VIRY.CZ

Zdravim, mam spomaleny ako si pc poslednu dobu, dosť dlho mi otvara každú jednu vec, a taktiež keď sa vypína alebo spúšťa to trva dosť dlho. Prezrite mi prosim Vás log. THX

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jožo at 2012-08-17 22:21:31
WIN_7 Service Pack 1
System drive C: has 18 GB (35%) free of 51 GB
Total RAM: 2046 MB (65% free)

=========Mozilla firefox=========

ProfilePath - C:\Users\Jožo\AppData\Roaming\Mozilla\Firefox\Profiles\0mldpmmm.default

prefs.js - "browser.startup.homepage" - "http://google.sk/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.27"
prefs.js - "keyword.URL" - "http://isearch.babylon.com/?babsrc=adba ... 0f83c65&q="

"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33]
"Description"=
"Path"=C:\Windows\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
NPOFFICE.DLL
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
babylon.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Users\Jožo\AppData\Roaming\Mozilla\Firefox\Profiles\0mldpmmm.default\extensions\
engine@conduit.com
ffxtlbr@babylon.com
plugin2@gameplaylabs.com
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
{da81b294-ed20-46ec-946b-565d182f3be1}

C:\Users\Jožo\AppData\Roaming\Mozilla\Firefox\Profiles\0mldpmmm.default\searchplugins\
GoogleFeed.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-07-20 329520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-07-05 4018888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-07-20 59184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{98889811-442D-49dd-99D7-DC866BE87DBC}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-03-11 6749512]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTAgent.exe [2011-03-17 842048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files\DAEMON Tools Pro\DTAgent.exe [2011-03-17 842048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
C:\Users\Jožo\AppData\Roaming\Google Talk\googletalk.exe /autostart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Labtec\WebCam10\WebCam10.exe /hide []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VideoCam Suite.lnk]
C:\PROGRA~1\COMMON~1\PANASO~1\VIDEOC~1\VIDEOC~1.EXE [2009-12-26 349600]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Button Manager.lnk - C:\Program Files\HP Button Manager\BM.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Jožo\AppData\Local\Opera\Opera\temporary_downloads\P17535732.JPG-www.facebook.exe"="C:\Windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FFDS"=C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-08-17 22:21:35 ----D---- C:\Program Files\trend micro
2012-08-17 22:21:31 ----D---- C:\rsit
2012-08-15 12:20:41 ----A---- C:\Windows\system32\drivers\bthport.sys
2012-08-15 12:19:46 ----A---- C:\Windows\system32\mshtmled.dll
2012-08-15 12:19:44 ----A---- C:\Windows\system32\iertutil.dll
2012-08-15 12:19:42 ----A---- C:\Windows\system32\ieui.dll
2012-08-15 12:19:41 ----A---- C:\Windows\system32\ieUnatt.exe
2012-08-15 12:19:40 ----A---- C:\Windows\system32\jsproxy.dll
2012-08-15 12:19:39 ----A---- C:\Windows\system32\wininet.dll
2012-08-15 12:19:38 ----A---- C:\Windows\system32\jscript9.dll
2012-08-15 12:19:38 ----A---- C:\Windows\system32\jscript.dll
2012-08-15 12:19:36 ----A---- C:\Windows\system32\url.dll
2012-08-15 12:19:33 ----A---- C:\Windows\system32\urlmon.dll
2012-08-15 12:19:29 ----A---- C:\Windows\system32\mshtml.dll
2012-08-15 12:19:28 ----A---- C:\Windows\system32\ieframe.dll
2012-08-15 12:16:20 ----A---- C:\Windows\system32\win32spl.dll
2012-08-15 12:16:19 ----A---- C:\Windows\system32\spoolsv.exe
2012-08-15 12:16:17 ----A---- C:\Windows\system32\browser.dll
2012-08-15 12:16:16 ----A---- C:\Windows\system32\netapi32.dll
2012-08-15 12:16:16 ----A---- C:\Windows\system32\browcli.dll
2012-08-15 12:16:13 ----A---- C:\Windows\system32\localspl.dll
2012-08-15 12:16:11 ----A---- C:\Windows\system32\win32k.sys
2012-08-15 12:16:09 ----A---- C:\Windows\system32\srcore.dll
2012-08-14 22:46:30 ----A---- C:\Windows\system32\aptmp.exe
2012-08-06 19:14:46 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2012-07-20 22:23:32 ----A---- C:\Windows\system32\npdeployJava1.dll
2012-07-20 22:23:31 ----A---- C:\Windows\system32\javaws.exe
2012-07-20 22:23:31 ----A---- C:\Windows\system32\javaw.exe
2012-07-20 22:23:30 ----A---- C:\Windows\system32\java.exe
2012-07-20 22:22:59 ----D---- C:\Program Files\Java
2012-07-20 22:20:39 ----D---- C:\ProgramData\McAfee

======List of files/folders modified in the last 1 month======

2012-08-17 22:21:45 ----D---- C:\Windows\Prefetch
2012-08-17 22:21:35 ----RD---- C:\Program Files
2012-08-17 22:17:51 ----D---- C:\Users\Jožo\AppData\Roaming\Skype
2012-08-17 22:16:57 ----D---- C:\Windows\Temp
2012-08-17 22:16:05 ----D---- C:\Windows\system32\config
2012-08-17 13:31:28 ----D---- C:\Windows\system32\catroot2
2012-08-16 21:28:25 ----D---- C:\Windows\System32
2012-08-16 21:28:24 ----D---- C:\Windows\inf
2012-08-16 21:28:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-08-15 23:14:44 ----SHD---- C:\System Volume Information
2012-08-15 22:12:33 ----HD---- C:\Config.Msi
2012-08-15 22:01:38 ----SHD---- C:\Windows\Installer
2012-08-15 12:43:42 ----RD---- C:\Program Files\Skype
2012-08-15 12:43:42 ----D---- C:\ProgramData\Skype
2012-08-15 12:33:20 ----D---- C:\Windows\winsxs
2012-08-15 12:32:00 ----D---- C:\Windows
2012-08-15 12:31:03 ----RSD---- C:\Windows\Fonts
2012-08-15 12:31:01 ----D---- C:\Windows\system32\migration
2012-08-15 12:30:54 ----D---- C:\Program Files\Internet Explorer
2012-08-15 12:30:51 ----D---- C:\Windows\system32\DriverStore
2012-08-15 12:30:51 ----D---- C:\Windows\system32\drivers
2012-08-15 12:24:04 ----D---- C:\Windows\debug
2012-08-15 12:24:02 ----A---- C:\Windows\system32\MRT.exe
2012-08-15 12:23:32 ----A---- C:\Windows\win.ini
2012-08-15 12:20:48 ----D---- C:\Windows\system32\catroot
2012-08-14 22:39:12 ----D---- C:\Windows\system32\wdi
2012-08-14 22:34:27 ----HD---- C:\Program Files\InstallShield Installation Information
2012-08-12 20:35:35 ----D---- C:\ProgramData\Adobe
2012-08-12 19:19:19 ----SD---- C:\Users\Jožo\AppData\Roaming\Microsoft
2012-08-12 19:19:19 ----D---- C:\Users\Jožo\AppData\Roaming\Adobe
2012-08-09 00:22:37 ----D---- C:\Users\Jožo\AppData\Roaming\Media Player Classic
2012-08-08 22:55:23 ----D---- C:\Windows\Logs
2012-08-08 22:53:28 ----RSD---- C:\Windows\assembly
2012-08-08 22:48:43 ----D---- C:\ProgramData\Comodo
2012-08-08 15:52:58 ----D---- C:\Program Files\Opera
2012-08-08 15:05:51 ----D---- C:\Windows\WindowsMobile
2012-08-08 15:01:17 ----D---- C:\Program Files\Common Files\Adobe
2012-08-08 15:01:09 ----D---- C:\Program Files\Adobe
2012-08-06 20:33:01 ----D---- C:\Program Files\Microsoft Silverlight
2012-08-06 19:13:21 ----D---- C:\Program Files\Common Files\microsoft shared
2012-08-06 19:13:09 ----D---- C:\Program Files\Microsoft Works
2012-08-05 23:49:29 ----D---- C:\Windows\system32\LogFiles
2012-07-25 19:55:12 ----A---- C:\Windows\STXKBD32.INI
2012-07-21 09:27:09 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-07-20 22:23:02 ----A---- C:\Windows\system32\deployJava1.dll
2012-07-20 22:20:39 ----HD---- C:\ProgramData
2012-07-20 22:15:11 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2009-01-07 20744]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-10-22 443448]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2009-08-04 11296]
R1 AsUpIO;AsUpIO; C:\Windows\system32\drivers\AsUpIO.sys [2009-07-06 11448]
R1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2012-03-11 19600]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-03-11 491816]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2012-03-11 39640]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2012-02-03 82400]
R2 Angelnt;Angelnt; C:\Windows\System32\Drivers\ANGELNT.SYS [2011-08-05 51072]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-06-02 25888]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-13 6504]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys [2003-10-10 62720]
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys [2003-09-06 6944]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-05-17 50176]
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys [2003-09-06 4832]
S0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2005-05-16 19968]
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2003-10-10 52128]
S1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-05-24 278984]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 appliandMP;appliandMP; C:\Windows\system32\DRIVERS\appliand.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\drivers\atikmdag.sys [2009-07-14 4194816]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
S3 kqemu;KQEMU virtualisation module for QEMU; C:\Windows\system32\DRIVERS\kqemu.sys [2011-05-05 144622]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-04-20 47360]
S3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys []
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2006-11-30 113792]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2006-10-05 73600]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2006-11-02 53504]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2006-10-28 40960]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\Windows\System32\bgsvcgen.exe [2007-06-15 145504]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-03-11 1983232]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-10-15 1136448]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe [2012-03-12 186760]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-05 3048136]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-20 113120]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1343400]

-----------------EOF-----------------

Zdravim a pekny vecer preji

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku[

[/list]

Nemas to po cesky? slovensky ? je to v anglictine

Takto to mam nastavene...teraz kliknut na RUN SCAN ? alebo KDE? samozrejme aj skript som skopiroval...

Obrázek

OTL zatim bohuzel neni lokalizovan do SK, do CZ jiz ano

Obrazek snad napovi - jedine co nemate tak bude ten 64bit OS nahore
Obrázek

OTL logfile created on: 17. 8. 2012 23:39:02 - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Jožo\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

2,00 Gb Total Physical Memory | 1,03 Gb Available Physical Memory | 51,53% Memory free
4,00 Gb Paging File | 2,67 Gb Available in Paging File | 66,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 50,01 Gb Total Space | 17,51 Gb Free Space | 35,02% Space Free | Partition Type: NTFS
Drive D: | 182,87 Gb Total Space | 71,61 Gb Free Space | 39,16% Space Free | Partition Type: NTFS

Computer Name: JOŽO-PC | User Name: Jožo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012/08/17 23:20:07 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Jožo\Desktop\OTL.exe
PRC - [2012/08/05 23:19:42 | 000,874,896 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2012/08/05 23:19:42 | 000,800,656 | ---- | M] (Opera Software) -- C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
PRC - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/03/12 17:42:50 | 000,186,760 | ---- | M] () -- C:\Program Files\Photodex\ProShowProducer\scsiaccess.exe
PRC - [2012/03/11 21:13:22 | 001,983,232 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012/03/11 21:13:02 | 006,749,512 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011/10/15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/10/15 10:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011/10/15 10:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011/03/17 10:15:46 | 000,382,272 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/18 11:32:54 | 000,311,296 | ---- | M] () -- C:\Program Files\HP Button Manager\BM.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/12/23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009/07/14 03:14:26 | 006,376,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mspaint.exe
PRC - [2007/06/15 13:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\Windows\System32\bgsvcgen.exe

========== Modules (No Company Name) ==========

MOD - [2012/08/05 23:19:50 | 000,316,928 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2012/08/05 23:19:50 | 000,276,480 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2012/08/05 23:19:50 | 000,078,336 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2012/08/05 23:19:50 | 000,064,000 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2012/08/05 23:19:50 | 000,046,592 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2012/08/05 23:19:50 | 000,045,568 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2012/08/05 23:19:49 | 000,168,448 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2012/08/05 23:19:49 | 000,099,840 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2012/08/05 23:19:49 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2012/08/05 23:19:49 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2012/08/05 23:19:49 | 000,076,800 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2012/08/05 23:19:49 | 000,068,608 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2012/08/05 23:19:48 | 000,783,360 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll
MOD - [2011/10/13 22:45:44 | 008,522,400 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/01/18 11:32:54 | 000,311,296 | ---- | M] () -- C:\Program Files\HP Button Manager\BM.exe
MOD - [2011/01/18 11:00:50 | 000,055,296 | ---- | M] () -- C:\Program Files\HP Button Manager\DeviceDll.dll
MOD - [2009/08/16 17:06:02 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

========== Win32 Services (SafeList) ==========

SRV - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/20 22:14:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/03/12 17:42:50 | 000,186,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\ProShowProducer\scsiaccess.exe -- (ScsiAccess)
SRV - [2012/03/11 21:13:22 | 001,983,232 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011/10/15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/05/18 10:38:09 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/12/23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009/07/14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/06/15 13:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\Windows\System32\bgsvcgen.exe -- (bgsvcgen)
SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\VcommMgr.sys -- (VcommMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VComm.sys -- (VComm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LV302V32.SYS -- (PID_PEPI)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lv302af.sys -- (pepifilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btcusb.sys -- (Btcsrusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\appliand.sys -- (appliandMP)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (afeqbn37)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (acv57srv)
DRV - [2012/03/11 21:13:38 | 000,039,640 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012/03/11 21:13:36 | 000,491,816 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012/03/11 21:13:36 | 000,019,600 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmderd.sys -- (cmderd)
DRV - [2012/02/09 22:43:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/02/03 19:27:48 | 000,082,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2011/10/22 23:46:12 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2011/08/17 10:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011/08/17 10:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/08/17 10:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011/08/17 10:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011/08/05 14:26:14 | 000,051,072 | ---- | M] (Identcode Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ANGELNT.SYS -- (Angelnt)
DRV - [2011/05/24 00:44:03 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2011/05/05 00:35:51 | 000,144,622 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\kqemu.sys -- (kqemu)
DRV - [2010/11/20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/07/29 13:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010/06/02 18:33:11 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010/02/03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/08/04 10:28:18 | 000,011,296 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2009/07/14 00:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/06 10:48:02 | 000,011,448 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2009/05/13 19:11:34 | 000,006,504 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009/01/07 23:39:36 | 000,020,744 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2008/12/07 12:44:54 | 000,030,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2008/07/02 14:58:48 | 000,026,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2006/11/30 19:55:00 | 000,113,792 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2006/11/20 17:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006/11/02 17:41:00 | 000,053,504 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2006/10/28 00:29:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2006/10/10 19:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/10/05 16:07:46 | 000,073,600 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2006/02/20 20:17:40 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV - [2005/08/01 16:45:00 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005/05/17 14:48:21 | 000,050,176 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005/05/16 15:23:38 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02)
DRV - [2005/05/16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2005/01/06 13:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2003/10/10 16:06:26 | 000,062,720 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2003/10/10 15:06:24 | 000,052,128 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003/09/06 14:27:06 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003/09/06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prosync1.sys -- (prosync1)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... earchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1876732673-3808273629-2673023108-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKU\S-1-5-21-1876732673-3808273629-2673023108-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0B CD FB 28 C8 EA CA 01 [binary data]
IE - HKU\S-1-5-21-1876732673-3808273629-2673023108-1001\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-1876732673-3808273629-2673023108-1001\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKU\S-1-5-21-1876732673-3808273629-2673023108-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1876732673-3808273629-2673023108-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://isearch.babylon.com/web/{searchT ... 1d60f83c65
IE - HKU\S-1-5-21-1876732673-3808273629-2673023108-1001\..\SearchScopes\{AB79D3B4-AEDB-428a-B504-BAC00521A1C7}: "URL" = http://www.landing.savetubevideo.com/in ... earchTerms}
IE - HKU\S-1-5-21-1876732673-3808273629-2673023108-1001\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... earchTerms}
IE - HKU\S-1-5-21-1876732673-3808273629-2673023108-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Gamebario2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"
FF - prefs.js..browser.startup.homepage: "http://google.sk/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..keyword.URL: "http://isearch.babylon.com/?babsrc=adba ... 0f83c65&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Jožo\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/10 03:09:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/20 22:14:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/15 22:01:19 | 000,000,000 | ---D | M]

[2011/01/08 01:47:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jožo\AppData\Roaming\mozilla\Extensions
[2011/01/08 01:47:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jožo\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/08/05 01:39:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jožo\AppData\Roaming\mozilla\Firefox\Profiles\0mldpmmm.default\extensions
[2012/07/17 16:12:35 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Jožo\AppData\Roaming\mozilla\Firefox\Profiles\0mldpmmm.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2012/07/09 10:27:37 | 000,000,000 | ---D | M] (Gamebario2 Community Toolbar) -- C:\Users\Jožo\AppData\Roaming\mozilla\Firefox\Profiles\0mldpmmm.default\extensions\{da81b294-ed20-46ec-946b-565d182f3be1}
[2010/11/17 22:32:05 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Jožo\AppData\Roaming\mozilla\Firefox\Profiles\0mldpmmm.default\extensions\engine@conduit.com
[2012/03/10 01:10:39 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Jožo\AppData\Roaming\mozilla\Firefox\Profiles\0mldpmmm.default\extensions\ffxtlbr@babylon.com
[2011/04/05 08:54:48 | 000,000,000 | ---D | M] (GamePlayLabs Plugin) -- C:\Users\Jožo\AppData\Roaming\mozilla\Firefox\Profiles\0mldpmmm.default\extensions\plugin2@gameplaylabs.com
[2011/08/22 19:50:11 | 000,002,133 | ---- | M] () -- C:\Users\Jožo\AppData\Roaming\Mozilla\Firefox\Profiles\0mldpmmm.default\searchplugins\GoogleFeed.xml
[2012/03/28 18:18:06 | 000,003,916 | ---- | M] () -- C:\Users\Jožo\AppData\Roaming\Mozilla\Firefox\Profiles\0mldpmmm.default\searchplugins\sweetim.xml
[2012/08/15 12:43:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/08/15 12:43:42 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/07/20 22:23:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/07/20 22:14:54 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/09 16:44:20 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2012/06/09 16:44:20 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2012/03/10 01:10:29 | 000,002,298 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/06/09 16:44:20 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2012/06/09 16:44:20 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2012/06/09 16:44:20 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2012/06/09 16:44:20 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2010/11/05 21:47:02 | 000,001,052 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKU\S-1-5-21-1876732673-3808273629-2673023108-1001..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1876732673-3808273629-2673023108-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1876732673-3808273629-2673023108-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1F789E4-E49D-48D4-B932-30774B4C88CC}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1F789E4-E49D-48D4-B932-30774B4C88CC}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{105a402b-56cb-11df-9ce7-001d60f83c65}\Shell - "" = AutoRun
O33 - MountPoints2\{105a402b-56cb-11df-9ce7-001d60f83c65}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{164005c0-d587-11df-9129-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{164005c0-d587-11df-9129-806e6f6e6963}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{7eb81d0d-2d0b-11e0-a0ac-001d60f83c65}\Shell - "" = AutoRun
O33 - MountPoints2\{7eb81d0d-2d0b-11e0-a0ac-001d60f83c65}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{d02581de-70c4-11df-85ab-001d60f83c65}\Shell - "" = AutoRun
O33 - MountPoints2\{d02581de-70c4-11df-85ab-001d60f83c65}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: VIDC.I420 - lvcodec2.dll File not found
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012/08/17 23:20:06 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Jožo\Desktop\OTL.exe
[2012/08/17 22:21:35 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012/08/15 12:42:08 | 000,000,000 | ---D | C] -- C:\Users\Jožo\AppData\Local\ElevatedDiagnostics
[2012/08/15 12:19:47 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/08/15 12:19:42 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/08/15 12:19:41 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/08/15 12:19:40 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/08/15 12:19:38 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/08/15 12:19:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/08/15 12:19:31 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/08/15 12:16:16 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2012/08/15 12:16:11 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/08/15 12:16:09 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012/08/14 22:53:23 | 000,000,000 | ---D | C] -- C:\Users\Jožo\Documents\EA Games
[2012/08/14 22:32:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Illusion Softworks
[2010/04/10 02:43:07 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Jožo\AppData\Roaming\pcouffin.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012/08/17 23:42:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/08/17 23:37:44 | 000,208,790 | ---- | M] () -- C:\Users\Jožo\Desktop\Bez názvu.jpg
[2012/08/17 23:20:07 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Jožo\Desktop\OTL.exe
[2012/08/17 22:24:04 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/17 22:24:04 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/17 22:16:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/17 22:16:41 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/17 22:16:38 | 000,819,680 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
[2012/08/16 21:28:25 | 000,618,714 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/08/16 21:28:25 | 000,107,034 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/08/15 12:33:02 | 003,641,848 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/08/14 22:46:30 | 000,000,298 | ---- | M] () -- C:\Windows\System32\aptmp.exe
[2012/08/14 13:37:19 | 000,111,519 | ---- | M] () -- C:\Users\Jožo\Desktop\Tomas Lukcik Letenka.pdf
[2012/08/12 19:19:10 | 000,130,663 | ---- | M] () -- C:\Users\Jožo\Desktop\Letenky.pdf
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/17 23:42:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/08/17 23:33:07 | 000,208,790 | ---- | C] () -- C:\Users\Jožo\Desktop\Bez názvu.jpg
[2012/08/14 22:46:30 | 000,000,298 | ---- | C] () -- C:\Windows\System32\aptmp.exe
[2012/08/14 13:37:18 | 000,111,519 | ---- | C] () -- C:\Users\Jožo\Desktop\Tomas Lukcik Letenka.pdf
[2012/08/12 19:19:10 | 000,130,663 | ---- | C] () -- C:\Users\Jožo\Desktop\Letenky.pdf
[2012/07/10 23:05:23 | 000,819,680 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2012/03/07 16:10:08 | 000,000,753 | ---- | C] () -- C:\Windows\disney.ini
[2011/10/28 00:52:59 | 000,000,088 | ---- | C] () -- C:\Windows\STXKBD32.INI
[2011/10/28 00:45:25 | 000,002,455 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2011/10/15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011/10/01 13:18:40 | 000,000,042 | ---- | C] () -- C:\Users\Jožo\AppData\Roaming\TheHunterSettings_local.cfg
[2011/10/01 13:11:12 | 000,011,200 | ---- | C] () -- C:\Users\Jožo\AppData\Roaming\TheHunterSettings_live.bin
[2011/08/11 16:04:07 | 000,004,608 | ---- | C] () -- C:\Users\Jožo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/11 15:57:25 | 000,025,600 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011/08/11 15:56:33 | 000,000,034 | -H-- | C] () -- C:\Windows\System32\MP3ToAMRConverter_sysquict.dat
[2011/08/05 14:26:14 | 000,000,405 | ---- | C] () -- C:\Windows\System32\ANGELDOS.SYS
[2011/07/27 15:01:21 | 000,000,208 | ---- | C] () -- C:\Users\Jožo\AppData\Roaming\burnaware.ini
[2011/06/11 16:34:45 | 000,302,592 | ---- | C] () -- C:\Windows\mauninst.exe
[2011/06/10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/05/05 00:33:50 | 000,144,622 | ---- | C] () -- C:\Windows\System32\drivers\kqemu.sys
[2011/04/11 21:34:59 | 000,081,920 | ---- | C] () -- C:\Windows\OLE2TASK.DAT
[2011/03/03 03:17:54 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/02/07 16:02:12 | 000,000,021 | ---- | C] () -- C:\Windows\raptinfo.dat
[2010/12/16 12:39:29 | 000,002,528 | ---- | C] () -- C:\Users\Jožo\AppData\Roaming\$_hpcst$.hpc
[2010/11/18 19:09:37 | 000,034,308 | ---- | C] () -- C:\ProgramData\mazuki.dll
[2010/10/25 00:39:33 | 000,001,104 | ---- | C] () -- C:\Users\Jožo\AppData\Local\SRDownloader.nast
[2010/10/25 00:39:15 | 000,007,456 | ---- | C] () -- C:\Users\Jožo\AppData\Local\SRDownloader.err
[2010/10/19 21:41:06 | 000,000,990 | -HS- | C] () -- C:\Users\Jožo\AppData\Roaming\systemfl.$dk
[2010/10/19 20:41:03 | 000,007,605 | ---- | C] () -- C:\Users\Jožo\AppData\Local\Resmon.ResmonCfg
[2010/10/11 22:49:44 | 000,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI
[2010/10/11 22:39:04 | 000,000,098 | ---- | C] () -- C:\Windows\WirelessFTP.INI
[2010/10/11 22:06:06 | 000,011,448 | ---- | C] () -- C:\Windows\System32\drivers\AsUpIO.sys
[2010/10/11 22:06:04 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll
[2010/10/11 22:06:04 | 000,011,296 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2010/10/11 22:05:33 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010/10/11 22:00:37 | 000,006,504 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2010/10/06 21:08:07 | 000,000,000 | ---- | C] () -- C:\Windows\BsMobileModel.ini
[2010/04/29 22:33:22 | 000,000,012 | ---- | C] () -- C:\Users\Jožo\intlname.ols
[2010/04/20 17:06:59 | 000,081,920 | ---- | C] () -- C:\Users\Jožo\AppData\Roaming\ezpinst.exe
[2010/04/11 23:41:57 | 000,022,328 | ---- | C] () -- C:\Users\Jožo\AppData\Roaming\PnkBstrK.sys
[2010/04/11 23:38:11 | 000,107,832 | ---- | C] () -- C:\Users\Jožo\AppData\Roaming\PnkBstrB.exe
[2010/04/10 02:43:41 | 000,000,668 | ---- | C] () -- C:\Users\Jožo\AppData\Roaming\vso_ts_preview.xml
[2010/04/10 02:43:07 | 000,087,608 | ---- | C] () -- C:\Users\Jožo\AppData\Roaming\inst.exe
[2010/04/10 02:43:07 | 000,007,887 | ---- | C] () -- C:\Users\Jožo\AppData\Roaming\pcouffin.cat
[2010/04/10 02:43:07 | 000,001,144 | ---- | C] () -- C:\Users\Jožo\AppData\Roaming\pcouffin.inf

========== LOP Check ==========

[2012/04/04 10:59:14 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\AIMP
[2012/02/05 22:23:54 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\AlderGames
[2012/02/04 13:37:46 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Artogon
[2010/10/25 12:43:16 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Ashampoo
[2012/03/10 01:10:16 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Babylon
[2011/03/09 09:35:47 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Canneverbe Limited
[2010/04/11 14:47:45 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\DAEMON Tools Lite
[2011/10/23 01:44:27 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\DAEMON Tools Pro
[2011/09/02 00:12:30 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\ERS G-Studio
[2012/06/17 12:23:14 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\ERS Game Studios
[2010/04/10 00:54:47 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\ESET
[2011/03/04 11:01:10 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Faerie Solitaire
[2011/01/03 10:28:46 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Flood Light Games
[2011/08/22 19:42:07 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Foxreal
[2010/12/08 13:32:06 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\GHISLER
[2010/05/26 09:16:24 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Gold Casual Games
[2011/03/09 00:01:06 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\InfraRecorder
[2011/04/28 17:04:44 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\IrfanView
[2011/10/18 11:52:04 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Jetdogs Studios
[2011/10/28 00:50:39 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\LangSoft
[2010/04/13 14:56:36 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Leadertech
[2011/01/03 12:29:51 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Magic Academy
[2012/03/09 00:54:44 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\MapFactor
[2011/10/16 11:47:46 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\md studio
[2012/06/21 22:27:44 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Meridian93
[2011/02/03 13:43:58 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\mojosoft
[2010/12/20 00:15:21 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Navigator
[2012/03/12 17:43:11 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Netscape
[2011/08/27 12:10:54 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Nokia
[2011/06/04 13:16:04 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Opera
[2011/08/27 12:10:54 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\PC Suite
[2010/12/10 00:46:17 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\PDF Software
[2012/03/12 17:39:32 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Photodex
[2012/02/04 13:14:58 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\playmink
[2011/03/10 20:34:24 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Princess Isabella
[2011/05/03 07:51:44 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\PunkBuster
[2011/09/17 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Rovio
[2010/12/03 18:21:52 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Shape games
[2011/01/03 04:08:11 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/03/31 09:06:02 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\StokedBigAir
[2012/06/21 22:11:55 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\TeamViewer
[2011/01/08 01:47:26 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Thunderbird
[2010/12/15 19:11:22 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Toshiba
[2012/03/07 23:53:05 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Touchstone
[2010/04/14 23:31:58 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Ubisoft
[2010/12/17 14:21:53 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\URSE Games
[2011/10/09 13:50:56 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Vasilek Games
[2012/03/09 01:01:24 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Vso
[2011/10/10 00:10:32 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Xilisoft
[2012/08/06 08:35:27 | 000,032,504 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009/07/14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/06/21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011/09/29 18:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011/04/25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010/11/20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2012/03/30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011/09/29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011/09/29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011/04/25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012/03/30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\System32\drivers\tcpip.sys
[2012/03/30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011/04/25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012/03/30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011/06/21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010/06/14 08:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010/06/14 08:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011/06/21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011/06/21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012/03/30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012/08/12 19:19:19 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Adobe
[2011/01/03 04:08:12 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Adobe Mini Bridge CS5
[2012/04/04 10:59:14 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\AIMP
[2012/02/05 22:23:54 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\AlderGames
[2012/03/06 00:07:16 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\ArcSoft
[2012/02/04 13:37:46 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Artogon
[2010/10/25 12:43:16 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Ashampoo
[2012/03/10 01:10:16 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Babylon
[2011/03/09 09:35:47 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Canneverbe Limited
[2010/04/11 14:47:45 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\DAEMON Tools Lite
[2011/10/23 01:44:27 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\DAEMON Tools Pro
[2011/09/02 00:12:30 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\ERS G-Studio
[2012/06/17 12:23:14 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\ERS Game Studios
[2010/04/10 00:54:47 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\ESET
[2011/03/04 11:01:10 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Faerie Solitaire
[2011/01/03 10:28:46 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Flood Light Games
[2011/08/22 19:42:07 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Foxreal
[2010/12/08 13:32:06 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\GHISLER
[2010/05/26 09:16:24 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Gold Casual Games
[2010/04/10 03:12:06 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\HP
[2010/04/10 00:50:43 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Identities
[2011/03/09 00:01:06 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\InfraRecorder
[2012/03/04 16:42:52 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\InstallShield
[2011/04/28 17:04:44 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\IrfanView
[2011/10/18 11:52:04 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Jetdogs Studios
[2011/10/28 00:50:39 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\LangSoft
[2010/04/13 14:56:36 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Leadertech
[2010/04/10 01:54:04 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Macromedia
[2011/01/03 12:29:51 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Magic Academy
[2012/03/09 00:54:44 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\MapFactor
[2011/10/16 11:47:46 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\md studio
[2009/07/14 09:50:31 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Media Center Programs
[2012/08/09 00:22:37 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Media Player Classic
[2012/06/21 22:27:44 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Meridian93
[2012/08/12 19:19:19 | 000,000,000 | --SD | M] -- C:\Users\Jožo\AppData\Roaming\Microsoft
[2011/02/03 13:43:58 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\mojosoft
[2012/03/12 17:43:11 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Mozilla
[2010/12/20 00:15:21 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Navigator
[2012/03/12 17:43:11 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Netscape
[2011/08/27 12:10:54 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Nokia
[2011/08/27 14:15:18 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\NVIDIA
[2011/06/04 13:16:04 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Opera
[2011/08/27 12:10:54 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\PC Suite
[2010/12/10 00:46:17 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\PDF Software
[2012/03/12 17:39:32 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Photodex
[2012/02/04 13:14:58 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\playmink
[2011/03/10 20:34:24 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Princess Isabella
[2011/05/03 07:51:44 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\PunkBuster
[2011/05/30 00:09:07 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\RealHideIP
[2011/09/17 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Rovio
[2010/12/31 02:46:16 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\SecuROM
[2010/12/03 18:21:52 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Shape games
[2012/08/18 00:03:50 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Skype
[2011/05/26 13:16:46 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\skypePM
[2011/01/03 04:08:11 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/03/31 09:06:02 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\StokedBigAir
[2012/06/21 22:11:55 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\TeamViewer
[2011/01/08 01:47:26 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Thunderbird
[2010/12/15 19:11:22 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Toshiba
[2012/03/07 23:53:05 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Touchstone
[2010/05/03 20:30:10 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\U3
[2010/04/14 23:31:58 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Ubisoft
[2010/12/17 14:21:53 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\URSE Games
[2011/10/09 13:50:56 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Vasilek Games
[2012/05/11 23:08:59 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\vlc
[2012/03/09 01:01:24 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Vso
[2010/04/10 02:49:21 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\WinRAR
[2011/10/10 00:10:32 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Xilisoft

< %APPDATA%\*.exe /s >
[2010/04/20 17:07:00 | 000,081,920 | ---- | M] () -- C:\Users\Jožo\AppData\Roaming\ezpinst.exe
[2012/03/09 01:01:23 | 000,087,608 | ---- | M] () -- C:\Users\Jožo\AppData\Roaming\inst.exe
[2010/04/11 23:38:11 | 000,107,832 | ---- | M] () -- C:\Users\Jožo\AppData\Roaming\PnkBstrB.exe
[2011/05/01 00:18:53 | 000,010,134 | R--- | M] () -- C:\Users\Jožo\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2011/02/17 23:46:25 | 000,835,440 | R--- | M] () -- C:\Users\Jožo\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
[2011/09/17 17:28:44 | 045,217,488 | ---- | M] (Rovio) -- C:\Users\Jožo\AppData\Roaming\Rovio\Angry Birds Rio\updates\Update\AngryBirdsRioInstaller_1.2.2.exe
[2008/08/26 17:49:54 | 000,110,592 | ---- | M] (U3 LLC) -- C:\Users\Jožo\AppData\Roaming\U3\42013107D6D0A81E\cleanup.exe
[2008/08/26 17:37:56 | 003,493,888 | ---- | M] (SanDisk Corporation) -- C:\Users\Jožo\AppData\Roaming\U3\42013107D6D0A81E\Launchpad Removal.exe
[2009/01/14 11:13:30 | 004,636,672 | ---- | M] (U3 LLC) -- C:\Users\Jožo\AppData\Roaming\U3\42013107D6D0A81E\Launchpad.exe
[2008/08/26 18:10:04 | 000,054,584 | ---- | M] (U3 LLC) -- C:\Users\Jožo\AppData\Roaming\U3\42013107D6D0A81E\U3AccessGrant.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011/10/22 23:46:12 | 000,443,448 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012/08/17 22:24:04 | 000,014,256 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/17 22:24:04 | 000,014,256 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/15 12:33:02 | 003,641,848 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2012/08/15 12:24:02 | 059,884,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MRT.exe
[2012/08/16 21:28:25 | 000,107,034 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012/08/16 21:28:25 | 000,618,714 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012/08/16 21:28:24 | 000,730,320 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2012/07/13 13:33:24 | 017,418,928 | R--- | M] (Skype Technologies S.A.)
"DAEMON Tools Pro Agent" = "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun -- [2011/03/17 10:15:04 | 000,842,048 | ---- | M] (DT Soft Ltd)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012/07/20 22:14:54 | 000,913,888 | ---- | M] (Mozilla Corporation) MD5=3F677172F23FC17283D9BCE4B42E3F65 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012/06/29 03:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=93569D46D79F9756ED077156496AFE23 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012/08/05 23:19:42 | 000,874,896 | ---- | M] (Opera Software) MD5=F594C0FB9F48829ADE080D07716739F1 -- C:\Program Files\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/08/17 23:42:35 | 000,000,512 | ---- | M] () MD5=7309B402135FD1276C3B633DDBE524FF -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012/08/14 22:52:47 | 000,000,742 | ---- | M] () -- \Users\Jožo\AppData\Roaming\Microsoft\Windows\Recent\Crack - TheRipper.lnk
[2012/08/14 22:39:18 | 000,000,305 | ---- | M] () -- \Users\Jožo\AppData\Roaming\Microsoft\Windows\Recent\crack.lnk
[2012/08/14 22:52:47 | 000,001,060 | ---- | M] () -- \Users\Jožo\AppData\Roaming\Microsoft\Windows\Recent\Medal.of.Honor.CrackOnly-TheRipper(PR0PER).lnk

< *keygen* /s >

[

< *loader* /s >
[2010/12/21 09:08:42 | 000,651,264 | ---- | M] () -- \Omega\Downloader.EXE
[2001/01/16 06:55:36 | 000,053,248 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\COLOADER.DLL
[2001/01/16 04:22:34 | 000,002,560 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\COLOADER.TLB
[2009/05/21 20:21:18 | 000,007,507 | ---- | M] () -- \Program Files\HP\Digital Imaging\HelpViewer\Resources\Loader.swf
[2009/09/20 12:15:26 | 000,030,776 | ---- | M] () -- \Program Files\HP\Digital Imaging\smart web printing\RsrcLoaderLib.dll
[2009/09/20 12:15:26 | 000,002,713 | ---- | M] () -- \Program Files\HP\Digital Imaging\smart web printing\MozillaAddOn3\xre\components\uriloader.xpt
[2009/05/31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009/12/26 22:02:26 | 000,054,688 | ---- | M] () -- \Program Files\Panasonic\VideoCam Suite 3.0\YouTubeUploaderMain.exe
[2009/12/26 21:58:00 | 003,361,792 | ---- | M] () -- \Program Files\Panasonic\VideoCam Suite 3.0\YTUploader.dll
[2009/11/26 11:56:24 | 000,000,112 | ---- | M] () -- \Program Files\Panasonic\VideoCam Suite 3.0\YTUploader.ini
[2009/12/26 21:45:24 | 000,150,016 | ---- | M] () -- \Program Files\Panasonic\VideoCam Suite 3.0\Core\Spec\AVCHD\BDCore\MediaLoader.dll
[2009/06/02 01:16:57 | 000,114,688 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2011/09/13 11:13:28 | 000,170,496 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate 6\medialoader0.dll
[2011/09/13 11:13:04 | 001,498,112 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate 6\vcloader.exe
[2011/09/13 11:13:28 | 000,000,665 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate 6\language\medialoader_br.qm
[2011/09/13 11:13:28 | 000,000,629 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate 6\language\medialoader_de.qm
[2011/09/13 11:13:28 | 000,000,023 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate 6\language\medialoader_en_US.qm
[2011/09/13 11:13:28 | 000,000,627 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate 6\language\medialoader_es.qm
[2011/09/13 11:13:28 | 000,000,669 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate 6\language\medialoader_fr.qm
[2011/09/13 11:13:28 | 000,000,629 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate 6\language\medialoader_it.qm
[2011/09/13 11:13:28 | 000,000,535 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate 6\language\medialoader_ja.qm
[2011/09/13 11:13:28 | 000,000,483 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate 6\language\medialoader_zh_CN.qm
[2011/09/13 11:13:28 | 000,000,489 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate 6\language\medialoader_zh_TW.qm
[2011/09/13 11:13:54 | 000,005,932 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate 6\plugins\loader.avsi
[2011/07/29 16:21:36 | 000,691,712 | ---- | M] () -- \Program Files\YoutubeDownloader.org\YoutubeDownloader\YouTube Downloader.dll
[2012/02/15 14:28:30 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/02/15 14:28:30 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012/02/15 14:28:30 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/02/15 14:28:30 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2011/12/28 20:28:39 | 000,007,456 | ---- | M] () -- \Users\Jožo\AppData\Local\SRDownloader.err
[2012/01/28 18:43:11 | 000,001,104 | ---- | M] () -- \Users\Jožo\AppData\Local\SRDownloader.nast
[2012/08/09 20:43:57 | 000,105,903 | ---- | M] () -- \Users\Jožo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0SGJ32PW\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012/08/09 05:27:09 | 000,010,519 | ---- | M] () -- \Users\Jožo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EYW34FMZ\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[1].js
[2012/08/09 20:43:56 | 000,000,753 | ---- | M] () -- \Users\Jožo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YB2V0JN8\AdLoader[1].htm
[2011/08/22 19:37:20 | 000,000,749 | ---- | M] () -- \Users\Jožo\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.youtubedownloadersite.com%2Ffavicon.png
[2011/08/22 19:43:34 | 000,000,060 | ---- | M] () -- \Users\Jožo\AppData\Roaming\Foxreal\youtube_flv_downloader_pro\youtube_flv_downloader_pro.ini
[2011/06/19 12:30:56 | 000,009,767 | ---- | M] () -- \Users\Jožo\AppData\Roaming\Mozilla\Firefox\Profiles\0mldpmmm.default\conduitCommon\modules\3.5.0.12\ExternalLibraryLoader.jsm
[2012/07/16 23:06:52 | 000,010,145 | ---- | M] () -- \Users\Jožo\AppData\Roaming\Mozilla\Firefox\Profiles\0mldpmmm.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\ExternalLibraryLoader.jsm
[2012/07/08 12:19:04 | 000,010,145 | ---- | M] () -- \Users\Jožo\AppData\Roaming\Mozilla\Firefox\Profiles\0mldpmmm.default\extensions\{da81b294-ed20-46ec-946b-565d182f3be1}\modules\ExternalLibraryLoader.jsm
[2010/04/10 03:26:17 | 000,000,003 | ---- | M] () -- \Windows\7Loader.TAG
[2 \Windows\*.tmp files -> \Windows\*.tmp -> ]
[2012/06/19 18:52:57 | 000,149,504 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\YouTubeUploaderMain\b208d7f7fd56c3c3dd4db3310887c2c3\YouTubeUploaderMain.ni.exe
[2012/06/19 18:52:58 | 003,770,368 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\YTUploader\d3b7725ad53ad3d639300ab80a71e990\YTUploader.ni.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/07/14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009/07/14 09:42:17 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 09:42:17 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009/07/14 09:42:17 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2011/03/03 03:31:03 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011/03/03 03:31:03 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011/03/03 03:31:03 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/14 09:41:36 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/08/19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009/08/19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010/11/20 06:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

========== Files - Unicode (All) ==========
[2010/04/12 15:10:50 | 000,000,000 | ---D | M](C:\Users\Jo?o\AppData\Roaming\Opera) -- C:\Users\Jo�o\AppData\Roaming\Opera

========== Alternate Data Streams ==========

@Alternate Data Stream - 170 bytes -> C:\ProgramData\TEMP:A31FAD21
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:3D36932D

< End of report >

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

c:\Windows\7Loader.TAG
C:\PhysicalMBR.bin
Kliknete na Choose file
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Scan It
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

Dejte i log Extras.txt

Takze

c:\Windows\7Loader.TAG

Kód: Vybrat vše

https://www.virustotal.com/file/6bdf66b5bf2a44e658bea2ee86695ab150a06e600bf67cd5cce245ad54962c61/analysis/1345326602/

C:\PhysicalMBR.bin

Kód: Vybrat vše

https://www.virustotal.com/file/aaf7b3f214a0ae45ad643a2cc107bbb52bc8a4b208b75c4a9591d3174c53b39a/analysis/1345326918/

ten extras log mi neotvorilo, aspon som ho nikde nenasiel, pretoze pustil som test..a skoro hodinu som cakal, stale to skenovalo tak som zaspal

takze robim test este raz...a potom tu hjodim este raz logy..

Jen se zeptam, pouzivate legalni operacni system = zakoupena licence na nej

Nie nemam Zakupenu Licenciu...ale doteraz mi pc šiel bez problemov...ako hodinka

čo sa tyka logu...tak mi to robi strašne dlho tie logy..a teraz mi nevyhodilo po hodine a pol ani jeden ani druhy

Jozo309 píše:Nie nemam Zakupenu Licenciu

Nejste tu poprve abyste jiz mohl znat pravidla fora a ty hovori zcela jasne nemyslite?

Takze co ted s tim?

Tak to ja netuším. Myslím si že polovica ľudí, ktorý tu su registrovaný, tak nemaju licenciu.

Da sa s tym niečo robiť? S mojim PC ?

Neni nad to se vymlouvat na ostatni ze oni to delaj tak ze

Na ten ESET mate aspon licenci koupenou nebo je tez nejak obejita tato povinnost?

Tentokrate kontrolu dokoncime, priste bude pomoc odmitnuta na zaklade platnych pravidel fora

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\VcommMgr.sys -- (VcommMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VComm.sys -- (VComm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LV302V32.SYS -- (PID_PEPI)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lv302af.sys -- (pepifilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btcusb.sys -- (Btcsrusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\appliand.sys -- (appliandMP)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (afeqbn37)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (acv57srv)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKU\S-1-5-21-1876732673-3808273629-2673023108-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKU\S-1-5-21-1876732673-3808273629-2673023108-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0B CD FB 28 C8 EA CA 01 [binary data]
IE - HKU\S-1-5-21-1876732673-3808273629-2673023108-1001\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-1876732673-3808273629-2673023108-1001\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKU\S-1-5-21-1876732673-3808273629-2673023108-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1876732673-3808273629-2673023108-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://isearch.babylon.com/web/{searchTerms}?babsrc=browsersearch&babsrc=SP_ss&mntrId=aca0df9e000000000000001d60f83c65
IE - HKU\S-1-5-21-1876732673-3808273629-2673023108-1001\..\SearchScopes\{AB79D3B4-AEDB-428a-B504-BAC00521A1C7}: "URL" = http://www.landing.savetubevideo.com/in ... ?from=4&q={searchTerms}
IE - HKU\S-1-5-21-1876732673-3808273629-2673023108-1001\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Gamebario2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..keyword.URL: "http://isearch.babylon.com/?babsrc=adbartrp&babsrc=SP_ss&mntrId=aca0df9e000000000000001d60f83c65&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2652911&SearchSource=3&q={searchTerms}"
[2012/07/17 16:12:35 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Jožo\AppData\Roaming\mozilla\Firefox\Profiles\0mldpmmm.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2012/07/09 10:27:37 | 000,000,000 | ---D | M] (Gamebario2 Community Toolbar) -- C:\Users\Jožo\AppData\Roaming\mozilla\Firefox\Profiles\0mldpmmm.default\extensions\{da81b294-ed20-46ec-946b-565d182f3be1}
[2010/11/17 22:32:05 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Jožo\AppData\Roaming\mozilla\Firefox\Profiles\0mldpmmm.default\extensions\engine@conduit.com
[2012/03/10 01:10:39 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Jožo\AppData\Roaming\mozilla\Firefox\Profiles\0mldpmmm.default\extensions\ffxtlbr@babylon.com
[2011/04/05 08:54:48 | 000,000,000 | ---D | M] (GamePlayLabs Plugin) -- C:\Users\Jožo\AppData\Roaming\mozilla\Firefox\Profiles\0mldpmmm.default\extensions\plugin2@gameplaylabs.com
[2011/08/22 19:50:11 | 000,002,133 | ---- | M] () -- C:\Users\Jožo\AppData\Roaming\Mozilla\Firefox\Profiles\0mldpmmm.default\searchplugins\GoogleFeed.xml
[2012/03/28 18:18:06 | 000,003,916 | ---- | M] () -- C:\Users\Jožo\AppData\Roaming\Mozilla\Firefox\Profiles\0mldpmmm.default\searchplugins\sweetim.xml
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O13 - gopher Prefix: missing
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{105a402b-56cb-11df-9ce7-001d60f83c65}\Shell - "" = AutoRun
O33 - MountPoints2\{164005c0-d587-11df-9129-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7eb81d0d-2d0b-11e0-a0ac-001d60f83c65}\Shell - "" = AutoRun
O33 - MountPoints2\{d02581de-70c4-11df-85ab-001d60f83c65}\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell - "" = AutoRun
[2012/03/10 01:10:16 | 000,000,000 | ---D | M] -- C:\Users\Jožo\AppData\Roaming\Babylon
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]
@Alternate Data Stream - 170 bytes -> C:\ProgramData\TEMP:A31FAD21
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:3D36932D

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"Adobe ARM"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=-
"DAEMON Tools Pro Agent"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit ci Run FIX
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Takže ESET som mal zakupeny, ale už ho nepouživm, momentalne použivam comodo ale čoskoro ešte dnes prejdem na MSE antivirus.

Ten skript som vložil, ako ste mi vraveli, niečo robilo, reštartovalo a log mi nevyhodilo

Skusim spustiť scan ešte raz.

Pripadne OTL spustte v nouzovem rezimu

VIRY.CZ

Kontrola logu - Spomaleny PC

Kontrola logu - Spomaleny PC

Re: Kontrola logu - Spomaleny PC

Re: Kontrola logu - Spomaleny PC

Re: Kontrola logu - Spomaleny PC

Re: Kontrola logu - Spomaleny PC

Re: Kontrola logu - Spomaleny PC

Re: Kontrola logu - Spomaleny PC

Re: Kontrola logu - Spomaleny PC

Re: Kontrola logu - Spomaleny PC

Re: Kontrola logu - Spomaleny PC

Re: Kontrola logu - Spomaleny PC

Re: Kontrola logu - Spomaleny PC

Re: Kontrola logu - Spomaleny PC

Re: Kontrola logu - Spomaleny PC

Re: Kontrola logu - Spomaleny PC