VIRY.CZ

Zkuste prosim zopakovat v nouzovem rezimu

ok mam to nevsimol som si predtim ze tam bolo neco zaskrnute:


# AdwCleaner v2.300 - Logfile created 05/05/2013 at 15:22:30
# Updated 28/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : danusko - DANIEL-F4E3946F
# Boot Mode : Normal
# Running from : C:\Documents and Settings\danusko\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : IBUpdaterService
Stopped & Deleted : vToolbarUpdater14.2.0

***** [Files / Folders] *****

Deleted on reboot : C:\WINDOWS\system32\Zynga
Deleted on reboot : C:\WINDOWS\system32\Zynga
File Deleted : C:\DOCUME~1\danusko\LOCALS~1\Temp\Uninstall.exe
File Deleted : C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_home.sweetim.com_0.localstorage
File Deleted : C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_home.sweetim.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Deleted : C:\user.js
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Application Data\APN
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Application Data\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\danusko\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\danusko\Application Data\StatusWinks
Folder Deleted : C:\Documents and Settings\danusko\Local Settings\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\danusko\Local Settings\Application Data\P2P_Max
Folder Deleted : C:\Documents and Settings\danusko\Local Settings\Application Data\PackageAware
Folder Deleted : C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\DVDVideoSoftTB
Folder Deleted : C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\P2P_Max
Folder Deleted : C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\uTorrentControl_v2
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\spigot
Folder Deleted : C:\Program Files\IObit Apps Toolbar
Folder Deleted : C:\Program Files\Smart Driver Updater
Folder Deleted : C:\Program Files\Smiley Bar for Facebook
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\WINDOWS\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Folder Deleted : C:\WINDOWS\system32\WNLT

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\DVDVideoSoftTB
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{33AA308B-B565-4376-AC66-59EE9B6AD13E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72AE8426-3B8D-4EAD-B191-8D0AD1C62158}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B7D3E479-CC68-42B5-A338-938ECE35F419}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\P2P_Max
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Smiley Bar for Facebook
Key Deleted : HKCU\Software\Toolbar
Key Deleted : HKCU\Software\uTorrentControl_v2
Key Deleted : HKCU\Software\WhenU
Key Deleted : HKCU\Software\WhenUSave
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\XBTB01621
Key Deleted : HKCU\Software\XTTB00001
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\BFlix
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{471B163C-D832-47CF-87B9-70EC803DA402}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{745AD919-3AC5-4045-9507-6F42C961EEF3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\DVDVideoSoftTB
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BrowserCompanion
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDVideoSoftTB Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\incredibar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\searchya
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Smiley Bar for Facebook
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SpecialSavings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SweetIM Bundle by SweetPacks
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl_v2 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WNLT
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F3157AA407841454BB0C9BE8D1982BC9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smiley Bar for Facebook
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\P2P_Max
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKLM\Software\WNLT
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{72AE8426-3B8D-4EAD-B191-8D0AD1C62158}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B7D3E479-CC68-42B5-A338-938ECE35F419}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion [adv_i]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [statuswinks@StatusWinks]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{72AE8426-3B8D-4EAD-B191-8D0AD1C62158}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B7D3E479-CC68-42B5-A338-938ECE35F419}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion [adv_i]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [statuswinks@StatusWinks]

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.17128

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://www.crawler.com/search/dispatcher.aspx? ... tbid=66022 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - CustomizeSearch] = hxxp://search.v9.com/web/?utm_source=b&utm_medium=mlv&from=mlv&uid=SAMSUNGXHD250HJ_S0URJ9DPA61108&ts=1355422846 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - SearchAssistant] = hxxp://www.crawler.com/search/ie.aspx?tb_id=66022 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - CustomizeSearch] = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=66022 --> hxxp://www.google.com

-\\ Google Chrome v26.0.1410.64

File : C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.15.1748.0

File : C:\Documents and Settings\danusko\Application Data\Opera\Opera\operaprefs.ini

Deleted : Home URL=hxxp://mystart.incredibar.com/mb128?a=6PQGeaPp2k&i=26

*************************

AdwCleaner[R1].txt - [28228 octets] - [05/05/2013 15:09:31]
AdwCleaner[R2].txt - [28289 octets] - [05/05/2013 15:19:34]
AdwCleaner[R3].txt - [28350 octets] - [05/05/2013 15:22:18]
AdwCleaner[S1].txt - [27921 octets] - [05/05/2013 15:22:30]

########## EOF - C:\AdwCleaner[S1].txt - [27982 octets] ##########

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

po vykonni tochto restardu som skusil spustit nejaku hru pri ktorej mi to robilo a uz mi to nerobi... ale ak tam vidite nejaku chybu este tak by som bol rad kebyze mi ju pomozete odstranit.

Jeste tam toho hodne je, udelejte prosim ten OTL

trva to trosku dlksie tak nwm kedy bude log

Ono delka skenovani je zavisla na vykonu PC ale predevsim na mnozstvi souboru, kterymi se OTL musim probrat...Pokud se nezasekne na vice jak 15 minut, tak jej nechte skenovat...

OTL logfile created on: 5. 5. 2013 15:42:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\danusko\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000041b | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy

1023,17 Mb Total Physical Memory | 633,45 Mb Available Physical Memory | 61,91% Memory free
2,40 Gb Paging File | 1,67 Gb Available in Paging File | 69,39% Paging File free
Paging file location(s): C:\pagefile.sys 1534 1534 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127,99 Gb Total Space | 45,85 Gb Free Space | 35,82% Space Free | Partition Type: NTFS

Computer Name: DANIEL-F4E3946F | User Name: danusko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.05.05 15:40:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\danusko\Desktop\OTL.exe
PRC - [2013.05.02 11:31:31 | 000,802,136 | ---- | M] (BitTorrent Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2013.04.28 20:40:36 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2013.04.28 20:10:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2013.04.28 20:09:47 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.04.28 20:09:40 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.04.28 20:09:39 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.04.24 20:55:11 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.04.15 15:27:46 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.01.29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007.10.22 11:13:26 | 009,438,488 | ---- | M] (Uniblue Software) -- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
PRC - [2007.09.12 18:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006.11.02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006.07.14 17:24:10 | 000,049,152 | ---- | M] (ZSMCSNAP) -- C:\WINDOWS\ZSSnp211.exe
PRC - [2006.07.04 15:16:32 | 000,049,152 | ---- | M] () -- C:\WINDOWS\Domino.exe


========== Modules (No Company Name) ==========

MOD - [2013.04.28 20:10:39 | 000,397,704 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2013.04.24 20:49:45 | 014,717,144 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2008.10.11 22:18:46 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.04.14 02:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.14 02:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006.11.02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2006.07.04 15:16:32 | 000,049,152 | ---- | M] () -- C:\WINDOWS\Domino.exe


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (LiveUpdate)
SRV - File not found [Auto | Stopped] -- -- (LiveUpdate Notice Ex)
SRV - File not found [On_Demand | Stopped] -- -- (ISPwdSvc)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.04.28 20:10:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.04.28 20:09:40 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.04.24 20:55:11 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.04.24 20:49:57 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.15 15:27:46 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.11.19 18:03:24 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2008.01.29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007.09.12 18:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2006.11.02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV - File not found [File_System | On_Demand | Stopped] -- -- (WinRing0_1_2_0)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (npkcrypt)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (ew_hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a6o5bay3)
DRV - [2013.04.28 20:10:57 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.04.28 20:10:57 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.04.28 20:10:57 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.04.28 20:10:57 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2013.02.18 17:01:06 | 000,033,112 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012.04.15 23:32:14 | 001,068,216 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\wcmvcam.sys -- (WCMVCAM)
DRV - [2011.12.20 09:39:28 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2011.12.13 19:27:30 | 007,069,288 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2011.12.06 05:42:18 | 007,490,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010.01.27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009.11.18 08:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 08:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.02.18 23:08:12 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.11.25 19:30:02 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008.03.03 13:00:00 | 000,043,392 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SiSGbeXP.sys -- (SiSGbeXP)
DRV - [2007.07.20 18:40:10 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2007.04.04 12:43:38 | 000,098,952 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716unic.sys -- (s716unic)
DRV - [2007.04.04 12:43:36 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716obex.sys -- (s716obex)
DRV - [2007.04.04 12:43:36 | 000,023,176 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716nd5.sys -- (s716nd5)
DRV - [2007.04.04 12:43:34 | 000,108,552 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mdm.sys -- (s716mdm)
DRV - [2007.04.04 12:43:34 | 000,100,360 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mgmt.sys -- (s716mgmt)
DRV - [2007.04.04 12:43:32 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mdfl.sys -- (s716mdfl)
DRV - [2007.04.04 12:43:20 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716bus.sys -- (s716bus)
DRV - [2006.12.28 18:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService)
DRV - [2006.07.25 12:47:56 | 000,391,791 | ---- | M] (ZSMC Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZS211.sys -- (ZSMC211)
DRV - [2006.02.17 21:34:24 | 000,083,344 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510obex.sys -- (k510obex)
DRV - [2006.02.17 21:34:22 | 000,085,408 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mgmt.sys -- (k510mgmt)
DRV - [2006.02.17 21:34:18 | 000,094,064 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mdm.sys -- (k510mdm)
DRV - [2006.02.17 21:34:16 | 000,008,336 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mdfl.sys -- (k510mdfl)
DRV - [2006.02.17 21:34:10 | 000,058,288 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510bus.sys -- (k510bus)
DRV - [2004.08.12 10:00:00 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2003.03.25 18:50:46 | 000,004,096 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\siside.sys -- (SiSide)
DRV - [2002.10.17 16:14:46 | 000,049,024 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\sisidex.sys -- (sisidex)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.phpnuke.org/?lang=en&cid= ... earchTerms}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searc ... 8&fr=b1ie7
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\{006EE305-1DF8-4D9D-BBDB-F93594A7272B}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\94A2AE90-7B04-4CE9-92A8-E74303397600: "URL" = http://searchya.com/?chnl=dcom-100&s=1& ... earchTerms}
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\C60EA454-FE12-4AF5-BCC6-ED86A369920E: "URL" = http://search.phpnuke.org/?lang=en&cid= ... earchTerms}
IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\danusko\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: C:\Program Files\VDownloader\Addons\npVDownloader.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@vdownloader.com: C:\Program Files\VDownloader\Addons\FireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\SpecialSavings@SpecialSavings.com: C:\Documents and Settings\danusko\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\SpecialSavings@SpecialSavings.com: C:\Documents and Settings\danusko\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com


========== Chrome ==========

CHR - default_search_provider: Yahoo! (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yahoo.com/gossip?outpu ... earchTerms}
CHR - homepage: http://searchou.com/?id=08fc6c3e0000000 ... 1d60670258
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: (Enabled) = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.485_0\npbrowserext.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.5.0.11422_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: SpecialSavings = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1\
CHR - Extension: YouTube = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: PhpNuke Chrome Toolbar = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cngompmodgafkkffefbfbghhciijojjh\1.0_0\
CHR - Extension: Ebay Shopping Assistant by Spigot = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.0_0\
CHR - Extension: Smiley Bar for Facebook = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hgojaaaiddhmiiakpejiklijbalpckih\1.0.0.5\
CHR - Extension: Domain Error Assistant = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.1_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.8.0.12323_0\
CHR - Extension: Savings-Slider = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.3_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: Amazon Shopping Assistant by Spigot = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006.02.28 14:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (phpnuke Helper Object) - {890CA547-B66C-48BF-9663-DBE0BFDC7D0C} - C:\Program Files\phpnuke\phpnuke\1.8.12.7\bh\phpnuke.dll (PHPNuke.org)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (CPrintEnhancer Object) - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll (Hewlett-Packard Co.)
O2 - BHO: (no name) - {da30eff8-ccc6-4162-a20d-67402a26a215} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {F6104497-54FD-4688-9162-5115CC8AB0FB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKLM\..\Toolbar: (phpnuke Toolbar) - {7B206A1E-933F-4A50-9E60-5167598BDB03} - C:\Program Files\phpnuke\phpnuke\1.8.12.7\phpnukeTlbr.dll (PHPNuke.org)
O3 - HKLM\..\Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O3 - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Domino] C:\WINDOWS\Domino.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" File not found
O4 - HKLM..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe (ZSMCSNAP)
O4 - HKU\S-1-5-21-507921405-1965331169-839522115-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-507921405-1965331169-839522115-1004..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe (Uniblue Software)
O4 - HKU\S-1-5-21-507921405-1965331169-839522115-1004..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: &Download All using 4shared Desktop - Reg Error: Value error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 File not found
O13 - DefaultPrefix: http://www.myhottersearchbox.com/not_found_world/?url=
O13 - www Prefix: http://www.myhottersearchbox.com/not_found_world/?url=
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/sh ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 7525730171 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06728A1F-98EC-42DB-8952-4247E69AAD07}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuálna domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\danusko\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\danusko\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.12.26 20:57:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{35f7ec8a-0051-11e0-b475-001d60670258}\Shell - "" = AutoRun
O33 - MountPoints2\{35f7ec8a-0051-11e0-b475-001d60670258}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{778e6220-288b-11e0-b4c8-001d60670258}\Shell\AutoRun\command - "" = i00dvoym.exe
O33 - MountPoints2\{778e6220-288b-11e0-b4c8-001d60670258}\Shell\open\Command - "" = i00dvoym.exe
O33 - MountPoints2\{e447b5f4-fca5-11df-b467-001d60670258}\Shell - "" = AutoRun
O33 - MountPoints2\{e447b5f4-fca5-11df-b467-001d60670258}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{e6fb1942-6496-11de-b01f-001d60670258}\Shell - "" = AutoRun
O33 - MountPoints2\{e6fb1942-6496-11de-b01f-001d60670258}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.05.05 15:40:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\danusko\Desktop\OTL.exe
[2013.05.05 15:00:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.05.05 15:00:03 | 000,000,000 | ---D | C] -- C:\JRT
[2013.05.05 14:59:47 | 000,545,926 | ---- | C] (Oleg N. Scherbakov) -- C:\Documents and Settings\danusko\Desktop\JRT.exe
[2013.05.05 14:57:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013.05.04 21:12:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.05.04 21:12:16 | 000,000,000 | ---D | C] -- C:\rsit
[2013.05.02 18:20:30 | 000,000,000 | ---D | C] -- C:\Riot Games
[2013.05.02 18:20:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\NewFeature1
[2013.05.02 16:31:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\danusko\Desktop\League of Legends
[2013.05.02 16:31:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\danusko\Local Settings\Application Data\PMB Files
[2013.05.02 16:31:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PMB Files
[2013.05.02 16:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2013.04.29 19:09:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{D76294E6-03B8-4971-AF2E-3F846161A690}
[2013.04.29 19:08:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
[2013.04.29 19:01:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\danusko\Application Data\IObit
[2013.04.29 17:51:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\danusko\Application Data\.minecraft
[2013.04.28 20:19:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\danusko\Application Data\Avira
[2013.04.28 20:12:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Avira
[2013.04.28 20:12:03 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2013.04.28 20:12:02 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2013.04.28 20:12:01 | 000,135,136 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013.04.28 20:12:01 | 000,084,744 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2013.04.28 20:11:56 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2013.04.28 20:11:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
[7 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
[42 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[283 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.05.05 15:48:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.05.05 15:47:16 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.05.05 15:40:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\danusko\Desktop\OTL.exe
[2013.05.05 15:26:36 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.05 15:26:34 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
[2013.05.05 15:26:32 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job
[2013.05.05 15:26:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.05.05 15:16:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.05 15:04:21 | 000,237,056 | ---- | M] () -- C:\Documents and Settings\danusko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.05 14:59:54 | 000,628,743 | ---- | M] () -- C:\Documents and Settings\danusko\Desktop\adwcleaner.exe
[2013.05.05 14:59:48 | 000,545,926 | ---- | M] (Oleg N. Scherbakov) -- C:\Documents and Settings\danusko\Desktop\JRT.exe
[2013.05.04 23:17:23 | 008,570,861 | ---- | M] () -- C:\Documents and Settings\danusko\Desktop\Majk Spirit Celeste Buckingham I Was Wrong .mp3
[2013.05.04 21:12:04 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\danusko\Desktop\RSIT.exe
[2013.05.04 19:00:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\RMSchedule.job
[2013.05.03 15:17:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.05.02 18:49:36 | 000,001,616 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Play League of Legends.lnk
[2013.05.02 08:28:09 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.05.02 00:39:51 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
[2013.05.01 14:23:09 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\danusko\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013.05.01 14:23:09 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Google Chrome.lnk
[2013.04.30 20:07:06 | 046,130,875 | ---- | M] () -- C:\Documents and Settings\danusko\Desktop\Jak Ziskat Na Facebooku Tisice Lajku [mp3s.nadruhou.net].mp4
[2013.04.29 17:56:47 | 000,000,997 | ---- | M] () -- C:\Documents and Settings\danusko\Desktop\Odkaz na Minecraft.lnk
[2013.04.28 20:12:58 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Avira Control Center.lnk
[2013.04.28 20:10:57 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013.04.28 20:10:57 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2013.04.28 20:10:57 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2013.04.28 20:10:57 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2013.04.28 20:03:39 | 002,092,792 | ---- | M] () -- C:\Documents and Settings\danusko\Desktop\avira_free_antivirus.exe
[42 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[283 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.05.05 15:48:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.05.05 14:59:54 | 000,628,743 | ---- | C] () -- C:\Documents and Settings\danusko\Desktop\adwcleaner.exe
[2013.05.04 23:04:03 | 008,570,861 | ---- | C] () -- C:\Documents and Settings\danusko\Desktop\Majk Spirit Celeste Buckingham I Was Wrong .mp3
[2013.05.04 21:12:04 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\danusko\Desktop\RSIT.exe
[2013.05.02 18:49:36 | 000,001,616 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Play League of Legends.lnk
[2013.05.01 14:23:09 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\danusko\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013.04.30 20:05:03 | 046,130,875 | ---- | C] () -- C:\Documents and Settings\danusko\Desktop\Jak Ziskat Na Facebooku Tisice Lajku [mp3s.nadruhou.net].mp4
[2013.04.29 17:56:46 | 000,000,997 | ---- | C] () -- C:\Documents and Settings\danusko\Desktop\Odkaz na Minecraft.lnk
[2013.04.28 20:12:58 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Avira Control Center.lnk
[2013.04.28 20:03:38 | 002,092,792 | ---- | C] () -- C:\Documents and Settings\danusko\Desktop\avira_free_antivirus.exe
[2013.04.13 21:25:17 | 000,045,194 | ---- | C] () -- C:\Documents and Settings\danusko\Application Data\room_v3.dat
[2013.01.15 00:36:11 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\IDEproperty.dll
[2013.01.15 00:21:25 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2012.12.14 16:31:15 | 000,139,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2012.12.14 16:31:15 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\danusko\Application Data\PnkBstrK.sys
[2012.12.14 16:30:58 | 000,282,104 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2012.12.14 16:30:50 | 000,076,888 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2012.12.09 22:06:31 | 000,362,104 | ---- | C] () -- C:\WINDOWS\System32\dmwu(2)(2).exe
[2012.12.09 22:06:31 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\ImHttpComm(2)(2).dll
[2012.09.16 14:59:26 | 001,156,400 | ---- | C] () -- C:\WINDOWS\System32\dmwu.exe
[2012.09.16 14:59:26 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\ImHttpComm.dll
[2012.06.20 16:59:20 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.04.26 15:21:35 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2012.04.26 15:21:34 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2012.04.26 15:21:33 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2012.04.26 15:21:32 | 000,608,507 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2012.03.31 19:22:54 | 000,000,321 | ---- | C] () -- C:\WINDOWS\WPE PRO.INI
[2011.12.09 22:00:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011.12.09 15:43:15 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011.12.05 23:04:00 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll
[2011.12.05 23:03:52 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011.11.20 13:37:21 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\OVDecoder.dll
[2011.09.18 09:44:50 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\danusko\Local Settings\Application Data\fusioncache.dat
[2011.01.18 16:53:33 | 000,001,550 | ---- | C] () -- C:\Documents and Settings\danusko\.recently-used.xbel
[2009.08.05 15:02:00 | 000,007,983 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\LUUnInstall.LiveUpdate
[2009.07.06 12:06:19 | 000,000,083 | ---- | C] () -- C:\Documents and Settings\danusko\Local Settings\Application Data\X-Plane Installer.prf
[2009.02.13 10:16:12 | 000,000,298 | ---- | C] () -- C:\Documents and Settings\danusko\post.bat
[2008.08.24 22:38:31 | 000,237,056 | ---- | C] () -- C:\Documents and Settings\danusko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.05.23 21:01:13 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\QTSBandwidthCache

========== ZeroAccess Check ==========

[2008.05.06 17:45:41 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 02:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 14:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 02:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009.01.16 15:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\132EE
[2011.01.13 21:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\B31C
[2013.01.26 16:20:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Common Files
[2011.10.17 19:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DatacardService
[2013.02.01 16:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DriverGenius
[2009.11.12 09:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\E2DE
[2013.05.02 22:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Electronic Arts
[2008.06.18 19:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
[2013.04.24 19:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\GarenaMessenger
[2012.12.09 16:02:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Hi-Rez Studios
[2010.01.29 18:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ICQ
[2010.05.01 13:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\InterAction studios
[2013.05.05 14:57:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
[2011.12.08 17:51:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MAGIX
[2013.05.02 22:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Origin
[2013.05.04 13:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PMB Files
[2009.07.06 10:58:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PopCap Games
[2012.12.15 20:52:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sony
[2009.01.20 21:42:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\tcpIQ
[2012.06.12 19:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2013.02.19 08:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WarThunder
[2013.04.29 19:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
[2013.05.05 14:57:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013.04.29 19:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{D76294E6-03B8-4971-AF2E-3F846161A690}
[2013.04.24 19:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\(2).minecraft
[2012.09.22 20:30:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\.DreamPvP
[2013.05.05 15:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\.minecraft
[2012.12.15 14:38:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\.techniclauncher
[2013.05.05 15:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\AIMP3
[2013.02.23 14:01:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Audacity
[2012.02.14 17:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\BANDISOFT
[2008.12.21 11:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\BearShare
[2008.07.04 19:25:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Camfrog
[2012.12.17 20:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2008.11.25 19:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\DAEMON Tools
[2011.11.21 20:26:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\DVDVideoSoft
[2011.10.31 13:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\GetRightToGo
[2008.09.24 13:56:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Groove Games
[2010.10.15 18:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\gtk-2.0
[2010.03.28 08:22:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\ICQ
[2008.05.10 09:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\ICQ Toolbar
[2010.01.11 19:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Image Zone Express
[2013.05.02 22:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\IObit
[2009.12.05 22:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\LimeWire
[2012.03.13 22:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\LolClient
[2011.11.20 13:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\MAGIX
[2008.12.23 14:15:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\MSNInstaller
[2009.02.14 14:23:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Opera
[2012.06.20 17:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Oracle
[2013.02.23 21:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\phpnuke
[2010.01.11 19:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Printer Info Cache
[2012.12.15 21:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Publish Providers
[2008.05.06 20:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Teleca
[2011.12.08 17:38:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\TS3Client
[2011.10.25 15:58:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\ts3overlay
[2013.04.24 19:37:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Uniblue
[2013.05.05 15:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\uTorrent
[2012.08.18 18:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\wargaming.net
[2013.01.22 23:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\WebcamMax

========== Purity Check ==========



========== Custom Scans ==========

< >
[2008.05.05 19:07:31 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2008.05.05 19:12:56 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2008.05.06 17:42:53 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2012.04.09 17:15:25 | 000,000,258 | ---- | C] () -- C:\WINDOWS\Tasks\RMSchedule.job
[2012.04.23 21:52:49 | 000,000,256 | ---- | C] () -- C:\WINDOWS\Tasks\Game_Booster_Startup.job
[2012.04.28 17:39:41 | 000,000,922 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.04.28 17:39:42 | 000,000,926 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.08.12 23:59:34 | 000,000,830 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.01.26 16:21:32 | 000,000,282 | ---- | C] () -- C:\WINDOWS\Tasks\Game_Booster_AutoUpdate.job
[2013.02.20 19:45:07 | 000,000,274 | ---- | C] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
[2013.02.20 19:45:07 | 000,000,396 | ---- | C] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job

< >

< MD5 for: ATAPI.SYS >
[2012.06.19 12:18:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:atapi.sys
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2012.06.19 12:18:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2012.06.19 12:18:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\atapi.sys
[2006.02.28 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\autochk.exe
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2006.02.28 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2012.06.19 12:18:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:cdrom.sys
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2012.06.19 12:18:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2012.06.19 12:18:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.02.28 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\explorer.exe
[2007.06.13 13:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 12:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2006.02.28 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: HAL.DLL >
[2012.06.19 12:18:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:hal.dll
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2012.06.19 12:18:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2012.06.19 12:18:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\hal.dll
[2006.02.28 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: SCECLI.DLL >
[2006.02.28 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.06 13:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008.04.14 02:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 02:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2008.04.14 02:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\services.exe
[2009.02.06 19:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.06 12:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.06 13:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009.02.06 13:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.06 13:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
[2006.02.28 14:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2006.02.28 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.02.28 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2006.02.28 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.02.28 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
[3 C:\WINDOWS\Help\*.tmp files -> C:\WINDOWS\Help\*.tmp -> ]
[5 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\*.tmp files -> C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\08630a0e5836d849898d98e89992b3cd\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\08630a0e5836d849898d98e89992b3cd\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\96f29619e0ff5e71f060c3d1b020bc59\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\96f29619e0ff5e71f060c3d1b020bc59\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\c07cb237ab881113fd0619bb5a943eb6\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\c07cb237ab881113fd0619bb5a943eb6\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\c2e00646665a917d011788961ec91bb1\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\c2e00646665a917d011788961ec91bb1\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\c7ba1508bd1b493e7587bda8b8e4698a\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\c7ba1508bd1b493e7587bda8b8e4698a\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\e328b680249aea473aa35daaa83f5244\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\e328b680249aea473aa35daaa83f5244\*.tmp -> ]
[283 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\Adobe\Director\*.tmp files -> C:\WINDOWS\system32\Adobe\Director\*.tmp -> ]
[3 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[42 C:\WINDOWS\system32\dllcache\*.tmp files -> C:\WINDOWS\system32\dllcache\*.tmp -> ]
[14 C:\WINDOWS\system32\Setup\*.tmp files -> C:\WINDOWS\system32\Setup\*.tmp -> ]
[17 C:\WINDOWS\system32\wbem\*.tmp files -> C:\WINDOWS\system32\wbem\*.tmp -> ]
[97 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2009.01.16 15:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\132EE
[2012.12.17 20:02:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
[2008.05.06 17:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
[2013.04.28 20:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
[2011.01.13 21:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\B31C
[2009.10.28 18:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Blizzard
[2013.01.26 16:20:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Common Files
[2011.10.17 19:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DatacardService
[2013.02.01 16:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DriverGenius
[2009.11.12 09:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\E2DE
[2013.05.02 22:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Electronic Arts
[2008.06.18 19:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
[2013.04.24 19:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\GarenaMessenger
[2008.05.06 17:14:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Hewlett-Packard
[2012.12.09 16:02:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Hi-Rez Studios
[2008.05.06 17:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HP
[2008.05.06 17:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HPSSUPPLY
[2010.01.29 18:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ICQ
[2008.11.22 19:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\InstallShield
[2010.05.01 13:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\InterAction studios
[2013.05.05 14:57:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
[2011.12.08 17:51:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MAGIX
[2013.01.31 00:29:59 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
[2010.05.11 19:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
[2011.10.28 21:52:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton
[2011.10.28 21:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\NortonInstaller
[2013.05.02 22:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Origin
[2013.05.04 13:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PMB Files
[2009.07.06 10:58:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PopCap Games
[2013.04.24 20:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype
[2012.12.15 20:52:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sony
[2011.10.20 14:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sun
[2009.08.05 15:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec
[2009.01.20 21:42:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\tcpIQ
[2012.06.12 19:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2013.02.19 08:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WarThunder
[2008.05.06 17:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WEBREG
[2013.04.29 19:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
[2013.05.05 14:57:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013.04.29 19:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{D76294E6-03B8-4971-AF2E-3F846161A690}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2013.02.24 01:04:26 | 011,123,520 | ---- | M] (Electronic Arts) -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Electronic Arts\Need for Speed World\Data\nfsw.exe
[2008.11.22 19:17:49 | 009,843,864 | ---- | M] (Macrovision Corporation) -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Plugins\Plugins\95F12167483D466CABC98CAFE4B4FD93\CT4SKypePlugIn20_Multi_Media.exe
[2008.11.22 19:17:49 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Plugins\Plugins\95F12167483D466CABC98CAFE4B4FD93\RLLauncher.exe
[2013.04.15 15:27:46 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

< %APPDATA%\*. >
[2013.04.24 19:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\(2).minecraft
[2012.09.22 20:30:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\.DreamPvP
[2013.05.05 16:31:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\.minecraft
[2012.12.15 14:38:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\.techniclauncher
[2012.12.17 20:02:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Adobe
[2008.08.24 22:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\AdobeUM
[2013.05.05 16:14:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\AIMP3
[2013.04.29 19:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Apple Computer
[2008.11.22 15:24:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\ATI
[2013.02.23 14:01:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Audacity
[2013.04.28 20:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Avira
[2012.02.14 17:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\BANDISOFT
[2008.12.21 11:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\BearShare
[2008.07.04 19:25:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Camfrog
[2012.12.17 20:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2010.03.12 15:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Corel
[2008.11.25 19:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\DAEMON Tools
[2010.05.11 18:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\dvdcss
[2011.11.21 20:26:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\DVDVideoSoft
[2011.10.31 13:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\GetRightToGo
[2008.10.25 11:51:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Google
[2008.09.24 13:56:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Groove Games
[2010.10.15 18:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\gtk-2.0
[2008.05.10 09:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Help
[2008.05.24 09:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\HP
[2010.03.28 08:22:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\ICQ
[2008.05.10 09:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\ICQ Toolbar
[2010.04.10 20:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Identities
[2010.01.11 19:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Image Zone Express
[2013.05.02 22:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\IObit
[2009.12.05 22:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\LimeWire
[2012.03.13 22:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\LolClient
[2008.05.08 22:06:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Macromedia
[2011.11.20 13:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\MAGIX
[2013.02.14 21:31:44 | 000,000,000 | --SD | M] -- C:\Documents and Settings\danusko\Application Data\Microsoft
[2008.12.23 14:15:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\MSNInstaller
[2009.02.14 14:23:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Opera
[2012.06.20 17:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Oracle
[2013.02.23 21:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\phpnuke
[2010.01.11 19:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Printer Info Cache
[2012.12.15 21:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Publish Providers
[2013.05.05 16:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Skype
[2011.11.23 15:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\skypePM
[2008.12.06 11:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Sun
[2008.05.06 20:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Teleca
[2011.12.08 17:38:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\TS3Client
[2011.10.25 15:58:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\ts3overlay
[2013.04.24 19:37:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\Uniblue
[2013.05.05 16:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\uTorrent
[2013.05.04 23:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\vlc
[2012.08.18 18:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\wargaming.net
[2013.01.22 23:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\WebcamMax
[2009.07.26 21:08:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\WinRAR

< %APPDATA%\*.exe /s >
[2012.04.22 13:55:24 | 000,695,296 | ---- | M] (AnjoCaido) -- C:\Documents and Settings\danusko\Application Data\.minecraft\Minecraft.exe
[2012.02.18 16:55:48 | 000,048,128 | ---- | M] (Microsoft) -- C:\Documents and Settings\danusko\Application Data\.minecraft\saves\PlanetoidMapGenerator\Planetoid Map Generator.exe
[2012.02.18 16:55:48 | 000,091,648 | ---- | M] () -- C:\Documents and Settings\danusko\Application Data\.minecraft\saves\PlanetoidMapGenerator\GZip\gzip.exe
[2009.06.23 17:00:01 | 000,163,840 | ---- | M] (Mozilla Foundation) -- C:\Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\crashreporter.exe
[2009.06.23 17:00:03 | 000,196,608 | ---- | M] (Mozilla Foundation) -- C:\Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\updater.exe
[2009.06.23 17:00:03 | 000,014,848 | ---- | M] () -- C:\Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\xpcshell.exe
[2009.06.23 17:00:03 | 000,077,824 | ---- | M] (Mozilla Foundation) -- C:\Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\xpicleanup.exe
[2009.06.23 17:00:03 | 000,266,240 | ---- | M] (Mozilla Foundation) -- C:\Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\xpidl.exe
[2009.06.23 17:00:03 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\xpt_dump.exe
[2009.06.23 17:00:03 | 000,014,336 | ---- | M] () -- C:\Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\xpt_link.exe
[2009.06.23 17:00:03 | 000,073,728 | ---- | M] (Mozilla Foundation) -- C:\Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\xulrunner-stub.exe
[2009.06.23 17:00:03 | 000,102,400 | ---- | M] (Mozilla Foundation) -- C:\Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\xulrunner.exe
[2012.12.17 20:02:11 | 000,055,424 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\danusko\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.12.09 15:44:34 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\danusko\Application Data\Microsoft\Installer\{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[283 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2013.05.05 15:47:16 | 000,000,830 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.05.03 15:17:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2013.05.05 15:26:34 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\Game_Booster_AutoUpdate.job
[2013.05.05 15:26:32 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Game_Booster_Startup.job
[2013.05.05 15:26:36 | 000,000,922 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.05.05 16:16:03 | 000,000,926 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013.05.04 19:00:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\RMSchedule.job
[2013.05.02 00:39:51 | 000,000,274 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
[2013.02.20 19:45:07 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008.11.25 19:30:02 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2008.05.05 20:54:49 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008.05.05 20:54:49 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008.05.05 20:54:48 | 000,888,832 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[283 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[283 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun -- [2008.07.24 17:02:06 | 000,490,952 | ---- | M] (DT Soft Ltd)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 02:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.02.28 18:50:02 | 018,642,024 | R--- | M] (Skype Technologies S.A.)
"uTorrent" = "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED -- [2013.05.02 11:31:31 | 000,802,136 | ---- | M] (BitTorrent Inc.)
"Uniblue SpeedUpMyPC" = C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s -- [2007.10.22 11:13:26 | 009,438,488 | ---- | M] (Uniblue Software)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.02.22 00:55:09 | 000,643,184 | -HS- | M] (Microsoft Corporation) MD5=186E5B46F7DCEB473E2548E20F071934 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2013.04.28 20:40:36 | 000,879,456 | ---- | M] (Opera Software) MD5=C5520FEB7AD5F6E3692B6DE41F6A1A27 -- C:\Program Files\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013.04.09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) MD5=4E9592BB2C100E571F82640E59E9ECD5 -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.05.05 15:48:24 | 000,000,512 | ---- | M] () MD5=37602740B6C90D2C388EF46E5272CA7A -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013.04.24 20:23:25 | 000,015,781 | ---- | M] () -- \Documents and Settings\danusko\Application Data\uTorrent\Minecraft_Cracked_v1.4.7.zip.1.torrent
[2013.04.24 18:36:06 | 000,015,781 | ---- | M] () -- \Documents and Settings\danusko\Application Data\uTorrent\Minecraft_Cracked_v1.4.7.zip.torrent
[2013.04.25 19:32:05 | 000,019,770 | ---- | M] () -- \Documents and Settings\danusko\Application Data\uTorrent\SimCity 2013 No Crack.torrent
[2013.05.05 16:43:47 | 000,632,192 | ---- | M] () -- \Documents and Settings\danusko\Desktop\CrackedTechnicLauncher.jar
[2012.12.14 16:45:02 | 000,015,636 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrack.cfx
[2012.12.14 16:45:05 | 000,015,656 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
[2012.12.14 16:45:05 | 000,016,044 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
[2012.12.14 16:45:06 | 000,016,744 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
[2012.12.14 16:45:06 | 000,015,352 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
[2012.12.14 16:45:06 | 000,016,372 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
[2012.12.14 16:45:02 | 000,016,024 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncracklightmap.cfx
[2012.12.14 16:45:03 | 000,016,724 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
[2012.12.14 16:45:04 | 000,015,300 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
[2012.12.14 16:45:03 | 000,016,352 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackshadow.cfx
[2012.12.14 16:45:02 | 000,015,856 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrack.cfx
[2012.12.14 16:45:05 | 000,015,876 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
[2012.12.14 16:45:05 | 000,016,264 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
[2012.12.14 16:45:06 | 000,016,964 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
[2012.12.14 16:45:06 | 000,015,572 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
[2012.12.14 16:45:06 | 000,016,592 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
[2012.12.14 16:45:02 | 000,016,244 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
[2012.12.14 16:45:03 | 000,016,944 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
[2012.12.14 16:45:04 | 000,015,520 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
[2012.12.14 16:45:03 | 000,016,572 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-AC6B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
[2013.01.14 23:46:11 | 000,000,200 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Programy\Driver Genius 11 & Serial license crack.html
[2012.12.15 20:53:03 | 014,846,576 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Programy\Sony-Vegas-PRO-9---FULL-Edition-[CRACK-+-KEYGEN].rar
[2013.01.18 17:35:12 | 000,015,636 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrack.cfx
[2013.01.18 17:35:14 | 000,015,656 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
[2013.01.18 17:35:14 | 000,016,044 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
[2013.01.18 17:35:15 | 000,016,744 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
[2013.01.18 17:35:16 | 000,015,352 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
[2013.01.18 17:35:15 | 000,016,372 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
[2013.01.18 17:35:12 | 000,016,024 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncracklightmap.cfx
[2013.01.18 17:35:13 | 000,016,724 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
[2013.01.18 17:35:13 | 000,015,300 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
[2013.01.18 17:35:13 | 000,016,352 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetailcrackndetailncrackshadow.cfx
[2013.01.18 17:35:12 | 000,015,856 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrack.cfx
[2013.01.18 17:35:14 | 000,015,876 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
[2013.01.18 17:35:14 | 000,016,264 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
[2013.01.18 17:35:15 | 000,016,964 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
[2013.01.18 17:35:16 | 000,015,572 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
[2013.01.18 17:35:15 | 000,016,592 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
[2013.01.18 17:35:12 | 000,016,244 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
[2013.01.18 17:35:13 | 000,016,944 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
[2013.01.18 17:35:13 | 000,015,520 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
[2013.01.18 17:35:13 | 000,016,572 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_243231_3\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
[2013.02.01 14:11:35 | 000,015,636 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncrack.cfx
[2013.02.01 14:11:38 | 000,015,656 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
[2013.02.01 14:11:38 | 000,016,044 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
[2013.02.01 14:11:39 | 000,016,744 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
[2013.02.01 14:11:40 | 000,015,352 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
[2013.02.01 14:11:39 | 000,016,372 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
[2013.02.01 14:11:35 | 000,016,024 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncracklightmap.cfx
[2013.02.01 14:11:36 | 000,016,724 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
[2013.02.01 14:11:37 | 000,015,300 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
[2013.02.01 14:11:36 | 000,016,352 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetailcrackndetailncrackshadow.cfx
[2013.02.01 14:11:35 | 000,015,856 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncrack.cfx
[2013.02.01 14:11:38 | 000,015,876 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
[2013.02.01 14:11:38 | 000,016,264 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
[2013.02.01 14:11:39 | 000,016,964 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
[2013.02.01 14:11:40 | 000,015,572 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
[2013.02.01 14:11:39 | 000,016,592 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
[2013.02.01 14:11:35 | 000,016,244 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
[2013.02.01 14:11:37 | 000,016,944 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
[2013.02.01 14:11:37 | 000,015,520 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
[2013.02.01 14:11:36 | 000,016,572 | ---- | M] () -- \Documents and Settings\danusko\My Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D783-11CF-A66B-6001A1C2CB35}_244247_3\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
[2013.05.05 16:43:48 | 000,000,573 | ---- | M] () -- \Documents and Settings\danusko\Recent\CrackedTechnicLauncher.jar.lnk
[2003.12.05 15:52:40 | 000,000,796 | ---- | M] () -- \Program Files\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped
[2013.04.24 18:38:21 | 000,021,670 | ---- | M] () -- \WINDOWS\Prefetch\MINECRAFT_CRACKED_V1.4.7.EXE-0481D9EE.pf
[2013.04.24 20:26:44 | 000,022,052 | ---- | M] () -- \WINDOWS\Prefetch\MINECRAFT_CRACKED_V1.4.7.EXE-05BBC021.pf
[2013.04.24 20:33:12 | 000,022,236 | ---- | M] () -- \WINDOWS\Prefetch\MINECRAFT_CRACKED_V1.4.7.EXE-0CACF57F.pf

< *keygen* /s >
[2012.12.15 20:53:03 | 014,846,576 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Programy\Sony-Vegas-PRO-9---FULL-Edition-[CRACK-+-KEYGEN].rar

< *loader* /s >
[2013.02.18 23:24:17 | 000,004,068 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Application Data\Electronic Arts\Need for Speed World\Data\GFX\_RadialFlareLoader_Double.gfx
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2013.04.29 18:13:59 | 000,007,310 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.minecraft\ModLoader.txt
[2012.05.26 13:05:10 | 000,007,030 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.minecraft\ModLoader.txt.1
[2012.05.26 13:03:32 | 000,000,000 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.minecraft\ModLoader.txt.1.lck
[2012.05.22 22:16:24 | 000,103,347 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.minecraft\bin\modes\ModLoader.zip
[2012.04.02 13:52:06 | 000,046,467 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.minecraft\bin\modes\ModLoader\ModLoader.class
[2013.04.29 18:13:55 | 000,000,508 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.minecraft\config\ModLoader.cfg
[2012.05.22 21:08:38 | 000,000,047 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.minecraft\config\mod_ModLoaderMp.cfg
[2013.05.05 16:49:03 | 000,063,565 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.techniclauncher\tekkit\ForgeModLoader-0.log
[2013.05.05 16:45:39 | 000,000,000 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.techniclauncher\tekkit\ForgeModLoader-0.log.lck
[2012.12.13 23:57:52 | 000,001,980 | ---- | M] () -- \Documents and Settings\danusko\Application Data\.techniclauncher\tekkit\mods\ComputerCraft\org\luaj\vm2\luajc\JavaLoader.class
[2011.10.31 13:07:13 | 000,000,000 | ---- | M] () -- \Documents and Settings\danusko\Application Data\GetRightToGo\Brothersoftdownloader_for_uTorrent.data
[2009.06.23 17:00:01 | 000,002,713 | ---- | M] () -- \Documents and Settings\danusko\Application Data\LimeWire\browser\xulrunner\components\uriloader.xpt
[2013.02.03 17:45:15 | 000,339,609 | ---- | M] () -- \Documents and Settings\danusko\Desktop\Všetko\Inštalačky\Hry\Downloader_Metin2_cz.exe
[2013.05.01 14:12:24 | 000,000,381 | ---- | M] () -- \Documents and Settings\danusko\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.3_0\loader_1036.js
[2013.04.28 20:29:55 | 000,001,274 | ---- | M] () -- \Documents and Settings\danusko\Local Settings\Temp\avnwldrtemp\networkloader.log
[2013.05.02 20:53:27 | 000,005,708 | ---- | M] () -- \Documents and Settings\danusko\Local Settings\Temporary Internet Files\Content.IE5\6V2JGJ3P\queryLoader[1].js
[2013.05.05 16:16:13 | 000,000,753 | ---- | M] () -- \Documents and Settings\danusko\Local Settings\Temporary Internet Files\Content.IE5\U0ZAT1G2\AdLoader[2].htm
[2013.05.02 20:53:26 | 000,000,374 | ---- | M] () -- \Documents and Settings\danusko\Local Settings\Temporary Internet Files\Content.IE5\U0ZAT1G2\queryLoader[1].css
[2013.05.01 18:33:08 | 000,105,903 | ---- | M] () -- \Documents and Settings\danusko\Local Settings\Temporary Internet Files\Content.IE5\ZGKSJTDO\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2008.03.03 22:05:32 | 000,000,060 | ---- | M] () -- \Documents and Settings\Famlily\Data aplikací\Macromedia\Flash Player\#SharedObjects\PE5FT972\miniclip.com\games\free-wheels\en\free_wheels.dcr\MiniclipLoaderAd.sol
[2008.04.26 11:21:56 | 000,000,060 | ---- | M] () -- \Documents and Settings\Famlily\Data aplikací\Macromedia\Flash Player\#SharedObjects\PE5FT972\vrana.sk\hry\nordicchill.swf\MiniclipLoaderAd.sol
[2005.06.07 00:54:14 | 000,348,160 | ---- | M] () -- \Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\PhotoDownloader.dll
[2005.06.07 00:47:26 | 000,163,840 | ---- | M] () -- \Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\uploader.dll
[2005.06.07 00:02:16 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Photoshop Album Starter Edition\3.0\Shared_Assets\combined_bitmaps\main_window\C_LoadError.png
[2013.04.28 20:09:49 | 000,052,960 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.dll
[2013.04.28 20:09:49 | 000,232,672 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2013.04.28 20:09:51 | 001,714,400 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloadergui.dll
[2003.09.15 16:02:00 | 000,169,384 | ---- | M] () -- \Program Files\Counter-Strike 1.6\cstrike\models\qloader.mdl
[2003.09.15 15:55:50 | 000,352,548 | ---- | M] () -- \Program Files\Counter-Strike 1.6\valve\models\loader.mdl
[2003.09.15 15:56:04 | 000,012,764 | ---- | M] () -- \Program Files\Counter-Strike 1.6\valve\sound\ambience\loader_hydra1.wav
[2003.09.15 15:56:04 | 000,012,164 | ---- | M] () -- \Program Files\Counter-Strike 1.6\valve\sound\ambience\loader_step1.wav
[2012.02.16 15:44:38 | 000,000,404 | ---- | M] () -- \Program Files\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.223\deploy\assets\storeImages\layout\small_loader.gif
[2008.06.20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2012.02.16 14:44:38 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.11\deploy\assets\storeImages\layout\small_loader.gif
[2006.02.28 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2013.04.24 13:30:22 | 000,017,310 | ---- | M] () -- \WINDOWS\Prefetch\GARENATALKLOADER.EXE-0689E4F1.pf
[2008.04.14 02:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:43 | 000,230,400 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:44 | 000,278,016 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 02:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\dmloader.dll
[2008.04.13 20:31:43 | 000,230,400 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\osloader.exe
[2008.04.13 20:31:44 | 000,278,016 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\osloader.ntd
[2008.04.14 02:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[283 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2011.10.05 12:12:42 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2008.03.14 22:57:50 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr

========== Files - Unicode (All) ==========
[2011.11.10 16:14:49 | 006,750,054 | ---- | M] ()(C:\Documents and Settings\danusko\??XZ?a?aS-1-5-21-507921405-1965331169-839522115-1004) -- C:\Documents and Settings\danusko\࿠ʀXZꀔãꈼãS-1-5-21-507921405-1965331169-839522115-1004
[2011.11.10 16:14:38 | 006,750,054 | ---- | C] ()(C:\Documents and Settings\danusko\??XZ?a?aS-1-5-21-507921405-1965331169-839522115-1004) -- C:\Documents and Settings\danusko\࿠ʀXZꀔãꈼãS-1-5-21-507921405-1965331169-839522115-1004

========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:D1B5B4F1

< End of report >

log z OTL

Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)

• Stahne a ulozte na plochu UsbFix http://www.viry.cz/forum/viewtopic.php?f=24&t=102308
• Spustte a kliknete na Deletion
• Po dokonceni sem vlozte log, pokud na Vas nevyskoci, najdete jej zde C:\UsbFix.txt

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  SRV - File not found [On_Demand | Stopped] -- -- (LiveUpdate)
  SRV - File not found [Auto | Stopped] -- -- (LiveUpdate Notice Ex)
  SRV - File not found [On_Demand | Stopped] -- -- (ISPwdSvc)
  DRV - File not found [File_System | On_Demand | Stopped] -- -- (WinRing0_1_2_0)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
  DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (npkcrypt)
  DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
  DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
  DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (hwdatacard)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (huawei_enumerator)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (ew_hwusbdev)
  DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (EagleNT)
  DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a6o5bay3)
  DRV - [2013.02.18 17:01:06 | 000,033,112 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.phpnuke.org/?lang=en&cid=457c4dfc&q={searchTerms}
  IE - HKLM\..\SearchScopes,DefaultScope = 
  IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
  IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
  IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
  IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
  IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes,DefaultScope = 
  IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\{006EE305-1DF8-4D9D-BBDB-F93594A7272B}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =800236&p={searchTerms}
  IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\94A2AE90-7B04-4CE9-92A8-E74303397600: "URL" = http://searchya.com/?chnl=dcom-100&s=1& ... DtAtCtA&q={searchTerms}
  IE - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\SearchScopes\C60EA454-FE12-4AF5-BCC6-ED86A369920E: "URL" = http://search.phpnuke.org/?lang=en&cid=457c4dfc&q={searchTerms}
  CHR - default_search_provider: Yahoo! (Enabled)
  CHR - default_search_provider: search_url = http://search.yahoo.com/search?fr=chr-g ... =800236&p={searchTerms}
  CHR - default_search_provider: suggest_url = http://ff.search.yahoo.com/gossip?outpu ... n&command={searchTerms}
  CHR - homepage: http://searchou.com/?id=08fc6c3e0000000 ... 1d60670258
  O2 - BHO: (no name) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - No CLSID value found.
  O2 - BHO: (no name) - {da30eff8-ccc6-4162-a20d-67402a26a215} - No CLSID value found.
  O2 - BHO: (no name) - {F6104497-54FD-4688-9162-5115CC8AB0FB} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - !{7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - !{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
  O3 - HKU\S-1-5-21-507921405-1965331169-839522115-1004\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
  O4 - HKLM..\Run: [] File not found
  O4 - HKU\S-1-5-21-507921405-1965331169-839522115-1004..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe (Uniblue Software)
  O13 - DefaultPrefix: http://www.myhottersearchbox.com/not_found_world/?url=
  O13 - www Prefix: http://www.myhottersearchbox.com/not_found_world/?url=
  O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
  O33 - MountPoints2\{35f7ec8a-0051-11e0-b475-001d60670258}\Shell - "" = AutoRun
  O33 - MountPoints2\{778e6220-288b-11e0-b4c8-001d60670258}\Shell\AutoRun\command - "" = i00dvoym.exe
  O33 - MountPoints2\{778e6220-288b-11e0-b4c8-001d60670258}\Shell\open\Command - "" = i00dvoym.exe
  O33 - MountPoints2\{e447b5f4-fca5-11df-b467-001d60670258}\Shell - "" = AutoRun
  O33 - MountPoints2\{e6fb1942-6496-11de-b01f-001d60670258}\Shell - "" = AutoRun
  [2013.05.05 14:57:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
  [2013.04.29 19:09:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{D76294E6-03B8-4971-AF2E-3F846161A690}
  [2013.04.29 19:08:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
  [2013.04.29 19:01:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\danusko\Application Data\IObit
  [2009.01.16 15:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\132EE
  [2011.01.13 21:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\B31C
  [2008.06.18 19:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
  [2013.05.05 14:57:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
  [2013.04.29 19:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
  [2013.05.05 14:57:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
  [2013.04.29 19:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{D76294E6-03B8-4971-AF2E-3F846161A690}
  [2008.05.10 09:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\ICQ Toolbar
  [2013.05.02 22:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\danusko\Application Data\IObit
  [2008.05.05 19:07:31 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
  [2008.05.05 19:12:56 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
  [2008.05.06 17:42:53 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
  [2012.04.09 17:15:25 | 000,000,258 | ---- | C] () -- C:\WINDOWS\Tasks\RMSchedule.job
  [2012.04.23 21:52:49 | 000,000,256 | ---- | C] () -- C:\WINDOWS\Tasks\Game_Booster_Startup.job
  [2012.04.28 17:39:41 | 000,000,922 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
  [2012.04.28 17:39:42 | 000,000,926 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
  [2012.08.12 23:59:34 | 000,000,830 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
  [2013.01.26 16:21:32 | 000,000,282 | ---- | C] () -- C:\WINDOWS\Tasks\Game_Booster_AutoUpdate.job
  [2013.02.20 19:45:07 | 000,000,274 | ---- | C] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
  [2013.02.20 19:45:07 | 000,000,396 | ---- | C] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
  [16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [7 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
  [3 C:\WINDOWS\Help\*.tmp files -> C:\WINDOWS\Help\*.tmp -> ]
  [5 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
  [1 C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\*.tmp files -> C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\*.tmp -> ]
  [1 C:\WINDOWS\SoftwareDistribution\Download\08630a0e5836d849898d98e89992b3cd\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\08630a0e5836d849898d98e89992b3cd\*.tmp -> ]
  [1 C:\WINDOWS\SoftwareDistribution\Download\96f29619e0ff5e71f060c3d1b020bc59\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\96f29619e0ff5e71f060c3d1b020bc59\download\*.tmp -> ]
  [1 C:\WINDOWS\SoftwareDistribution\Download\c07cb237ab881113fd0619bb5a943eb6\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\c07cb237ab881113fd0619bb5a943eb6\*.tmp -> ]
  [1 C:\WINDOWS\SoftwareDistribution\Download\c2e00646665a917d011788961ec91bb1\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\c2e00646665a917d011788961ec91bb1\*.tmp -> ]
  [1 C:\WINDOWS\SoftwareDistribution\Download\c7ba1508bd1b493e7587bda8b8e4698a\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\c7ba1508bd1b493e7587bda8b8e4698a\*.tmp -> ]
  [1 C:\WINDOWS\SoftwareDistribution\Download\e328b680249aea473aa35daaa83f5244\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\e328b680249aea473aa35daaa83f5244\*.tmp -> ]
  [1 C:\WINDOWS\system32\Adobe\Director\*.tmp files -> C:\WINDOWS\system32\Adobe\Director\*.tmp -> ]
  [3 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
  [42 C:\WINDOWS\system32\dllcache\*.tmp files -> C:\WINDOWS\system32\dllcache\*.tmp -> ]
  [14 C:\WINDOWS\system32\Setup\*.tmp files -> C:\WINDOWS\system32\Setup\*.tmp -> ]
  [17 C:\WINDOWS\system32\wbem\*.tmp files -> C:\WINDOWS\system32\wbem\*.tmp -> ]
  @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:D1B5B4F1
  
  :reg
  "HP Software Update"=-
  "Browser companion helper"=-
  "WinampAgent"=-
  "KernelFaultCheck"=-
  "vProt"=-
  "SweetIM"=-
  "SunJavaUpdateSched"=-
  "IObit Malware Fighter"=-
  ""=-
  "SearchSettings"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "DAEMON Tools Lite"=-
  "Skype"=-
  "uTorrent"=-
  "Uniblue SpeedUpMyPC"=-
  "Advanced SystemCare Ultimate"=-
  
  :files
  C:\Program Files\Uniblue\SpeedUpMyPC 3
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

USB Fix:
Bohuzial nemam USB pred mesiacom som ho stratil a Externi hardsik tiez nemam .

############################## | UsbFix V 7.125 | [Deletion]

User: danusko (Administrator) # DANIEL-F4E3946F
Updated 01/05/2013 by El Desaparecido
Started at 19:11:11 | 06/05/2013

Website: http://sosvirus.org/
Upload Malware: http://upload.sosvirus.org/
Contact: contact@sosvirus.org

PC: System manufacturer (System Product Name) (X86-based PC)
CPU: Intel(R) Pentium(R) Dual CPU E2160 @ 1.80GHz (1799)
RAM -> [Total : 1023 | Free : 361]
BIOS: BIOS Date: 09/05/07 19:17:24 Ver: 08.00.14
BOOT: Normal boot

OS: Systém Microsoft Windows XP Home Edition (5.1.2600 32-Bit) # Service Pack 3
WB: Windows Internet Explorer 7.0.5730.13

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 128 Gb (46 Mb free - 36%) [] # NTFS
D:\ -> CD-ROM
F:\ -> CD-ROM

################## | El Desaparecido Section |

HKLM\SOFTWARE | Run : [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
HKLM\SOFTWARE | Run : [ZSSnp211] - C:\WINDOWS\ZSSnp211.exe
HKLM\SOFTWARE | Run : [Domino] - C:\WINDOWS\Domino.exe
HKLM\SOFTWARE | Run : [Symantec PIF AlertEng] - "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
HKLM\SOFTWARE | Run : [WinampAgent] - "C:\Program Files\Winamp\winampa.exe"
HKLM\SOFTWARE | Run : [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKLM\SOFTWARE | Run : [ATICustomerCare] - "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
HKLM\SOFTWARE | Run : [RTHDCPL] - RTHDCPL.EXE
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | Run : [avgnt] - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
HKLM\SOFTWARE | Run : [] -
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-20\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE | Run : [DAEMON Tools Lite] - "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE | Run : [ctfmon.exe] - C:\WINDOWS\system32\ctfmon.exe
HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE | Run : [Skype] - "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE | Run : [uTorrent] - "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
HKU\S-1-5-21-507921405-1965331169-839522115-1004\SOFTWARE | Run : [Uniblue SpeedUpMyPC] - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
HKU\S-1-5-18\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE

################## | Stopped processes |

Stopped! C:\WINDOWS\system32\Ati2evxx.exe (944)
Stopped! C:\WINDOWS\system32\Ati2evxx.exe (1376)
Stopped! C:\WINDOWS\system32\spoolsv.exe (1536)
Stopped! C:\Program Files\Avira\AntiVir Desktop\sched.exe (1584)
Stopped! C:\Program Files\Avira\AntiVir Desktop\avguard.exe (1976)
Stopped! C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (2008)
Stopped! C:\Program Files\Java\jre7\bin\jqs.exe (320)
Stopped! C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (392)
Stopped! C:\WINDOWS\system32\PnkBstrA.exe (612)
Stopped! C:\WINDOWS\system32\PSIService.exe (632)
Stopped! C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe (900)
Stopped! C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (1828)
Stopped! C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (2344)
Stopped! C:\WINDOWS\ZSSnp211.exe (2360)
Stopped! C:\WINDOWS\Domino.exe (2376)
Stopped! C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (2464)
Stopped! C:\WINDOWS\RTHDCPL.EXE (2648)
Stopped! C:\Program Files\Common Files\Java\Java Update\jusched.exe (2656)
Stopped! C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (2668)
Stopped! C:\WINDOWS\system32\ctfmon.exe (2712)
Stopped! C:\Program Files\uTorrent\uTorrent.exe (3028)
Stopped! C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (3052)
Stopped! C:\Program Files\Opera\opera.exe (4060)

################## | Files # Infected Folders |


(!) Temporary files deleted.

################## | Registry |

Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr

################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{35f7ec8a-0051-11e0-b475-001d60670258}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{778e6220-288b-11e0-b4c8-001d60670258}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{e447b5f4-fca5-11df-b467-001d60670258}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{e6fb1942-6496-11de-b01f-001d60670258}

################## | Listing |

[08/08/2009 - 23:09:44 | D ] C:\217ccde9c7aff15b6c38
[15/10/2009 - 19:28:24 | DC ] C:\3d5e581caaeaf20a6e493ebbffb9
[11/01/2012 - 22:35:53 | D ] C:\68eff2470ec846ccbc
[12/05/2010 - 21:24:22 | DC ] C:\77571241055d82901f8f29b14b9e37d6
[05/05/2013 - 15:09:44 | N | 28228] C:\AdwCleaner[R1].txt
[05/05/2013 - 15:19:44 | N | 28289] C:\AdwCleaner[R2].txt
[05/05/2013 - 15:22:27 | N | 28350] C:\AdwCleaner[R3].txt
[05/05/2013 - 15:24:00 | N | 28052] C:\AdwCleaner[S1].txt
[15/01/2013 - 00:22:22 | D ] C:\AMD
[09/12/2011 - 21:55:50 | D ] C:\ATI
[26/12/2007 - 20:57:19 | N | 0] C:\AUTOEXEC.BAT
[05/05/2008 - 19:04:49 | N | 211] C:\boot.ini
[25/10/2001 - 14:00:00 | N | 4952] C:\Bootfont.bin
[15/10/2009 - 17:19:40 | DC ] C:\cc33d69c1f2ac48d9e6635c542
[04/05/2013 - 21:48:27 | DC ] C:\Config.Msi
[26/12/2007 - 20:57:19 | N | 0] C:\CONFIG.SYS
[13/02/2011 - 14:15:16 | D ] C:\DAEMON Tools
[17/01/2013 - 00:38:40 | DC ] C:\Documents and Settings
[08/12/2011 - 15:40:37 | D ] C:\Download
[22/02/2012 - 17:42:02 | D ] C:\Driver-Soft
[09/01/2013 - 13:31:15 | D ] C:\e00c7f81d12e9ddb5c
[20/02/2013 - 20:00:55 | D ] C:\found.000
[20/02/2013 - 20:00:55 | D ] C:\found.001
[20/02/2013 - 20:00:55 | D ] C:\found.002
[20/02/2013 - 20:00:55 | D ] C:\found.003
[26/12/2007 - 20:57:19 | N | 0] C:\IO.SYS
[05/05/2013 - 15:00:04 | D ] C:\JRT
[13/04/2013 - 21:58:49 | N | 273] C:\KillingFloor.exe.log
[26/12/2007 - 20:57:19 | N | 0] C:\MSDOS.SYS
[04/11/2010 - 16:27:38 | RHD ] C:\MSOCache
[28/02/2006 - 14:00:00 | N | 47564] C:\NTDETECT.COM
[19/06/2012 - 12:22:44 | N | 250048] C:\ntldr
[13/04/2013 - 21:47:45 | N | 9065] C:\Opera.exe.log
[06/05/2013 - 18:42:48 | ASH | 1608515584] C:\pagefile.sys
[05/05/2013 - 15:48:24 | N | 512] C:\PhysicalMBR.bin
[05/05/2013 - 15:22:55 | D ] C:\Program Files
[13/04/2013 - 19:50:04 | D ] C:\Program Files (x86)
[08/06/2008 - 09:14:47 | SHD ] C:\RECYCLER
[02/05/2013 - 18:20:41 | D ] C:\Riot Games
[04/05/2013 - 21:13:11 | D ] C:\rsit
[28/04/2013 - 21:12:19 | SHD ] C:\System Volume Information
[06/05/2013 - 19:14:52 | D ] C:\UsbFix
[06/05/2013 - 19:15:16 | A | 7171] C:\UsbFix [Clean 1] DANIEL-F4E3946F.txt
[05/05/2013 - 15:26:37 | D ] C:\WINDOWS

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | E.O.F | http://sosvirus.org |

U toho OTL jak mi to spusti mam hend skenovat alebo to mam oznacit ako predti 7day puriti chechk a lop check atd.. ?

U OTL neni treba nic nastavovat, jen vlozit log a klik na Opravit

OK len som si neni isty ci mam dat RUN FIX alebo CLEAN UP .

RunFix