.09.24 13:56:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Groove Games
[2010.10.15 18:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\gtk-2.0
[2008.05.10 09:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Help
[2008.05.24 09:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\HP
[2010.03.28 08:22:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\ICQ
[2008.05.10 09:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\ICQ Toolbar
[2010.04.10 20:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Identities
[2010.01.11 19:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Image Zone Express
[2013.05.02 22:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\IObit
[2009.12.05 22:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\LimeWire
[2012.03.13 22:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\LolClient
[2008.05.08 22:06:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Macromedia
[2011.11.20 13:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\MAGIX
[2013.02.14 21:31:44 | 000,000,000 | --SD | M] -- C:\Documents and Settings\danusko\Application Data\Microsoft
[2008.12.23 14:15:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\MSNInstaller
[2009.02.14 14:23:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Opera
[2012.06.20 17:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Oracle
[2013.02.23 21:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\phpnuke
[2010.01.11 19:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Printer Info Cache
[2012.12.15 21:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Publish Providers
[2013.05.05 16:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Skype
[2011.11.23 15:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\skypePM
[2008.12.06 11:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Sun
[2008.05.06 20:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Teleca
[2011.12.08 17:38:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\TS3Client
[2011.10.25 15:58:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\ts3overlay
[2013.04.24 19:37:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Uniblue
[2013.05.05 16:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\uTorrent
[2013.05.04 23:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\vlc
[2012.08.18 18:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\wargaming.net
[2013.01.22 23:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\WebcamMax
[2009.07.26 21:08:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\WinRAR

< %APPDATA%\*.exe /s >
[2012.04.22 13:55:24 | 000,695,296 | ---- | M] (AnjoCaido) -- C:\Documents and Settings\danusko\Application Data\.minecraft\Minecraft.exe
[2012.02.18 16:55:48 | 000,048,128 | ---- | M] (Microsoft) -- C:\Documents and Settings\danusko\Application Data\.minecraft\saves\PlanetoidMapGenerator\Planetoid Map Generator.exe
[2012.02.18 16:55:48 | 000,091,648 | ---- | M] () -- C:\Documents and Settings\danusko\Application Data\.minecraft\saves\PlanetoidMapGenerator\GZip\gzip.exe
[2009.06.23 17:00:01 | 000,163,840 | ---- | M] (Mozilla Foundation) -- C:\Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\crashreporter.exe
[2009.06.23 17:00:03 | 000,196,608 | ---- | M] (Mozilla Foundation) -- C:\Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\updater.exe
[2009.06.23 17:00:03 | 000,014,848 | ---- | M] () -- C:\Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\xpcshell.exe
[2009.06.23 17:00:03 | 000,077,824 | ---- | M] (Mozilla Foundation) -- C:\Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\xpicleanup.exe
[2009.06.23 17:00:03 | 000,266,240 | ---- | M] (Mozilla Foundation) -- C:\Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\xpidl.exe
[2009.06.23 17:00:03 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\xpt_dump.exe
[2009.06.23 17:00:03 | 000,014,336 | ---- | M] () -- C:\Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\xpt_link.exe
[2009.06.23 17:00:03 | 000,073,728 | ---- | M] (Mozilla Foundation) -- C:\Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\xulrunner-stub.exe
[2009.06.23 17:00:03 | 000,102,400 | ---- | M] (Mozilla Foundation) -- C:\Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\xulrunner.exe
[2012.12.17 20:02:11 | 000,055,424 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\danusko\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.12.09 15:44:34 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\danusko\Application Data\Microsoft\Installer\{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[283 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2013.05.05 15:47:16 | 000,000,830 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.05.03 15:17:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2013.05.05 15:26:34 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\Game_Booster_AutoUpdate.job
[2013.05.05 15:26:32 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Game_Booster_Startup.job
[2013.05.05 15:26:36 | 000,000,922 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.05.05 16:16:03 | 000,000,926 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013.05.04 19:00:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\RMSchedule.job
[2013.05.02 00:39:51 | 000,000,274 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
[2013.02.20 19:45:07 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008.11.25 19:30:02 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2008.05.05 20:54:49 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008.05.05 20:54:49 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008.05.05 20:54:48 | 000,888,832 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[283 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[283 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun -- [2008.07.24 17:02:06 | 000,490,952 | ---- | M] (DT Soft Ltd)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 02:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.02.28 18:50:02 | 018,642,024 | R--- | M] (Skype Technologies S.A.)
"uTorrent" = "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED -- [2013.05.02 11:31:31 | 000,802,136 | ---- | M] (BitTorrent Inc.)
"Uniblue SpeedUpMyPC" = C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s -- [2007.10.22 11:13:26 | 009,438,488 | ---- | M] (Uniblue Software)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.02.22 00:55:09 | 000,643,184 | -HS- | M] (Microsoft Corporation) MD5=186E5B46F7DCEB473E2548E20F071934 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2013.04.28 20:40:36 | 000,879,456 | ---- | M] (Opera Software) MD5=C5520FEB7AD5F6E3692B6DE41F6A1A27 -- C:\Program Files\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013.04.09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) MD5=4E9592BB2C100E571F82640E59E9ECD5 -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.05.05 15:48:24 | 000,000,512 | ---- | M] () MD5=37602740B6C90D2C388EF46E5272CA7A -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013.04.24 20:23:25 | 000,015,781 | ---- | M] () -- \Documents and Settings\danusko\Application Data\uTorrent\Minecraft_Cracked_v1.4.7.zip.1.torrent
[2013.04.24 18:36:06 | 000,015,781 | ---- | M] () -- \Documents and Settings\danusko\Application Data\uTorrent\Minecraft_Cracked_v1.4.7.zip.torrent
[2013.04.25 19:32:05 | 000,019,770 | ---- | M] () -- \Documents and Settings\danusko\Application Data\uTorrent\SimCity 2013 No Crack.torrent
[2013.05.05 16:43:47 | 000,632,192 | ---- | M] () -- \Documents and Settings\danusko\Desktop\CrackedTechnicLauncher.jar
[2012.12.14 16:45:02 | 000,015,636 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrack.cfx
[2012.12.14 16:45:05 | 000,015,656 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
[2012.12.14 16:45:05 | 000,016,044 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
[2012.12.14 16:45:06 | 000,016,744 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
[2012.12.14 16:45:06 | 000,015,352 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
[2012.12.14 16:45:06 | 000,016,372 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
[2012.12.14 16:45:02 | 000,016,024 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncracklightmap.cfx
[2012.12.14 16:45:03 | 000,016,724 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
[2012.12.14 16:45:04 | 000,015,300 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
[2012.12.14 16:45:03 | 000,016,352 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackshadow.cfx
[2012.12.14 16:45:02 | 000,015,856 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrack.cfx
[2012.12.14 16:45:05 | 000,015,876 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
[2012.12.14 16:45:05 | 000,016,264 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
[2012.12.14 16:45:06 | 000,016,964 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
[2012.12.14 16:45:06 | 000,015,572 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
[2012.12.14 16:45:06 | 000,016,592 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
[2012.12.14 16:45:02 | 000,016,244 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
[2012.12.14 16:45:03 | 000,016,944 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
[2012.12.14 16:45:04 | 000,015,520 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
[2012.12.14 16:45:03 | 000,016,572 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
[2013.01.14 23:46:11 | 000,000,200 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Programy\Driver Genius 11 & Serial license crack.html
[2012.12.15 20:53:03 | 014,846,576 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Programy\Sony-Vegas-PRO-9---FULL-Edition-[CRACK-+-KEYGEN].rar
[2013.01.18 17:35:12 | 000,015,636 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrack.cfx
[2013.01.18 17:35:14 | 000,015,656 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
[2013.01.18 17:35:14 | 000,016,044 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
[2013.01.18 17:35:15 | 000,016,744 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
[2013.01.18 17:35:16 | 000,015,352 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
[2013.01.18 17:35:15 | 000,016,372 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
[2013.01.18 17:35:12 | 000,016,024 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncracklightmap.cfx
[2013.01.18 17:35:13 | 000,016,724 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
[2013.01.18 17:35:13 | 000,015,300 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
[2013.01.18 17:35:13 | 000,016,352 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackshadow.cfx
[2013.01.18 17:35:12 | 000,015,856 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrack.cfx
[2013.01.18 17:35:14 | 000,015,876 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
[2013.01.18 17:35:14 | 000,016,264 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
[2013.01.18 17:35:15 | 000,016,964 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
[2013.01.18 17:35:16 | 000,015,572 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
[2013.01.18 17:35:15 | 000,016,592 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
[2013.01.18 17:35:12 | 000,016,244 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
[2013.01.18 17:35:13 | 000,016,944 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
[2013.01.18 17:35:13 | 000,015,520 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
[2013.01.18 17:35:13 | 000,016,572 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
[2013.02.01 14:11:35 | 000,015,636 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncrack.cfx
[2013.02.01 14:11:38 | 000,015,656 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
[2013.02.01 14:11:38 | 000,016,044 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
[2013.02.01 14:11:39 | 000,016,744 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
[2013.02.01 14:11:40 | 000,015,352 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
[2013.02.01 14:11:39 | 000,016,372 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
[2013.02.01 14:11:35 | 000,016,024 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncracklightmap.cfx
[2013.02.01 14:11:36 | 000,016,724 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
[2013.02.01 14:11:37 | 000,015,300 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
[2013.02.01 14:11:36 | 000,016,352 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncrackshadow.cfx
[2013.02.01 14:11:35 | 000,015,856 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncrack.cfx
[2013.02.01 14:11:38 | 000,015,876 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
[2013.02.01 14:11:38 | 000,016,264 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
[2013.02.01 14:11:39 | 000,016,964 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
[2013.02.01 14:11:40 | 000,015,572 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
[2013.02.01 14:11:39 | 000,016,592 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
[2013.02.01 14:11:35 | 000,016,244 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
[2013.02.01 14:11:37 | 000,016,944 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
[2013.02.01 14:11:37 | 000,015,520 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
[2013.02.01 14:11:36 | 000,016,572 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
[2013.05.05 16:43:48 | 000,000,573 | ---- | M] () -- \Documents and Settings\danusko\Recent\CrackedTechnicLauncher.jar.lnk
[2003.12.05 15:52:40 | 000,000,796 | ---- | M] () -- \Program Files\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped
[2013.04.24 18:38:21 | 000,021,670 | ---- | M] () -- \WINDOWS\Prefetch\MINECRAFT_CRACKED_V1.4.7.EXE-0481D9EE.pf
[2013.04.24 20:26:44 | 000,022,052 | ---- | M] () -- \WINDOWS\Prefetch\MINECRAFT_CRACKED_V1.4.7.EXE-05BBC021.pf
[2013.04.24 20:33:12 | 000,022,236 | ---- | M] () -- \WINDOWS\Prefetch\MINECRAFT_CRACKED_V1.4.7.EXE-0CACF57F.pf

< *keygen* /s >
[2012.12.15 20:53:03 | 014,846,576 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Programy\Sony-Vegas-PRO-9---FULL-Edition-[CRACK-+-KEYGEN].rar

< *loader* /s >
[2013.02.18 23:24:17 | 000,004,068 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Application Data\Electronic Arts\Need for Speed World\Data\GFX\_RadialFlareLoader_Double.gfx
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2013.04.29 18:13:59 | 000,007,310 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.minecraft\ModLoader.txt
[2012.05.26 13:05:10 | 000,007,030 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.minecraft\ModLoader.txt.1
[2012.05.26 13:03:32 | 000,000,000 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.minecraft\ModLoader.txt.1.lck
[2012.05.22 22:16:24 | 000,103,347 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.minecraft\bin\modes\ModLoader.zip
[2012.04.02 13:52:06 | 000,046,467 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.minecraft\bin\modes\ModLoader\ModLoader.class
[2013.04.29 18:13:55 | 000,000,508 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.minecraft\config\ModLoader.cfg
[2012.05.22 21:08:38 | 000,000,047 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.minecraft\config\mod_ModLoaderMp.cfg
[2013.05.05 16:49:03 | 000,063,565 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.techniclauncher\tekkit\ForgeModLoader-0.log
[2013.05.05 16:45:39 | 000,000,000 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.techniclauncher\tekkit\ForgeModLoader-0.log.lck
[2012.12.13 23:57:52 | 000,001,980 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.techniclauncher\tekkit\mods\ComputerCraft\org\luaj\vm2\luajc\JavaLoader.class
[2011.10.31 13:07:13 | 000,000,000 | ---- | M] () -- \Documents and Settings\danusko\Application Data\GetRightToGo\Brothersoftdownloader_for_uTorrent.data
[2009.06.23 17:00:01 | 000,002,713 | ---- | M] () -- \Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\components\uriloader.xpt
[2013.02.03 17:45:15 | 000,339,609 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Downloader_Metin2_cz.exe
[2013.05.01 14:12:24 | 000,000,381 | ---- | M] () -- \Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.3_0\loader_1036.js
[2013.04.28 20:29:55 | 000,001,274 | ---- | M] () -- \Documents and Settings\danusko\Local Settings\Temp\avnwldrtemp\networkloader.log
[2013.05.02 20:53:27 | 000,005,708 | ---- | M] () -- \Documents and Settings\danusko\Local Settings\Temporary Internet Files\Content.IE5\6V2JGJ3P\queryLoader[1].js
[2013.05.05 16:16:13 | 000,000,753 | ---- | M] () -- \Documents and Settings\danusko\Local Settings\Temporary Internet Files\Content.IE5\U0ZAT1G2\AdLoader[2].htm
[2013.05.02 20:53:26 | 000,000,374 | ---- | M] () -- \Documents and Settings\danusko\Local Settings\Temporary Internet Files\Content.IE5\U0ZAT1G2\queryLoader[1].css
[2013.05.01 18:33:08 | 000,105,903 | ---- | M] () -- \Documents and Settings\danusko\Local Settings\Temporary Internet Files\Content.IE5\ZGKSJTDO\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2008.03.03 22:05:32 | 000,000,060 | ---- | M] () -- \Documents and Settings\Famlily\Data aplikací\Macromedia\Flash Player\#SharedObjects\PE5FT972\miniclip.com\games\free-wheels\en\free_wheels.dcr\MiniclipLoaderAd.sol
[2008.04.26 11:21:56 | 000,000,060 | ---- | M] () -- \Documents and Settings\Famlily\Data aplikací\Macromedia\Flash Player\#SharedObjects\PE5FT972\vrana.sk\hry\nordicchill.swf\MiniclipLoaderAd.sol
[2005.06.07 00:54:14 | 000,348,160 | ---- | M] () -- \Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\PhotoDownloader.dll
[2005.06.07 00:47:26 | 000,163,840 | ---- | M] () -- \Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\uploader.dll
[2005.06.07 00:02:16 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Photoshop Album Starter Edition\3.0\Shared_Assets\combined_bitmaps\main_window\C_LoadError.png
[2013.04.28 20:09:49 | 000,052,960 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.dll
[2013.04.28 20:09:49 | 000,232,672 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2013.04.28 20:09:51 | 001,714,400 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloadergui.dll
[2003.09.15 16:02:00 | 000,169,384 | ---- | M] () -- \Program Files\Counter-Strike 1.6\cstrike\models\qloader.mdl
[2003.09.15 15:55:50 | 000,352,548 | ---- | M] () -- \Program Files\Counter-Strike 1.6\valve\models\loader.mdl
[2003.09.15 15:56:04 | 000,012,764 | ---- | M] () -- \Program Files\Counter-Strike 1.6\valve\sound\ambience\loader_hydra1.wav
[2003.09.15 15:56:04 | 000,012,164 | ---- | M] () -- \Program Files\Counter-Strike 1.6\valve\sound\ambience\loader_step1.wav
[2012.02.16 15:44:38 | 000,000,404 | ---- | M] () -- \Program Files\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.223\deploy\assets\storeImages\layout\small_loader.gif
[2008.06.20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2012.02.16 14:44:38 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.11\deploy\assets\storeImages\layout\small_loader.gif
[2006.02.28 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2013.04.24 13:30:22 | 000,017,310 | ---- | M] () -- \WINDOWS\Prefetch\GARENATALKLOADER.EXE-0689E4F1.pf
[2008.04.14 02:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:43 | 000,230,400 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:44 | 000,278,016 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 02:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\dmloader.dll
[2008.04.13 20:31:43 | 000,230,400 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\osloader.exe
[2008.04.13 20:31:44 | 000,278,016 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\osloader.ntd
[2008.04.14 02:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[283 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2011.10.05 12:12:42 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2008.03.14 22:57:50 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr

========== Files - Unicode (All) ==========
[2011.11.10 16:14:49 | 006,750,054 | ---- | M] ()(C:\Documents and Settings\danusko\??XZ?a?aS-1-5-21-507921405-1965331169-839522115-1004) -- C:\Documents and Settings\danusko\࿠ʀXZꀔãꈼãS-1-5-21-507921405-1965331169-839522115-1004
[2011.11.10 16:14:38 | 006,750,054 | ---- | C] ()(C:\Documents and Settings\danusko\??XZ?a?aS-1-5-21-507921405-1965331169-839522115-1004) -- C:\Documents and Settings\danusko\࿠ʀXZꀔãꈼãS-1-5-21-507921405-1965331169-839522115-1004

========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:D1B5B4F1

< End of report >

log z OTL

[vyosek]

Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)

• Stahne a ulozte na plochu UsbFix http://www.viry.cz/forum/viewtopic.php?f=24&t=102308
• Spustte a kliknete na Deletion
• Po dokonceni sem vlozte log, pokud na Vas nevyskoci, najdete jej zde C:\UsbFix.txt

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  SRV - File not found [On_Demand | Stopped] -- -- (LiveUpdate)
  SRV - File not found [Auto | Stopped] -- -- (LiveUpdate Notice Ex)
  SRV - File not found [On_Demand | Stopped] -- -- (ISPwdSvc)
  DRV - File not found [File_System | On_Demand | Stopped] -- -- (WinRing0_1_2_0)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
  DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (npkcrypt)
  DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
  DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
  DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (hwdatacard)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (huawei_enumerator)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (ew_hwusbdev)
  DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (EagleNT)
  DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a6o5bay3)
  DRV - [2013.02.18 17:01:06 | 000,033,112 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.phpnuke.org/?lang=en&cid=457c4dfc&q={searchTerms}
  IE - HKLM\..\SearchScopes,DefaultScope = 
  IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
  IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
  IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
  IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
  IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes,DefaultScope = 
  IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\{006EE305-1DF8-4D9D-BBDB-F93594A7272B}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =800236&p={searchTerms}
  IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\94A2AE90-7B04-4CE9-92A8-E74303397600: "URL" = http://searchya.com/?chnl=dcom-100&s=1& ... DtAtCtA&q={searchTerms}
  IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\C60EA454-FE12-4AF5-BCC6-ED86A369920E: "URL" = http://search.phpnuke.org/?lang=en&cid=457c4dfc&q={searchTerms}
  CHR - default_search_provider: Yahoo! (Enabled)
  CHR - default_search_provider: search_url = http://search.yahoo.com/search?fr=chr-g ... =800236&p={searchTerms}
  CHR - default_search_provider: suggest_url = http://ff.search.yahoo.com/gossip?outpu ... n&command={searchTerms}
  CHR - homepage: http://searchou.com/?id=08fc6c3e0000000 ... 1d60670258
  O2 - BHO: (no name) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - No CLSID value found.
  O2 - BHO: (no name) - {da30eff8-ccc6-4162-a20d-67402a26a215} - No CLSID value found.
  O2 - BHO: (no name) - {F6104497-54FD-4688-9162-5115CC8AB0FB} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - !{7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - !{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
  O3 - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
  O4 - HKLM..\Run: [] File not found
  O4 - HKU\S-1-5-21-507921405-1965331169-839522115-1004..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe (Uniblue Software)
  O13 - DefaultPrefix: http://www.myhottersearchbox.com/not_found_world/?url=
  O13 - www Prefix: http://www.myhottersearchbox.com/not_found_world/?url=
  O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
  O33 - MountPoints2\{35f7ec8a-0051-11e0-b475-001d60670258}\Shell - "" = AutoRun
  O33 - MountPoints2\{778e6220-288b-11e0-b4c8-001d60670258}\Shell\AutoRun\command - "" = i00dvoym.exe
  O33 - MountPoints2\{778e6220-288b-11e0-b4c8-001d60670258}\Shell\open\Command - "" = i00dvoym.exe
  O33 - MountPoints2\{e447b5f4-fca5-11df-b467-001d60670258}\Shell - "" = AutoRun
  O33 - MountPoints2\{e6fb1942-6496-11de-b01f-001d60670258}\Shell - "" = AutoRun
  [2013.05.05 14:57:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
  [2013.04.29 19:09:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{D76294E6-03B8-4971-AF2E-3F846161A690}
  [2013.04.29 19:08:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
  [2013.04.29 19:01:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\danusko\Application Data\IObit
  [2009.01.16 15:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\132EE
  [2011.01.13 21:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\B31C
  [2008.06.18 19:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
  [2013.05.05 14:57:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
  [2013.04.29 19:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
  [2013.05.05 14:57:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
  [2013.04.29 19:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{D76294E6-03B8-4971-AF2E-3F846161A690}
  [2008.05.10 09:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\ICQ Toolbar
  [2013.05.02 22:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\IObit
  [2008.05.05 19:07:31 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
  [2008.05.05 19:12:56 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
  [2008.05.06 17:42:53 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
  [2012.04.09 17:15:25 | 000,000,258 | ---- | C] () -- C:\WINDOWS\Tasks\RMSchedule.job
  [2012.04.23 21:52:49 | 000,000,256 | ---- | C] () -- C:\WINDOWS\Tasks\Game_Booster_Startup.job
  [2012.04.28 17:39:41 | 000,000,922 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
  [2012.04.28 17:39:42 | 000,000,926 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
  [2012.08.12 23:59:34 | 000,000,830 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
  [2013.01.26 16:21:32 | 000,000,282 | ---- | C] () -- C:\WINDOWS\Tasks\Game_Booster_AutoUpdate.job
  [2013.02.20 19:45:07 | 000,000,274 | ---- | C] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
  [2013.02.20 19:45:07 | 000,000,396 | ---- | C] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
  [16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [7 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
  [3 C:\WINDOWS\Help\*.tmp files -> C:\WINDOWS\Help\*.tmp -> ]
  [5 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
  [1 C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\*.tmp files -> C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\*.tmp -> ]
  [1 C:\WINDOWS\SoftwareDistribution\Download\08630a0e5836d849898d98e89992b3cd\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\08630a0e5836d849898d98e89992b3cd\*.tmp -> ]
  [1 C:\WINDOWS\SoftwareDistribution\Download\96f29619e0ff5e71f060c3d1b020bc59\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\96f29619e0ff5e71f060c3d1b020bc59\download\*.tmp -> ]
  [1 C:\WINDOWS\SoftwareDistribution\Download\c07cb237ab881113fd0619bb5a943eb6\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\c07cb237ab881113fd0619bb5a943eb6\*.tmp -> ]
  [1 C:\WINDOWS\SoftwareDistribution\Download\c2e00646665a917d011788961ec91bb1\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\c2e00646665a917d011788961ec91bb1\*.tmp -> ]
  [1 C:\WINDOWS\SoftwareDistribution\Download\c7ba1508bd1b493e7587bda8b8e4698a\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\c7ba1508bd1b493e7587bda8b8e4698a\*.tmp -> ]
  [1 C:\WINDOWS\SoftwareDistribution\Download\e328b680249aea473aa35daaa83f5244\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\e328b680249aea473aa35daaa83f5244\*.tmp -> ]
  [1 C:\WINDOWS\system32\Adobe\Director\*.tmp files -> C:\WINDOWS\system32\Adobe\Director\*.tmp -> ]
  [3 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
  [42 C:\WINDOWS\system32\dllcache\*.tmp files -> C:\WINDOWS\system32\dllcache\*.tmp -> ]
  [14 C:\WINDOWS\system32\Setup\*.tmp files -> C:\WINDOWS\system32\Setup\*.tmp -> ]
  [17 C:\WINDOWS\system32\wbem\*.tmp files -> C:\WINDOWS\system32\wbem\*.tmp -> ]
  @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:D1B5B4F1
  
  :reg
  "HP Software Update"=-
  "Browser companion helper"=-
  "WinampAgent"=-
  "KernelFaultCheck"=-
  "vProt"=-
  "SweetIM"=-
  "SunJavaUpdateSched"=-
  "IObit Malware Fighter"=-
  ""=-
  "SearchSettings"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "DAEMON Tools Lite"=-
  "Skype"=-
  "uTorrent"=-
  "Uniblue SpeedUpMyPC"=-
  "Advanced SystemCare Ultimate"=-
  
  :files
  C:\Program Files\Uniblue\SpeedUpMyPC 3
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[BimboSK]

USB Fix:
Bohuzial nemam USB pred mesiacom som ho stratil a Externi hardsik tiez nemam .

############################## | UsbFix V 7.125 | [Deletion]

User: danusko (Administrator) # DANIEL-F4E3946F
Updated 01/05/2013 by El Desaparecido
Started at 19:11:11 | 06/05/2013

Website: http://sosvirus.org/
Upload Malware: http://upload.sosvirus.org/
Contact: contact@sosvirus.org

PC: System manufacturer (System Product Name) (X86-based PC)
CPU: Intel(R) Pentium(R) Dual CPU E2160 @ 1.80GHz (1799)
RAM -> [Total : 1023 | Free : 361]
BIOS: BIOS Date: 09/05/07 19:17:24 Ver: 08.00.14
BOOT: Normal boot

OS: Systém Microsoft Windows XP Home Edition (5.1.2600 32-Bit) # Service Pack 3
WB: Windows Internet Explorer 7.0.5730.13

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 128 Gb (46 Mb free - 36%) [] # NTFS
D:\ -> CD-ROM
F:\ -> CD-ROM

################## | El Desaparecido Section |

HKLM\SOFTWARE | Run : [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
HKLM\SOFTWARE | Run : [ZSSnp211] - C:\WINDOWS\ZSSnp211.exe
HKLM\SOFTWARE | Run : [Domino] - C:\WINDOWS\Domino.exe
HKLM\SOFTWARE | Run : [Symantec PIF AlertEng] - "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
HKLM\SOFTWARE | Run : [WinampAgent] - "C:\Program Files\Winamp\winampa.exe"
HKLM\SOFTWARE | Run : [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKLM\SOFTWARE | Run : [ATICustomerCare] - "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
HKLM\SOFTWARE | Run : [RTHDCPL] - RTHDCPL.EXE
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | Run : [avgnt] - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
HKLM\SOFTWARE | Run : [] -
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-20\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE | Run : [DAEMON Tools Lite] - "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE | Run : [ctfmon.exe] - C:\WINDOWS\system32\ctfmon.exe
HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE | Run : [Skype] - "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE | Run : [uTorrent] - "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE | Run : [Uniblue SpeedUpMyPC] - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
HKU\S-1-5-18\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE

################## | Stopped processes |

Stopped! C:\WINDOWS\system32\Ati2evxx.exe (944)
Stopped! C:\WINDOWS\system32\Ati2evxx.exe (1376)
Stopped! C:\WINDOWS\system32\spoolsv.exe (1536)
Stopped! C:\Program Files\Avira\AntiVir Desktop\sched.exe (1584)
Stopped! C:\Program Files\Avira\AntiVir Desktop\avguard.exe (1976)
Stopped! C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (2008)
Stopped! C:\Program Files\Java\jre7\bin\jqs.exe (320)
Stopped! C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (392)
Stopped! C:\WINDOWS\system32\PnkBstrA.exe (612)
Stopped! C:\WINDOWS\system32\PSIService.exe (632)
Stopped! C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe (900)
Stopped! C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (1828)
Stopped! C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (2344)
Stopped! C:\WINDOWS\ZSSnp211.exe (2360)
Stopped! C:\WINDOWS\Domino.exe (2376)
Stopped! C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (2464)
Stopped! C:\WINDOWS\RTHDCPL.EXE (2648)
Stopped! C:\Program Files\Common Files\Java\Java Update\jusched.exe (2656)
Stopped! C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (2668)
Stopped! C:\WINDOWS\system32\ctfmon.exe (2712)
Stopped! C:\Program Files\uTorrent\uTorrent.exe (3028)
Stopped! C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (3052)
Stopped! C:\Program Files\Opera\opera.exe (4060)

################## | Files # Infected Folders |


(!) Temporary files deleted.

################## | Registry |

Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr

################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{35f7ec8a-0051-11e0-b475-001d60670258}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{778e6220-288b-11e0-b4c8-001d60670258}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{e447b5f4-fca5-11df-b467-001d60670258}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{e6fb1942-6496-11de-b01f-001d60670258}

################## | Listing |

[08/08/2009 - 23:09:44 | D ] C:\217ccde9c7aff15b6c38
[15/10/2009 - 19:28:24 | DC ] C:\3d5e581caaeaf20a6e493ebbffb9
[11/01/2012 - 22:35:53 | D ] C:\68eff2470ec846ccbc
[12/05/2010 - 21:24:22 | DC ] C:\77571241055d82901f8f29b14b9e37d6
[05/05/2013 - 15:09:44 | N | 28228] C:\AdwCleaner[R1].txt
[05/05/2013 - 15:19:44 | N | 28289] C:\AdwCleaner[R2].txt
[05/05/2013 - 15:22:27 | N | 28350] C:\AdwCleaner[R3].txt
[05/05/2013 - 15:24:00 | N | 28052] C:\AdwCleaner[S1].txt
[15/01/2013 - 00:22:22 | D ] C:\AMD
[09/12/2011 - 21:55:50 | D ] C:\ATI
[26/12/2007 - 20:57:19 | N | 0] C:\AUTOEXEC.BAT
[05/05/2008 - 19:04:49 | N | 211] C:\boot.ini
[25/10/2001 - 14:00:00 | N | 4952] C:\Bootfont.bin
[15/10/2009 - 17:19:40 | DC ] C:\cc33d69c1f2ac48d9e6635c542
[04/05/2013 - 21:48:27 | DC ] C:\Config.Msi
[26/12/2007 - 20:57:19 | N | 0] C:\CONFIG.SYS
[13/02/2011 - 14:15:16 | D ] C:\DAEMON Tools
[17/01/2013 - 00:38:40 | DC ] C:\Documents and Settings
[08/12/2011 - 15:40:37 | D ] C:\Download
[22/02/2012 - 17:42:02 | D ] C:\Driver-Soft
[09/01/2013 - 13:31:15 | D ] C:\e00c7f81d12e9ddb5c
[20/02/2013 - 20:00:55 | D ] C:\found.000
[20/02/2013 - 20:00:55 | D ] C:\found.001
[20/02/2013 - 20:00:55 | D ] C:\found.002
[20/02/2013 - 20:00:55 | D ] C:\found.003
[26/12/2007 - 20:57:19 | N | 0] C:\IO.SYS
[05/05/2013 - 15:00:04 | D ] C:\JRT
[13/04/2013 - 21:58:49 | N | 273] C:\KillingFloor.exe.log
[26/12/2007 - 20:57:19 | N | 0] C:\MSDOS.SYS
[04/11/2010 - 16:27:38 | RHD ] C:\MSOCache
[28/02/2006 - 14:00:00 | N | 47564] C:\NTDETECT.COM
[19/06/2012 - 12:22:44 | N | 250048] C:\ntldr
[13/04/2013 - 21:47:45 | N | 9065] C:\Opera.exe.log
[06/05/2013 - 18:42:48 | ASH | 1608515584] C:\pagefile.sys
[05/05/2013 - 15:48:24 | N | 512] C:\PhysicalMBR.bin
[05/05/2013 - 15:22:55 | D ] C:\Program Files
[13/04/2013 - 19:50:04 | D ] C:\Program Files (x86)
[08/06/2008 - 09:14:47 | SHD ] C:\RECYCLER
[02/05/2013 - 18:20:41 | D ] C:\Riot Games
[04/05/2013 - 21:13:11 | D ] C:\rsit
[28/04/2013 - 21:12:19 | SHD ] C:\System Volume Information
[06/05/2013 - 19:14:52 | D ] C:\UsbFix
[06/05/2013 - 19:15:16 | A | 7171] C:\UsbFix [Clean 1] DANIEL-F4E3946F.txt
[05/05/2013 - 15:26:37 | D ] C:\WINDOWS

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | E.O.F | http://sosvirus.org |

[BimboSK]

U toho OTL jak mi to spusti mam hend skenovat alebo to mam oznacit ako predti 7day puriti chechk a lop check atd.. ?

[vyosek]

U OTL neni treba nic nastavovat, jen vlozit log a klik na Opravit

[BimboSK]

OK len som si neni isty ci mam dat RUN FIX alebo CLEAN UP .

[vyosek]

RunFix