VIRY.CZ

stIaihni si CF znovu, premenuj ho na NoMbr a spust, ak bude otazka na instalovanie consoly, daj nie

Podarilo sa mi to rozbehnúť Tu je log:

ComboFix 14-05-13.01 - Mato . 05. 2014 13:19:35.8.2 - x86 MINIMAL
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.2047.1636 [GMT 2:00]
Running from: c:\documents and settings\Mato\Desktop\Daňo cd\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
C:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2014-04-13 to 2014-05-13 )))))))))))))))))))))))))))))))
.
.
2014-05-05 14:27 . 2014-05-05 14:27 -------- d-----w- c:\documents and settings\Tomas\Application Data\čarovňák
2014-05-03 08:38 . 2014-05-03 08:43 -------- d-----w- c:\program files\Strife
2014-04-29 17:14 . 2014-04-29 17:14 -------- d-----w- c:\documents and settings\Tomas\Application Data\Malwarebytes
2014-04-29 12:49 . 2014-04-29 12:49 17931952 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2014-04-28 17:08 . 2014-04-28 17:08 -------- d-----w- c:\documents and settings\Mato\Application Data\Malwarebytes
2014-04-28 17:08 . 2014-04-28 17:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2014-04-28 16:53 . 2014-04-28 16:59 -------- d-----w- C:\AdwCleaner
2014-04-25 17:14 . 2014-04-25 17:14 -------- d-----w- c:\program files\Common Files\Java
2014-04-25 17:14 . 2014-04-25 17:13 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-04-25 12:38 . 2014-04-25 12:39 -------- d-----w- C:\rsit
2014-04-17 05:58 . 2014-04-17 05:58 -------- d-----w- c:\program files\LogMeIn Hamachi
2014-04-13 15:10 . 2014-04-29 18:01 -------- d-----w- c:\documents and settings\All Users\Application Data\ExstrauSSavings
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-29 12:49 . 2012-03-29 19:29 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-04-29 12:49 . 2012-03-28 11:33 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-04-25 17:13 . 2012-04-05 22:46 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-03-06 17:59 . 2006-02-28 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2014-03-06 17:59 . 2006-02-28 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2014-03-06 17:59 . 2006-02-28 12:00 18944 ----a-w- c:\windows\system32\corpol.dll
2014-03-06 17:59 . 2006-02-28 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2014-03-06 00:46 . 2006-02-28 12:00 385024 ------w- c:\windows\system32\html.iec
2014-02-26 01:59 . 2014-03-27 06:47 13312 ------w- c:\windows\system32\xp_eos.exe
2011-09-16 13:12 . 2012-04-13 20:33 3623592 ----a-w- c:\program files\Common Files\ApnToolbarInstaller.exe
2011-09-16 13:12 . 2012-04-13 20:33 143240 ----a-w- c:\program files\Common Files\ApnStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-10-16 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-16 13851752]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-03 1848648]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2013-05-01 421888]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-04-15 3814736]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Electronic Arts\\Need For Speed World\\Data\\nfsw.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Documents and Settings\\Mato\\Application Data\\GameRanger\\GameRanger\\GameRanger.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"d:\\Stronghold-Crusader\\Stronghold Crusader\\Stronghold Crusader.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Documents and Settings\\Mato\\My Documents\\Downloads\\uTorrent (4).exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Documents and Settings\\Mato\\Application Data\\TorrentStream\\engine\\tsengine.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Sega\\Virtua Tennis 4\\VT4.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\common\\Half-Life\\hl.exe"=
"d:\\SteamLibrary\\SteamApps\\common\\Team Fortress 2\\hl2.exe"=
"c:\\Documents and Settings\\Tomas\\Application Data\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Valve\\Steam\\Steam.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\common\\Loadout\\Loadout.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3306:TCP"= 3306:TCP:MySQL5
"56180:TCP"= 56180:TCP:Pando Media Booster
"56180:UDP"= 56180:UDP:Pando Media Booster
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [24. 7. 2012 14:33 242240]
R3 monectdevices;Monect Hid Device;c:\windows\system32\drivers\monectdevices.sys [17. 4. 2013 20:02 5120]
S2 e64a4d03;Assistant;c:\windows\system32\rundll32.exe [28. 2. 2006 14:00 33280]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [10. 10. 2012 19:13 217088]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [15. 4. 2014 10:46 1682256]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe [8. 4. 2014 18:45 375056]
S2 MonectServerService;MonectServerService;c:\docume~1\Mato\LOCALS~1\Temp\Rar$EX01.546\MonectServerService.exe --> c:\docume~1\Mato\LOCALS~1\Temp\Rar$EX01.546\MonectServerService.exe [?]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27. 1. 2010 4:09 50704]
S2 Protector by IB Updater;Protector by IB Updater;c:\program files\Protector by IB\ExtensionUpdaterService.exe --> c:\program files\Protector by IB\ExtensionUpdaterService.exe [?]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [9. 10. 2013 10:58 3275136]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [23. 10. 2013 9:15 172192]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys --> c:\windows\system32\drivers\dgderdrv.sys [?]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [10. 10. 2012 19:13 36640]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena Plus\Room\safedrv.sys --> c:\program files\Garena Plus\Room\safedrv.sys [?]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [10. 10. 2012 19:22 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [10. 10. 2012 19:22 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [10. 10. 2012 19:22 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [10. 10. 2012 19:22 114280]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 13:21 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 12:49]
.
2013-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-10-15 12:59]
.
2014-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-10-15 12:59]
.
2014-05-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1078145449-839522115-1006Core.job
- c:\documents and settings\Tomas\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2014-04-25 17:15]
.
2014-05-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1078145449-839522115-1006UA.job
- c:\documents and settings\Tomas\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2014-04-25 17:15]
.
2013-05-13 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job
- c:\windows\system32\xp_eos.exe [2014-03-27 01:59]
.
2014-05-08 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
- c:\windows\system32\xp_eos.exe [2014-03-27 01:59]
.
2012-09-15 c:\windows\Tasks\SoundTapReminder.job
- c:\program files\NCH Software\SoundTap\soundtap.exe [2012-09-15 06:07]
.
2012-09-15 c:\windows\Tasks\SoundTapSevenDays.job
- c:\program files\NCH Software\SoundTap\soundtap.exe [2012-09-15 06:07]
.
2012-10-25 c:\windows\Tasks\WavePadDowngrade.job
- c:\program files\NCH Software\WavePad\wavepad.exe [2012-09-15 21:57]
.
2014-03-22 c:\windows\Tasks\WavePadReminder.job
- c:\program files\NCH Software\WavePad\wavepad.exe [2012-09-15 21:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\documents and settings\Mato\Application Data\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\documents and settings\Mato\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
FF - ProfilePath - c:\documents and settings\Mato\Application Data\Mozilla\Firefox\Profiles\q2j5jg21.default\
FF - prefs.js: browser.search.defaulturl -
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{124d001a-bdcb-472f-aa59-bbe7e4bc3204} - (no file)
Toolbar-10 - (no file)
AddRemove-catalinagroupltdmoviestoolbarhaCR - c:\progra~1\MOVIES~1\SAFETY~1\SRTOOL~1\GC\uninstall.exe
AddRemove-catalinagroupltdmoviestoolbarhaIE - c:\progra~1\MOVIES~1\SAFETY~1\SRTOOL~1\IE\uninstall.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-05-13 13:31
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1007\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
Completion time: 2014-05-13 13:32:26
ComboFix-quarantined-files.txt 2014-05-13 11:32
.
Pre-Run: 2 940 522 496 bytes free
Post-Run: 5 659 623 424 bytes free
.
- - End Of File - - 98D6390AFE6CFB87963B2E0F4A0D83D4
8F558EB6672622401DA993E1E865C861

Presunte ComboFix na plochu!
Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

ComboFix 14-05-13.01 - Mato . 05. 2014 0:34:27.8.2 - x86 MINIMAL
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.2047.1623 [GMT 2:00]
Running from: C:\Documents and Settings\Mato\Desktop\Daňo cd\ComboFix.exe
Command switches used :: C:\Documents and Settings\Mato\Desktop\CFScript.txt

FILE ::
"c:\program files\Common Files\ApnStub.exe"
"c:\program files\Common Files\ApnToolbarInstaller.exe"


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))



((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_E64A4D03
-------\Legacy_SKYPEUPDATE
-------\Legacy_SKYPE_C2C_SERVICE
-------\Service_e64a4d03
-------\Service_Skype C2C Service
-------\Service_SkypeUpdate


((((((((((((((((((((((((( Files Created from 2014-04-13 to 2014-05-13 )))))))))))))))))))))))))))))))


2014-05-13 20:09:05 . 2014-05-13 20:09:22 -------- d-----w- C:\Program Files\PCDApp
2014-05-13 20:08:31 . 2014-05-13 20:08:31 -------- d-----w- C:\Program Files\Supporter
2014-05-13 20:07:47 . 2014-05-13 20:07:47 -------- d-----w- C:\Documents and Settings\Tomas\Application Data\Wise
2014-05-05 14:27:15 . 2014-05-05 14:27:15 -------- d-----w- C:\Documents and Settings\Tomas\Application Data\čarovňák
2014-05-03 08:38:59 . 2014-05-03 08:43:00 -------- d-----w- C:\Program Files\Strife
2014-04-29 17:14:31 . 2014-04-29 17:14:31 -------- d-----w- C:\Documents and Settings\Tomas\Application Data\Malwarebytes
2014-04-29 12:49:22 . 2014-04-29 12:49:25 17931952 ----a-w- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-04-28 17:08:21 . 2014-04-28 17:08:21 -------- d-----w- C:\Documents and Settings\Mato\Application Data\Malwarebytes
2014-04-28 17:08:13 . 2014-04-28 17:08:13 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-04-28 16:53:28 . 2014-04-28 16:59:59 -------- d-----w- C:\AdwCleaner
2014-04-25 17:14:49 . 2014-04-25 17:14:49 -------- d-----w- C:\Program Files\Common Files\Java
2014-04-25 17:14:11 . 2014-04-25 17:13:48 94632 ----a-w- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-04-25 12:38:43 . 2014-04-25 12:39:06 -------- d-----w- C:\rsit
2014-04-17 05:58:31 . 2014-04-17 05:58:33 -------- d-----w- C:\Program Files\LogMeIn Hamachi
.


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2014-04-29 12:49:39 . 2012-03-29 19:29:57 692400 ----a-w- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-04-29 12:49:39 . 2012-03-28 11:33:39 70832 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-04-25 17:13:45 . 2012-04-05 22:46:02 145408 ----a-w- C:\WINDOWS\system32\javacpl.cpl
2014-03-06 17:59:23 . 2006-02-28 12:00:00 920064 ----a-w- C:\WINDOWS\system32\wininet.dll
2014-03-06 17:59:22 . 2006-02-28 12:00:00 43520 ------w- C:\WINDOWS\system32\licmgr10.dll
2014-03-06 17:59:22 . 2006-02-28 12:00:00 18944 ----a-w- C:\WINDOWS\system32\corpol.dll
2014-03-06 17:59:22 . 2006-02-28 12:00:00 1469440 ------w- C:\WINDOWS\system32\inetcpl.cpl
2014-03-06 00:46:54 . 2006-02-28 12:00:00 385024 ------w- C:\WINDOWS\system32\html.iec
2014-02-26 01:59:05 . 2014-03-27 06:47:55 13312 ------w- C:\WINDOWS\system32\xp_eos.exe
2011-09-16 13:12:42 . 2012-04-13 20:33:26 3623592 ----a-w- C:\Program Files\Common Files\ApnToolbarInstaller.exe
2011-09-16 13:12:04 . 2012-04-13 20:33:26 143240 ----a-w- C:\Program Files\Common Files\ApnStub.exe


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2010-10-16 10:05:52 110696]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2010-10-16 10:05:52 13851752]
"CanonSolutionMenu"="C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 16:20:00 689488]
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-03 16:06:00 1848648]
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 19:43:52 59720]
"LogMeIn Hamachi Ui"="C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-04-15 08:46:32 3814736]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 03:42:18 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\SopCast\\SopCast.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"C:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"=
"C:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
"C:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\Electronic Arts\\Need For Speed World\\Data\\nfsw.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Documents and Settings\\Mato\\Application Data\\GameRanger\\GameRanger\\GameRanger.exe"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"D:\\Stronghold-Crusader\\Stronghold Crusader\\Stronghold Crusader.exe"=
"C:\\WINDOWS\\system32\\javaw.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\totalcmd\\TOTALCMD.EXE"=
"C:\\WINDOWS\\system32\\muzapp.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Documents and Settings\\Mato\\My Documents\\Downloads\\uTorrent (4).exe"=
"C:\\Program Files\\Opera\\opera.exe"=
"C:\\Documents and Settings\\Mato\\Application Data\\TorrentStream\\engine\\tsengine.exe"=
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"C:\\Program Files\\Sega\\Virtua Tennis 4\\VT4.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\common\\Half-Life\\hl.exe"=
"D:\\SteamLibrary\\SteamApps\\common\\Team Fortress 2\\hl2.exe"=
"C:\\Documents and Settings\\Tomas\\Application Data\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Valve\\Steam\\Steam.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\common\\Loadout\\Loadout.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\PCDApp\\dgen.exe"=
"C:\\Program Files\\PCDApp\\cudaminer.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3306:TCP"= 3306:TCP:MySQL5
"56180:TCP"= 56180:TCP:Pando Media Booster
"56180:UDP"= 56180:UDP:Pando Media Booster

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\WINDOWS\system32\drivers\dtsoftbus01.sys [24. 7. 2012 14:33:44 242240]
R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [10. 10. 2012 19:13:52 217088]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [15. 4. 2014 10:46:26 1682256]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [8. 4. 2014 18:45:44 375056]
R2 npf;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [27. 1. 2010 4:09:02 50704]
R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [10. 10. 2012 19:13:52 36640]
R3 monectdevices;Monect Hid Device;C:\WINDOWS\system32\drivers\monectdevices.sys [17. 4. 2013 20:02:28 5120]
S2 40030ae4;Supporter;C:\WINDOWS\system32\rundll32.exe [28. 2. 2006 14:00:00 33280]
S2 MonectServerService;MonectServerService;C:\DOCUME~1\Mato\LOCALS~1\Temp\Rar$EX01.546\MonectServerService.exe --> C:\DOCUME~1\Mato\LOCALS~1\Temp\Rar$EX01.546\MonectServerService.exe [?]
S2 ProtectMonitor;Protect Monitor;C:\Program Files\PCDApp\StartHelp.exe [10. 4. 2014 21:05:18 97008]
S2 Protector by IB Updater;Protector by IB Updater;C:\Program Files\Protector by IB\ExtensionUpdaterService.exe --> C:\Program Files\Protector by IB\ExtensionUpdaterService.exe [?]
S3 dgderdrv;dgderdrv;C:\WINDOWS\system32\drivers\dgderdrv.sys --> C:\WINDOWS\system32\drivers\dgderdrv.sys [?]
S3 GGSAFERDriver;GGSAFER Driver;\??\C:\Program Files\Garena Plus\Room\safedrv.sys --> C:\Program Files\Garena Plus\Room\safedrv.sys [?]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\WINDOWS\system32\drivers\ssadbus.sys [10. 10. 2012 19:22:20 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\WINDOWS\system32\drivers\ssadmdfl.sys [10. 10. 2012 19:22:21 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\WINDOWS\system32\drivers\ssadmdm.sys [10. 10. 2012 19:22:21 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\WINDOWS\system32\drivers\ssadserd.sys [10. 10. 2012 19:22:21 114280]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - FSUSBEXDISK

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 13:21:10 1150280 ----a-w- C:\Program Files\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe

Contents of the 'Scheduled Tasks' folder

2014-05-13 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 19:29:57 . 2014-04-29 12:49:40]

2014-05-13 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-15 12:59:34 . 2013-10-15 12:59:33]

2014-05-13 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-15 12:59:34 . 2013-10-15 12:59:33]

2014-05-13 C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1078145449-839522115-1006Core.job
- C:\Documents and Settings\Tomas\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2014-04-25 20:45:58 . 2014-02-14 17:15:19]

2014-05-13 C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1078145449-839522115-1006UA.job
- C:\Documents and Settings\Tomas\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2014-04-25 20:45:58 . 2014-02-14 17:15:19]

2014-05-13 C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
- C:\WINDOWS\system32\xp_eos.exe [2014-03-27 06:47:55 . 2014-02-26 01:59:05]

2014-05-08 C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
- C:\WINDOWS\system32\xp_eos.exe [2014-03-27 06:47:55 . 2014-02-26 01:59:05]

2012-09-15 C:\WINDOWS\Tasks\SoundTapReminder.job
- C:\Program Files\NCH Software\SoundTap\soundtap.exe [2012-09-15 22:51:02 . 2012-09-03 06:07:32]

2012-09-15 C:\WINDOWS\Tasks\SoundTapSevenDays.job
- C:\Program Files\NCH Software\SoundTap\soundtap.exe [2012-09-15 22:51:02 . 2012-09-03 06:07:32]

2012-10-25 C:\WINDOWS\Tasks\WavePadDowngrade.job
- C:\Program Files\NCH Software\WavePad\wavepad.exe [2012-09-15 21:57:53 . 2012-09-15 21:57:54]

2014-03-22 C:\WINDOWS\Tasks\WavePadReminder.job
- C:\Program Files\NCH Software\WavePad\wavepad.exe [2012-09-15 21:57:53 . 2012-09-15 21:57:54]


------- Supplementary Scan -------

uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - C:\Documents and Settings\Mato\Application Data\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - C:\Documents and Settings\Mato\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - C:\Documents and Settings\Mato\Application Data\Mozilla\Firefox\Profiles\q2j5jg21.default\
FF - prefs.js: browser.search.defaulturl -

- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{124d001a-bdcb-472f-aa59-bbe7e4bc3204} - (no file)
Toolbar-10 - (no file)
HKLM-Run-avgnt - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
AddRemove-Avira AntiVir Desktop - C:\Program Files\Avira\AntiVir Desktop\setup.exe

Tohle znate?

monectdevices;Monect Hid Device;C:\WINDOWS\system32\drivers\monectdevices.sys

40030ae4;Supporter;C:\WINDOWS\system32\rundll32.exe

MonectServerService;MonectServerService;C:\DOCUME~1\Mato\LOCALS~1\Temp\Rar$EX01.546\MonectServerService.exe

Protector by IB Updater;Protector by IB Updater;C:\Program Files\Protector by IB\ExtensionUpdaterService.exe

Ani jedno neviem, teda aspoň neviem že by sa používalo

Dejte novy log z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Mato at 2014-05-21 14:49:11
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 4 GB (4%) free of 100 GB
Total RAM: 2047 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:49:17, on 21. 5. 2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\PCDApp\dgen.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Mato\Desktop\Daňo cd\RSIT.exe
C:\Program Files\trend micro\Mato.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1960408961-1078145449-839522115-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Tomas')
O4 - HKUS\S-1-5-21-1960408961-1078145449-839522115-1006\..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\Tomas\Local Settings\Application Data\Akamai\netsession_win.exe" (User 'Tomas')
O4 - HKUS\S-1-5-21-1960408961-1078145449-839522115-1006\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun (User 'Tomas')
O4 - HKUS\S-1-5-21-1960408961-1078145449-839522115-1006\..\Run: [System] C:\Documents and Settings\Tomas\Music\lst.exe (User 'Tomas')
O4 - HKUS\S-1-5-21-1960408961-1078145449-839522115-1006\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (User 'Tomas')
O4 - HKUS\S-1-5-21-1960408961-1078145449-839522115-1006\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (User 'Tomas')
O4 - HKUS\S-1-5-21-1960408961-1078145449-839522115-1006\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup (User 'Tomas')
O4 - HKUS\S-1-5-21-1960408961-1078145449-839522115-1006\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload (User 'Tomas')
O4 - HKUS\S-1-5-21-1960408961-1078145449-839522115-1006\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (User 'Tomas')
O4 - HKUS\S-1-5-21-1960408961-1078145449-839522115-1006\..\Run: [uTorrent] C:\Documents and Settings\Tomas\Application Data\uTorrent\uTorrent.exe /MINIMIZED (User 'Tomas')
O4 - HKUS\S-1-5-21-1960408961-1078145449-839522115-1006\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun (User 'Tomas')
O4 - HKUS\S-1-5-21-1960408961-1078145449-839522115-1006\..\Run: [LiveSupport] "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log (User 'Tomas')
O4 - HKUS\S-1-5-21-1960408961-1078145449-839522115-1006\..\Run: [Google Update] "C:\Documents and Settings\Tomas\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (User 'Tomas')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Mato\Application Data\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Mato\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: MonectServerService - Unknown owner - C:\DOCUME~1\Mato\LOCALS~1\Temp\Rar$EX01.546\MonectServerService.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Unknown owner - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Protect Monitor (ProtectMonitor) - Unknown owner - C:\Program Files\PCDApp\StartHelp.exe
O23 - Service: Protector by IB Updater - Unknown owner - C:\Program Files\Protector by IB\ExtensionUpdaterService.exe (file missing)

--
End of file - 10016 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1078145449-839522115-1006Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1078145449-839522115-1006UA.job
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
C:\WINDOWS\tasks\SoundTapReminder.job
C:\WINDOWS\tasks\SoundTapSevenDays.job
C:\WINDOWS\tasks\WavePadDowngrade.job
C:\WINDOWS\tasks\WavePadReminder.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Mato\Application Data\Mozilla\Firefox\Profiles\q2j5jg21.default

prefs.js - "browser.search.useDBForOrder" - true

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"support@vdownloader.com"=C:\Program Files\VDownloader\Addons\FireFox


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Zásvuný modul iTunes Detector
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@idsoftware.com/QuakeLive]
"Description"=
"Path"=C:\Documents and Settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


C:\Documents and Settings\Mato\Application Data\Mozilla\Firefox\Profiles\q2j5jg21.default\searchplugins\
ashampoo-us-customized-web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-25 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7b523e7c-f096-4e36-a0cb-7efeb5c675c1}]
IEExtension.VDownloaderBHO - C:\WINDOWS\system32\mscoree.dll [2009-11-07 297808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-25 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-10-16 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-10-16 13851752]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-03 1848648]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min []
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-05-13 3814736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\All Users\Application Data\Electronic Arts\Need For Speed World\Data\nfsw.exe"="C:\Documents and Settings\All Users\Application Data\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Enabled:Need for Speed World"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Documents and Settings\Mato\Application Data\GameRanger\GameRanger\GameRanger.exe"="C:\Documents and Settings\Mato\Application Data\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"D:\Stronghold-Crusader\Stronghold Crusader\Stronghold Crusader.exe"="D:\Stronghold-Crusader\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"C:\WINDOWS\system32\javaw.exe"="C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\Mato\My Documents\Downloads\uTorrent (4).exe"="C:\Documents and Settings\Mato\My Documents\Downloads\uTorrent (4).exe:*:Enabled:µTorrent"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Documents and Settings\Mato\Application Data\TorrentStream\engine\tsengine.exe"="C:\Documents and Settings\Mato\Application Data\TorrentStream\engine\tsengine.exe:*:Enabled:TorrentStream"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Sega\Virtua Tennis 4\VT4.exe"="C:\Program Files\Sega\Virtua Tennis 4\VT4.exe:*:Enabled:Virtua Tennis 4™"
"C:\Program Files\Valve\Steam\SteamApps\common\Half-Life\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\common\Half-Life\hl.exe:*:Enabled:Counter-Strike"
"D:\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe"="D:\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe:*:Enabled:Team Fortress 2"
"C:\Documents and Settings\Tomas\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Tomas\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Valve\Steam\Steam.exe"="C:\Program Files\Valve\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Valve\Steam\SteamApps\common\Loadout\Loadout.exe"="C:\Program Files\Valve\Steam\SteamApps\common\Loadout\Loadout.exe:*:Enabled:Loadout"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\PCDApp\dgen.exe"="C:\Program Files\PCDApp\dgen.exe:*:Enabled:MProxy"
"C:\Program Files\PCDApp\cudaminer.exe"="C:\Program Files\PCDApp\cudaminer.exe:*:Enabled:NProxy"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.FPS1"=frapsvid.dll
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"msacm.vorbis"=vorbis.acm
"VIDC.FMVC"=fmcodec.dll

======List of files/folders created in the last 1 month======

2014-05-15 10:24:25 ----D---- C:\Program Files\Common Files\DESIGNER
2014-05-15 10:19:28 ----D---- C:\Program Files\LogMeIn Hamachi
2014-05-14 21:45:31 ----D---- C:\Program Files\Mozilla Firefox
2014-05-14 18:19:04 ----SHD---- C:\RECYCLER
2014-05-14 17:16:49 ----D---- C:\Games
2014-05-14 10:58:55 ----HD---- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
2014-05-14 00:45:37 ----D---- C:\WINDOWS\temp
2014-05-14 00:33:09 ----D---- C:\ComboFix
2014-05-13 22:09:05 ----D---- C:\Program Files\PCDApp
2014-05-13 22:08:31 ----D---- C:\Program Files\Supporter
2014-05-13 13:18:28 ----A---- C:\WINDOWS\zip.exe
2014-05-13 13:18:28 ----A---- C:\WINDOWS\SWXCACLS.exe
2014-05-13 13:18:28 ----A---- C:\WINDOWS\SWSC.exe
2014-05-13 13:18:28 ----A---- C:\WINDOWS\SWREG.exe
2014-05-13 13:18:28 ----A---- C:\WINDOWS\sed.exe
2014-05-13 13:18:28 ----A---- C:\WINDOWS\PEV.exe
2014-05-13 13:18:28 ----A---- C:\WINDOWS\NIRCMD.exe
2014-05-13 13:18:28 ----A---- C:\WINDOWS\MBR.exe
2014-05-13 13:18:28 ----A---- C:\WINDOWS\grep.exe
2014-05-13 11:49:00 ----A---- C:\WINDOWS\ntbtlog.txt
2014-05-03 10:38:59 ----D---- C:\Program Files\Strife
2014-05-01 14:26:59 ----A---- C:\Boot.bak
2014-05-01 14:26:52 ----RASHD---- C:\cmdcons
2014-05-01 14:21:09 ----D---- C:\Qoobox
2014-05-01 14:20:41 ----D---- C:\WINDOWS\erdnt
2014-04-28 19:08:21 ----D---- C:\Documents and Settings\Mato\Application Data\Malwarebytes
2014-04-28 19:08:13 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-04-28 18:53:28 ----D---- C:\AdwCleaner
2014-04-25 19:14:49 ----D---- C:\Program Files\Common Files\Java
2014-04-25 19:14:24 ----A---- C:\WINDOWS\system32\javaws.exe
2014-04-25 19:14:11 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-04-25 19:14:11 ----A---- C:\WINDOWS\system32\javaw.exe
2014-04-25 19:14:11 ----A---- C:\WINDOWS\system32\java.exe
2014-04-25 14:38:43 ----D---- C:\rsit

======List of files/folders modified in the last 1 month======

2014-05-21 14:49:13 ----D---- C:\Program Files\trend micro
2014-05-21 07:45:21 ----D---- C:\WINDOWS\system32\CatRoot2
2014-05-20 22:45:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-05-19 20:31:39 ----D---- C:\WINDOWS\system32\drivers
2014-05-19 13:11:39 ----HD---- C:\WINDOWS\inf
2014-05-15 18:40:53 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-05-15 18:40:52 ----RD---- C:\Program Files
2014-05-15 10:26:52 ----D---- C:\WINDOWS\Microsoft.NET
2014-05-15 10:26:35 ----RSD---- C:\WINDOWS\assembly
2014-05-15 10:25:52 ----SHD---- C:\WINDOWS\Installer
2014-05-15 10:25:52 ----D---- C:\Config.Msi
2014-05-15 10:25:50 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-05-15 10:24:25 ----D---- C:\Program Files\Common Files
2014-05-15 10:23:47 ----D---- C:\WINDOWS\system32
2014-05-15 10:23:13 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-05-14 15:49:12 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-05-14 10:58:58 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2014-05-14 00:50:56 ----D---- C:\WINDOWS
2014-05-14 00:47:01 ----A---- C:\WINDOWS\system.ini
2014-05-14 00:46:53 ----D---- C:\WINDOWS\system32\drivers\etc
2014-05-14 00:45:48 ----D---- C:\WINDOWS\system32\config
2014-05-14 00:43:41 ----D---- C:\WINDOWS\AppPatch
2014-05-14 00:30:21 ----D---- C:\WINDOWS\Minidump
2014-05-13 22:09:06 ----D---- C:\WINDOWS\Prefetch
2014-05-12 13:00:15 ----SD---- C:\WINDOWS\Tasks
2014-05-03 10:41:16 ----D---- C:\WINDOWS\system32\DirectX
2014-05-03 08:08:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-05-01 14:42:55 ----SHD---- C:\System Volume Information
2014-05-01 14:42:55 ----D---- C:\WINDOWS\system32\Restore
2014-05-01 14:26:59 ----RASH---- C:\boot.ini
2014-05-01 09:10:02 ----D---- C:\Documents and Settings\Mato\Application Data\uTorrent
2014-04-30 10:13:01 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-04-29 20:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2863058$
2014-04-29 20:01:10 ----D---- C:\Program Files\safeweB
2014-04-29 20:01:09 ----D---- C:\Documents and Settings\All Users\Application Data\ExstrauSSavings
2014-04-29 20:01:09 ----D---- C:\Documents and Settings\All Users\Application Data\Assistant

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2010-04-09 168040]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-03-03 48640]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-02-23 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-02 36864]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-07-24 242240]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-02-28 12032]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-01-27 50704]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-03-24 331264]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 monectdevices;Monect Hid Device; C:\WINDOWS\system32\DRIVERS\monectdevices.sys [2013-03-25 5120]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-10-22 9623680]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2010-03-04 70912]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2010-03-04 13824]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 catchme;catchme; \??\C:\DOCUME~1\Mato\LOCALS~1\Temp\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2012-09-20 83168]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys []
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2011-06-02 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-06-02 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-06-02 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-06-02 114280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2012-09-20 181344]
S3 taphss;Anchorfree HSS Adapter; C:\WINDOWS\system32\DRIVERS\taphss.sys [2012-08-01 33512]
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-02-12 12928]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-07-09 44032]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2011-01-20 217088]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-05-13 1682768]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-04-25 182696]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-04-15 375056]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-10-16 156776]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-08-04 76888]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 40030ae4;Supporter; c:\progra~1\suppor~1\SupporterSvc.dll [2014-05-13 179536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-15 116648]
S2 MonectServerService;MonectServerService; C:\DOCUME~1\Mato\LOCALS~1\Temp\Rar$EX01.546\MonectServerService.exe []
S2 ProtectMonitor;Protect Monitor; C:\Program Files\PCDApp\StartHelp.exe [2014-04-10 97008]
S2 Protector by IB Updater;Protector by IB Updater; C:\Program Files\Protector by IB\ExtensionUpdaterService.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-15 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 821648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2008-10-24 145248]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 756392]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Byl po tu dobu pc pouzivan?



Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Áno počítač sa normálne používa

Tu sú logy:
OTL Extras logfile created on: 22. 5. 2014 22:42:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Mato\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041b | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy

2,00 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 53,49% Memory free
3,85 Gb Paging File | 2,78 Gb Available in Paging File | 72,30% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 4,27 Gb Free Space | 4,37% Space Free | Partition Type: NTFS
Drive D: | 135,22 Gb Total Space | 16,51 Gb Free Space | 12,21% Space Free | Partition Type: NTFS
Drive F: | 1,63 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PC-CE409955BAD8 | User Name: Mato | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1007\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3306:TCP" = 3306:TCP:*:Enabled:MySQL5
"56180:TCP" = 56180:TCP:*:Enabled:Pando Media Booster
"56180:UDP" = 56180:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3306:TCP" = 3306:TCP:*:Enabled:MySQL5
"56180:TCP" = 56180:TCP:*:Enabled:Pando Media Booster
"56180:UDP" = 56180:UDP:*:Enabled:Pando Media Booster

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\All Users\Application Data\Electronic Arts\Need For Speed World\Data\nfsw.exe" = C:\Documents and Settings\All Users\Application Data\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Enabled:Need for Speed World -- (Electronic Arts)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Documents and Settings\Mato\Application Data\GameRanger\GameRanger\GameRanger.exe" = C:\Documents and Settings\Mato\Application Data\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger -- (GameRanger Technologies)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"D:\Stronghold-Crusader\Stronghold Crusader\Stronghold Crusader.exe" = D:\Stronghold-Crusader\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader -- ()
"C:\WINDOWS\system32\javaw.exe" = C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Documents and Settings\Mato\My Documents\Downloads\uTorrent (4).exe" = C:\Documents and Settings\Mato\My Documents\Downloads\uTorrent (4).exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Documents and Settings\Mato\Application Data\TorrentStream\engine\tsengine.exe" = C:\Documents and Settings\Mato\Application Data\TorrentStream\engine\tsengine.exe:*:Enabled:TorrentStream -- ()
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Sega\Virtua Tennis 4\VT4.exe" = C:\Program Files\Sega\Virtua Tennis 4\VT4.exe:*:Enabled:Virtua Tennis 4™ -- (SEGA)
"C:\Program Files\Valve\Steam\SteamApps\common\Half-Life\hl.exe" = C:\Program Files\Valve\Steam\SteamApps\common\Half-Life\hl.exe:*:Enabled:Counter-Strike -- (Valve)
"D:\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe" = D:\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe:*:Enabled:Team Fortress 2 -- ()
"C:\Documents and Settings\Tomas\Application Data\uTorrent\uTorrent.exe" = C:\Documents and Settings\Tomas\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
"C:\Program Files\Valve\Steam\Steam.exe" = C:\Program Files\Valve\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Valve\Steam\SteamApps\common\Loadout\Loadout.exe" = C:\Program Files\Valve\Steam\SteamApps\common\Loadout\Loadout.exe:*:Enabled:Loadout -- ()
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\PCDApp\dgen.exe" = C:\Program Files\PCDApp\dgen.exe:*:Enabled:MProxy -- ()
"C:\Program Files\PCDApp\cudaminer.exe" = C:\Program Files\PCDApp\cudaminer.exe:*:Enabled:NProxy -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01B8C0AB-5348-3DA5-8A7D-65FC2CB46FD8}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08597792-778c-4af3-8e60-0d7a09ecf120}_is1" = Media converter
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F5C25CC-3658-1E67-B510-B374A29F3312}_is1" = Java 7 Update 13 (x86) Offline installer version for Windows
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{0FB871A9-C617-4415-BB5D-619A8D946115}" = Microsoft Antimalware Service SK-SK Language Pack
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP240_series" = Canon MP240 series MP Drivers
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24EAD272-D05D-4950-BD59-F88AB7B4C8C7}_is1" = SRS-Root
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217055FF}" = Java 7 Update 55
"{2af972c7-13b0-4978-92a8-fee26a4fb4e9}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{2F173C40-563E-11D4-89C5-0010ADDAAC33}" = EA.com Matchup
"{34D9106C-A947-47ED-B4AB-764736350769}" = Minecraft
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1" = Pazera Free MP4 to AVI Converter 1.6
"{497C131E-2032-051B-B32A-C69A960FBB13}" = safeweB
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client SK-SK Language Pack
"{53450FA2-E900-456E-9715-501000008200}" = Virtua Tennis 4™
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5F189DF5-2D05-472B-9091-84D9848AE48B}{40030ae4}" = Supporter 1.80
"{6C5A8BA1-8114-11D5-0090-B800902724B3}" = FIFA 2002
"{6E5AB107-172B-4F17-8ABB-357C59EF1B08}" = Vegas Pro 9.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729E16B3-1B80-4F3F-8D19-342A89631E0A}_is1" = Media converter
"{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}" = WinXP Manager
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7C9AD221-994C-45B2-B46D-26F5735158CF}" = Sony Vegas Pro 8.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0010-041B-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Slovak) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001C-041B-0000-0000000FF1CE}" = Microsoft Office Access Runtime (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_STANDARD_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARD_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_STANDARD_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_STANDARD_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROPLUS_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_STANDARD_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB97F52-512B-43EF-AAEC-4825C17B32ED}" = EA.com Update
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}" = FIFA 13
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6AC699F-8315-40CA-8F70-E917494978AB}" = VirtualDJ Home FREE
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.9) - Czech
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Display Control Panel
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C22378E6-9A65-438E-964C-7DB8FBB568DE}" = LogMeIn Hamachi
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240DA}" = WinZip 17.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{E121A4FE-009B-385B-BB0D-B934E2A88288}" = Google Talk Plugin
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}" = Quake Live Mozilla Plugin
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"ASIO4ALL" = ASIO4ALL
"aTube Catcher" = aTube Catcher
"Avira AntiVir Desktop" = Avira Free Antivirus
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Canon MP240 series User Registration" = Canon MP240 series User Registration
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"catalinagroupltdmoviestoolbarhaCR" = Movies Toolbar for Chrome (Dist. by MaxiGet Ltd.)
"catalinagroupltdmoviestoolbarhaIE" = Movies Toolbar for Internet Explorer (Dist. by MaxiGet Ltd.)
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.24
"DAEMON Tools Lite" = DAEMON Tools Lite
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"FL Studio 10" = FL Studio 10
"Free Studio_is1" = Free Studio version 5.6.2.627
"GFWL_{53450FA2-E900-456E-9715-501000008200}" = Virtua Tennis 4™
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"IL Download Manager" = IL Download Manager
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 8.0.0
"League of Legends 3.0.1" = League of Legends
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verzia 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Mozilla Firefox 29.0.1 (x86 sk)" = Mozilla Firefox 29.0.1 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"Mp3 Knife_is1" = Mp3 Knife 3.4
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 12.14.1738" = Opera 12.14
"PCData App" = PC Data App
"PROPLUS" = Microsoft Office Professional Plus 2007
"PSPad editor_is1" = PSPad editor
"Quake Live" = Quake Live
"SopCast" = SopCast 3.5.0
"SoundTap" = SoundTap Streaming Audio Recorder
"STANDARD" = Microsoft Office Standard 2007
"Steam App 208090" = Loadout
"Steam App 440" = Team Fortress 2
"StreamTorrent 1.0" = StreamTorrent 1.0
"strife" = Strife
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 2.0.5
"WavePad" = WavePad Sound Editor
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR archivátor
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"Akamai" = Akamai NetSession Interface
"MyFreeCodec" = MyFreeCodec
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GameRanger" = GameRanger
"TorrentStream" = Torrent Stream 2.0.8.2
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 19. 5. 2014 6:07:25 | Computer Name = PC-CE409955BAD8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3934719

Error - 19. 5. 2014 6:07:25 | Computer Name = PC-CE409955BAD8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3934719

Error - 19. 5. 2014 6:07:33 | Computer Name = PC-CE409955BAD8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 19. 5. 2014 6:07:33 | Computer Name = PC-CE409955BAD8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3942578

Error - 19. 5. 2014 6:07:33 | Computer Name = PC-CE409955BAD8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3942578

Error - 21. 5. 2014 5:40:35 | Computer Name = PC-CE409955BAD8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 21. 5. 2014 5:40:36 | Computer Name = PC-CE409955BAD8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2241156

Error - 21. 5. 2014 5:40:36 | Computer Name = PC-CE409955BAD8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2241156

Error - 22. 5. 2014 12:48:13 | Computer Name = PC-CE409955BAD8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 22. 5. 2014 12:48:13 | Computer Name = PC-CE409955BAD8 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 29919422

[ OSession Events ]
Error - 6. 12. 2012 17:14:10 | Computer Name = PC-CE409955BAD8 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

Error - 13. 3. 2013 14:38:23 | Computer Name = PC-CE409955BAD8 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 29
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3. 10. 2013 11:18:43 | Computer Name = PC-CE409955BAD8 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6. 10. 2013 10:57:06 | Computer Name = PC-CE409955BAD8 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 21. 5. 2014 9:07:00 | Computer Name = PC-CE409955BAD8 | Source = Tcpip | ID = 4199
Description = Systém zistil konflikt adresy IP 192.168.1.3 so systémom s adresou
sieťového hardvéru 7C:61:93:A7:19:7C. Sieťové operácie tohto systému môžu byť prerušené.

Error - 21. 5. 2014 9:40:24 | Computer Name = PC-CE409955BAD8 | Source = Tcpip | ID = 4199
Description = Systém zistil konflikt adresy IP 192.168.1.3 so systémom s adresou
sieťového hardvéru 7C:61:93:A7:19:7C. Sieťové operácie tohto systému môžu byť prerušené.

Error - 21. 5. 2014 9:43:27 | Computer Name = PC-CE409955BAD8 | Source = Tcpip | ID = 4199
Description = Systém zistil konflikt adresy IP 192.168.1.3 so systémom s adresou
sieťového hardvéru 7C:61:93:A7:19:7C. Sieťové operácie tohto systému môžu byť prerušené.

Error - 21. 5. 2014 9:46:14 | Computer Name = PC-CE409955BAD8 | Source = Tcpip | ID = 4199
Description = Systém zistil konflikt adresy IP 192.168.1.3 so systémom s adresou
sieťového hardvéru 7C:61:93:A7:19:7C. Sieťové operácie tohto systému môžu byť prerušené.

Error - 21. 5. 2014 9:50:02 | Computer Name = PC-CE409955BAD8 | Source = Tcpip | ID = 4199
Description = Systém zistil konflikt adresy IP 192.168.1.3 so systémom s adresou
sieťového hardvéru 7C:61:93:A7:19:7C. Sieťové operácie tohto systému môžu byť prerušené.

Error - 22. 5. 2014 1:46:52 | Computer Name = PC-CE409955BAD8 | Source = Tcpip | ID = 4191
Description = Protokol IP nemôže otvoriť kľúč databázy Registry pre adaptér TCPIP\Parameters\Adapters\NDISWANIP.
Rozhrania
tohto adaptéra nebudú inicializované.

Error - 22. 5. 2014 1:46:54 | Computer Name = PC-CE409955BAD8 | Source = Service Control Manager | ID = 7000
Description = Spustenie služby MonectServerService zlyhalo kvôli nasledujúcej chybe:
%%3

Error - 22. 5. 2014 1:46:54 | Computer Name = PC-CE409955BAD8 | Source = Service Control Manager | ID = 7009
Description = Časový limit (30000 ms) čakania na pripojenie služby Protect Monitor.

Error - 22. 5. 2014 1:46:54 | Computer Name = PC-CE409955BAD8 | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Protect Monitor zlyhalo kvôli nasledujúcej chybe:
%%1053

Error - 22. 5. 2014 12:48:14 | Computer Name = PC-CE409955BAD8 | Source = Tcpip | ID = 4191
Description = Protokol IP nemôže otvoriť kľúč databázy Registry pre adaptér TCPIP\Parameters\Adapters\NDISWANIP.
Rozhrania
tohto adaptéra nebudú inicializované.


< End of report >

OTL logfile created on: 22. 5. 2014 22:42:38 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Mato\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041b | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy

2,00 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 53,49% Memory free
3,85 Gb Paging File | 2,78 Gb Available in Paging File | 72,30% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 4,27 Gb Free Space | 4,37% Space Free | Partition Type: NTFS
Drive D: | 135,22 Gb Total Space | 16,51 Gb Free Space | 12,21% Space Free | Partition Type: NTFS
Drive F: | 1,63 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PC-CE409955BAD8 | User Name: Mato | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.05.22 22:41:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mato\Desktop\OTL.exe
PRC - [2014.05.13 14:29:30 | 003,814,736 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2014.05.13 14:29:22 | 001,682,768 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2014.04.25 19:13:47 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2014.04.15 16:07:50 | 000,375,056 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
PRC - [2014.04.04 21:37:16 | 000,173,070 | ---- | M] () -- C:\Program Files\PCDApp\dgen.exe
PRC - [2014.03.15 02:50:42 | 000,859,976 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011.01.20 03:59:18 | 000,217,088 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.03.03 18:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2008.01.22 10:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe


========== Modules (No Company Name) ==========

MOD - [2014.04.04 21:37:16 | 000,173,070 | ---- | M] () -- C:\Program Files\PCDApp\dgen.exe
MOD - [2014.03.15 02:50:40 | 013,637,448 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
MOD - [2014.03.15 02:50:40 | 000,394,568 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppgooglenaclpluginchrome.dll
MOD - [2014.03.15 02:50:38 | 004,061,000 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll
MOD - [2014.03.15 02:50:32 | 001,647,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
MOD - [2014.03.15 02:50:30 | 000,051,016 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
MOD - [2014.03.13 17:32:04 | 000,407,663 | ---- | M] () -- C:\Program Files\PCDApp\libcurl-4.dll
MOD - [2013.09.11 18:35:25 | 004,591,616 | ---- | M] () -- C:\Documents and Settings\Mato\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.5.0\libGLESv2.dll
MOD - [2013.09.11 18:35:25 | 000,112,128 | ---- | M] () -- C:\Documents and Settings\Mato\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.5.0\libEGL.dll
MOD - [2013.01.02 08:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2012.02.20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.02.20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.03.15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.04.14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.14 05:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008.01.22 10:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Protector by IB\ExtensionUpdaterService.exe -- (Protector by IB Updater)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - File not found [Auto | Stopped] -- C:\DOCUME~1\Mato\LOCALS~1\Temp\Rar$EX01.546\MonectServerService.exe -- (MonectServerService)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2014.05.14 15:49:12 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.05.13 14:29:22 | 001,682,768 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014.04.25 19:13:47 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2014.04.15 16:07:50 | 000,375,056 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2014.04.10 21:05:18 | 000,097,008 | ---- | M] () [Auto | Stopped] -- C:\Program Files\PCDApp\StartHelp.exe -- (ProtectMonitor)
SRV - [2011.01.20 03:59:18 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008.01.22 10:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena Plus\Room\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Mato\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2013.03.25 10:04:48 | 000,005,120 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monectdevices.sys -- (monectdevices)
DRV - [2012.09.20 06:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.09.20 06:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.08.01 20:13:40 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2012.07.24 14:33:45 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.06.02 07:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.06.02 07:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011.06.02 07:47:22 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011.06.02 07:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011.01.20 03:59:18 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.04.09 02:30:10 | 000,168,040 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2010.03.04 18:02:10 | 000,013,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2010.03.04 18:02:08 | 000,070,912 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2010.01.27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2006.07.02 04:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.03.17 18:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005.03.03 19:53:57 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005.02.23 17:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02)
DRV - [2004.08.13 05:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.yd.delta-search.com/?affID=1 ... 2215d3ceac
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchsun.info/?pid=72 ... g=EN&cc=SK
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2E C9 1D 18 C4 0D CD 01 [binary data]
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value found
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\..\URLSearchHook: {96f454ea-9d38-474f-b504-56193e00c1a5} - No CLSID value found
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - No CLSID value found
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.yd.delta-search.com/?q={sear ... 2215d3ceac
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\..\SearchScopes\{9CC1E0A6-55E4-4501-A8B2-CBCE911A8AFF}: "URL" = http://websearch.ask.com/redirect?clien ... 003616230B
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.searchsun.info/?l=1&q= ... g=EN&cc=SK
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb139/?se ... dZkLk&i=26
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\..\SearchScopes\{ED0B4968-21C6-421B-9590-B04536ECEC37}: "URL" = http://search.conduit.com/ResultsExt.as ... &CUI=&UM=1
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... earchTerms}
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BA 0E 62 CC 7A 6E CD 01 [binary data]
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1007\..\URLSearchHook: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No CLSID value found
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1007\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1007\..\SearchScopes\{84269AE1-F2FA-419D-AE8A-98B438BDE002}: "URL" = http://websearch.ask.com/redirect?clien ... 003616230B
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1960408961-1078145449-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll File not found
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\Documents and Settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@torrentstream.net/tsplugin,version=2.0.8.2: C:\Documents and Settings\Mato\Application Data\TorrentStream\player\npts_plugin.dll (Innovative Digital Technologies)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Mato\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@vdownloader.com: C:\Program Files\VDownloader\Addons\FireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012.08.12 12:10:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mato\Application Data\Mozilla\Extensions
[2012.04.20 21:42:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mato\Application Data\Mozilla\Firefox\extensions
[2012.04.20 21:42:42 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Documents and Settings\Mato\Application Data\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2014.04.28 18:56:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mato\Application Data\Mozilla\Firefox\Profiles\q2j5jg21.default\extensions
[2013.02.20 12:06:38 | 000,001,052 | ---- | M] () -- C:\Documents and Settings\Mato\Application Data\Mozilla\Firefox\Profiles\q2j5jg21.default\searchplugins\ashampoo-us-customized-web-search.xml
[2014.05.14 21:45:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.05.14 21:45:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Mato\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.426_0\npbrowserext.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Documents and Settings\Mato\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Documents and Settings\Mato\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ggagiiobgjmfpdadhecbofeoelcpidec\10.13.20.29_0\plugins/np-cwmp.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Mato\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Mato\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Mato\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Mato\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Hada v Google = C:\Documents and Settings\Mato\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Soccer Manager = C:\Documents and Settings\Mato\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kpemkngoajegcbamebdmnkjoalpofpbj\1.1.6.2_0\
CHR - Extension: Peňaženka Google = C:\Documents and Settings\Mato\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\Mato\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2014.05.14 00:46:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\..\Toolbar\WebBrowser: (no name) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - No CLSID value found.
O3 - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\..\Toolbar\WebBrowser: (no name) - {96F454EA-9D38-474F-B504-56193E00C1A5} - No CLSID value found.
O3 - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min File not found
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKU\S-1-5-21-1960408961-1078145449-839522115-1006..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe File not found
O4 - HKU\S-1-5-21-1960408961-1078145449-839522115-1006..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\Tomas\Local Settings\Application Data\Akamai\netsession_win.exe" File not found
O4 - HKU\S-1-5-21-1960408961-1078145449-839522115-1006..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1960408961-1078145449-839522115-1006..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKU\S-1-5-21-1960408961-1078145449-839522115-1006..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe File not found
O4 - HKU\S-1-5-21-1960408961-1078145449-839522115-1006..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload File not found
O4 - HKU\S-1-5-21-1960408961-1078145449-839522115-1006..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe File not found
O4 - HKU\S-1-5-21-1960408961-1078145449-839522115-1006..\Run: [LiveSupport] "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log File not found
O4 - HKU\S-1-5-21-1960408961-1078145449-839522115-1006..\Run: [System] C:\Documents and Settings\Tomas\Music\lst.exe File not found
O4 - HKU\S-1-5-21-1960408961-1078145449-839522115-1006..\Run: [uTorrent] C:\Documents and Settings\Tomas\Application Data\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1960408961-1078145449-839522115-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1960408961-1078145449-839522115-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1960408961-1078145449-839522115-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1960408961-1078145449-839522115-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1960408961-1078145449-839522115-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Mato\Application Data\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Mato\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.55.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BAEB1809-39FA-4A21-90CE-88DA0AC37A1F}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuálna domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Mato\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mato\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.11.21 16:50:47 | 000,000,075 | R--- | M] () - F:\Autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.bdmpeg - C:\WINDOWS\System32\bdmpega.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mjpg - C:\WINDOWS\System32\bdmjpeg.dll ()
Drivers32: vidc.mpeg - C:\WINDOWS\System32\bdmpegv.dll ()
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.05.22 22:41:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mato\Desktop\OTL.exe
[2014.05.15 10:24:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014.05.15 10:19:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LogMeIn Hamachi
[2014.05.15 10:19:28 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2014.05.14 21:45:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014.05.14 18:19:04 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2014.05.14 17:16:49 | 000,000,000 | ---D | C] -- C:\Games
[2014.05.14 10:58:55 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2014.05.14 00:45:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2014.05.14 00:33:09 | 000,000,000 | ---D | C] -- C:\ComboFix
[2014.05.13 22:09:05 | 000,000,000 | ---D | C] -- C:\Program Files\PCDApp
[2014.05.13 22:08:31 | 000,000,000 | ---D | C] -- C:\Program Files\Supporter
[2014.05.13 16:45:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mato\Desktop\konečné
[2014.05.13 13:18:28 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2014.05.13 13:18:28 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2014.05.13 13:18:28 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2014.05.13 13:18:28 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2014.05.12 13:00:35 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Mato\Desktop\ComboFix
[2014.05.08 23:12:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mato\Desktop\Daňo cd
[2014.05.08 15:15:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mato\Desktop\možeš
[2014.05.08 13:57:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mato\Desktop\cigáň
[2014.05.03 10:38:59 | 000,000,000 | ---D | C] -- C:\Program Files\Strife
[2014.05.01 21:16:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mato\Desktop\Nový priečinok
[2014.05.01 14:26:52 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2014.05.01 14:21:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.05.01 14:20:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2014.04.28 19:08:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mato\Application Data\Malwarebytes
[2014.04.28 19:08:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2014.04.28 18:53:28 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.04.25 19:14:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014.04.25 19:14:24 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2014.04.25 19:14:11 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2014.04.25 19:14:11 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2014.04.25 19:14:11 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2014.04.25 19:14:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Java
[2014.04.25 15:10:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mato\Recent
[2014.04.25 14:38:43 | 000,000,000 | ---D | C] -- C:\rsit
[2012.04.13 22:33:26 | 003,623,592 | ---- | C] (Ask) -- C:\Program Files\Common Files\ApnToolbarInstaller.exe
[2012.04.13 22:33:26 | 000,143,240 | ---- | C] (Ask.com) -- C:\Program Files\Common Files\ApnStub.exe

========== Files - Modified Within 30 Days ==========

[2014.05.22 22:44:23 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.05.22 22:41:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mato\Desktop\OTL.exe
[2014.05.22 22:20:00 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.05.22 21:51:00 | 000,001,016 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1078145449-839522115-1006UA.job
[2014.05.22 21:48:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.05.22 07:46:34 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.05.22 07:46:34 | 000,000,222 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014.05.22 07:46:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.05.21 22:51:01 | 000,000,964 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1078145449-839522115-1006Core.job
[2014.05.16 10:14:57 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.05.15 11:46:35 | 000,152,862 | ---- | M] () -- C:\Documents and Settings\Mato\Desktop\tiket.JPG
[2014.05.14 15:49:12 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014.05.14 15:49:12 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014.05.14 00:46:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014.05.12 13:00:31 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2014.05.08 16:55:37 | 000,000,216 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014.05.08 15:19:10 | 023,523,190 | ---- | M] () -- C:\Documents and Settings\Mato\Desktop\fotky_oa_4a.zip
[2014.05.04 11:39:05 | 004,444,257 | ---- | M] () -- C:\Documents and Settings\Mato\Desktop\Calvin_Harris_-_Summer.mp3
[2014.05.03 19:38:17 | 000,077,143 | ---- | M] () -- C:\Documents and Settings\Mato\Desktop\strašné.jpg
[2014.05.03 10:44:23 | 000,240,672 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2014.05.03 10:44:23 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2014.05.01 14:26:59 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2014.04.30 15:41:29 | 003,972,608 | ---- | M] () -- C:\Documents and Settings\Mato\Desktop\RogueKiller.exe
[2014.04.30 10:13:01 | 006,022,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2014.04.26 00:15:11 | 003,778,403 | ---- | M] () -- C:\Documents and Settings\Mato\Desktop\Clean-Bandit-Rather-Be-Feat.-Jess-Glynne.mp3
[2014.04.25 19:13:48 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2014.04.25 19:13:46 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2014.04.25 19:13:45 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2014.04.25 19:13:45 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2014.04.25 19:13:45 | 000,145,408 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl

========== Files Created - No Company Name ==========

[2014.05.22 22:44:23 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.05.15 11:46:35 | 000,152,862 | ---- | C] () -- C:\Documents and Settings\Mato\Desktop\tiket.JPG
[2014.05.13 13:18:28 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2014.05.13 13:18:28 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2014.05.13 13:18:28 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2014.05.13 13:18:28 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2014.05.13 13:18:28 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2014.05.08 15:18:19 | 023,523,190 | ---- | C] () -- C:\Documents and Settings\Mato\Desktop\fotky_oa_4a.zip
[2014.05.04 11:30:26 | 004,444,257 | ---- | C] () -- C:\Documents and Settings\Mato\Desktop\Calvin_Harris_-_Summer.mp3
[2014.05.03 19:38:15 | 000,077,143 | ---- | C] () -- C:\Documents and Settings\Mato\Desktop\strašné.jpg
[2014.05.01 14:26:59 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2014.05.01 14:26:56 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2014.04.30 15:41:02 | 003,972,608 | ---- | C] () -- C:\Documents and Settings\Mato\Desktop\RogueKiller.exe
[2014.04.25 22:46:01 | 000,001,016 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1078145449-839522115-1006UA.job
[2014.04.25 22:46:00 | 000,000,964 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1078145449-839522115-1006Core.job
[2014.04.25 19:13:48 | 003,778,403 | ---- | C] () -- C:\Documents and Settings\Mato\Desktop\Clean-Bandit-Rather-Be-Feat.-Jess-Glynne.mp3
[2013.12.24 19:37:38 | 000,203,559 | ---- | C] () -- C:\WINDOWS\System32\poclbm130302GeForce 9600 GTv1w256l4.bin
[2013.12.24 19:37:29 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Mato\regbcm
[2013.08.05 08:15:08 | 000,066,104 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll
[2013.08.05 08:15:06 | 000,023,080 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll
[2013.07.28 00:33:01 | 000,685,398 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1960408961-1078145449-839522115-1007-0.dat
[2013.04.25 19:30:26 | 000,723,230 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2013.04.25 19:30:26 | 000,048,034 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2013.04.17 20:02:28 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\drivers\monectdevices.sys
[2013.02.24 18:14:06 | 000,001,480 | ---- | C] () -- C:\Documents and Settings\Mato\Local Settings\Application Data\Adobe Uložit pro web 11.0 Prefs
[2012.10.10 22:45:27 | 001,245,622 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1960408961-1078145449-839522115-1006-0.dat
[2012.10.10 22:45:25 | 000,689,790 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012.10.10 19:13:52 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2012.10.10 19:13:52 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2012.09.08 22:05:38 | 000,558,133 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2012.08.13 21:35:38 | 000,000,102 | ---- | C] () -- C:\Program Files\Common Files\IMG_359485_4215.jpg
[2012.08.04 23:10:36 | 000,138,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2012.08.04 23:10:32 | 000,138,904 | ---- | C] () -- C:\Documents and Settings\Mato\Application Data\PnkBstrK.sys
[2012.07.24 19:54:01 | 000,281,288 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2012.07.24 19:54:00 | 000,076,888 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2012.06.14 14:22:52 | 000,084,148 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012.05.22 14:38:11 | 000,169,984 | ---- | C] () -- C:\Documents and Settings\Mato\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.20 14:54:37 | 000,051,186 | ---- | C] () -- C:\Documents and Settings\Mato\Application Data\room_v3.dat
[2012.04.06 14:48:58 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\Mato\Local Settings\Application Data\DonationCoder_ScreenshotCaptor_InstallInfo.dat

========== ZeroAccess Check ==========

[2012.04.01 20:55:17 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 14:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.10.22 20:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2014.04.13 17:10:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\792004a728ea8548
[2012.03.28 13:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2014.04.29 20:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Assistant
[2012.03.31 13:46:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2014.04.01 19:20:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ
[2014.05.14 10:58:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2012.03.31 13:57:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX
[2012.03.31 13:52:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2014.05.14 10:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2012.10.08 11:57:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2012.03.31 13:52:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenu
[2012.07.24 14:39:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2013.09.11 18:02:07 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\DSS
[2013.09.17 16:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2014.04.29 20:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ExstrauSSavings
[2012.04.20 14:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GarenaMessenger
[2013.10.12 22:31:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\id Software
[2014.03.25 22:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2012.08.19 11:41:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JAGUAR
[2013.10.03 15:21:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2012.07.26 19:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MySQL
[2012.10.25 20:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2013.09.17 16:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Origin
[2014.04.13 08:33:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2014.03.25 22:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Puresafe
[2012.08.24 13:27:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Remedy
[2014.03.25 22:31:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\safeweB
[2013.10.13 19:31:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2013.06.28 15:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2013.04.20 19:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Steam
[2012.08.11 18:15:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2013.12.27 00:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2012.04.20 23:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2013.05.26 18:21:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamina\Application Data\Opera
[2012.07.22 11:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamina\Application Data\VDownloader
[2013.03.19 20:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\.minecraft
[2012.12.09 12:48:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\.minecraftsl
[2013.04.07 16:08:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\.Torrent Stream
[2012.12.23 20:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Ashampoo
[2014.01.19 13:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\BANDISOFT
[2012.10.08 11:57:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Canon
[2012.07.24 14:39:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\DAEMON Tools Lite
[2012.04.06 14:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\DonationCoder
[2012.08.22 16:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Dropbox
[2013.07.10 11:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\DVDVideoSoft
[2012.07.25 21:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\GameRanger
[2012.04.20 13:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Garena
[2012.04.20 14:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\GarenaPlus
[2012.08.10 00:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\GHISLER
[2012.04.01 21:02:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Leadertech
[2012.07.13 22:10:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\MAXON
[2012.07.26 19:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\MySQL
[2012.10.25 20:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\NCH Swift Sound
[2012.07.17 22:25:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Need for Speed World
[2012.03.28 20:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\OpenOffice.org
[2013.03.02 13:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Opera
[2013.09.11 16:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Origin
[2013.06.29 12:58:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Publish Providers
[2012.08.02 10:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\PunkBuster
[2012.10.22 20:04:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\redsn0w
[2012.11.25 15:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Rovio
[2013.06.29 12:58:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Sony
[2012.06.02 13:53:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Sports Interactive
[2013.03.02 17:33:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\StreamTorrent
[2013.04.16 19:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\TeamViewer
[2013.02.13 19:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\TS3Client
[2012.07.10 16:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\TuneUpMedia
[2012.08.02 10:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Ubisoft
[2014.01.16 23:35:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Unity
[2014.05.01 09:10:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\uTorrent
[2012.07.21 00:27:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\VDownloader
[2013.01.02 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Wargaming.net
[2013.01.23 14:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Delta
[2013.02.25 15:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ocino\Application Data\Canon
[2012.07.22 20:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ocino\Application Data\VDownloader
[2014.05.19 19:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\.minecraft
[2012.12.09 10:17:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\.minecraftsl
[2014.05.05 16:04:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\.technic
[2014.01.11 11:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\.techniclauncher
[2013.08.22 10:21:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\BANDISOFT
[2013.01.02 11:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\Canon
[2014.02.08 10:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\Crash Reports
[2013.01.23 14:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\CRDeltaTB
[2012.08.15 12:05:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\DAEMON Tools Lite
[2012.10.16 20:43:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\DarksporeData
[2012.10.01 20:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\DVDVideoSoft
[2013.12.30 00:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\ftblauncher
[2012.04.08 10:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\id Software
[2013.01.31 21:27:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\logs
[2013.12.25 23:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\LolClient
[2013.02.07 19:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\NCH Swift Sound
[2012.06.02 09:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\Need for Speed World
[2013.11.08 21:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\openvr
[2014.02.08 10:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\Profiles
[2012.07.24 19:53:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\PunkBuster
[2013.12.25 20:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\Riot Games
[2012.10.16 21:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\Samsung
[2013.02.07 19:11:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\skyz
[2012.11.14 18:46:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\Spore
[2014.05.22 22:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\TS3Client
[2013.03.14 18:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\TunkDesign
[2012.08.11 18:15:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\Ubisoft
[2012.04.10 11:00:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\Unity
[2014.05.18 23:13:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\uTorrent
[2014.05.13 22:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\Wise
[2014.05.05 16:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Application Data\čarovňák

========== Purity Check ==========



========== Custom Scans ==========

< >
[2012.03.28 12:34:52 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2012.03.28 12:39:33 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.09.09 13:27:46 | 000,000,830 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012.09.16 00:51:17 | 000,000,278 | ---- | C] () -- C:\WINDOWS\Tasks\SoundTapReminder.job
[2012.09.16 00:51:17 | 000,000,278 | ---- | C] () -- C:\WINDOWS\Tasks\SoundTapSevenDays.job
[2012.10.25 20:21:40 | 000,000,274 | ---- | C] () -- C:\WINDOWS\Tasks\WavePadDowngrade.job
[2013.10.15 14:59:36 | 000,000,916 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.10.15 14:59:36 | 000,000,920 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2014.03.23 01:09:25 | 000,000,276 | ---- | C] () -- C:\WINDOWS\Tasks\WavePadReminder.job
[2014.03.28 20:34:26 | 000,000,216 | ---- | C] () -- C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014.03.28 20:34:26 | 000,000,222 | ---- | C] () -- C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014.04.25 22:46:00 | 000,000,964 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1078145449-839522115-1006Core.job
[2014.04.25 22:46:01 | 000,001,016 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1078145449-839522115-1006UA.job

< >

< MD5 for: AGP440.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\erdnt\cache\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2006.02.28 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:42:14 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\cmdcons\autochk.exe
[2008.04.14 05:42:14 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:42:14 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2006.02.28 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.02.28 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2006.02.28 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2006.02.28 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2006.02.28 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2006.02.28 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.14 00:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 00:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2006.02.28 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys

< MD5 for: LSASS.EXE >
[2006.02.28 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.02.28 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2006.02.28 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NVGTS.SYS >
[2010.04.09 02:30:10 | 000,168,040 | ---- | M] (NVIDIA Corporation) MD5=52DCE3B30C9D61C8E20FE3C6DA4BDFB7 -- C:\Documents and Settings\Mato\Desktop\Plocha\ovladace\Chipset_V1556_XP32bit\Chipset_V15.56_XP32bit\IDE\WinXP\sata_ide\nvgts.sys
[2010.04.09 02:30:10 | 000,168,040 | ---- | M] (NVIDIA Corporation) MD5=52DCE3B30C9D61C8E20FE3C6DA4BDFB7 -- C:\WINDOWS\system32\drivers\nvgts.sys
[2010.04.09 02:30:10 | 000,168,040 | ---- | M] (NVIDIA Corporation) MD5=52DCE3B30C9D61C8E20FE3C6DA4BDFB7 -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\nvgts.sys
[2010.04.09 02:30:28 | 000,168,040 | ---- | M] (NVIDIA Corporation) MD5=87096913DFB9129144E1038AADFF17EE -- C:\Documents and Settings\Mato\Desktop\Plocha\ovladace\Chipset_V1556_XP32bit\Chipset_V15.56_XP32bit\IDE\WinXP\sataraid\nvgts.sys

< MD5 for: NVRD32.SYS >
[2010.04.09 02:30:28 | 000,139,368 | ---- | M] (NVIDIA Corporation) MD5=587E8634A13B682FA39E0DA48CA88ED5 -- C:\Documents and Settings\Mato\Desktop\Plocha\ovladace\Chipset_V1556_XP32bit\Chipset_V15.56_XP32bit\IDE\WinXP\sataraid\nvrd32.sys

< MD5 for: SCECLI.DLL >
[2006.02.28 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 05:42:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:42:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2006.02.28 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.04 00:56:58 | 000,152,576 | ---- | M] (Microsoft Corporation) MD5=DA5CF1C368B33D75602FD6B3A7F5E0C6 -- C:\cmdcons\SYSTEM32\SMSS.EXE

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2006.02.28 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.02.28 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2006.02.28 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.02.28 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2006.02.28 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[24 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2012.10.22 20:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2014.04.13 17:10:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\792004a728ea8548
[2012.09.09 13:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2012.04.20 23:42:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2012.10.22 20:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2012.03.28 13:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2014.04.29 20:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Assistant
[2013.05.13 13:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2012.03.31 13:46:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2014.04.01 19:20:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ
[2014.05.14 10:58:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2012.03.31 13:57:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX
[2012.03.31 13:52:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2014.05.14 10:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2012.10.08 11:57:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2012.03.31 13:52:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenu
[2012.07.24 14:39:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2013.09.11 18:02:07 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\DSS
[2013.09.17 16:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2014.04.29 20:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ExstrauSSavings
[2012.04.20 14:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GarenaMessenger
[2013.10.12 22:31:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\id Software
[2014.03.25 22:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2012.08.19 11:41:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JAGUAR
[2013.10.03 15:21:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2014.04.28 19:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012.03.29 21:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2014.01.15 12:07:38 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2014.05.15 10:25:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2012.05.04 15:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012.07.26 19:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MySQL
[2012.11.03 13:27:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Software
[2012.10.25 20:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2013.09.17 16:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Origin
[2014.04.13 08:33:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2014.03.25 22:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Puresafe
[2012.08.24 13:27:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Remedy
[2014.03.25 22:31:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\safeweB
[2013.10.13 19:31:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2014.03.05 17:14:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2013.06.28 15:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2013.04.20 19:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Steam
[2012.04.06 00:46:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2012.08.11 18:15:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2012.03.28 13:25:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2013.12.27 00:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2012.04.20 23:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2012.08.21 13:01:28 | 001,977,816 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1\GEARDIFx.exe
[2012.08.21 13:01:22 | 000,115,672 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DifXInst32.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.0\3540\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.0\3540\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.0\3540\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.0\3540\ReaderUpdater.exe
[2012.12.03 09:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.4\30793\AcrobatUpdater.exe
[2012.12.03 09:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.4\30793\AdobeARM.exe
[2012.12.03 09:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.4\30793\AdobeARMHelper.exe
[2012.12.03 09:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.4\30793\ReaderUpdater.exe
[2013.04.04 23:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.6\9666\AcrobatUpdater.exe
[2013.04.04 23:06:36 | 000,958,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.6\9666\AdobeARM.exe
[2013.04.04 23:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.6\9666\AdobeARMHelper.exe
[2013.04.04 23:06:36 | 000,353,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.6\9666\ReaderUpdater.exe
[2013.11.21 18:57:26 | 000,342,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.8\26928\AcrobatUpdater.exe
[2013.11.21 18:57:26 | 000,959,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.8\26928\AdobeARM.exe
[2013.11.21 18:57:26 | 000,342,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.8\26928\AdobeARMHelper.exe
[2013.11.21 18:57:26 | 000,342,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.8\26928\ReaderUpdater.exe
[2011.06.06 22:45:23 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA1000000001}\setup.exe
[2012.10.22 20:11:14 | 000,073,624 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.7.0.21\SetupAdmin.exe
[2014.03.23 00:42:27 | 011,455,808 | ---- | M] (Electronic Arts) -- C:\Documents and Settings\All Users\Application Data\Electronic Arts\Need For Speed World\Data\nfsw.exe
[2012.04.20 14:45:53 | 001,053,198 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\GarenaMessenger\update\12069\GarenaMessenger.exe
[2012.04.20 14:45:54 | 000,102,036 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\GarenaMessenger\update\12069\PluginAdminExec.exe
[2012.04.20 14:46:08 | 000,100,676 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\GarenaMessenger\update\12069\UpdateEx.exe
[2012.11.30 03:09:14 | 000,015,528 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\Documents and Settings\All Users\Application Data\InstallMate\{307AE154-8BDE-4A70-A89B-C3FCEB99C3A2}\Setup.exe
[2013.03.12 10:59:14 | 000,015,968 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\Documents and Settings\All Users\Application Data\InstallMate\{530B5127-30B6-41B4-A35F-789488E873D1}\Setup.exe
[2013.03.12 10:59:14 | 000,015,968 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\Documents and Settings\All Users\Application Data\InstallMate\{62A144B0-3DA5-4875-AA9E-7587B9426646}\Setup.exe
[2012.04.23 03:14:15 | 000,015,496 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\Documents and Settings\All Users\Application Data\InstallMate\{C1E28B35-42CA-43F0-8B8B-85F6E7255916}\Setup.exe
[2012.11.30 03:09:14 | 000,015,528 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\Documents and Settings\All Users\Application Data\InstallMate\{DF431D30-7AC8-4947-ABAC-32EA04A03FC6}\Setup.exe
[2014.04.12 14:11:18 | 000,457,880 | ---- | M] (Корпорация Майкрософт) -- C:\Documents and Settings\All Users\Application Data\Package Cache\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}\vcredist_x86.exe
[2014.03.25 22:31:38 | 000,424,448 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\safeweB\4iT.exe
[2013.10.09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

< %APPDATA%\*. >
[2013.03.19 20:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\.minecraft
[2012.12.09 12:48:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\.minecraftsl
[2013.04.07 16:08:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\.Torrent Stream
[2012.08.11 14:31:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Adobe
[2013.06.29 15:06:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Apple Computer
[2012.12.23 20:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Ashampoo
[2014.01.19 13:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\BANDISOFT
[2012.10.08 11:57:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Canon
[2012.07.24 14:39:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\DAEMON Tools Lite
[2012.04.06 14:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\DonationCoder
[2012.08.22 16:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Dropbox
[2014.01.23 00:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\dvdcss
[2013.07.10 11:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\DVDVideoSoft
[2012.07.25 21:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\GameRanger
[2012.04.20 13:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Garena
[2012.04.20 14:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\GarenaPlus
[2012.08.10 00:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\GHISLER
[2012.03.28 19:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Identities
[2012.04.01 21:02:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Leadertech
[2012.03.28 19:50:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Macromedia
[2014.04.28 19:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Malwarebytes
[2012.07.13 22:10:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\MAXON
[2013.10.17 19:41:15 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Mato\Application Data\Microsoft
[2012.08.12 12:10:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Mozilla
[2012.07.26 19:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\MySQL
[2012.11.03 13:27:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\NCH Software
[2012.10.25 20:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\NCH Swift Sound
[2012.07.17 22:25:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Need for Speed World
[2012.08.04 23:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\NVIDIA
[2012.03.28 20:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\OpenOffice.org
[2013.03.02 13:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Opera
[2013.09.11 16:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Origin
[2012.07.26 23:53:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\PSpad
[2013.06.29 12:58:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Publish Providers
[2012.08.02 10:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\PunkBuster
[2012.10.22 20:04:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\redsn0w
[2012.11.25 15:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Rovio
[2012.06.16 12:52:51 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Mato\Application Data\SecuROM
[2014.01.25 20:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Skype
[2013.06.29 12:58:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Sony
[2012.06.02 13:53:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Sports Interactive
[2013.03.02 17:33:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\StreamTorrent
[2012.04.06 00:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Sun
[2013.04.16 19:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\TeamViewer
[2013.03.02 17:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\TorrentStream
[2013.02.13 19:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\TS3Client
[2012.07.10 16:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\TuneUpMedia
[2012.08.02 10:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Ubisoft
[2014.01.16 23:35:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Unity
[2014.05.01 09:10:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\uTorrent
[2012.07.21 00:27:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\VDownloader
[2014.02.26 16:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\vlc
[2013.01.02 14:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\Wargaming.net
[2012.03.29 18:39:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mato\Application Data\WinRAR

< %APPDATA%\*.exe /s >
[2012.10.27 16:29:45 | 001,486,560 | ---- | M] (GameRanger Technologies) -- C:\Documents and Settings\Mato\Application Data\GameRanger\GameRanger\GameRanger.exe
[2012.03.29 14:07:04 | 000,015,872 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C9.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_094D2999E03AF067E6C5DD.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_1324D739AAFBC438F5DF5F.exe
[2012.08.16 01:09:40 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_1AB13FACDDE6955FB8A230.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_424C98A5BFF6DCA1DAE5AA.exe
[2012.08.16 01:09:40 | 000,013,262 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_468CFA8A7E114B58D146CF.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_48052E75363D0C07BD1414.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_498497E0B3A19E434C34D4.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_4E163F42BA37980EA26431.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_5136A5F2DDCC0D3A910F9D.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_67C82776DA9B2BD2EB5CB6.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_6FEFF9B68218417F98F549.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_7572D79E3B577574CBB073.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_77654C49366B8066FC67A3.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_7E89081F3BF7470C4D96D2.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_8B7EEDD38F13EE503C777F.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_8FB306F005534A5F8F402B.exe
[2012.08.16 01:09:40 | 000,013,262 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_980D59E01FA54B6F16CD02.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_993F095DA040DDF2E96980.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_A3706132CB87E4F6FEBBC8.exe
[2012.08.16 01:09:40 | 000,009,662 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_CBE8F7724EE29FD3761298.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_CD14D44FFAEB27F11907E1.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_CE3B7AE2615BF6D60CFA40.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_D8815CCC03F12BBA2E8FF2.exe
[2012.08.16 01:09:40 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_DE23B4B754846A2F62380B.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_E3A6692DA78EA6348F46BB.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_F4CF425756336027E951C6.exe
[2012.08.16 01:09:40 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_FBB40E0B40EF52A434900A.exe
[2011.02.24 17:07:45 | 000,835,440 | R--- | M] () -- C:\Documents and Settings\Mato\Application Data\PunkBuster\pbsetup\pbsvc.exe
[2013.03.02 17:11:29 | 000,150,214 | ---- | M] () -- C:\Documents and Settings\Mato\Application Data\TorrentStream\Uninstall.exe
[2013.02.27 22:12:20 | 000,026,744 | ---- | M] () -- C:\Documents and Settings\Mato\Application Data\TorrentStream\.data\engine2\backup\last\tsengine.exe
[2013.02.27 22:12:22 | 000,026,744 | ---- | M] () -- C:\Documents and Settings\Mato\Application Data\TorrentStream\.data\engine2\backup\last\tsengine_stream.exe
[2013.02.27 22:12:20 | 000,026,744 | ---- | M] () -- C:\Documents and Settings\Mato\Application Data\TorrentStream\.data\engine2\download\2.0.8.5\tsengine.exe
[2013.02.27 22:12:22 | 000,026,744 | ---- | M] () -- C:\Documents and Settings\Mato\Application Data\TorrentStream\.data\engine2\download\2.0.8.5\tsengine_stream.exe
[2013.03.06 13:10:44 | 000,026,744 | ---- | M] () -- C:\Documents and Settings\Mato\Application Data\TorrentStream\.data\engine2\download\2.0.8.6\tsengine.exe
[2013.03.06 13:10:44 | 000,026,744 | ---- | M] () -- C:\Documents and Settings\Mato\Application Data\TorrentStream\.data\engine2\download\2.0.8.6\tsengine_stream.exe
[2013.03.06 13:10:44 | 000,026,744 | ---- | M] () -- C:\Documents and Settings\Mato\Application Data\TorrentStream\engine\tsengine.exe
[2013.03.06 13:10:44 | 000,026,744 | ---- | M] () -- C:\Documents and Settings\Mato\Application Data\TorrentStream\engine\tsengine_stream.exe
[2011.06.12 15:05:52 | 000,049,664 | ---- | M] () -- C:\Documents and Settings\Mato\Application Data\TorrentStream\engine\w9xpopen.exe
[2012.11.29 15:56:24 | 000,098,936 | ---- | M] () -- C:\Documents and Settings\Mato\Application Data\TorrentStream\player\tsplayer.exe
[2012.11.29 15:56:24 | 000,039,544 | ---- | M] () -- C:\Documents and Settings\Mato\Application Data\TorrentStream\player\vlc-cache-gen.exe
[2012.10.26 15:43:52 | 000,026,232 | ---- | M] () -- C:\Documents and Settings\Mato\Application Data\TorrentStream\updater\tsupdate.exe
[2011.06.12 15:05:52 | 000,049,664 | ---- | M] () -- C:\Documents and Settings\Mato\Application Data\TorrentStream\updater\w9xpopen.exe
[2013.02.02 20:01:54 | 001,075,024 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\Mato\Application Data\uTorrent\uTorrent.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2012.03.28 14:26:40 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2012.03.28 14:26:40 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2012.03.28 14:26:40 | 000,888,832 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:42:18 | 000,015,360 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.05.22 22:44:23 | 000,000,512 | ---- | M] () MD5=63035BC7840E52C5956ECE7C3472373A -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2014.03.26 11:04:44 | 002,063,765 | R--- | M] () -- \Castlevania.Lord.of.Shadow.2-WOLVERDONFILMES.COM\rld-cvanialos2\CLoS Crack FLT.7z
[2013.09.30 16:31:07 | 234,356,440 | ---- | M] () -- \Documents and Settings\Mato\Desktop\FL-Studio-10.0.9c-Producer-Edition-+-crack-a-český-návod-na-instalaci........HANZY.zip
[2012.02.26 11:12:08 | 009,872,653 | ---- | M] () -- \Documents and Settings\Mato\Desktop\PhotoShopCS4\Textures\crackedtextures.rar
[2012.10.10 15:45:03 | 016,707,995 | ---- | M] () -- \Documents and Settings\Mato\Desktop\Plocha\Crack.rar
[1 \Documents and Settings\Mato\Desktop\Plocha\*.tmp files -> \Documents and Settings\Mato\Desktop\Plocha\*.tmp -> ]
[2012.02.26 11:12:08 | 009,872,653 | ---- | M] () -- \Documents and Settings\Mato\Desktop\Plocha\PhotoShopCS4\Textures\crackedtextures.rar
[2013.12.30 00:28:01 | 000,001,062 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\ftblauncher\ModPacks\MindCrack\logo_minecrack.png
[2013.12.30 00:28:01 | 000,008,681 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\ftblauncher\ModPacks\MindCrack\mindcrack_splash.png
[2014.03.26 11:04:35 | 000,002,608 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\uTorrent\CLoS Crack FLT.7z.torrent
[2012.11.18 10:51:02 | 000,020,518 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\uTorrent\GTA SAN ANDREAS + CRACK + SA-MP.1.torrent
[2012.11.18 10:45:18 | 000,020,518 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\uTorrent\GTA SAN ANDREAS + CRACK + SA-MP.torrent
[2013.01.23 14:50:47 | 000,695,296 | ---- | M] () -- \Documents and Settings\Tomas\My Documents\Preberanie\Minecraft-AnjoCaido-(cracked).exe
[2012.07.24 21:59:09 | 172,331,269 | ---- | M] () -- \Documents and Settings\Tomas\My Documents\Stažené soubory\Assassins-Creed-Revelations---CRACK.rar
[2012.10.19 08:56:10 | 009,962,246 | ---- | M] () -- \Program Files\Image-Line\FL Studio 10\Fl Studio 10 Crack.....HANZY.exe
[2008.09.08 22:55:14 | 000,000,204 | ---- | M] () -- \Program Files\Image-Line\FL Studio 10\Plugins\Fruity\Effects\Hardcore\Presets\I cracked my Tube!.hdprg
[2010.01.15 22:56:40 | 000,000,272 | ---- | M] () -- \Program Files\Image-Line\FL Studio 10\Plugins\Fruity\Generators\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch
[2010.01.15 22:56:40 | 000,000,272 | ---- | M] () -- \Program Files\Image-Line\FL Studio 10\Plugins\Fruity\Generators\DrumPad\Drum Patches\Sound FX\Crack.dmpatch

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2014.01.16 13:19:45 | 000,004,361 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.15.0.62_0\js\chromeBackstageLoader.js.vir
[2014.01.16 13:19:46 | 000,003,100 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.15.0.62_0\js\pluginLoader.js.vir
[2014.01.16 13:19:32 | 000,000,847 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.15.0.62_0\tb\al\ac\img\ajax-loader.gif.vir
[2014.01.16 13:19:32 | 000,001,135 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.15.0.62_0\tb\al\ac\img\loader-icon.png.vir
[2014.01.16 13:19:29 | 000,003,208 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.15.0.62_0\tb\al\ui\gf\img\loader.gif.vir
[2014.01.16 13:19:26 | 000,001,849 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.15.0.62_0\tb\al\wa\TWITTER\resources\ajax-loader.gif.vir
[2014.01.16 13:22:37 | 000,048,624 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.26.0.540_0\js\chromeBackstageLoader.js.vir
[2014.01.16 13:22:34 | 000,000,847 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.26.0.540_0\tb\al\ac\img\ajax-loader.gif.vir
[2014.01.16 13:22:35 | 000,001,135 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.26.0.540_0\tb\al\ac\img\loader-icon.png.vir
[2014.01.16 13:22:33 | 000,003,208 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.26.0.540_0\tb\al\ui\gf\img\loader.gif.vir
[2014.01.16 13:22:21 | 000,004,069 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.20.101.5_0\js\chromeBackstageLoader.js.vir
[2014.01.16 13:22:21 | 000,003,100 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.20.101.5_0\js\pluginLoader.js.vir
[2014.01.16 13:22:20 | 000,000,847 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.20.101.5_0\tb\al\ac\img\ajax-loader.gif.vir
[2014.01.16 13:22:20 | 000,001,135 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.20.101.5_0\tb\al\ac\img\loader-icon.png.vir
[2014.01.16 13:22:17 | 000,003,208 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.20.101.5_0\tb\al\ui\gf\img\loader.gif.vir
[2014.03.16 17:25:13 | 000,048,683 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.26.9.505_0\js\chromeBackstageLoader.js.vir
[2014.03.16 17:25:13 | 000,003,100 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.26.9.505_0\js\pluginLoader.js.vir
[2014.03.16 17:25:10 | 000,000,847 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.26.9.505_0\tb\al\ac\img\ajax-loader.gif.vir
[2014.03.16 17:25:10 | 000,001,135 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.26.9.505_0\tb\al\ac\img\loader-icon.png.vir
[2014.03.16 17:25:09 | 000,003,208 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.26.9.505_0\tb\al\ui\gf\img\loader.gif.vir
[2014.01.16 13:19:52 | 000,002,082 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ggagiiobgjmfpdadhecbofeoelcpidec\10.13.20.29_0\js\pluginLoader.js.vir
[2014.01.16 13:19:50 | 000,000,847 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ggagiiobgjmfpdadhecbofeoelcpidec\10.13.20.29_0\tb\al\ac\img\ajax-loader.gif.vir
[2014.01.16 13:19:50 | 000,001,135 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ggagiiobgjmfpdadhecbofeoelcpidec\10.13.20.29_0\tb\al\ac\img\loader-icon.png.vir
[2014.01.16 13:19:48 | 000,003,208 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ggagiiobgjmfpdadhecbofeoelcpidec\10.13.20.29_0\tb\al\ui\gf\img\loader.gif.vir
[2014.01.16 13:19:37 | 000,001,849 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ggagiiobgjmfpdadhecbofeoelcpidec\10.13.20.29_0\tb\al\wa\TWITTER\resources\ajax-loader.gif.vir
[2014.01.16 13:22:52 | 000,048,624 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ggagiiobgjmfpdadhecbofeoelcpidec\10.26.0.540_0\js\chromeBackstageLoader.js.vir
[2014.01.16 13:22:49 | 000,000,847 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ggagiiobgjmfpdadhecbofeoelcpidec\10.26.0.540_0\tb\al\ac\img\ajax-loader.gif.vir
[2014.01.16 13:22:49 | 000,001,135 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ggagiiobgjmfpdadhecbofeoelcpidec\10.26.0.540_0\tb\al\ac\img\loader-icon.png.vir
[2014.01.16 13:22:49 | 000,003,208 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ggagiiobgjmfpdadhecbofeoelcpidec\10.26.0.540_0\tb\al\ui\gf\img\loader.gif.vir
[2012.07.05 12:54:37 | 000,000,264 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mato\Application Data\dvdvideosoftiehelpers\freeytvdownloader.htm.vir
[2014.02.12 11:14:49 | 000,000,847 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mato\Application Data\Mozilla\Firefox\Profiles\q2j5jg21.default\Extensions\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}\Chrome\CT2481032\content\tb\al\ac\img\ajax-loader.gif.vir
[2014.02.12 11:14:50 | 000,001,135 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mato\Application Data\Mozilla\Firefox\Profiles\q2j5jg21.default\Extensions\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}\Chrome\CT2481032\content\tb\al\ac\img\loader-icon.png.vir
[2014.02.12 11:14:51 | 000,003,208 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Mato\Application Data\Mozilla\Firefox\Profiles\q2j5jg21.default\Extensions\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}\Chrome\CT2481032\content\tb\al\ui\gf\img\loader.gif.vir
[2012.07.23 08:11:21 | 000,216,359 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Tomas\Application Data\Mozilla\Firefox\Profiles\autth4pj.default\Extensions\OneClickDownloader@OneClickDownloader.com.xpi.vir
[2014.02.07 21:54:20 | 000,048,624 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Tomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.26.4.512_1\js\chromeBackstageLoader.js.vir
[2014.02.07 21:54:16 | 000,000,847 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Tomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.26.4.512_1\tb\al\ac\img\ajax-loader.gif.vir
[2014.02.07 21:54:16 | 000,001,135 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Tomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.26.4.512_1\tb\al\ac\img\loader-icon.png.vir
[2014.02.07 21:54:15 | 000,003,208 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Tomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.26.4.512_1\tb\al\ui\gf\img\loader.gif.vir
[2014.02.08 09:29:11 | 000,048,624 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Tomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.26.4.512_0\js\chromeBackstageLoader.js.vir
[2014.02.08 09:29:09 | 000,000,847 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Tomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.26.4.512_0\tb\al\ac\img\ajax-loader.gif.vir
[2014.02.08 09:29:09 | 000,001,135 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Tomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.26.4.512_0\tb\al\ac\img\loader-icon.png.vir
[2014.02.08 09:29:08 | 000,003,208 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Tomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.26.4.512_0\tb\al\ui\gf\img\loader.gif.vir
[2014.02.08 09:28:58 | 000,048,624 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Tomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ggagiiobgjmfpdadhecbofeoelcpidec\10.26.4.512_0\js\chromeBackstageLoader.js.vir
[2014.02.08 09:28:55 | 000,000,847 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Tomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ggagiiobgjmfpdadhecbofeoelcpidec\10.26.4.512_0\tb\al\ac\img\ajax-loader.gif.vir
[2014.02.08 09:28:55 | 000,001,135 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Tomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ggagiiobgjmfpdadhecbofeoelcpidec\10.26.4.512_0\tb\al\ac\img\loader-icon.png.vir
[2014.02.08 09:28:53 | 000,003,208 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Tomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ggagiiobgjmfpdadhecbofeoelcpidec\10.26.4.512_0\tb\al\ui\gf\img\loader.gif.vir
[2013.09.11 03:15:30 | 000,006,820 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files\Movies Toolbar\SafetyNut\SRTOOL~1\IE\chrome\skin\lib\panels\images\ajax-loader.gif.vir
[2012.06.02 08:58:54 | 000,004,068 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Electronic Arts\Need For Speed World\Data\GFX\_RadialFlareLoader_Double.gfx
[2012.04.20 14:45:48 | 000,014,515 | ---- | M] () -- \Documents and Settings\All Users\Application Data\GarenaMessenger\update\12069\FileLoader.dll
[2012.07.05 12:54:25 | 000,001,168 | ---- | M] () -- \Documents and Settings\All Users\Start Menu\Programs\DVDVideoSoft\Programs\Free Uploader for Facebook.lnk
[2012.07.05 12:54:25 | 000,001,113 | ---- | M] () -- \Documents and Settings\All Users\Start Menu\Programs\DVDVideoSoft\Programs\Free YouTube Uploader.lnk
[2014.05.16 18:34:56 | 000,004,006 | ---- | M] () -- \Documents and Settings\Mamina\Local Settings\Temporary Internet Files\Content.IE5\BD5KNUBH\uploaderapi2[2].swf
[2012.07.17 14:18:28 | 000,009,051 | ---- | M] () -- \Documents and Settings\Mato\Application Data\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.07.17 14:18:28 | 000,016,119 | ---- | M] () -- \Documents and Settings\Mato\Application Data\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.07.17 14:18:28 | 000,018,434 | ---- | M] () -- \Documents and Settings\Mato\Application Data\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.07.17 14:18:28 | 000,009,283 | ---- | M] () -- \Documents and Settings\Mato\Application Data\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012.07.17 14:18:28 | 000,001,898 | ---- | M] () -- \Documents and Settings\Mato\Application Data\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\NewsLoader.js
[2012.05.30 16:21:28 | 000,008,378 | ---- | M] () -- \Documents and Settings\Mato\Application Data\DVDVideoSoft\backup\FreeYTVDownloader\FreeYTVDownloaderProfile.xml
[2012.05.30 16:21:28 | 000,008,378 | ---- | M] () -- \Documents and Settings\Mato\Application Data\DVDVideoSoft\FreeYTVDownloader\FreeYTVDownloaderProfile.xml
[2012.10.24 21:01:21 | 000,177,718 | ---- | M] () -- \Documents and Settings\Mato\Application Data\DVDVideoSoft\logs\FreeYTVDownloader_v1.log
[2012.04.18 00:39:24 | 000,010,145 | ---- | M] () -- \Documents and Settings\Mato\Application Data\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\modules\ExternalLibraryLoader.jsm
[2012.02.07 18:37:14 | 000,008,192 | ---- | M] () -- \Documents and Settings\Mato\Application Data\TorrentStream\engine\lib\_win32sysloader.pyd
[2012.09.13 14:09:56 | 000,000,553 | ---- | M] () -- \Documents and Settings\Mato\Application Data\TorrentStream\player\skins\fs\default\1024\loader.png
[2012.09.13 14:09:56 | 000,000,686 | ---- | M] () -- \Documents and Settings\Mato\Application Data\TorrentStream\player\skins\fs\default\1280\loader.png
[2012.09.13 14:09:56 | 000,000,686 | ---- | M] () -- \Documents and Settings\Mato\Application Data\TorrentStream\player\skins\fs\default\1600\loader.png
[2012.09.13 14:09:56 | 000,001,239 | ---- | M] () -- \Documents and Settings\Mato\Application Data\TorrentStream\player\skins\fs\default\1920\loader.png
[2012.09.13 14:09:56 | 000,000,453 | ---- | M] () -- \Documents and Settings\Mato\Application Data\TorrentStream\player\skins\fs\default\800\loader.png
[2012.09.13 14:09:56 | 000,000,477 | ---- | M] () -- \Documents and Settings\Mato\Application Data\TorrentStream\player\skins\nofs\default\playlist\loader.png
[2012.02.07 18:37:14 | 000,008,192 | ---- | M] () -- \Documents and Settings\Mato\Application Data\TorrentStream\updater\lib\_win32sysloader.pyd
[2012.02.13 14:23:18 | 002,760,702 | ---- | M] () -- \Documents and Settings\Mato\Desktop\PhotoShopCS4\MojeVýtvory\uploader_des+.psd
[2012.02.13 14:23:18 | 002,760,702 | ---- | M] () -- \Documents and Settings\Mato\Desktop\Plocha\PhotoShopCS4\MojeVýtvory\uploader_des+.psd
[2014.05.05 16:08:46 | 001,103,814 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\.technic\modpacks\attack-of-the-bteam\ForgeModLoader-client-0.log
[2014.05.05 16:06:16 | 000,000,000 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\.technic\modpacks\attack-of-the-bteam\ForgeModLoader-client-0.log.lck
[2014.03.09 17:56:07 | 001,263,930 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\.technic\modpacks\attack-of-the-bteam\ForgeModLoader-client-1.log
[2014.03.09 17:40:37 | 000,000,068 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\.technic\modpacks\attack-of-the-bteam\config\TConPreloader.cfg
[2014.03.09 17:55:56 | 000,000,004 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\.technic\modpacks\attack-of-the-bteam\saves\New World\galacticraft\chunkloaders.dat
[2014.05.05 16:42:02 | 000,298,093 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\.technic\modpacks\carovny-minecraft-verze-41\ForgeModLoader-client-0.log
[2014.05.05 16:32:34 | 000,000,000 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\.technic\modpacks\carovny-minecraft-verze-41\ForgeModLoader-client-0.log.lck
[2014.01.11 11:43:42 | 000,864,579 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\.technic\modpacks\hexxit\ForgeModLoader-client-0.log
[2014.01.11 11:34:11 | 000,000,000 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\.technic\modpacks\hexxit\ForgeModLoader-client-0.log.lck
[2014.01.11 11:33:44 | 000,844,960 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\.technic\modpacks\hexxit\ForgeModLoader-client-1.log
[2013.12.28 18:46:03 | 000,646,473 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\.technic\modpacks\hexxit\ForgeModLoader-client-2.log
[2014.05.05 16:17:16 | 000,064,138 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\.technic\modpacks\tekkit\ForgeModLoader-0.log
[2014.05.05 16:12:14 | 000,001,980 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\.technic\modpacks\tekkit\mods\ComputerCraft\org\luaj\vm2\luajc\JavaLoader.class
[2013.12.17 10:55:01 | 000,489,026 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\.technic\modpacks\tekkitlite\ForgeModLoader-client-0.log
[2013.12.17 10:28:53 | 000,000,000 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\.technic\modpacks\tekkitlite\ForgeModLoader-client-0.log.lck
[2013.12.28 18:34:53 | 000,424,429 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\.technic\modpacks\tekkitmain\ForgeModLoader-client-0.log
[2013.12.28 18:30:39 | 000,000,000 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\.technic\modpacks\tekkitmain\ForgeModLoader-client-0.log.lck
[2013.12.28 18:28:59 | 000,422,235 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\.technic\modpacks\tekkitmain\ForgeModLoader-client-1.log
[2012.07.17 14:18:28 | 000,009,051 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.07.17 14:18:28 | 000,016,119 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.07.17 14:18:28 | 000,018,434 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.07.17 14:18:28 | 000,009,283 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012.07.17 14:18:28 | 000,001,898 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\NewsLoader.js
[2012.05.30 16:21:28 | 000,008,378 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\DVDVideoSoft\FreeYTVDownloader\FreeYTVDownloaderProfile.xml
[2012.10.14 08:24:06 | 000,001,765 | ---- | M] () -- \Documents and Settings\Tomas\Desktop\iné\MP3 Downloader.lnk
[2013.07.27 08:00:30 | 000,000,847 | ---- | M] () -- \Documents and Settings\Tomas\Desktop\iné\Staré údaje Firefoxu\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img\ajax-loader.gif
[2013.07.27 08:00:30 | 000,001,135 | ---- | M] () -- \Documents and Settings\Tomas\Desktop\iné\Staré údaje Firefoxu\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img\loader-icon.png
[2013.07.27 08:00:30 | 000,003,208 | ---- | M] () -- \Documents and Settings\Tomas\Desktop\iné\Staré údaje Firefoxu\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\img\loader.gif
[2013.07.27 08:00:31 | 000,001,849 | ---- | M] () -- \Documents and Settings\Tomas\Desktop\iné\Staré údaje Firefoxu\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\resources\ajax-loader.gif
[2013.07.27 08:00:27 | 000,000,847 | ---- | M] () -- \Documents and Settings\Tomas\Desktop\iné\Staré údaje Firefoxu\extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}\chrome\CT3289075\content\tb\al\ac\img\ajax-loader.gif
[2013.07.27 08:00:21 | 000,001,135 | ---- | M] () -- \Documents and Settings\Tomas\Desktop\iné\Staré údaje Firefoxu\extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}\chrome\CT3289075\content\tb\al\ac\img\loader-icon.png
[2013.07.27 08:00:23 | 000,003,208 | ---- | M] () -- \Documents and Settings\Tomas\Desktop\iné\Staré údaje Firefoxu\extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}\chrome\CT3289075\content\tb\al\ui\gf\img\loader.gif
[2013.07.27 08:00:23 | 000,001,849 | ---- | M] () -- \Documents and Settings\Tomas\Desktop\iné\Staré údaje Firefoxu\extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}\chrome\CT3289075\content\tb\al\wa\TWITTER\resources\ajax-loader.gif
[2012.11.13 03:12:56 | 000,001,607 | ---- | M] () -- \Documents and Settings\Tomas\Desktop\iné\Staré údaje Firefoxu\extensions\ffxtlbr@delta.com\content\loader.xul
[2012.06.27 21:56:46 | 000,002,920 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\YIV9AST8\vdownloader[1].xml
[2014.01.28 20:35:56 | 000,072,638 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Application Data\Skype\Apps\login\images\loader.gif
[2014.01.28 20:35:56 | 000,003,032 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Application Data\Skype\Apps\login\images\loader.png
[2014.01.28 20:35:56 | 000,006,012 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Application Data\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.01.28 20:35:56 | 000,021,956 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Application Data\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.01.28 20:35:56 | 000,009,772 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2014.05.22 07:47:02 | 000,001,976 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temporary Internet Files\Content.IE5\GSW24V79\AdLoader[1].htm
[2014.05.17 19:15:39 | 000,000,353 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temporary Internet Files\Content.IE5\TPG6X7ZC\queryLoader[1].css
[2014.05.17 19:15:44 | 000,005,505 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temporary Internet Files\Content.IE5\TPG6X7ZC\queryLoader[1].js
[2014.05.20 19:23:23 | 000,017,912 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temporary Internet Files\Content.IE5\XE6XBT29\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2014.05.14 16:54:03 | 000,112,122 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temporary Internet Files\Content.IE5\XE6XBT29\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2014.05.21 18:55:34 | 000,001,976 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temporary Internet Files\Content.IE5\XE6XBT29\AdLoader[2].htm
[2014.05.20 07:41:27 | 000,001,870 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temporary Internet Files\Content.IE5\XE6XBT29\AdLoader[3].htm
[2014.05.22 08:45:29 | 000,000,353 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temporary Internet Files\Content.IE5\XE6XBT29\queryLoader[1].css
[2014.05.22 08:45:35 | 000,005,505 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temporary Internet Files\Content.IE5\XE6XBT29\queryLoader[1].js
[2012.10.03 14:48:40 | 000,096,810 | ---- | M] () -- \Documents and Settings\Tomas\My Documents\DVDVideoSoft\FreeYTVDownloader_v1.log
[2013.12.30 01:17:07 | 000,082,472 | ---- | M] () -- \Documents and Settings\Tomas\My Documents\Preberanie\Unleashed\minecraft\ForgeModLoader-client-0.log
[2013.12.30 01:16:39 | 000,000,000 | ---- | M] () -- \Documents and Settings\Tomas\My Documents\Preberanie\Unleashed\minecraft\ForgeModLoader-client-0.log.lck
[2013.12.30 01:04:33 | 000,827,172 | ---- | M] () -- \Documents and Settings\Tomas\My Documents\Preberanie\Unleashed\minecraft\ForgeModLoader-client-1.log
[2013.12.30 00:58:23 | 000,832,277 | ---- | M] () -- \Documents and Settings\Tomas\My Documents\Preberanie\Unleashed\minecraft\ForgeModLoader-client-2.log
[2012.04.13 22:32:40 | 016,800,525 | ---- | M] () -- \Documents and Settings\Tomas\My Documents\Stažené soubory\VDownloaderSetup.exe
[2012.08.27 21:33:18 | 000,008,827 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2012.06.27 21:23:54 | 000,938,144 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\Dll\DVSVideoDownloader.dll
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2014.03.24 21:47:38 | 000,268,440 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2014.03.24 21:47:38 | 000,019,104 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2010.01.29 06:43:52 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2003.09.26 08:15:26 | 000,169,384 | ---- | M] () -- \Program Files\Valve\cstrike\models\qloader.mdl
[2013.10.23 22:07:40 | 000,007,825 | ---- | M] () -- \Program Files\Valve\Steam\remoteui\static\libs\images\ajax-loader.gif
[2013.02.17 01:02:12 | 000,169,384 | ---- | M] () -- \Program Files\Valve\Steam\SteamApps\common\Half-Life\cstrike\models\qloader.mdl
[2013.02.17 00:59:11 | 000,352,548 | ---- | M] () -- \Program Files\Valve\Steam\SteamApps\common\Half-Life\valve\models\loader.mdl
[2013.02.17 00:59:33 | 000,012,764 | ---- | M] () -- \Program Files\Valve\Steam\SteamApps\common\Half-Life\valve\sound\ambience\loader_hydra1.wav
[2013.02.17 00:59:33 | 000,012,164 | ---- | M] () -- \Program Files\Valve\Steam\SteamApps\common\Half-Life\valve\sound\ambience\loader_step1.wav
[2003.09.26 14:19:52 | 000,352,548 | ---- | M] () -- \Program Files\Valve\valve\models\loader.mdl
[2003.09.26 14:24:16 | 000,012,764 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_hydra1.wav
[2003.09.26 14:24:16 | 000,012,164 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_step1.wav
[2010.03.15 11:28:24 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2013.06.06 18:50:00 | 000,499,712 | R--- | M] () -- \Program Files\WinZip\adxloader.dll
[2013.06.06 18:50:00 | 000,000,348 | ---- | M] () -- \Program Files\WinZip\adxloader.dll.manifest
[2013.06.06 18:50:00 | 000,704,000 | R--- | M] () -- \Program Files\WinZip\adxloader64.dll
[2013.12.25 20:52:54 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.90\deploy\assets\storeImages\layout\small_loader.gif
[2006.02.28 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 05:41:54 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.14 00:01:44 | 000,230,400 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 00:01:46 | 000,278,016 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:41:54 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2004.08.03 23:15:54 | 000,030,067 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2013.05.25 09:14:21 | 000,141,931 | ---- | M] () -- \Documents and Settings\Tomas\Application Data\TS3Client\cache\remote\img.blesk.cz\img\1\full\443358-img-simpsonovi-homer-simpson-serial-serialy-homer-crop-crop.jpg
[2003.10.09 07:11:48 | 000,000,216 | ---- | M] () -- \Program Files\Image-Line\FL Studio 10\Plugins\Fruity\Generators\Sytrus\Artwork\DelSerialCache.bmp
[2014.02.13 23:57:42 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014.03.13 15:22:54 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014.05.13 13:31:51 | 000,000,948 | ---- | M] () -- \Qoobox\Quarantine\Registry_backups\AddRemove-18_Zinia_Serial_Driver.reg.dat
[2006.02.28 14:00:00 | 000,064,896 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2014.02.13 09:32:18 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.01.10 15:33:57 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.13 18:23:43 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\6c29ee2bedfe88dcd66993f1af135ad8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.13 16:50:21 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9860da66bf0219612908e7412b0a6e2e\System.Runtime.Serialization.ni.dll
[2014.02.13 20:31:09 | 002,659,328 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\b71d4a24ecc32f0c5a110a5c7b9d755f\System.Runtime.Serialization.ni.dll
[2014.02.13 20:29:41 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\efdf6e0cd334958ba2eb6db14486b7b3\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2010.03.18 13:16:28 | 001,026,936 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Runtime.Serialization.dll.x86
[2014.02.13 09:38:32 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014.02.13 09:38:29 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 16:17:16 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2003.08.01 12:54:06 | 000,005,632 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\serialui.dll.mui
[2008.04.14 00:10:22 | 000,028,288 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 00:45:46 | 000,064,512 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2006.02.28 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2006.02.28 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2006.02.28 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2006.02.28 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 00:45:46 | 000,064,512 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< End of report >

Zopakujte krok s ADWCleanerem.



Vypnete antivir, at nebrani programu v praci.
Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands) Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Tu je log z AdwCleaner:
# AdwCleaner v3.210 - Report created 23/05/2014 at 13:33:17
# Updated 19/05/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Mato - PC-CE409955BAD8
# Running from : C:\Documents and Settings\Mato\Desktop\Daňo cd\adwcleaner_3.210.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : 40030ae4

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Assistant
Folder Deleted : C:\Documents and Settings\All Users\Application Data\safeweB
Folder Deleted : C:\Program Files\Supporter
Folder Deleted : C:\Program Files\safeweB
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gldeipfbjajalmhnidkagpccfiofegde
[!] Folder Deleted : C:\Documents and Settings\ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gldeipfbjajalmhnidkagpccfiofegde
[!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gldeipfbjajalmhnidkagpccfiofegde
[!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gldeipfbjajalmhnidkagpccfiofegde
[!] Folder Deleted : C:\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gldeipfbjajalmhnidkagpccfiofegde
[!] Folder Deleted : C:\Documents and Settings\Ocino\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gldeipfbjajalmhnidkagpccfiofegde
[!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gldeipfbjajalmhnidkagpccfiofegde
[!] Folder Deleted : C:\Documents and Settings\Tomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gldeipfbjajalmhnidkagpccfiofegde

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{40030ae4}
Key Deleted : HKCU\Software\APN PIP

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v29.0.1 (sk)

[ File : C:\Documents and Settings\Mamina\Application Data\Mozilla\Firefox\Profiles\6a20erpj.default\prefs.js ]


[ File : C:\Documents and Settings\Mato\Application Data\Mozilla\Firefox\Profiles\q2j5jg21.default\prefs.js ]


[ File : C:\Documents and Settings\Ocino\Application Data\Mozilla\Firefox\Profiles\ad9z4xwk.default\prefs.js ]


[ File : C:\Documents and Settings\Tomas\Application Data\Mozilla\Firefox\Profiles\0m6p74cm.default-1400081066171\prefs.js ]


[ File : C:\Documents and Settings\Tomas\Application Data\Mozilla\Firefox\Profiles\autth4pj.default\prefs.js ]


-\\ Google Chrome v33.0.1750.154

[ File : C:\Documents and Settings\Mamina\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : gldeipfbjajalmhnidkagpccfiofegde

[ File : C:\Documents and Settings\Mato\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\Tomas\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : gldeipfbjajalmhnidkagpccfiofegde

*************************

AdwCleaner[R0].txt - [58067 octets] - [28/04/2014 18:53:31]
AdwCleaner[R1].txt - [3872 octets] - [23/05/2014 13:29:56]
AdwCleaner[S0].txt - [57512 octets] - [28/04/2014 18:55:58]
AdwCleaner[S1].txt - [3790 octets] - [23/05/2014 13:33:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3850 octets] ##########

A tu z OTL:
All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: ASPNET

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Guest

User: HelpAssistant

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Mamina
->Temp folder emptied: 304 bytes
->Temporary Internet Files folder emptied: 13784201 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 26132058 bytes
->Google Chrome cache emptied: 6462892 bytes
->Opera cache emptied: 298928 bytes
->Flash cache emptied: 9920 bytes

User: Mato
->Temp folder emptied: 22620040 bytes
->Temporary Internet Files folder emptied: 3710537 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 72547607 bytes
->Google Chrome cache emptied: 266705885 bytes
->Opera cache emptied: 261570 bytes
->Flash cache emptied: 1033 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 598 bytes

User: Ocino
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 702479 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 130285985 bytes
->Flash cache emptied: 5266 bytes

User: SUPPORT_388945a0

User: Tomas
->Temp folder emptied: 119890 bytes
->Temporary Internet Files folder emptied: 15838267 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 448762375 bytes
->Google Chrome cache emptied: 6115928 bytes
->Flash cache emptied: 102435 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1807385 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 548984 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 970,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: ASPNET

User: Default User

User: Guest

User: HelpAssistant

User: LocalService

User: Mamina
->Flash cache emptied: 0 bytes

User: Mato
->Flash cache emptied: 0 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

User: Ocino
->Flash cache emptied: 0 bytes

User: SUPPORT_388945a0

User: Tomas
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Error: Unable to stop service monectdevices!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\monectdevices deleted successfully.
Error: No service named 40030ae4 was found to stop!
Service\Driver key 40030ae4 not found.
Service MonectServerService stopped successfully!
Service MonectServerService deleted successfully!
Service Protector by IB Updater stopped successfully!
Service Protector by IB Updater deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1078145449-839522115-1006Core.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1078145449-839522115-1006UA.job moved successfully.
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job moved successfully.
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job moved successfully.
C:\WINDOWS\tasks\SoundTapReminder.job moved successfully.
C:\WINDOWS\tasks\SoundTapSevenDays.job moved successfully.
C:\WINDOWS\tasks\WavePadDowngrade.job moved successfully.
C:\WINDOWS\tasks\WavePadReminder.job moved successfully.
File\Folder C:\Program Files\supporter not found.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Unable to set value : HKU\S-1-5-21-1960408961-1078145449-839522115-1006\SOFTWARE\Microsoft\Internet Explorer\Main\\bProtector Start Page| /E!
Unable to set value : HKU\S-1-5-21-1960408961-1078145449-839522115-1006\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E!
Unable to set value : HKU\S-1-5-21-1960408961-1078145449-839522115-1006\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E!
Registry key HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96f454ea-9d38-474f-b504-56193e00c1a5}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ not found.
Unable to set value : HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E!
Registry key HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Internet Explorer\SearchScopes\{9CC1E0A6-55E4-4501-A8B2-CBCE911A8AFF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CC1E0A6-55E4-4501-A8B2-CBCE911A8AFF}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Internet Explorer\SearchScopes\{ED0B4968-21C6-421B-9590-B04536ECEC37}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED0B4968-21C6-421B-9590-B04536ECEC37}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
HKU\S-1-5-21-1960408961-1078145449-839522115-1007\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1007\Software\Microsoft\Internet Explorer\URLSearchHooks\\{124d001a-bdcb-472f-aa59-bbe7e4bc3204} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1007\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1007\Software\Microsoft\Internet Explorer\SearchScopes\{84269AE1-F2FA-419D-AE8A-98B438BDE002}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{84269AE1-F2FA-419D-AE8A-98B438BDE002}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
C:\Documents and Settings\Mato\Application Data\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\searchplugin folder moved successfully.
C:\Documents and Settings\Mato\Application Data\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\modules folder moved successfully.
C:\Documents and Settings\Mato\Application Data\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\META-INF folder moved successfully.
C:\Documents and Settings\Mato\Application Data\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\defaults folder moved successfully.
C:\Documents and Settings\Mato\Application Data\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\components folder moved successfully.
C:\Documents and Settings\Mato\Application Data\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\chrome folder moved successfully.
C:\Documents and Settings\Mato\Application Data\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} folder moved successfully.
File C:\Documents and Settings\Mato\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll not found.
File C:\Documents and Settings\Mato\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ggagiiobgjmfpdadhecbofeoelcpidec\10.13.20.29_0\plugins/np-cwmp.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7473B6BD-4691-4744-A82B-7854EB3D70B6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7473B6BD-4691-4744-A82B-7854EB3D70B6} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96F454EA-9D38-474F-B504-56193E00C1A5}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1078145449-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Free YouTube Download\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Free YouTube to MP3 Converter\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully.
File C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
C:\Program Files\Common Files\ApnToolbarInstaller.exe moved successfully.
C:\Program Files\Common Files\ApnStub.exe moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP14A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP21B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP223.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP228.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP24.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP24A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP284.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2B2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2E3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP332.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP356.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP36C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP36D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP36E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP372.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP40A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP429.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP614.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP713.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7A8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP88.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI281.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI296.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI2F8.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI8B7.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB1.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB5.tmp deleted successfully.
\Documents and Settings\Mato\Desktop\Plocha\~WRL0003.tmp deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\avgnt deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 05232014_133922

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...