VIRY.CZ

Dobrý večer, prosím o preventívnu kontrolu. Ďakujem

Logfile of random's system information tool 1.09 (written by random/random)
Run by Mato at 2011-09-08 22:51:54
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 45 GB (45%) free of 100 GB
Total RAM: 2039 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:51:59, on 8. 9. 2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\TeamViewer\Version6\TeamViewer.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\Domino.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\VMware\VMware Player\hqtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Allway Sync\Bin\syncappw.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\MozyHome\mozystat.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Users\Mato\AppData\Local\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Total Video Converter\tvc.exe
C:\Users\Mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Mato\AppData\Local\Google\Chrome\Application\chrome.exe
D:\Downloads\RSIT (3).exe
C:\Program Files\trend micro\Mato.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ArchiBar Toolbar - {24cc1362-11c6-4918-a2c0-b9ee5a563185} - C:\Program Files\ArchiBar\tbArch.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ArchiBar Toolbar - {24cc1362-11c6-4918-a2c0-b9ee5a563185} - C:\Program Files\ArchiBar\tbArch.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: ArchiBar Toolbar - {24cc1362-11c6-4918-a2c0-b9ee5a563185} - C:\Program Files\ArchiBar\tbArch.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ZSSnp211] C:\Windows\ZSSnp211.exe
O4 - HKLM\..\Run: [Domino] C:\Windows\Domino.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Player\hqtray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [Thunderbird] "C:\Program Files\Mozilla Thunderbird\thunderbird" -turbo
O4 - HKCU\..\Run: [Google Update] "C:\Users\Mato\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Allway Sync] "C:\Program Files\Allway Sync\Bin\syncappw.exe" -m
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: TB-Tray.lnk = C:\Program Files\Thunderbird-Tray\TBTray.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - file:///C:/Users/Mato/Desktop/GOPAS/overview/shock/swinst.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - C:\Program Files\Stardock\ObjectDockPlus2\ODMenu.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: CMDUBTHCJT - Unknown owner - C:\Users\Mato\AppData\Local\Temp\CMDUBTHCJT.exe (file missing)
O23 - Service: DRFIVHZM - Unknown owner - C:\Users\Mato\AppData\Local\Temp\DRFIVHZM.exe (file missing)
O23 - Service: EBZZWRCDX - Unknown owner - C:\Users\Mato\AppData\Local\Temp\EBZZWRCDX.exe (file missing)
O23 - Service: ESET HTTP Server (EHttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: EXJGN - Unknown owner - C:\Users\Mato\AppData\Local\Temp\EXJGN.exe (file missing)
O23 - Service: EZVMN - Unknown owner - C:\Users\Mato\AppData\Local\Temp\EZVMN.exe (file missing)
O23 - Service: FFIG - Unknown owner - C:\Users\Mato\AppData\Local\Temp\FFIG.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: IRBXDQSBZOT - Unknown owner - C:\Users\Mato\AppData\Local\Temp\IRBXDQSBZOT.exe (file missing)
O23 - Service: KFKEWR - Unknown owner - C:\Users\Mato\AppData\Local\Temp\KFKEWR.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MozyHome Backup Service (mozybackup) - Mozy, Inc. - C:\Program Files\MozyHome\mozybackup.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: WNGVJMGHMENI - Unknown owner - C:\Users\Mato\AppData\Local\Temp\WNGVJMGHMENI.exe (file missing)
O23 - Service: XOPZRVBQ - Unknown owner - C:\Users\Mato\AppData\Local\Temp\XOPZRVBQ.exe (file missing)

--
End of file - 13387 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-232530544-1741318313-884996648-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-232530544-1741318313-884996648-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Mato\AppData\Roaming\Mozilla\Firefox\Profiles\4i4908cv.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "chrome://speeddial/content/speeddial.xul"
prefs.js - "extensions.enabledItems" - "{64161300-e22b-11db-8314-0800200c9a66}:0.9.5.8, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4, {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9, {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.1.1, ietab@ip.cn:1.95.20100933, smarterwiki@wikiatic.com:4.1.8, allglassv2@ambroos.neowin.net:2.1.4, firegestures@xuldev.org:1.6.1, bkmrksync@nokia.com:1.0.0.732, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {64D9B72C-E42A-490e-9181-221E1E035A14}:14.0.0.3453, extension@openitonline.com:3.0, amin.eft_Shutdown@gmail.com:3.6.2D, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D}:1.1.95.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15, nasanightlaunch@example.com:0.6.20101009"
prefs.js - "keyword.URL" - "http://www.google.sk/search?hl=sk&lr=la ... ang_1sk&q="

"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npFoxitReaderPlugin.dll
npganymedenet.dll
npganymedenet.xpt
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npyaxmpb.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Users\Mato\AppData\Roaming\Mozilla\Firefox\Profiles\4i4908cv.default\extensions\
amin.eft_Shutdown@gmail.com
ietab@ip.cn
maps@ovi.com
ozymandias@securityheroes.com
{37E4D8EA-8BDA-4831-8EA1-89053939A250}
{64D9B72C-E42A-490e-9181-221E1E035A14}
{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D}
{b68dfae5-1903-4a03-8094-c973bf7e483e}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24cc1362-11c6-4918-a2c0-b9ee5a563185}]
ArchiBar Toolbar - C:\Program Files\ArchiBar\tbArch.dll [2010-09-12 3863136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{24cc1362-11c6-4918-a2c0-b9ee5a563185} - ArchiBar Toolbar - C:\Program Files\ArchiBar\tbArch.dll [2010-09-12 3863136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-01-18 1033512]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-03-24 2145000]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"ZSSnp211"=C:\Windows\ZSSnp211.exe [2007-04-06 57344]
"Domino"=C:\Windows\Domino.exe [2006-08-18 49152]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"VMware hqtray"=C:\Program Files\VMware\VMware Player\hqtray.exe [2011-03-25 64112]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-07-06 449584]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Thunderbird"=C:\Program Files\Mozilla Thunderbird\thunderbird -turbo []
"Google Update"=C:\Users\Mato\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-29 136176]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2010-03-16 718208]
"Allway Sync"=C:\Program Files\Allway Sync\Bin\syncappw.exe [2011-07-20 94120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-06-06 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
C:\Program Files\Sandboxie\SbieCtrl.exe [2010-07-04 398568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Mato^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Mato^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Stardock ObjectDock.lnk]
C:\PROGRA~1\Stardock\OBJECT~3\OBJECT~1.EXE [2010-10-12 4142448]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
MozyHome Status.lnk - C:\Program Files\MozyHome\mozystat.exe

C:\Users\Mato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
TB-Tray.lnk - C:\Program Files\Thunderbird-Tray\TBTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - C:\Program Files\Stardock\ObjectDockPlus2\ODMenu.dll [2010-03-24 511344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=i420vfw.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.VMnc"=vmnc.dll
"vidc.DIVX"=DivX.dll
"VIDC.FPS1"=frapsvid.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-09-08 22:45:36 ----D---- C:\Program Files\trend micro
2011-09-08 22:45:34 ----D---- C:\rsit
2011-09-07 21:27:11 ----D---- C:\ProgramData\Apple Computer
2011-09-07 21:27:03 ----A---- C:\Windows\system32\QTCF.dll
2011-09-07 21:26:55 ----D---- C:\Program Files\QT Lite
2011-09-05 19:52:08 ----D---- C:\Users\Mato\AppData\Roaming\Sync App Settings
2011-09-05 19:49:50 ----D---- C:\ProgramData\Sync App Settings
2011-09-05 19:49:17 ----D---- C:\Program Files\Allway Sync
2011-09-05 19:07:40 ----D---- C:\Users\Mato\AppData\Roaming\AutomaticUSBBackup
2011-08-29 20:11:10 ----D---- C:\Users\Mato\AppData\Roaming\Android
2011-08-29 18:26:54 ----D---- C:\Sign+_v1.2.2
2011-08-29 18:02:58 ----D---- C:\apkPack
2011-08-29 18:02:57 ----D---- C:\apkEdit
2011-08-28 20:03:59 ----D---- C:\Program Files\Totato
2011-08-28 18:43:58 ----D---- C:\xdaAutoTool
2011-08-28 18:07:32 ----D---- C:\Program Files\Potato
2011-08-28 14:55:07 ----D---- C:\Program Files\CamStudio 2.6b
2011-08-28 14:55:07 ----A---- C:\Windows\system32\CamCodec.dll
2011-08-24 21:27:28 ----A---- C:\Windows\system32\tzres.dll
2011-08-17 18:22:37 ----D---- C:\Users\Mato\AppData\Roaming\Dropbox
2011-08-16 21:33:31 ----D---- C:\Program Files\Common Files\PCSuite
2011-08-16 21:33:29 ----D---- C:\Program Files\Common Files\Nokia
2011-08-16 21:33:12 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2011-08-16 21:32:54 ----D---- C:\Program Files\PC Connectivity Solution
2011-08-16 21:31:40 ----D---- C:\Program Files\Nokia
2011-08-16 20:45:30 ----A---- C:\Windows\system32\drivers\k510whnt.sys
2011-08-16 20:45:30 ----A---- C:\Windows\system32\drivers\k510wh.sys
2011-08-16 20:45:30 ----A---- C:\Windows\system32\drivers\k510obex.sys
2011-08-16 20:45:29 ----A---- C:\Windows\system32\drivers\k510mgmt.sys
2011-08-16 20:45:29 ----A---- C:\Windows\system32\drivers\k510mdm.sys
2011-08-16 20:45:29 ----A---- C:\Windows\system32\drivers\k510mdfl.sys
2011-08-16 20:45:29 ----A---- C:\Windows\system32\drivers\k510cmnt.sys
2011-08-16 20:45:29 ----A---- C:\Windows\system32\drivers\k510cm.sys
2011-08-16 20:45:29 ----A---- C:\Windows\system32\drivers\k510bus.sys
2011-08-14 20:21:32 ----D---- C:\Program Files\MiniTool Partition Wizard Home Edition 6.0
2011-08-10 23:05:15 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-10 23:05:14 ----A---- C:\Windows\system32\iertutil.dll
2011-08-10 23:05:13 ----A---- C:\Windows\system32\jscript.dll
2011-08-10 23:05:13 ----A---- C:\Windows\system32\ieui.dll
2011-08-10 23:05:12 ----A---- C:\Windows\system32\wininet.dll
2011-08-10 23:05:12 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-10 23:05:12 ----A---- C:\Windows\system32\jscript9.dll
2011-08-10 23:05:11 ----A---- C:\Windows\system32\urlmon.dll
2011-08-10 23:05:11 ----A---- C:\Windows\system32\url.dll
2011-08-10 23:05:11 ----A---- C:\Windows\system32\ieframe.dll
2011-08-10 23:05:09 ----A---- C:\Windows\system32\mshtml.dll
2011-08-10 18:47:50 ----A---- C:\Windows\system32\odbcjt32.dll
2011-08-10 18:47:50 ----A---- C:\Windows\system32\odbccu32.dll
2011-08-10 18:47:50 ----A---- C:\Windows\system32\odbccr32.dll
2011-08-10 18:47:50 ----A---- C:\Windows\system32\odbccp32.dll
2011-08-10 18:47:49 ----A---- C:\Windows\system32\odbctrac.dll
2011-08-10 18:47:26 ----A---- C:\Windows\system32\xmllite.dll
2011-08-10 18:47:21 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-10 18:47:17 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-08-10 18:47:02 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-10 18:46:59 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-10 18:46:54 ----A---- C:\Windows\system32\kernel32.dll
2011-08-10 18:46:53 ----A---- C:\Windows\system32\winsrv.dll
2011-08-10 18:46:53 ----A---- C:\Windows\system32\conhost.exe
2011-08-10 18:46:52 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-10 18:46:52 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-10 18:46:52 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-10 18:46:52 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-10 18:46:52 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-10 18:46:52 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-10 18:46:52 ----A---- C:\Windows\system32\KernelBase.dll
2011-08-10 18:46:51 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-10 18:46:51 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-10 18:46:51 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-10 18:46:51 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-10 18:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-10 18:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-10 18:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-10 18:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-10 18:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-10 18:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-10 18:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-10 18:46:48 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-10 18:46:48 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-10 18:46:48 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-10 18:46:47 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-10 18:46:47 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-10 18:46:46 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-10 18:46:46 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-10 18:46:46 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-10 18:46:46 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-10 18:46:45 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-10 18:46:45 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-09 21:01:37 ----D---- C:\Program Files\AnvSoft

======List of files/folders modified in the last 1 month======

2011-09-08 22:51:55 ----D---- C:\Windows\Temp
2011-09-08 22:45:36 ----RD---- C:\Program Files
2011-09-08 22:24:50 ----D---- C:\Users\Mato\AppData\Roaming\FileZilla
2011-09-08 21:53:31 ----D---- C:\Program Files\Mozilla Firefox
2011-09-08 21:42:46 ----SHD---- C:\Windows\Installer
2011-09-08 21:31:06 ----D---- C:\Windows\system32\config
2011-09-08 21:16:05 ----SHD---- C:\System Volume Information
2011-09-08 19:53:53 ----AD---- C:\Windows
2011-09-08 16:37:28 ----D---- C:\Windows\System32
2011-09-08 16:37:27 ----D---- C:\Windows\inf
2011-09-08 16:37:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-09-08 16:04:13 ----D---- C:\Program Files\Mozilla Thunderbird
2011-09-08 16:01:27 ----D---- C:\ProgramData\VMware
2011-09-07 22:14:18 ----D---- C:\Windows\system32\catroot
2011-09-07 22:12:17 ----D---- C:\Users\Mato\AppData\Roaming\.purple
2011-09-07 21:27:11 ----HD---- C:\ProgramData
2011-09-07 21:26:49 ----D---- C:\Windows\winsxs
2011-09-06 20:47:16 ----D---- C:\ProgramData\boost_interprocess
2011-09-06 15:56:35 ----D---- C:\Windows\Prefetch
2011-09-04 20:59:38 ----D---- C:\Program Files\FileZilla FTP Client
2011-08-31 17:39:21 ----D---- C:\Windows\rescache
2011-08-30 20:51:11 ----D---- C:\Program Files\Cyklotrasy SK
2011-08-29 13:25:51 ----D---- C:\Windows\Minidump
2011-08-28 20:51:18 ----RSD---- C:\Windows\assembly
2011-08-28 20:51:18 ----D---- C:\Windows\Microsoft.NET
2011-08-24 22:09:51 ----D---- C:\Windows\system32\sk-SK
2011-08-24 21:25:44 ----D---- C:\Windows\system32\catroot2
2011-08-22 18:59:40 ----D---- C:\Program Files\Pidgin
2011-08-21 22:19:20 ----D---- C:\Users\Mato\AppData\Roaming\gtk-2.0
2011-08-20 09:46:26 ----D---- C:\Users\Mato\AppData\Roaming\Mozilla
2011-08-16 21:35:23 ----D---- C:\Windows\system32\drivers\UMDF
2011-08-16 21:34:55 ----D---- C:\Windows\system32\DriverStore
2011-08-16 21:33:31 ----D---- C:\Program Files\Common Files
2011-08-16 21:33:12 ----DC---- C:\Windows\system32\DRVSTORE
2011-08-16 21:33:12 ----D---- C:\Windows\system32\drivers
2011-08-16 21:30:51 ----D---- C:\ProgramData\Installations
2011-08-16 20:58:44 ----D---- C:\Users\Mato\AppData\Roaming\MyPhoneExplorer
2011-08-11 08:38:20 ----D---- C:\Windows\system32\migration
2011-08-11 08:38:19 ----D---- C:\Program Files\Internet Explorer
2011-08-10 23:01:55 ----D---- C:\Windows\debug
2011-08-10 23:01:52 ----A---- C:\Windows\system32\MRT.exe
2011-08-10 23:01:24 ----D---- C:\ProgramData\Microsoft Help
2011-08-09 21:10:21 ----D---- C:\Program Files\Total Video Converter

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-25 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-17 218688]
R1 mozyFilter;mozyFilter; C:\Windows\system32\DRIVERS\mozy.sys [2011-07-11 54776]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-03-24 133512]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-03-24 134488]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-03-24 41312]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2011-03-25 32368]
R2 vmci;VMware vmci; \??\C:\Windows\system32\Drivers\vmci.sys [2011-03-25 70768]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2011-03-25 36400]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2011-03-25 26352]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\Drivers\vmx86.sys [2011-03-25 854256]
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files\VMware\VMware Player\vstor2-ws60.sys [2010-08-19 22448]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2010-01-26 1163328]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-08 2506232]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-12-12 80424]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2007-12-12 80936]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-12-12 16168]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2009-07-14 211456]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-03-24 32584]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2009-04-20 9344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-07-06 22712]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2010-07-04 119016]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-18 196784]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2011-03-25 24688]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2011-03-25 16560]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus.sys [2010-12-07 14336]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag.sys [2010-12-07 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps.sys [2010-12-07 20096]
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem.sys [2010-12-07 25088]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\lgandadb.sys [2010-08-02 25728]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 k510bus;Sony Ericsson K510 Driver driver (WDM); C:\Windows\system32\DRIVERS\k510bus.sys [2005-10-07 58288]
S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\k510mdfl.sys [2005-10-07 8336]
S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\k510mdm.sys [2005-10-07 94064]
S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\k510mgmt.sys [2005-10-07 85408]
S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\k510obex.sys [2005-10-07 83344]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\Windows\system32\DRIVERS\k750mdm.sys [2005-02-11 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\Windows\system32\DRIVERS\k750mgmt.sys [2005-02-11 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\Windows\system32\DRIVERS\k750obex.sys [2005-02-11 79488]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1; C:\Windows\system32\drivers\libusb0.sys [2005-03-09 33792]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2011-05-06 16472]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2011-05-06 11104]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM); C:\Windows\system32\DRIVERS\sea1bus.sys [2006-11-20 61536]
S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\sea1mdfl.sys [2006-11-20 9360]
S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\sea1mdm.sys [2006-11-20 97088]
S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\sea1mgmt.sys [2006-11-20 88624]
S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS); C:\Windows\system32\DRIVERS\sea1nd5.sys [2006-11-20 18704]
S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\sea1obex.sys [2006-11-20 86432]
S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM); C:\Windows\system32\DRIVERS\sea1unic.sys [2006-11-20 90800]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vmusb;VMware USB Client Driver; C:\Windows\System32\Drivers\vmusb.sys [2011-03-25 31280]
S3 vvftav211;vvftav211; C:\Windows\system32\drivers\vvftav211.sys [2007-12-10 480128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-12-03 26112]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-03-24 810120]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
R2 mozybackup;MozyHome Backup Service; C:\Program Files\MozyHome\mozybackup.exe [2011-07-11 53016]
R2 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2010-07-04 75496]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-07-14 9216]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Player\vmware-authd.exe [2011-03-25 113264]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\system32\vmnetdhcp.exe [2011-03-25 334448]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-03-25 539248]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\system32\vmnat.exe [2011-03-25 404080]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-09 148832]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-04 136176]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2011-02-08 72704]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 CMDUBTHCJT;CMDUBTHCJT; C:\Users\Mato\AppData\Local\Temp\CMDUBTHCJT.exe []
S3 DRFIVHZM;DRFIVHZM; C:\Users\Mato\AppData\Local\Temp\DRFIVHZM.exe []
S3 EBZZWRCDX;EBZZWRCDX; C:\Users\Mato\AppData\Local\Temp\EBZZWRCDX.exe []
S3 EHttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-03-24 33560]
S3 EXJGN;EXJGN; C:\Users\Mato\AppData\Local\Temp\EXJGN.exe []
S3 EZVMN;EZVMN; C:\Users\Mato\AppData\Local\Temp\EZVMN.exe []
S3 FFIG;FFIG; C:\Users\Mato\AppData\Local\Temp\FFIG.exe []
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-04 136176]
S3 IRBXDQSBZOT;IRBXDQSBZOT; C:\Users\Mato\AppData\Local\Temp\IRBXDQSBZOT.exe []
S3 KFKEWR;KFKEWR; C:\Users\Mato\AppData\Local\Temp\KFKEWR.exe []
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ufad-ws60;VMware Agent Service; C:\Program Files\VMware\VMware Player\vmware-ufad.exe [2010-08-19 191024]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

Zdravím.

Předpokládám, že tu nejdražší verzi Windows 7 Ultimate i ten ESET máš v počítači legální = zakoupené licence?

Pro začátek stáhni OTL z tohoto odkazu a ulož jej na Plochu.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Zaškrtni okénko Pro všechny uživatele.
Zaškrtni okénko Kontrola na havěť "LOP".
Zaškrtni okénko Kontrola na havěť "Purity".
Stáři souborů změň z 30 dnů na 7 dnů.
Do spodního okénka Vlastní skenování/opravy vlož tento skript:

Kód: Vybrat vše

safebootminimal 
safebootnetwork
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys 
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Klikni na tlačítko Prohledat.
Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.

Eset je legalny a o predajnej politike Microsoftu a monopolnom vplyve na vyrobcov hardwaru a tym padom aj ovladacov by sme tu mohli viesť siahodlhu diskusiu ale na to tu nie sme či?

OTL pošas skenu vyhodil chybu že nemôže vytvoriť cmd.bat niečo ako "D:\Downloads\cmd.bat" a zamrzol

P.S. Tym tlacitkom "Prohledat" si myslel Run Scan ci Quick Scan

knifak píše:Eset je legalny a o predajnej politike Microsoftu a monopolnom vplyve na vyrobcov hardwaru a tym padom aj ovladacov by sme tu mohli viesť siahodlhu diskusiu ale na to tu nie sme či?

Ne, to opravdu nebudeme, podmínky jsou dané zcela jasně. Obrázek

Stáhni na Plochu utilitu CKScanner.

Spusť ji a klikni na Search for files.
Po dokončení scanu klikni na Save List to File a následně OK.
Na Ploše se vytvoří log s názvem ckfiles.txt, jeho obsah mi sem vlož.

Stáhni a spusť WVCheck.exe nebo WVCheck.zip.

Stiskni klávesu [Enter].
Program začne prohledávat PC, délka skenování je závislá na počtu souborů ve Tvém PC.
Po dokončení skenování se Ti zobrazí log, který mi sem zkopíruj (log případně najdeš i na Ploše).

OTL spusť přesně podle postupu, jako jsem Ti psal prve, jen tam dej tento script:

Kód: Vybrat vše

safebootminimal 
safebootnetwork
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys 
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
%SystemDrive%\PhysicalMBR.bin /md5

Prohledat = Run Scan.

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\gimp-2.0\share\gimp\2.0\patterns\cracked.pat
c:\program files\jdownloader\jd\plugins\hoster\crackedcom.class
scanner sequence 3.LB.11.RQNAVA
----- EOF -----

Windows Validation Check
Version: 1.9.12.5
Log Created On: 2210_11-09-2011
-----------------------

Windows Information
-----------------------
Windows Version: Windows 7 Service Pack 1
Windows Mode: Normal
Systemroot Path: C:\Windows

WVCheck's Auto Update Check
-----------------------
Auto-Update Option: Download updates and install them automatically.
-----------------------
Last Success Time for Update Detection: 2011-09-11 17:51:57
Last Success Time for Update Download: 2011-09-11 17:52:19
Last Success Time for Update Installation: 2011-09-11 17:52:32

WVCheck's Registry Check Check
-----------------------
Antiwpa: Not Found
-----------------------
Chew7Hale: Not Found
-----------------------

WVCheck's File Dump
-----------------------
C:\Windows\System32\slwga.dll
Size: 14336 bytes
Creation; 24/3/2011 16:53:24
Modification; 20/11/2010 13:21:24
MD5; 19f75d71e4256f5113d64ce2bb66b838
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16385_none_ff27e02604a90885\slwga.dll
Size: 13824 bytes
Creation; 14/7/2009 1:36:22
Modification; 14/7/2009 3:16:15
MD5; 01fe4bdd0b47a7d8bf34d78d2bc23ddb
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16723_none_ff66c6b2047a22cd\slwga.dll
Size: 14336 bytes
Creation; 9/2/2011 18:42:26
Modification; 21/12/2010 6:38:16
MD5; 2008845b41d561fb77b77bbe0045099e
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.20862_none_ffc423831db91904\slwga.dll
Size: 14336 bytes
Creation; 9/2/2011 18:42:26
Modification; 21/12/2010 6:29:6
MD5; 2332de32759ebcc691850e092b2564a6
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7601.17514_none_0158f3ee01978c1f\slwga.dll
Size: 14336 bytes
Creation; 24/3/2011 16:53:24
Modification; 20/11/2010 13:21:24
MD5; 19f75d71e4256f5113d64ce2bb66b838
Matched: slwga.dll
-----------------------

WVCheck's Dir Dump
-----------------------
WVCheck found no known bad directories.

WVCheck's Missing File Check
-----------------------
WVCheck found no missing Windows files.

WVCheck's MBAM Quarantine Check
-----------------------
There were no bad files quarantined by MBAM.

WVCheck's HOSTS File Check
-----------------------
WVCheck found no bad lines in the hosts file.

WVCheck's MD5 Check
EXPERIMENTAL!!
-----------------------
user32.dll - f1dd3acaee5e6b4bbc69bc6df75cef66

-------- End of File, program close at 2222_11-09-2011 --------

1 cast

OTL logfile created on: 11. 9. 2011 22:24:33 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = D:\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

1,99 Gb Total Physical Memory | 0,37 Gb Available Physical Memory | 18,49% Memory free
3,98 Gb Paging File | 2,18 Gb Available in Paging File | 54,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 43,13 Gb Free Space | 44,21% Space Free | Partition Type: NTFS
Drive D: | 135,22 Gb Total Space | 44,72 Gb Free Space | 33,07% Space Free | Partition Type: NTFS
Drive Z: | 97,56 Gb Total Space | 43,13 Gb Free Space | 44,21% Space Free | Partition Type: FAT

Computer Name: MATO-PC | User Name: Mato | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011/09/11 20:11:00 | 000,581,120 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe
PRC - [2011/09/08 16:02:33 | 000,399,512 | ---- | M] (Mozilla Messaging) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2011/08/04 15:15:28 | 003,674,904 | ---- | M] (Mozy, Inc.) -- C:\Program Files\MozyHome\mozystat.exe
PRC - [2011/07/20 14:40:28 | 000,094,120 | ---- | M] () -- C:\Program Files\Allway Sync\Bin\syncappw.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/06/01 14:44:54 | 008,003,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer.exe
PRC - [2011/06/01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/03/25 23:26:58 | 000,064,112 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\hqtray.exe
PRC - [2011/03/25 23:26:46 | 000,334,448 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe
PRC - [2011/03/25 23:26:28 | 000,404,080 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe
PRC - [2011/03/25 23:26:16 | 000,113,264 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe
PRC - [2011/03/25 22:27:40 | 000,539,248 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
PRC - [2011/03/21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/07/04 11:49:14 | 000,075,496 | ---- | M] (tzuk) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2010/03/24 20:31:50 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2010/03/24 20:31:00 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2010/03/16 02:58:36 | 000,718,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009/12/03 21:28:08 | 000,026,112 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2007/12/04 15:13:34 | 001,624,616 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2007/12/04 15:13:34 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
PRC - [2007/04/06 11:06:58 | 000,057,344 | ---- | M] (ZSMCSNAP) -- C:\Windows\ZSSnp211.exe
PRC - [2006/08/18 16:58:14 | 000,049,152 | ---- | M] () -- C:\Windows\Domino.exe

========== Modules (No Company Name) ==========

MOD - [2011/09/08 16:02:47 | 001,845,400 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\mozjs.dll
MOD - [2011/09/08 16:02:46 | 000,161,944 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2011/09/08 16:02:46 | 000,021,656 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2011/08/28 23:19:12 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011/08/21 20:34:22 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll
MOD - [2011/07/25 22:14:16 | 000,056,832 | ---- | M] () -- C:\Users\Mato\AppData\Roaming\Thunderbird\Profiles\glsaozst.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
MOD - [2011/07/20 14:40:28 | 000,094,120 | ---- | M] () -- C:\Program Files\Allway Sync\Bin\syncappw.exe
MOD - [2011/07/20 10:57:54 | 007,431,168 | ---- | M] () -- C:\Program Files\Allway Sync\Bin\syncapp.dll
MOD - [2011/06/22 18:55:19 | 000,007,680 | ---- | M] () -- C:\Users\Mato\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.7.gadget\SystemInfo.dll
MOD - [2011/06/22 18:55:19 | 000,006,144 | ---- | M] () -- C:\Users\Mato\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.7.gadget\CoreTempReader.dll
MOD - [2011/06/22 18:55:18 | 000,008,704 | ---- | M] () -- C:\Users\Mato\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.7.gadget\GetCoreTempInfoNET.dll
MOD - [2011/05/28 22:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2011/03/25 23:26:48 | 000,970,352 | ---- | M] () -- C:\Program Files\VMware\VMware Player\libxml2.dll
MOD - [2011/03/25 23:26:18 | 000,068,720 | ---- | M] () -- C:\Program Files\VMware\VMware Player\zlib1.dll
MOD - [2011/03/21 20:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/03/15 07:13:46 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2007/12/04 15:07:28 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2007/12/04 14:55:36 | 000,389,120 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll
MOD - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
MOD - [2007/09/02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll
MOD - [2006/08/18 16:58:14 | 000,049,152 | ---- | M] () -- C:\Windows\Domino.exe

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (XOPZRVBQ)
SRV - File not found [On_Demand | Stopped] -- -- (WNGVJMGHMENI)
SRV - File not found [On_Demand | Stopped] -- -- (KFKEWR)
SRV - File not found [On_Demand | Stopped] -- -- (IRBXDQSBZOT)
SRV - File not found [On_Demand | Stopped] -- -- (FFIG)
SRV - File not found [On_Demand | Stopped] -- -- (EZVMN)
SRV - File not found [On_Demand | Stopped] -- -- (EXJGN)
SRV - File not found [On_Demand | Stopped] -- -- (EBZZWRCDX)
SRV - File not found [On_Demand | Stopped] -- -- (DRFIVHZM)
SRV - File not found [On_Demand | Stopped] -- -- (CMDUBTHCJT)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/06/01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/03/25 23:26:46 | 000,334,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2011/03/25 23:26:28 | 000,404,080 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnat.exe -- (VMware NAT Service)
SRV - [2011/03/25 23:26:16 | 000,113,264 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2011/03/25 22:27:40 | 000,539,248 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2010/08/19 13:57:14 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Player\vmware-ufad.exe -- (ufad-ws60)
SRV - [2010/07/04 11:49:14 | 000,075,496 | ---- | M] (tzuk) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2010/06/30 16:08:25 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/03/25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/03/24 20:39:48 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EHttpSrv)
SRV - [2010/03/24 20:31:50 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/12/03 21:28:08 | 000,026,112 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/05/06 14:30:00 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdrvio.sys -- (pwdrvio)
DRV - [2011/05/06 14:29:50 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdspio.sys -- (pwdspio)
DRV - [2011/04/17 19:23:25 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/03/25 23:27:18 | 000,854,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmx86.sys -- (vmx86)
DRV - [2011/03/25 23:27:16 | 000,070,768 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmci.sys -- (vmci)
DRV - [2011/03/25 23:25:46 | 000,024,688 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2011/03/25 23:24:56 | 000,026,352 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2011/03/25 22:27:32 | 000,032,368 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hcmon.sys -- (hcmon)
DRV - [2011/03/25 20:05:00 | 000,036,400 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2011/03/25 20:05:00 | 000,031,280 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmusb.sys -- (vmusb)
DRV - [2011/03/25 20:05:00 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2010/12/07 14:23:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2010/12/07 14:23:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2010/12/07 14:23:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2010/12/07 14:22:58 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2010/11/20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/08/19 13:56:38 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Player\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2010/08/02 16:19:22 | 000,025,728 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandadb.sys -- (androidusb)
DRV - [2010/07/25 13:27:57 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/07/04 11:49:10 | 000,119,016 | ---- | M] (tzuk) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2010/03/24 20:33:54 | 000,041,312 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2010/03/24 20:33:50 | 000,032,584 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010/03/24 20:33:46 | 000,134,488 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2010/03/24 20:23:54 | 000,133,512 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010/01/26 18:38:06 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 00:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2009/04/20 14:38:54 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/12/10 18:15:34 | 000,480,128 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vvftav211.sys -- (vvftav211)
DRV - [2007/12/05 11:00:08 | 001,537,024 | ---- | M] (ZSMC.Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZS211.sys -- (ZSMC30x)
DRV - [2006/11/20 06:50:06 | 000,086,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sea1obex.sys -- (sea1obex)
DRV - [2006/11/20 06:49:18 | 000,088,624 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sea1mgmt.sys -- (sea1mgmt) Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM)
DRV - [2006/11/20 06:48:30 | 000,097,088 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sea1mdm.sys -- (sea1mdm)
DRV - [2006/11/20 06:48:26 | 000,009,360 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sea1mdfl.sys -- (sea1mdfl)
DRV - [2006/11/20 06:47:38 | 000,061,536 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sea1bus.sys -- (sea1bus) Sony Ericsson Device 0A1 driver (WDM)
DRV - [2006/11/20 06:47:08 | 000,018,704 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sea1nd5.sys -- (sea1nd5) Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS)
DRV - [2006/11/20 06:47:02 | 000,090,800 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sea1unic.sys -- (sea1unic) Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM)
DRV - [2005/10/07 12:48:22 | 000,083,344 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k510obex.sys -- (k510obex)
DRV - [2005/10/07 12:47:32 | 000,085,408 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k510mgmt.sys -- (k510mgmt) Sony Ericsson K510 USB WMC Device Management Drivers (WDM)
DRV - [2005/10/07 12:46:42 | 000,094,064 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k510mdm.sys -- (k510mdm)
DRV - [2005/10/07 12:46:38 | 000,008,336 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k510mdfl.sys -- (k510mdfl)
DRV - [2005/10/07 12:45:44 | 000,058,288 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k510bus.sys -- (k510bus) Sony Ericsson K510 Driver driver (WDM)
DRV - [2005/03/09 21:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2005/02/11 11:24:24 | 000,079,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750obex.sys -- (k750obex)
DRV - [2005/02/11 11:22:48 | 000,081,728 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005/02/11 11:21:10 | 000,089,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005/02/11 11:21:02 | 000,006,576 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005/02/11 11:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {24cc1362-11c6-4918-a2c0-b9ee5a563185} - C:\Program Files\ArchiBar\tbArch.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-232530544-1741318313-884996648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-232530544-1741318313-884996648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 59 FC EC 8F 68 7E CB 01 [binary data]
IE - HKU\S-1-5-21-232530544-1741318313-884996648-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-232530544-1741318313-884996648-1000\..\URLSearchHook: {24cc1362-11c6-4918-a2c0-b9ee5a563185} - C:\Program Files\ArchiBar\tbArch.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-232530544-1741318313-884996648-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Mato\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Mato\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mato\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mato\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/07/30 21:27:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/07 21:27:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/07 21:27:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/09/07 21:27:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/09/07 21:27:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010/06/29 16:32:18 | 000,000,000 | ---D | M]

[2010/07/06 16:57:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mato\AppData\Roaming\mozilla\Extensions
[2010/06/29 19:19:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mato\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/07/06 16:57:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mato\AppData\Roaming\mozilla\Extensions\{a23983c0-fd0e-11dc-95ff-0800200c9a66}
[2010/07/06 16:57:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mato\AppData\Roaming\mozilla\Fennec\Profiles\j8ys16e1.default\extensions
[2011/09/08 21:59:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mato\AppData\Roaming\mozilla\Firefox\Profiles\4i4908cv.default\extensions
[2011/02/04 17:19:03 | 000,000,000 | ---D | M] (PDF Download) -- C:\Users\Mato\AppData\Roaming\mozilla\Firefox\Profiles\4i4908cv.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2010/11/05 22:11:36 | 000,000,000 | ---D | M] (GDL WebControl 14) -- C:\Users\Mato\AppData\Roaming\mozilla\Firefox\Profiles\4i4908cv.default\extensions\{64D9B72C-E42A-490e-9181-221E1E035A14}
[2011/03/20 21:49:36 | 000,000,000 | ---D | M] (Qualys BrowserCheck) -- C:\Users\Mato\AppData\Roaming\mozilla\Firefox\Profiles\4i4908cv.default\extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D}
[2011/01/27 18:34:53 | 000,000,000 | ---D | M] () -- C:\Users\Mato\AppData\Roaming\mozilla\Firefox\Profiles\4i4908cv.default\extensions\{b68dfae5-1903-4a03-8094-c973bf7e483e}
[2011/08/20 15:11:13 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Mato\AppData\Roaming\mozilla\Firefox\Profiles\4i4908cv.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/02/12 15:05:45 | 000,000,000 | ---D | M] (Auto Shutdown) -- C:\Users\Mato\AppData\Roaming\mozilla\Firefox\Profiles\4i4908cv.default\extensions\amin.eft_Shutdown@gmail.com
[2011/03/23 19:34:08 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Users\Mato\AppData\Roaming\mozilla\Firefox\Profiles\4i4908cv.default\extensions\ietab@ip.cn
[2011/07/27 17:59:06 | 000,000,000 | ---D | M] (Nokia Maps 3D browser plugin) -- C:\Users\Mato\AppData\Roaming\mozilla\Firefox\Profiles\4i4908cv.default\extensions\maps@ovi.com
[2011/03/24 22:27:12 | 000,000,000 | ---D | M] (Maximum AdBlock) -- C:\Users\Mato\AppData\Roaming\mozilla\Firefox\Profiles\4i4908cv.default\extensions\ozymandias@securityheroes.com
[2011/08/16 20:28:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/02 06:55:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/04 09:31:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/28 18:36:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/06 14:32:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/05/03 21:27:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/06/29 18:29:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/08/12 08:34:48 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/10/25 19:13:59 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2010/03/16 13:57:46 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll
[2007/03/10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2011/08/12 06:09:58 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2011/08/12 06:09:58 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2011/08/12 06:09:58 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2011/08/12 06:09:58 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2011/08/12 06:09:58 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2011/08/12 06:09:58 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2011/02/26 13:46:01 | 000,001,025 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 im.adtech.de
O1 - Hosts: 127.0.0.1 adserver.adtech.de
O1 - Hosts: 127.0.0.1 adtech.de
O1 - Hosts: 127.0.0.1 atwola.com
O1 - Hosts: 127.0.0.1 adserver.71i.de
O1 - Hosts: 127.0.0.1 adicqserver.71i.de
O1 - Hosts: 127.0.0.1 71i.de
O1 - Hosts: 127.0.0.1 m-i.extensoft.com
O2 - BHO: (ArchiBar Toolbar) - {24cc1362-11c6-4918-a2c0-b9ee5a563185} - C:\Program Files\ArchiBar\tbArch.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (ArchiBar Toolbar) - {24cc1362-11c6-4918-a2c0-b9ee5a563185} - C:\Program Files\ArchiBar\tbArch.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-232530544-1741318313-884996648-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-232530544-1741318313-884996648-1000\..\Toolbar\WebBrowser: (ArchiBar Toolbar) - {24CC1362-11C6-4918-A2C0-B9EE5A563185} - C:\Program Files\ArchiBar\tbArch.dll (Conduit Ltd.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Domino] C:\Windows\Domino.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [VMware hqtray] C:\Program Files\VMware\VMware Player\hqtray.exe (VMware, Inc.)
O4 - HKLM..\Run: [ZSSnp211] C:\Windows\ZSSnp211.exe (ZSMCSNAP)
O4 - HKU\S-1-5-21-232530544-1741318313-884996648-1000..\Run: [Allway Sync] C:\Program Files\Allway Sync\Bin\syncappw.exe ()
O4 - HKU\S-1-5-21-232530544-1741318313-884996648-1000..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-232530544-1741318313-884996648-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-232530544-1741318313-884996648-1000..\Run: [Thunderbird] C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Mato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TB-Tray.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-232530544-1741318313-884996648-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-232530544-1741318313-884996648-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} file:///C:/Users/Mato/Desktop/GOPAS/overview/shock/swinst.cab (Shockwave ActiveX Control)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://195.28.70.134/kapor2/lib/mgaxctrl.cab (Autodesk MapGuide ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82B5EA67-76A1-4C8C-A3EF-19099889A6C6}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\Userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22 - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - C:\Program Files\Stardock\ObjectDockPlus2\ODMenu.dll (Stardock)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/11/17 20:58:19 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: vsmon - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: VIDC.VMnc - C:\Windows\System32\vmnc.dll (VMware, Inc.)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011/09/08 22:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011/09/08 22:45:34 | 000,000,000 | ---D | C] -- C:\rsit
[2011/09/07 21:27:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QT Lite
[2011/09/07 21:27:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/09/07 21:27:04 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2011/09/07 21:27:04 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2011/09/07 21:27:03 | 000,180,224 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QTCF.dll
[2011/09/07 21:26:55 | 000,000,000 | ---D | C] -- C:\Program Files\QT Lite
[2011/09/06 20:52:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAVIGON
[2011/09/05 19:52:08 | 000,000,000 | ---D | C] -- C:\Users\Mato\AppData\Roaming\Sync App Settings
[2011/09/05 19:49:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Sync App Settings
[2011/09/05 19:49:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allway Sync
[2011/09/05 19:49:17 | 000,000,000 | ---D | C] -- C:\Program Files\Allway Sync
[2011/09/05 19:07:40 | 000,000,000 | ---D | C] -- C:\Users\Mato\AppData\Roaming\AutomaticUSBBackup

========== Files - Modified Within 7 Days ==========

[2011/09/11 22:29:06 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011/09/11 21:47:02 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/11 21:47:01 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/11 21:46:02 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-232530544-1741318313-884996648-1000UA.job
[2011/09/11 20:53:35 | 000,073,734 | ---- | M] () -- C:\Users\Mato\Desktop\Zaciatok konca FB.JPG
[2011/09/11 20:04:13 | 000,273,225 | ---- | M] () -- C:\Users\Mato\Desktop\Root Explorer (File Manager) v2.16.apk
[2011/09/11 19:55:38 | 000,003,622 | ---- | M] () -- C:\Windows\mozy.blk
[2011/09/11 19:55:38 | 000,002,610 | ---- | M] () -- C:\Windows\mozy.flt
[2011/09/11 19:54:59 | 000,022,400 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/11 19:54:59 | 000,022,400 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/11 19:46:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/11 19:46:19 | 1603,772,416 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/08 22:13:29 | 239,252,949 | ---- | M] () -- C:\Users\Mato\Desktop\2011_09_05_00_00_0_parti_269_ka_1_particka_1.mp4
[2011/09/08 18:53:41 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-232530544-1741318313-884996648-1000Core.job
[2011/09/08 16:37:28 | 000,621,596 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/09/08 16:37:28 | 000,108,442 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/09/06 20:52:55 | 000,001,279 | ---- | M] () -- C:\Users\Public\Desktop\NAVIGON Fresh.lnk

========== Files Created - No Company Name ==========

[2011/09/11 20:53:34 | 000,073,734 | ---- | C] () -- C:\Users\Mato\Desktop\Zaciatok konca FB.JPG
[2011/09/11 20:28:56 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/09/11 20:04:11 | 000,273,225 | ---- | C] () -- C:\Users\Mato\Desktop\Root Explorer (File Manager) v2.16.apk
[2011/09/08 21:56:01 | 239,252,949 | ---- | C] () -- C:\Users\Mato\Desktop\2011_09_05_00_00_0_parti_269_ka_1_particka_1.mp4
[2011/09/06 20:52:55 | 000,001,279 | ---- | C] () -- C:\Users\Public\Desktop\NAVIGON Fresh.lnk
[2011/08/07 15:14:31 | 000,000,000 | ---- | C] () -- C:\Users\Mato\AppData\Local\{26862F9A-56BF-478E-98DA-13BE21BB7556}
[2011/08/07 15:12:41 | 000,000,000 | ---- | C] () -- C:\Users\Mato\AppData\Local\{B3B26D52-546F-4653-8D07-076237E46125}
[2011/07/12 19:28:07 | 000,747,592 | ---- | C] () -- C:\Windows\System32\pwNative.exe
[2011/07/12 19:28:06 | 000,016,472 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys
[2011/07/12 19:28:04 | 000,011,104 | ---- | C] () -- C:\Windows\System32\pwdspio.sys
[2011/06/22 18:55:39 | 000,000,412 | ---- | C] () -- C:\Users\Mato\AppData\Roaming\All CPU Meter_Settings.ini
[2011/06/13 18:59:17 | 005,445,617 | ---- | C] () -- C:\Windows\aapt.exe
[2011/05/24 19:47:51 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011/05/18 20:50:20 | 000,037,011 | ---- | C] () -- C:\Users\Mato\AppData\Roaming\Hodnoty oddelené čiarkou (systém Windows).ADR
[2011/05/01 12:45:38 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011/04/06 20:15:21 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2011/04/06 20:15:21 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2011/03/24 17:56:37 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/03/24 17:52:56 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/02/26 22:33:24 | 000,002,190 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2011/02/04 18:27:32 | 000,015,840 | ---- | C] () -- C:\Windows\System32\Machnm1.exe
[2011/01/07 23:11:08 | 000,042,483 | ---- | C] () -- C:\Windows\ICCCODES.DAT
[2011/01/07 23:11:08 | 000,039,095 | ---- | C] () -- C:\Windows\Iccsigs.dat
[2011/01/07 23:11:08 | 000,000,156 | ---- | C] () -- C:\Windows\KPCMS.INI
[2011/01/07 23:10:38 | 000,210,944 | ---- | C] () -- C:\Windows\System32\MSVCRT10.DLL
[2011/01/03 16:40:55 | 000,033,792 | ---- | C] () -- C:\Windows\System32\drivers\libusb0.sys
[2010/11/15 18:52:50 | 000,000,079 | ---- | C] () -- C:\Users\Mato\AppData\Local\CrystalDiskMark30.ini
[2010/10/04 16:35:45 | 000,122,880 | ---- | C] () -- C:\Windows\UnGins.exe
[2010/09/07 17:19:47 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/09/07 17:19:46 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/09/07 17:19:42 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/09/07 17:19:42 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/09/07 17:19:42 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/08/17 19:04:33 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/07/27 20:19:06 | 000,000,600 | ---- | C] () -- C:\Users\Mato\AppData\Local\PUTTY.RND
[2010/07/25 13:34:43 | 000,000,614 | ---- | C] () -- C:\Windows\eReg.dat
[2010/07/13 16:59:53 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2010/06/30 20:37:27 | 000,007,623 | ---- | C] () -- C:\Users\Mato\AppData\Local\resmon.resmoncfg
[2010/06/30 18:57:27 | 000,049,152 | ---- | C] () -- C:\Windows\Domino.exe
[2010/06/30 16:15:57 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010/06/29 19:23:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/09/23 19:16:08 | 002,050,952 | ---- | C] () -- C:\Windows\System32\igkrng400.bin
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 06:33:53 | 000,437,128 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,621,596 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,108,442 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2007/12/04 14:55:36 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/03/09 09:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2011/09/07 22:12:17 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\.purple
[2010/09/08 20:51:49 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Abvent
[2011/02/16 21:08:31 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Abvent_Artlantis3
[2010/09/16 20:35:18 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Airytec
[2011/08/29 20:12:41 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Android
[2011/05/01 13:51:24 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\AnvSoft
[2010/07/03 13:41:22 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\App Launcher Gadget
[2011/01/20 18:19:23 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Artisteer
[2011/09/05 19:11:47 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\AutomaticUSBBackup
[2010/11/05 22:05:40 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Canneverbe Limited
[2011/07/18 17:12:53 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\DAEMON Tools Lite
[2010/07/25 13:23:49 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\DAEMON Tools Pro
[2010/11/05 22:11:30 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Desktop Sidebar
[2011/08/18 20:46:07 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Dropbox
[2011/08/02 21:45:20 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\enchant
[2010/06/29 16:33:13 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\ESET
[2011/09/11 20:50:40 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\FileZilla
[2011/01/03 18:34:30 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\fltk.org
[2011/02/26 21:37:04 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\FMA
[2010/10/26 19:53:54 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Foxit Software
[2010/11/05 22:11:30 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\GanymedeNet
[2010/09/11 18:04:00 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\GDL Technology
[2011/03/10 23:16:39 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\GHISLER
[2011/05/01 11:57:09 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Graphisoft
[2011/08/21 22:19:20 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\gtk-2.0
[2010/09/22 17:08:40 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\JAM Software
[2011/07/31 17:59:44 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\JLC's Software
[2011/03/06 22:55:51 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\KompoZer
[2010/12/02 15:31:54 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\LG Electronics
[2011/03/26 15:19:42 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Mobile Atlas Creator
[2011/08/16 20:58:44 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\MyPhoneExplorer
[2010/10/31 21:19:24 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Need for Speed World
[2010/11/05 22:06:06 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Nokia
[2011/07/19 18:03:36 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Notepad++
[2010/11/05 22:06:06 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\OpenOffice.org
[2011/03/20 21:00:40 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Opera
[2010/07/01 20:25:00 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\PC Suite
[2011/03/20 21:50:12 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Qualys
[2011/05/09 18:43:10 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Rovio
[2011/03/24 22:27:19 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\SecurityHeroes
[2010/11/07 14:08:20 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Stardock
[2011/09/05 19:52:08 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Sync App Settings
[2011/03/22 22:26:46 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\TeamViewer
[2010/11/05 22:11:37 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Thunderbird
[2011/06/09 20:54:19 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\updatetool
[2010/09/04 16:26:20 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Windows Live Writer
[2011/06/19 20:35:18 | 000,032,528 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Thunderbird" = "C:\Program Files\Mozilla Thunderbird\thunderbird" -turbo -- [2011/09/08 16:02:33 | 000,399,512 | ---- | M] (Mozilla Messaging)
"Google Update" = "C:\Users\Mato\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010/06/29 20:35:46 | 000,136,176 | ---- | M] (Google Inc.)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010/11/20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
"RocketDock" = "C:\Program Files\RocketDock\RocketDock.exe" -- [2007/09/02 13:58:52 | 000,495,616 | ---- | M] ()
"OfficeSyncProcess" = "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" -- [2010/03/16 02:58:36 | 000,718,208 | ---- | M] (Microsoft Corporation)
"Allway Sync" = "C:\Program Files\Allway Sync\Bin\syncappw.exe" -m -- [2011/07/20 14:40:28 | 000,094,120 | ---- | M] ()

< MD5 for: ATAPI.SYS >
[2002/09/20 21:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\$Recycle.Bin\S-1-5-21-232530544-1741318313-884996648-1000\$RTAFZKQ\I386\sp1.cab:atapi.sys
[2004/08/17 17:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\$Recycle.Bin\S-1-5-21-232530544-1741318313-884996648-1000\$RTAFZKQ\I386\sp2.cab:atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2002/09/20 21:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\$Recycle.Bin\S-1-5-21-232530544-1741318313-884996648-1000\$RTAFZKQ\I386\sp1.cab:cdrom.sys
[2004/08/17 17:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\$Recycle.Bin\S-1-5-21-232530544-1741318313-884996648-1000\$RTAFZKQ\I386\sp2.cab:cdrom.sys
[2009/07/14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: CSRSS.EXE >
[2009/07/14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\System32\csrss.exe
[2009/07/14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_58ba39fb456943bd\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: LSASS.EXE >
[2009/07/14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009/07/14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009/07/14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009/07/14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009/07/14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe

< MD5 for: NDIS.SYS >
[2009/07/14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010/11/20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys
[2010/11/20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: NTFS.SYS >
[2011/03/11 07:44:01 | 001,210,240 | ---- | M] (Microsoft Corporation) MD5=187002CE05693C306F43C873F821381F -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16778_none_a65558427e3453b4\ntfs.sys
[2010/11/20 14:30:06 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=33C3093D09017CFE2E219F2472BFF6EB -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_a87893a87b2db29e\ntfs.sys
[2009/07/14 03:20:44 | 001,210,432 | ---- | M] (Microsoft Corporation) MD5=3795DCD21F740EE799FB7223234215AF -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_a6477fe07e3f2f04\ntfs.sys
[2011/03/11 07:39:00 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=81189C3D7763838E55C397759D49007A -- C:\Windows\System32\drivers\ntfs.sys
[2011/03/11 07:39:00 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=81189C3D7763838E55C397759D49007A -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_a83ab4fe7b5ba649\ntfs.sys
[2011/03/11 07:52:25 | 001,210,752 | ---- | M] (Microsoft Corporation) MD5=A7266D82DB9675AFBDED39695B69EDAC -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_a70e0489972fb38f\ntfs.sys
[2004/08/04 01:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\$Recycle.Bin\S-1-5-21-232530544-1741318313-884996648-1000\$RTAFZKQ\I386\NTFS.SYS
[2011/03/11 07:28:10 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=E2EDE3F02F95B896A1C7C6F0CC0C4083 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_a8b27fd79487b0a3\ntfs.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SMSS.EXE >
[2009/07/14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009/07/14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe
[2004/08/17 17:49:28 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=CB56F803D2CAF6B3F32E82D2F73F4B3A -- C:\$Recycle.Bin\S-1-5-21-232530544-1741318313-884996648-1000\$RTAFZKQ\I386\SYSTEM32\SMSS.EXE

< MD5 for: SPOOLSV.EXE >
[2010/08/20 06:25:14 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=2FB4CE429488156B19C0D8E5C4552043 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_d6ab9bc23bf9f1c6\spoolsv.exe
[2009/07/14 03:14:41 | 000,316,416 | ---- | M] (Microsoft Corporation) MD5=49B6DD6AB3715B7A67965F17194E98A9 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_d621f94522dc5a87\spoolsv.exe
[2010/11/20 14:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) MD5=866A43013535DC8587C258E43579C764 -- C:\Windows\System32\spoolsv.exe
[2010/11/20 14:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) MD5=866A43013535DC8587C258E43579C764 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_d8530d0d1fcade21\spoolsv.exe
[2010/08/21 07:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=D1BB750EB51694DE183E08B9C33BE5B2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_d6339da722cfb4be\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/06/21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\System32\drivers\tcpip.sys
[2011/06/21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011/04/25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010/11/20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/04/25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011/04/25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011/06/21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010/06/14 08:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010/06/14 08:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011/06/21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011/06/21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

2 cast

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2009/06/22 18:58:20 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
[2009/07/14 03:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2010/11/20 14:21:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
[2009/07/14 09:42:06 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\en-US\LXKPTPRC.DLL.mui

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2009/06/10 23:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2009/06/10 23:14:29 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
[2009/06/10 23:27:38 | 000,000,003 | ---- | M] () -- C:\Windows\system32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010/07/01 20:24:27 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011/05/09 22:37:41 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_lgandadb_01005.Wdf
[2010/06/29 16:22:52 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2010/07/01 20:25:05 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010/06/29 16:39:24 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010/07/25 13:27:57 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\system32\*.* /5 >
[2011/09/11 19:54:59 | 000,022,400 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/11 19:54:59 | 000,022,400 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/08 16:37:28 | 000,108,442 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2011/09/08 16:37:28 | 000,621,596 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2011/09/08 16:37:27 | 000,734,468 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\config\*.sav >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[9 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[12 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[21 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2011/09/07 22:12:17 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\.purple
[2010/09/08 20:51:49 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Abvent
[2011/02/16 21:08:31 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Abvent_Artlantis3
[2011/04/30 14:30:24 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Adobe
[2010/09/16 20:35:18 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Airytec
[2011/08/29 20:12:41 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Android
[2011/05/01 13:51:24 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\AnvSoft
[2010/07/03 13:41:22 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\App Launcher Gadget
[2011/01/20 18:19:23 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Artisteer
[2011/09/05 19:11:47 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\AutomaticUSBBackup
[2010/11/05 22:05:40 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Canneverbe Limited
[2011/07/18 17:12:53 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\DAEMON Tools Lite
[2010/07/25 13:23:49 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\DAEMON Tools Pro
[2010/11/05 22:11:30 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Desktop Sidebar
[2011/07/31 17:49:19 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\DivX
[2011/08/18 20:46:07 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Dropbox
[2011/08/02 21:45:20 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\enchant
[2010/06/29 16:33:13 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\ESET
[2011/09/11 20:50:40 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\FileZilla
[2011/01/03 18:34:30 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\fltk.org
[2011/02/26 21:37:04 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\FMA
[2010/10/26 19:53:54 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Foxit Software
[2010/11/05 22:11:30 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\GanymedeNet
[2010/09/11 18:04:00 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\GDL Technology
[2011/03/10 23:16:39 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\GHISLER
[2010/09/20 22:13:01 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Google
[2011/05/01 11:57:09 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Graphisoft
[2011/08/21 22:19:20 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\gtk-2.0
[2010/06/29 15:10:41 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Identities
[2010/06/30 18:56:32 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\InstallShield
[2010/09/22 17:08:40 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\JAM Software
[2011/07/31 17:59:44 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\JLC's Software
[2011/03/06 22:55:51 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\KompoZer
[2010/12/02 15:31:54 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\LG Electronics
[2010/06/29 16:54:48 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Macromedia
[2010/11/08 19:45:24 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Malwarebytes
[2009/07/14 09:50:20 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Media Center Programs
[2011/03/28 19:40:49 | 000,000,000 | --SD | M] -- C:\Users\Mato\AppData\Roaming\Microsoft
[2011/03/26 15:19:42 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Mobile Atlas Creator
[2011/08/20 09:46:26 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Mozilla
[2011/08/16 20:58:44 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\MyPhoneExplorer
[2010/10/31 21:19:24 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Need for Speed World
[2010/11/05 22:06:06 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Nokia
[2011/07/19 18:03:36 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Notepad++
[2010/11/05 22:06:06 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\OpenOffice.org
[2011/03/20 21:00:40 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Opera
[2010/07/01 20:25:00 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\PC Suite
[2011/03/20 21:50:12 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Qualys
[2011/05/09 18:43:10 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Rovio
[2011/03/24 22:27:19 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\SecurityHeroes
[2011/07/20 22:16:45 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Skype
[2011/07/20 21:40:00 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\skypePM
[2010/11/07 14:08:20 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Stardock
[2011/07/19 20:37:51 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Sun
[2011/09/05 19:52:08 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Sync App Settings
[2011/03/22 22:26:46 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\TeamViewer
[2010/11/05 22:11:37 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Thunderbird
[2011/06/09 20:54:19 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\updatetool
[2011/02/25 23:30:52 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\vlc
[2011/05/10 17:07:24 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\VMware
[2010/09/04 16:26:20 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\Windows Live Writer
[2010/06/29 19:56:10 | 000,000,000 | ---D | M] -- C:\Users\Mato\AppData\Roaming\WinRAR

< %APPDATA%\*.* >
[2011/06/22 18:55:39 | 000,000,412 | ---- | M] () -- C:\Users\Mato\AppData\Roaming\All CPU Meter_Settings.ini
[2011/08/16 21:44:53 | 000,037,011 | ---- | M] () -- C:\Users\Mato\AppData\Roaming\Hodnoty oddelené čiarkou (systém Windows).ADR

< %APPDATA%\*.exe /s >
[2011/08/29 20:11:10 | 000,163,840 | ---- | M] (Igor Pavlov) -- C:\Users\Mato\AppData\Roaming\Android\7z.exe
[2011/08/29 20:11:11 | 005,441,083 | ---- | M] () -- C:\Users\Mato\AppData\Roaming\Android\aapt.exe
[2011/05/25 22:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Mato\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2011/05/25 22:07:18 | 000,174,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\Mato\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2011/04/30 14:29:24 | 012,795,016 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Mato\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airinstaller2x0\airinstaller2x0.exe
[2010/12/13 23:10:07 | 000,010,134 | R--- | M] () -- C:\Users\Mato\AppData\Roaming\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe
[2010/10/21 09:33:10 | 000,356,864 | ---- | M] (Graphisoft R&D) -- C:\Users\Mato\AppData\Roaming\Mozilla\Firefox\Profiles\4i4908cv.default\extensions\{64D9B72C-E42A-490e-9181-221E1E035A14}\plugins\GSReport.exe

< %SYSTEMDRIVE%\*.exe >

< *crack* /s >
[2006/04/07 18:55:58 | 000,029,036 | ---- | M] () -- \$RECYCLE.BIN\S-1-5-21-232530544-1741318313-884996648-1000\$RIEGYKN\AssaultCubePortable\App\assaultcube\packages\textures\craig_fortune\terrain\Rock_cracked.jpg
[2006/04/07 18:55:58 | 000,038,915 | ---- | M] () -- \$RECYCLE.BIN\S-1-5-21-232530544-1741318313-884996648-1000\$RIEGYKN\AssaultCubePortable\App\assaultcube\packages\textures\makke\cracked_mud.jpg
[2010/10/04 23:50:56 | 000,062,238 | ---- | M] () -- \$RECYCLE.BIN\S-1-5-21-232530544-1741318313-884996648-1000\$RIEGYKN\GIMPPortable\App\gimp\share\gimp\2.0\patterns\cracked.pat
[2011/04/19 19:43:30 | 001,409,526 | ---- | M] () -- \Downloads\Note_Everything_Pro_4.0.3_crackappsite.com.apk
[2008/08/23 00:06:04 | 000,062,238 | ---- | M] () -- \GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
[2011/06/13 20:49:57 | 001,453,578 | ---- | M] () -- \obnova\Note_Everything_Pro_4.0.3_crackappsite.com.apk
[2006/04/07 18:55:58 | 000,029,036 | ---- | M] () -- \PATRIOT\Programy\AssaultCubePortable\App\assaultcube\packages\textures\craig_fortune\terrain\Rock_cracked.jpg
[2006/04/07 18:55:58 | 000,038,915 | ---- | M] () -- \PATRIOT\Programy\AssaultCubePortable\App\assaultcube\packages\textures\makke\cracked_mud.jpg
[2010/10/04 23:50:56 | 000,062,238 | ---- | M] () -- \PATRIOT\Programy\GIMPPortable\App\gimp\share\gimp\2.0\patterns\cracked.pat
[2011/04/20 20:47:16 | 001,409,526 | ---- | M] () -- \USB\Android\apps\Note_Everything_Pro_4.0.3_crackappsite.com.apk
[2006/04/07 18:55:58 | 000,029,036 | ---- | M] () -- \USB\AssaultCubePortable\App\assaultcube\packages\textures\craig_fortune\terrain\Rock_cracked.jpg
[2006/04/07 18:55:58 | 000,038,915 | ---- | M] () -- \USB\AssaultCubePortable\App\assaultcube\packages\textures\makke\cracked_mud.jpg
[2010/10/04 23:50:56 | 000,062,238 | ---- | M] () -- \USB\GIMPPortable\App\gimp\share\gimp\2.0\patterns\cracked.pat
[2011/06/13 20:49:58 | 001,453,578 | ---- | M] () -- \USB\xda\_INPUT_APK\Note_Everything_Pro_4.0.3_crackappsite.com.apk

< *keygen* /s >
[2011/05/09 22:18:05 | 027,928,064 | ---- | M] () -- \Downloads\Keygen_BitDefender_AntiVirus_Pro_2011_By_Ex________.exe
[2011/08/23 20:30:32 | 010,519,321 | ---- | M] () -- \Downloads\Malwarebytes-Anti-Malware-v1.51.0.1200-keygen.rar
[2011/05/01 14:28:39 | 000,003,115 | ---- | M] () -- \Downloads\total-video-converter-3-71-keygen.rar
[2011/06/20 22:34:42 | 000,001,617 | ---- | M] () -- \USB\xda\_INPUT_APK\Note_Everything_Pro_4.0.3_crackappsite.com\ES file explorer 1.6.0.0\smali\org\bouncycastle\crypto\CipherKeyGenerator.smali
[2011/06/20 22:34:42 | 000,001,211 | ---- | M] () -- \USB\xda\_INPUT_APK\Note_Everything_Pro_4.0.3_crackappsite.com\ES file explorer 1.6.0.0\smali\org\bouncycastle\crypto\KeyGenerationParameters.smali
[2011/06/20 22:34:42 | 000,001,617 | ---- | M] () -- \USB\xdaAutoTool\_INPUT_APK\Note_Everything_Pro_4.0.3_crackappsite.com\ES file explorer 1.6.0.0\smali\org\bouncycastle\crypto\CipherKeyGenerator.smali
[2011/06/20 22:34:42 | 000,001,211 | ---- | M] () -- \USB\xdaAutoTool\_INPUT_APK\Note_Everything_Pro_4.0.3_crackappsite.com\ES file explorer 1.6.0.0\smali\org\bouncycastle\crypto\KeyGenerationParameters.smali

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-09-11 17:52:32

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011/09/11 22:29:06 | 000,000,512 | ---- | M] () MD5=5854241791D6E3816834E99152B18305 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:46E7580F

< End of report >

OTL Extras logfile created on: 11. 9. 2011 22:24:36 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = D:\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

1,99 Gb Total Physical Memory | 0,37 Gb Available Physical Memory | 18,49% Memory free
3,98 Gb Paging File | 2,18 Gb Available in Paging File | 54,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 43,13 Gb Free Space | 44,21% Space Free | Partition Type: NTFS
Drive D: | 135,22 Gb Total Space | 44,72 Gb Free Space | 33,07% Space Free | Partition Type: NTFS
Drive Z: | 97,56 Gb Total Space | 43,13 Gb Free Space | 44,21% Space Free | Partition Type: FAT

Computer Name: MATO-PC | User Name: Mato | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OverDisk] -- "C:\Program Files\OverDisk\OverDisk.exe" "%1" (Elias Fotinis)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{02C0A02E-AB30-446C-B4C3-A03310D95F53}" = Windows Live UX Platform Language Pack
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6000
"{067B277E-F94B-4F04-B380-BA967C00377C}_is1" = MiniTool Partition Wizard Home Edition 6.0
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{13E92303-C1AC-4012-9E22-54EACBF54888}" = MCCI(r)Firmware Update Driver for MTK
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 26
"{28193F84-CAC2-448D-9C70-304DE5F41679}" = OpenOffice.org 3.3 Language Pack (Slovak)
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{32A3A4F4-B792-11D6-A78A-00B0D0160250}" = Java(TM) SE Development Kit 6 Update 25
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{44D02D8B-FFB3-4245-8D26-68D10B4C4023}" = ZSMC USB PC Camera (ZS0211)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{5C8F7549-334F-4119-8CAC-03F1815B56C1}" = Artlantis Studio 3
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90140000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{9029363A-8173-435A-9C7C-94AE7E4945D8}_is1" = floAt's Mobile Agent 2
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{938B7504-41A5-42EE-8ECC-5E4B976E8876}" = ESET Smart Security
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A27DED03-CADE-4847-97D8-B198A8E57F3E}" = Windows Live Family Safety
"{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A89DEBCA-F743-3412-97F6-B2E489194551}" = Google Talk Plugin
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.48 (April 23, 2011) verzia v2011.build.48
"{BEF106F8-2689-4530-925A-E1117836E8CD}" = Google SketchUp 7
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF91A5A9-F10D-433D-A677-9505B84EAF1B}" = Stardock Software
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0D14551-3A2D-433B-861F-F4DCE5422759}" = Nokia PC Suite
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}" = Google SketchUp 8
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D9432306-513A-4695-977E-FC6AD9C3ED98}" = IDX Renditioner
"{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
"{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EB020347-354D-A1AF-F265-84B5427C96BA}" = MozyHome
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FBA0CA60-8BF2-4381-B819-74F020E165A9}" = LG USB WML Modem Driver
"{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"001FFF1FFF13FF00FF1101F00F02F000-R1" = ArchiCAD 13 CZE
"001FFF1FFF14FF00FF1101F01F02F000-R1" = ArchiCAD 14 CZE
"039FFF1FFF13FF00FF0701F00F02F000-R1" = Google Earth Connections AC13 INT
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9)
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe PageMaker 7.0" = Adobe PageMaker 7.0
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Allway Sync_is1" = Allway Sync version 11.3.11
"Any Video Converter_is1" = Any Video Converter 3.2.7
"AppInventor Setup" = AppInventor Setup
"ArchiBar Toolbar" = ArchiBar Toolbar
"Artlantis Studio 3" = Artlantis Studio 3.0.2
"Aspell Slovak Dictionary_is1" = Aspell Slovak Dictionary-0.50-2
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"DiffMerge_is1" = DiffMerge 1.0.6
"DivX Setup.divx.com" = DivX Setup
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows Driver Package - Nokia Modem (02/25/2011 4.7)
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"FileZilla Client" = FileZilla Client 3.5.1
"Foxit Reader" = Foxit Reader
"GNU Aspell_is1" = GNU Aspell 0.50-3
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"JDownloader" = JDownloader
"JLC's Internet TV" = JLC's Internet TV
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.3.0 (Full)
"LSI Soft Modem" = LSI HDA Modem
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verzia 1.51.1.1800
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 6.0 (x86 sk)" = Mozilla Firefox 6.0 (x86 sk)
"Mozilla Thunderbird (6.0.2)" = Mozilla Thunderbird (6.0.2)
"MPE" = MyPhoneExplorer
"NAVIGON Fresh" = NAVIGON Fresh 3.3.2
"Nokia PC Suite" = Nokia PC Suite
"Notepad++" = Notepad++
"ObjectDock Plus 2" = ObjectDock Plus 2
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Opera 11.50.1074" = Opera 11.50
"OverDisk" = OverDisk (remove only)
"OziExplorer 3.95_is1" = OziExplorer 3.95
"PhotoFiltre" = PhotoFiltre
"Pidgin" = Pidgin
"quicktime_lite_is1" = QT Lite 4.1.0
"RealAlt_is1" = Real Alternative 2.0.2
"RocketDock_is1" = RocketDock 1.3.5
"Sandboxie" = Sandboxie 3.46
"SketchyPhysics3.1_is1" = SketchyPhysics3.1
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 6" = TeamViewer 6
"The KMPlayer" = The KMPlayer (remove only)
"Total Video Converter 3.71_is1" = Total Video Converter 3.71 100812
"Totalcmd" = Total Commander (Remove or Repair)
"TVWiz" = Intel(R) TV Wizard
"VirusTotalUploader2.0" = VirusTotal Uploader 2.0
"VMware_Player" = VMware Player
"WinGimp-2.0_is1" = GIMP 2.4.7
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-232530544-1741318313-884996648-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Cyklotrasy 2.23 SK" = Cyklotrasy 2.23 SK
"Cyklotrasy 2.24 SK" = Cyklotrasy 2.24 SK
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Sweet Home 3D" = Sweet Home 3D

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

\Downloads\Keygen_BitDefender_AntiVirus_Pro_2011_By_Ex________.exe
\Downloads\Malwarebytes-Anti-Malware-v1.51.0.1200-keygen.rar
\Downloads\total-video-converter-3-71-keygen.rar

Vzhledem k tomu, že používáš nelegální software Obrázek

se nedivím, že jsi návštěvníkem našeho fóra.

Dle pravidel fóra (viz zde a zde bod č.3) se však nelegálním software nezabýváme, jelikož nelegální programy jsou většinou zdrojem havěti. Navíc tím porušuješ i autorská práva Obrázek

, pácháš trestný čin a ten, jako takový, nebude naším fórem podporován! Uvědom si, že jsi na bezpečnostním fóru - podpora warezu (zvláště operačních systémů a bezpečnostních programů) by byla zcela proti logice fóra.

Z mé strany je to vše

a zde poprosím moderátory o

a následné řešení.

To ze som to stiahol neznamena ze som to pouzil pre seba ale kto chce psa bit palicu si najde.

knifak píše:To ze som to stiahol neznamena ze som to pouzil pre seba ale kto chce psa bit palicu si najde.

Pane policajt, to, že jste u mě našel ty označené peníze z bankovní loupeže neznamená, že jsem je za něco utratil. Jen jsem si je z té banky "vyzvedl", to je pro mé kamarády.
Ale kdo se chce ospravedlnit, vždycky si výmluvu najde.

Co se týče legality Windows, odpovězte přímo - jsou legální? TJ. koupené? Pokud ne, tak si dělejte pr**l z plastelíny a ne z nás.

Áno
Prajem pekný deň

Ano co? Nepředpokládám, že by Ultimate verze byla legální, takže si jdete dělat p***l z plastelíny? Dobře. S takovýmhle přístupem si to odvirujte sám

VIRY.CZ

Preventivka

Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka