VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Skype vir

https://forum.viry.cz:443/viewtopic.php?t=126486

Stránka 2 z 3

Re: Skype vir

Napsal: 18 pro 2012 14:48
od lokem22
Dobrý den, píše mi to, že emailová adresa je neplatná..já sem sem to heslo zapomněl dát..heslo je qoobox.

Re: Skype vir

Napsal: 18 pro 2012 22:44
od vyosek
:arrow: Jaka emailovka je neplatna? Ta moje, akorat tam misto (leklaryba) date @ :D

:arrow: Stahnete SytemLook http://jpshortstuff.247fixes.com/SystemLook.exe a ulozte jej na plochu
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    :dir
c:\users\Martin\AppData\Roaming /sub
  • Kliknete na Look
  • Tlacitko Look se zmeni na Scanning a zsedne
  • Pockejte pokud se tlacitko Scanning opet nezmeni na Look - tak poznate ze SystemLook dokoncil svou praci
  • Vyskoci na Vas log s nazvem SystemLook (pripadne bude ulozen na plose), jeho obsah mi sem vlozte

Re: Skype vir

Napsal: 23 pro 2012 23:12
od vyosek
Omlouvam se, uplne mi to zapadlo :oops:

:arrow: Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/
  • Ulozte nejlepe na Plochu a rozbalte
  • Spustte kliknutim na mbanr
  • Nyni postupne kliknete na Next a Update
  • Po dokonceni update (aktualizace) databaze kliknete opet na Next
  • Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
  • Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
  • Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
  • Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
  • PC bude restartovan
  • Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

Re: Skype vir

Napsal: 24 pro 2012 12:06
od lokem22
Zdravím

Malwarebytes Anti-Rootkit 1.01.0.1011
www.malwarebytes.org

Database version: v2012.12.24.03

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Martin :: MARTIN-PC [administrator]

24.12.2012 12:04:54
mbar-log-2012-12-24 (12-04-54).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 36103
Time elapsed: 6 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Re: Skype vir

Napsal: 24 pro 2012 21:35
od vyosek
:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
  • Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Re: Skype vir

Napsal: 25 pro 2012 19:46
od lokem22
OTL logfile created on: 25.12.2012 19:10:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Martin\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,04 Gb Available Physical Memory | 34,58% Memory free
6,00 Gb Paging File | 3,38 Gb Available in Paging File | 56,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 68,26 Gb Total Space | 29,77 Gb Free Space | 43,61% Space Free | Partition Type: NTFS
Drive D: | 229,73 Gb Total Space | 23,44 Gb Free Space | 10,20% Space Free | Partition Type: NTFS
Drive G: | 2,39 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: MARTIN-PC | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.12.25 19:05:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
PRC - [2012.12.21 11:43:56 | 000,541,760 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2012.12.12 16:54:36 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
PRC - [2012.12.04 11:53:02 | 001,354,736 | ---- | M] (Valve Corporation) -- D:\Hry\Steam\Steam.exe
PRC - [2012.12.02 20:19:38 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.11.21 22:56:07 | 000,135,170 | ---- | M] () -- C:\Program Files\AFLICS\AfterFLICS.exe
PRC - [2012.11.18 14:10:31 | 000,127,040 | ---- | M] (ICQ, LLC.) -- C:\Program Files\ICQ7M\ICQ.exe
PRC - [2012.09.21 14:13:16 | 001,044,816 | ---- | M] (Flexera Software, Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2012.08.28 14:52:56 | 003,671,904 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2012.08.20 12:22:52 | 000,896,400 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2012.07.28 03:10:10 | 000,469,504 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012.07.28 03:09:30 | 000,217,600 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.06.22 09:32:12 | 000,625,816 | ---- | M] (Pandora.TV) -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
PRC - [2012.03.07 10:57:20 | 009,108,320 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\Autodesk\3ds Max 2013\3dsmax.exe
PRC - [2012.01.18 18:37:34 | 000,350,656 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe
PRC - [2011.09.14 23:19:54 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_32server.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.06.26 06:17:02 | 000,724,992 | ---- | M] () -- C:\Program Files\GIGABYTE\GHOST\Tilt.exe
PRC - [2009.03.12 16:36:24 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
PRC - [2008.07.19 15:38:34 | 000,078,008 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2008.07.19 15:38:28 | 000,147,640 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2008.07.19 15:38:04 | 000,250,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2008.07.19 15:34:56 | 000,348,344 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2008.07.19 15:25:06 | 000,016,056 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe


========== Modules (No Company Name) ==========

MOD - [2012.12.21 11:44:00 | 000,647,168 | ---- | M] () -- D:\Hry\Steam\sdl.dll
MOD - [2012.12.21 11:43:55 | 020,320,240 | ---- | M] () -- D:\Hry\Steam\bin\libcef.dll
MOD - [2012.12.21 11:43:55 | 000,969,280 | ---- | M] () -- D:\Hry\Steam\bin\chromehtml.dll
MOD - [2012.12.21 11:43:55 | 000,124,416 | ---- | M] () -- D:\Hry\Steam\bin\avutil-51.dll
MOD - [2012.12.21 11:43:54 | 001,100,800 | ---- | M] () -- D:\Hry\Steam\bin\avcodec-53.dll
MOD - [2012.12.21 11:43:54 | 000,192,000 | ---- | M] () -- D:\Hry\Steam\bin\avformat-53.dll
MOD - [2012.12.12 16:54:36 | 014,586,296 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_135.dll
MOD - [2012.12.02 20:19:38 | 002,397,152 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.09.02 18:30:26 | 000,247,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\2ade7e85654373a9c7bb9ce52402b8c6\WindowsFormsIntegration.ni.dll
MOD - [2012.09.02 18:29:41 | 002,452,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\83690797b64c0ad9a4673b7b6b2b0856\Microsoft.JScript.ni.dll
MOD - [2012.09.02 18:28:03 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\69e0779d48242f6256a12cbe0c6e4c53\UIAutomationProvider.ni.dll
MOD - [2012.09.02 18:27:38 | 001,637,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\3c7430a68f3a56dbbe91ba80fc45c035\PresentationUI.ni.dll
MOD - [2012.09.02 18:27:13 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\5a4de0d567696567ddd0ad7ddf4a9e0d\System.Xaml.ni.dll
MOD - [2012.09.02 18:27:06 | 000,044,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\1674f6fb3b91fa91c93a41b99029be4c\Accessibility.ni.dll
MOD - [2012.09.02 17:47:38 | 018,000,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\36deec24b4a6ba94f4cad9c3206abf2c\PresentationFramework.ni.dll
MOD - [2012.09.02 17:47:35 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\276f7b53f15e66e518278753c57b78b2\System.Configuration.ni.dll
MOD - [2012.09.02 17:47:32 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\717c6a68a2ad575e93bccc52a11f7c52\System.Xml.ni.dll
MOD - [2012.09.02 17:47:23 | 013,102,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\adeb9af3c309921ae1b7fb8a621ee243\System.Windows.Forms.ni.dll
MOD - [2012.09.02 17:47:23 | 006,811,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\9876f9c772d11cfc95c3ce57ed3e641d\System.Data.ni.dll
MOD - [2012.09.02 17:47:18 | 011,450,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\5daeba02f31cbc36d2c38b5d452c5378\PresentationCore.ni.dll
MOD - [2012.09.02 17:47:15 | 001,652,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5c5b46515e207b2025a474340de7ae15\System.Drawing.ni.dll
MOD - [2012.09.02 17:47:12 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\e09bc975f73e4bc24ab3eb7f6373288e\System.Core.ni.dll
MOD - [2012.09.02 17:47:09 | 003,857,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\53f3344ee53bc8692a3c8c6dfbadd66c\WindowsBase.ni.dll
MOD - [2012.09.02 17:47:06 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b56374e1f5605ecb6d2630fb2ef1eb53\PresentationFramework.Aero.ni.dll
MOD - [2012.09.02 17:47:05 | 009,086,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\68131da3061b5a1c048abf73c5bae11d\System.ni.dll
MOD - [2012.09.02 17:47:00 | 014,407,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ac9bfacce80c52220e4b4b3a814aaa3d\mscorlib.ni.dll
MOD - [2012.03.07 11:03:34 | 000,028,000 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\ThreadingTools.dll
MOD - [2012.03.07 11:01:18 | 000,038,752 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\stdplugs\Maxscript.Diagnostics.dlx
MOD - [2012.03.07 11:00:28 | 000,205,664 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\stdplugs\FbxFileLink.dfl
MOD - [2012.03.07 11:00:22 | 001,166,176 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\stdplugs\emproxymxs.dlx
MOD - [2012.03.07 10:58:48 | 000,041,824 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\pickonlygfx.drv
MOD - [2012.03.07 10:58:42 | 000,201,056 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\OgsExtWorld.dll
MOD - [2012.03.07 10:58:40 | 002,357,600 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\OgsExtRendering.dll
MOD - [2012.03.07 10:58:40 | 000,317,792 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\OgsExtEffect.dll
MOD - [2012.03.07 10:58:38 | 000,244,064 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\OgsExtDevice.dll
MOD - [2012.03.07 10:58:30 | 000,316,256 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\MetaSLCompiler.dll
MOD - [2012.03.07 10:58:22 | 000,012,640 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\MaxQtBridge.dll
MOD - [2012.03.07 10:58:14 | 000,083,808 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\MaxExplorerBindings.dll
MOD - [2012.03.07 10:58:02 | 000,088,928 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\GraphicsUtility.dll
MOD - [2012.03.07 10:58:00 | 000,018,272 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\gmiloader.dll
MOD - [2012.03.07 10:57:58 | 000,012,640 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\GlobalNormalDataGenerators.dll
MOD - [2012.03.07 10:57:36 | 000,124,768 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\CacheFilePackage.dll
MOD - [2012.03.07 10:57:30 | 000,054,112 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\bin\assemblies\ManagedNetworkUtilities.dll
MOD - [2012.03.07 10:57:24 | 000,065,888 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\assetmanagement.dll
MOD - [2012.03.07 08:29:52 | 014,775,808 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\bin\assemblies\Autodesk.Max.Wrappers.dll
MOD - [2012.03.07 06:54:30 | 000,547,840 | ---- | M] () -- c:\Program Files\Autodesk\3ds Max 2013\stdplugs\(MassFX)\ContentCoreShared.dll
MOD - [2012.03.07 06:54:20 | 000,030,208 | ---- | M] () -- c:\Program Files\Autodesk\3ds Max 2013\stdplugs\PhysX.dlm
MOD - [2012.03.07 06:54:12 | 001,713,664 | ---- | M] () -- c:\Program Files\Autodesk\3ds Max 2013\stdplugs\(MassFX)\Plugins\Main.dlmp
MOD - [2012.03.07 06:52:24 | 004,358,656 | ---- | M] () -- c:\Program Files\Autodesk\3ds Max 2013\stdplugs\(MassFX)\ContentCorePhysx2.dll
MOD - [2012.02.17 19:55:36 | 000,166,912 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2012.01.26 22:55:04 | 000,554,496 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\substance_sse2_blend.dll
MOD - [2012.01.10 23:23:26 | 000,197,632 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\substance_linker.dll
MOD - [2011.12.06 22:48:32 | 003,705,856 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\synHub.dll
MOD - [2011.11.15 22:45:00 | 000,757,760 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\gen_fx.dll
MOD - [2011.09.21 22:38:30 | 000,560,128 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\AshliFX.dll
MOD - [2011.09.07 10:27:28 | 000,037,824 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\QtSolutions_MFCMigrationFramework_Ad_2.dll
MOD - [2011.04.29 13:27:16 | 001,001,408 | ---- | M] () -- C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\libxml2.dll
MOD - [2011.04.29 13:23:08 | 000,310,208 | ---- | M] () -- C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_engine.dll
MOD - [2011.04.29 13:23:08 | 000,121,280 | ---- | M] () -- C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axiom.dll
MOD - [2011.04.29 13:23:08 | 000,104,896 | ---- | M] () -- C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axutil.dll
MOD - [2011.04.29 13:23:08 | 000,086,976 | ---- | M] () -- C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\neethi.dll
MOD - [2011.04.29 13:23:08 | 000,030,144 | ---- | M] () -- C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_parser.dll
MOD - [2009.06.26 06:17:02 | 000,724,992 | ---- | M] () -- C:\Program Files\GIGABYTE\GHOST\Tilt.exe


========== Services (SafeList) ==========

SRV - [2012.12.21 11:43:56 | 000,541,760 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.12.12 16:54:36 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.02 20:19:38 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.11.21 22:56:07 | 000,135,170 | ---- | M] () [Auto | Running] -- C:\Program Files\AFLICS\AfterFLICS.exe -- (AfterFLICS v3)
SRV - [2012.09.21 14:13:16 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.07.28 03:09:30 | 000,217,600 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.22 09:32:12 | 000,625,816 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2011.09.14 23:19:54 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_32server.exe -- (mi-raysat_3dsmax2013_32)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.03.12 16:36:24 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe -- (mi-raysat_3dsmax2010_32)
SRV - [2008.07.19 15:38:28 | 000,147,640 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2008.07.19 15:38:04 | 000,250,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2008.07.19 15:34:56 | 000,348,344 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2008.07.19 15:25:06 | 000,016,056 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Martin\AppData\Local\Temp\CFcatchme.sys -- (CFcatchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Martin\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012.09.06 16:09:30 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.07.28 05:06:48 | 008,758,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012.07.28 02:14:22 | 000,296,448 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012.05.14 07:12:28 | 000,086,656 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.13 23:02:53 | 000,657,408 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2008.07.19 15:37:42 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008.07.19 15:36:03 | 000,051,280 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2008.07.19 15:35:18 | 000,078,416 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2008.07.19 15:33:42 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008.07.19 15:32:36 | 000,042,912 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-2514172838-1309040562-4224439681-1000\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://www.google.com
IE - HKU\S-1-5-21-2514172838-1309040562-4224439681-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2514172838-1309040562-4224439681-1000\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2514172838-1309040562-4224439681-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2514172838-1309040562-4224439681-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2514172838-1309040562-4224439681-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTer ... 1f1f8e1039
IE - HKU\S-1-5-21-2514172838-1309040562-4224439681-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: 2020Player_IKEA%402020Technologies.com:5.0.94.0
FF - prefs.js..extensions.enabledAddons: %7B64161300-e22b-11db-8314-0800200c9a66%7D:0.9.6.10
FF - prefs.js..extensions.enabledAddons: %7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.6
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..keyword.URL: ""
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.02 20:19:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012.08.20 11:39:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Extensions
[2012.10.24 20:30:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0wym3m74.default\extensions
[2012.08.27 18:25:41 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0wym3m74.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.09.08 10:54:13 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0wym3m74.default\extensions\2020Player_IKEA@2020Technologies.com
[2012.10.10 21:50:24 | 000,281,285 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0wym3m74.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
[2012.12.02 20:19:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.12.02 20:19:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2012.12.02 20:19:32 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.12.02 20:19:38 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.07.14 03:30:04 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.07.14 03:30:04 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.07.14 03:30:05 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.07.14 03:30:05 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.07.14 03:30:05 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2012.12.16 20:38:24 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Tilt] C:\Program Files\GIGABYTE\GHOST\Tilt.exe ()
O4 - HKU\S-1-5-21-2514172838-1309040562-4224439681-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2514172838-1309040562-4224439681-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2514172838-1309040562-4224439681-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2514172838-1309040562-4224439681-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A1F2417C-E1BF-4B1B-A3EA-F5385E8B1AFD}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.09.06 18:17:35 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012.09.24 22:05:27 | 000,000,000 | ---D | M] - D:\Autodesk Entertainment Creation Suite 2013 -- [ NTFS ]
O32 - AutoRun File - [2010.03.22 05:24:08 | 000,000,175 | R--- | M] () - G:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.tscc - C:\Windows\System32\tsccvid.dll (TechSmith Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.12.25 19:05:19 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2012.12.24 11:57:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.24 11:57:07 | 000,000,000 | ---D | C] -- C:\Users\Martin\Desktop\mbar
[2012.12.22 15:08:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX
[2012.12.19 17:51:27 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\TS3Client
[2012.12.19 17:51:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2012.12.19 17:51:11 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2012.12.19 15:05:49 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.12.16 20:38:22 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\temp
[2012.12.16 20:32:38 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.16 20:31:07 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012.12.12 22:28:39 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.12.12 22:28:39 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.12.12 22:28:39 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.12.12 22:28:31 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.12 22:24:21 | 005,010,912 | R--- | C] (Swearware) -- C:\Users\Martin\Desktop\ComboFix.exe
[2012.12.12 21:44:09 | 000,000,000 | ---D | C] -- C:\rsit
[2012.12.10 20:36:39 | 000,000,000 | ---D | C] -- C:\Users\Martin\Desktop\Sešity
[2012.12.09 20:43:23 | 000,000,000 | ---D | C] -- C:\Users\Martin\Desktop\Elektrárna
[2012.12.09 14:13:22 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Xilisoft
[2012.12.03 21:25:48 | 000,000,000 | ---D | C] -- C:\Users\Martin\Desktop\Most
[2012.12.02 20:19:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.12.01 16:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Výuka ZAV
[2012.12.01 16:06:36 | 000,000,000 | ---D | C] -- C:\Program Files\ZAV1
[2012.12.01 12:21:57 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\Microsoft Hardware
[2012.12.01 11:30:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PANDORATV
[2012.11.30 14:33:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard
[2012.11.30 14:33:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliType Pro
[2012.11.29 23:31:49 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\My Games
[2012.11.29 23:31:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Orbit
[2012.11.29 23:24:08 | 000,000,000 | ---D | C] -- C:\Users\Martin\Desktop\Nová složka (3)
[2012.11.29 23:21:23 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012.11.28 19:59:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamePark
[2012.11.28 19:59:33 | 000,000,000 | ---D | C] -- C:\Program Files\GamePark
[2012.11.28 17:48:38 | 000,000,000 | ---D | C] -- C:\Users\Martin\Desktop\Alexmander 13
[2012.11.28 17:37:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2012.10.09 12:49:56 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files\Common Files\atimpenc.dll

========== Files - Modified Within 30 Days ==========

[2012.12.25 19:12:53 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.12.25 19:05:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2012.12.25 13:13:39 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.25 13:13:39 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.25 13:05:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.25 13:05:21 | 2415,321,088 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.24 17:46:45 | 000,665,706 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.12.24 17:46:45 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.24 17:46:45 | 000,139,402 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.12.24 17:46:45 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.24 11:56:56 | 013,485,902 | ---- | M] () -- C:\Users\Martin\Desktop\mbar-1.01.0.1011.zip
[2012.12.23 22:26:56 | 000,139,048 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012.12.23 22:26:51 | 000,282,296 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2012.12.23 22:25:44 | 000,282,296 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2012.12.22 15:08:07 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Hitman Absolution - Professional Edition.lnk
[2012.12.22 14:39:24 | 008,392,620 | ---- | M] () -- C:\Users\Martin\Desktop\Mika---We-Are-Golden.mp3
[2012.12.22 12:52:27 | 000,152,944 | ---- | M] () -- C:\Users\Martin\Desktop\Generator.FBX
[2012.12.22 12:52:07 | 000,638,976 | ---- | M] () -- C:\Users\Martin\Desktop\Generátor3.max
[2012.12.22 01:42:21 | 000,380,928 | ---- | M] () -- C:\Users\Martin\Desktop\Generátor2.max
[2012.12.22 01:27:37 | 000,221,184 | ---- | M] () -- C:\Users\Martin\Desktop\Generátor.max
[2012.12.20 13:46:37 | 003,811,232 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.19 17:51:15 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2012.12.16 20:38:24 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.12.16 20:30:45 | 005,010,912 | R--- | M] (Swearware) -- C:\Users\Martin\Desktop\ComboFix.exe
[2012.12.13 22:39:20 | 000,017,967 | ---- | M] () -- C:\Windows\System32\drivers\etc\services
[2012.12.12 16:54:36 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.12.12 16:54:36 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.12.10 20:20:16 | 000,000,132 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
[2012.12.07 17:23:52 | 000,000,132 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Filtr IIIExport Adobe CS6 – předvolby
[2012.12.01 21:58:27 | 000,000,912 | ---- | M] () -- C:\Users\Martin\Desktop\ZAV.exe.lnk
[2012.11.30 14:35:41 | 000,001,345 | ---- | M] () -- C:\Users\Martin\Desktop\arma2.exe.lnk
[2012.11.30 14:35:27 | 000,001,547 | ---- | M] () -- C:\Users\Martin\Desktop\ArmA2OA.exe.lnk
[2012.11.28 17:38:22 | 000,000,671 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk
[2012.11.28 17:38:22 | 000,000,671 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk
[2012.11.28 17:37:59 | 000,022,328 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\PnkBstrK.sys
[2012.11.28 17:37:32 | 000,000,300 | ---- | M] () -- C:\Windows\game.ini

========== Files Created - No Company Name ==========

[2012.12.25 19:12:53 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.12.24 11:56:22 | 013,485,902 | ---- | C] () -- C:\Users\Martin\Desktop\mbar-1.01.0.1011.zip
[2012.12.22 15:08:07 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Hitman Absolution - Professional Edition.lnk
[2012.12.22 14:38:55 | 008,392,620 | ---- | C] () -- C:\Users\Martin\Desktop\Mika---We-Are-Golden.mp3
[2012.12.22 12:52:27 | 000,152,944 | ---- | C] () -- C:\Users\Martin\Desktop\Generator.FBX
[2012.12.22 12:40:43 | 000,638,976 | ---- | C] () -- C:\Users\Martin\Desktop\Generátor3.max
[2012.12.22 01:42:21 | 000,380,928 | ---- | C] () -- C:\Users\Martin\Desktop\Generátor2.max
[2012.12.22 01:27:37 | 000,221,184 | ---- | C] () -- C:\Users\Martin\Desktop\Generátor.max
[2012.12.21 12:07:45 | 000,139,048 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012.12.21 12:07:24 | 000,282,296 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012.12.21 12:07:19 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012.12.19 17:51:15 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2012.12.12 22:28:39 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.12.12 22:28:39 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.12.12 22:28:39 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.12.12 22:28:39 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.12.12 22:28:39 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.12.07 17:23:52 | 000,000,132 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\Filtr IIIExport Adobe CS6 – předvolby
[2012.12.01 21:58:27 | 000,000,912 | ---- | C] () -- C:\Users\Martin\Desktop\ZAV.exe.lnk
[2012.11.30 14:35:43 | 000,001,345 | ---- | C] () -- C:\Users\Martin\Desktop\arma2.exe.lnk
[2012.11.30 14:35:33 | 000,001,547 | ---- | C] () -- C:\Users\Martin\Desktop\ArmA2OA.exe.lnk
[2012.11.28 17:38:22 | 000,000,671 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk
[2012.11.28 17:38:22 | 000,000,671 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk
[2012.11.28 17:37:31 | 000,000,300 | ---- | C] () -- C:\Windows\game.ini
[2012.10.29 17:00:45 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2012.09.17 15:32:36 | 000,000,132 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
[2012.08.25 20:50:50 | 000,000,132 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\Adobe Formát GIF CS6 – předvolby
[2012.08.20 20:49:15 | 000,022,328 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\PnkBstrK.sys
[2012.08.20 11:31:56 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012.08.20 11:05:33 | 000,001,024 | ---- | C] () -- C:\Users\Martin\.rnd
[2012.08.20 10:49:42 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.07.28 02:30:54 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2012.07.28 02:30:54 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012.07.27 21:47:36 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012.06.21 08:06:04 | 003,233,712 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2012.04.12 20:30:10 | 000,637,743 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012.02.27 22:07:20 | 000,057,344 | R--- | C] () -- C:\Windows\System32\XSIChooser.exe
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.10.01 17:16:54 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\AnvSoft
[2012.12.13 22:46:16 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Autodesk
[2012.11.04 11:37:59 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\CrystalIdea Software
[2012.10.25 12:52:39 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
[2012.12.25 17:40:14 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\ICQ
[2012.08.20 14:07:55 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\ImTOO
[2012.10.01 16:26:45 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\MAXON
[2012.08.20 14:46:26 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Publish Providers
[2012.09.29 15:20:43 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sony
[2012.11.05 18:47:16 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sony Creative Software Inc
[2012.08.23 12:08:05 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.09.29 15:46:59 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\systweak
[2012.11.20 23:28:51 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Theta
[2012.12.20 15:40:57 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\TS3Client
[2012.09.25 13:36:09 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Ubisoft
[2012.12.25 19:14:30 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\uTorrent
[2012.12.09 19:50:17 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Xilisoft
[2012.10.21 15:17:07 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Youtube Downloader HD

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 05:53:46 | 000,032,594 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\erdnt\cache\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\erdnt\cache\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\erdnt\cache\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\erdnt\cache\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\erdnt\cache\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\System32\drivers\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\erdnt\cache\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\erdnt\cache\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\System32\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[13 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.10.03 22:57:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Adobe
[2012.10.01 17:16:54 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\AnvSoft
[2012.09.08 20:42:32 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Apple Computer
[2012.12.13 22:46:16 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Autodesk
[2012.11.04 11:37:59 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\CrystalIdea Software
[2012.10.25 12:52:39 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
[2012.12.25 17:40:14 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\ICQ
[2012.08.20 10:27:41 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Identities
[2012.08.20 14:07:55 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\ImTOO
[2012.08.20 11:14:00 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Macromedia
[2012.10.01 16:26:45 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\MAXON
[2009.07.14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Media Center Programs
[2012.12.19 15:10:13 | 000,000,000 | --SD | M] -- C:\Users\Martin\AppData\Roaming\Microsoft
[2012.08.20 11:39:59 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Mozilla
[2012.08.20 11:07:46 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Nero
[2012.08.20 14:46:26 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Publish Providers
[2012.12.25 19:18:33 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Skype
[2012.09.29 15:20:43 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sony
[2012.11.05 18:47:16 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sony Creative Software Inc
[2012.08.23 12:08:05 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.09.29 15:46:59 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\systweak
[2012.11.20 23:28:51 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Theta
[2012.12.20 15:40:57 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\TS3Client
[2012.09.25 13:36:09 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Ubisoft
[2012.12.25 19:20:29 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\uTorrent
[2012.08.20 11:00:50 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\WinRAR
[2012.12.09 19:50:17 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Xilisoft
[2012.10.21 15:17:07 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Youtube Downloader HD

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >
[2012.12.23 22:26:56 | 000,139,048 | ---- | M] () -- C:\Windows\system32\drivers\PnkBstrK.sys

< %systemroot%\system32\*.* /3 >
[2012.12.25 13:13:39 | 000,014,016 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.25 13:13:39 | 000,014,016 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.24 17:46:45 | 000,139,402 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.12.24 17:46:45 | 000,120,382 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.12.24 17:46:45 | 000,665,706 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.12.24 17:46:45 | 000,651,450 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.12.24 17:46:45 | 001,575,230 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2012.12.23 22:25:44 | 000,282,296 | ---- | M] () -- C:\Windows\system32\PnkBstrB.ex0
[2012.12.23 22:26:51 | 000,282,296 | ---- | M] () -- C:\Windows\system32\PnkBstrB.exe
[2012.12.23 22:26:51 | 000,282,296 | ---- | M] () -- C:\Windows\system32\PnkBstrB.xtr

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"uTorrent" = "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED -- [2012.08.20 12:22:52 | 000,896,400 | ---- | M] (BitTorrent, Inc.)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012.08.28 14:52:56 | 003,671,904 | ---- | M] (DT Soft Ltd)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.12.02 20:19:38 | 000,916,960 | ---- | M] (Mozilla Corporation) MD5=5744FFF8E72D105C138DAE9E17BB29FE -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.07.14 02:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.12.25 19:12:53 | 000,000,512 | ---- | M] () MD5=85B8329A5681BBB0B7A0866FEFA823DE -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2008.08.07 10:28:04 | 001,159,409 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CS4\Support Files\Presets\Image - Special Effects\Cracked Tiles.ffx
[2001.08.14 12:31:08 | 000,030,054 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\Inventor Server\Textures\surfaces\Cracks.bmp
[2011.09.14 22:27:36 | 000,008,428 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\maps\Substance\textures\Cracked_Plaster.sbsar
[2011.05.06 11:30:44 | 002,267,256 | ---- | M] () -- \Program Files\Autodesk\Mudbox 2012\stamps\rgb_crackedFun1.tif
[2011.05.06 11:30:46 | 001,539,420 | ---- | M] () -- \Program Files\Autodesk\Mudbox 2012\stamps\rgb_mudCracks.tif
[2011.05.06 11:30:52 | 000,023,048 | ---- | M] () -- \Program Files\Autodesk\Mudbox 2012\stamps\thumbnails\rgb_crackedFun1.tif
[2011.05.06 11:30:54 | 000,031,528 | ---- | M] () -- \Program Files\Autodesk\Mudbox 2012\stamps\thumbnails\rgb_mudCracks.tif
[2001.08.14 14:31:08 | 000,030,054 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\DirectConnect2013\bin\Aruba\Inventor Server\Textures\surfaces\Cracks.bmp
[2012.12.13 22:33:22 | 000,000,308 | ---- | M] () -- \Users\Martin\AppData\Roaming\Microsoft\Windows\Recent\Crack.lnk
[2012.11.19 18:09:49 | 000,039,653 | ---- | M] () -- \Users\Martin\AppData\Roaming\uTorrent\Assassins.Creed.3.Cracked-P2P.1.torrent
[2012.11.19 18:09:49 | 000,039,653 | ---- | M] () -- \Users\Martin\AppData\Roaming\uTorrent\Assassins.Creed.3.Cracked-P2P.torrent
[2012.08.20 20:54:14 | 000,010,617 | ---- | M] () -- \Users\Martin\AppData\Roaming\uTorrent\Battlefield.3.CRACK.ONLY-RELOADED.rar.torrent
[2012.09.24 22:16:12 | 000,005,688 | ---- | M] () -- \Users\Martin\AppData\Roaming\uTorrent\Exkluzivní obsah + crack.rar.torrent
[2012.10.25 10:00:13 | 000,012,960 | ---- | M] () -- \Users\Martin\AppData\Roaming\uTorrent\Medal of Honor Warfighter crack only-FLT + update-FLT.torrent
[2009.12.02 10:58:30 | 002,267,256 | ---- | M] () -- \Users\Martin\Documents\Mudbox\2010\data\Stamps\rgb_crackedFun1.tif
[2009.12.02 10:58:36 | 001,539,420 | ---- | M] () -- \Users\Martin\Documents\Mudbox\2010\data\Stamps\rgb_mudCracks.tif
[2009.12.02 10:58:54 | 000,023,048 | ---- | M] () -- \Users\Martin\Documents\Mudbox\2010\data\Stamps\thumbnails\rgb_crackedFun1.tif
[2009.12.02 10:58:58 | 000,031,528 | ---- | M] () -- \Users\Martin\Documents\Mudbox\2010\data\Stamps\thumbnails\rgb_mudCracks.tif

< *keygen* /s >
[2012.07.27 23:31:56 | 002,000,896 | ---- | M] () -- \Program Files\Sony\Vegas Pro 11.0\Keygen.exe
[2012.11.14 22:54:08 | 000,000,838 | ---- | M] () -- \Users\Martin\AppData\Roaming\uTorrent\ADOBE.CS6.0.MASTER.COLLECTION.WIN.KEYGEN-XFORCE.torrent

< *loader* /s >
[2008.09.03 01:14:34 | 000,217,088 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CS4\Support Files\MXF_SDK_MetaMetadata_BinaryLoader_r.4.1.1.223.dll
[2008.08.28 18:34:20 | 004,965,736 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\Photodownloader.exe
[2008.08.28 15:42:12 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\de_de\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\en_us\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\es_es\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\it_it\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\no_no\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,308 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2008.08.28 15:42:16 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2008.08.26 00:32:24 | 000,217,088 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CS4\MXF_SDK_MetaMetadata_BinaryLoader_r.4.1.1.223.dll
[2009.02.03 18:33:52 | 000,028,008 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2010\AecLoader.arx
[2009.03.12 18:11:02 | 000,023,040 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2010\stdplugs\ParserLoader.gup
[2009.03.12 18:22:50 | 000,046,592 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2010\stdplugs\SceneEffectLoader.dlu
[2012.02.20 10:31:00 | 000,023,464 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\AecLoader.arx
[2012.03.07 10:57:22 | 000,018,784 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\AssemblyLoader.dll
[2012.01.09 01:39:56 | 000,009,791 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\AssemblyLoader.xml
[2012.03.07 10:58:00 | 000,018,272 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\gmiloader.dll
[2011.12.13 07:27:16 | 000,012,288 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\de-DE\gmiloader.dll.mui
[2011.09.14 23:55:40 | 000,001,024 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\en-US\gmiloader.dll.mui
[2012.01.20 22:54:02 | 000,036,864 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\ExternalPlugins\CS4\Windows\Autodesk.Plugins.Adobe.AfterFX.SceneIO.Loader.aex
[2012.01.20 22:54:02 | 000,039,936 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\ExternalPlugins\CS5\Windows\Autodesk.Plugins.Adobe.AfterFX.SceneIO.Loader.aex
[2012.03.07 10:56:42 | 000,012,288 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\fr-FR\gmiloader.dll.mui
[2012.01.10 18:00:14 | 000,061,088 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\Inventor Server\Bin\ClrAddinLoader.dll
[2011.12.13 07:32:18 | 000,012,288 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\ja-JP\gmiloader.dll.mui
[2011.12.13 07:34:56 | 000,012,288 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\ko-KR\gmiloader.dll.mui
[2012.03.07 11:01:54 | 000,031,072 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\stdplugs\ParserLoader.gup
[2012.03.07 11:02:40 | 000,055,136 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\stdplugs\SceneEffectLoader.dlu
[2012.01.30 22:39:04 | 000,058,880 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\stdplugs\(MassFX)\PhysX_2.8.5\PHYSX4DCC_PhysXLoader.dll
[2012.01.30 22:39:06 | 000,064,000 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\stdplugs\(MassFX)\PhysX_2.8.5\PHYSX4DCC_PhysXUpdateLoader.dll
[2012.02.22 13:55:32 | 000,012,288 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\stdplugs\de-DE\ParserLoader.gup.mui
[2012.02.07 04:36:50 | 000,012,288 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\stdplugs\de-DE\SceneEffectLoader.dlu.mui
[2011.09.15 00:05:06 | 000,002,048 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\stdplugs\en-US\ParserLoader.gup.mui
[2011.09.15 00:15:04 | 000,002,560 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\stdplugs\en-US\SceneEffectLoader.dlu.mui
[2012.02.23 14:34:50 | 000,012,288 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\stdplugs\fr-FR\ParserLoader.gup.mui
[2012.02.07 04:37:06 | 000,012,288 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\stdplugs\fr-FR\SceneEffectLoader.dlu.mui
[2012.02.26 04:06:08 | 000,012,288 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\stdplugs\ja-JP\ParserLoader.gup.mui
[2012.02.07 04:37:20 | 000,012,288 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\stdplugs\ja-JP\SceneEffectLoader.dlu.mui
[2012.02.22 13:55:46 | 000,012,288 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\stdplugs\ko-KR\ParserLoader.gup.mui
[2012.02.07 04:37:34 | 000,012,288 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\stdplugs\ko-KR\SceneEffectLoader.dlu.mui
[2011.11.28 22:58:34 | 000,002,027 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\stdplugs\stdscripts\(MassFX)\px_loader.ms
[2012.02.22 13:55:50 | 000,012,288 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\stdplugs\zh-CN\ParserLoader.gup.mui
[2012.02.07 04:37:40 | 000,012,288 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\stdplugs\zh-CN\SceneEffectLoader.dlu.mui
[2011.12.18 04:33:16 | 000,012,288 | ---- | M] () -- \Program Files\Autodesk\3ds Max 2013\zh-CN\gmiloader.dll.mui
[2011.05.06 11:50:56 | 000,013,312 | ---- | M] () -- \Program Files\Autodesk\Mudbox 2012\plugins\EnvironmentMapLoader.mp
[2011.05.06 11:32:04 | 000,000,028 | ---- | M] () -- \Program Files\Autodesk\Mudbox 2012\SDK\include\QtCore\QPluginLoader
[2011.05.06 11:32:04 | 000,003,243 | ---- | M] () -- \Program Files\Autodesk\Mudbox 2012\SDK\include\QtCore\qpluginloader.h
[2012.02.22 22:11:56 | 000,078,336 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.22 22:11:56 | 000,155,136 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.22 22:11:56 | 000,117,248 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2012.10.11 21:56:32 | 000,008,827 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2012.01.10 18:00:14 | 000,061,088 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\DirectConnect2013\bin\Aruba\Inventor Server\Bin\ClrAddinLoader.dll
[2008.02.28 12:26:06 | 000,111,912 | ---- | M] () -- \Program Files\Common Files\Nero\Shared\NSCLoader.dll
[2012.11.18 14:10:29 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.11.18 14:10:29 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.11.18 14:10:29 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.11.18 14:10:42 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.02.16 17:39:14 | 000,055,808 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX for Maya\Maya 2012\plug-ins\PhysX_2.8.4\PhysXLoader.dll
[2011.02.14 16:55:58 | 000,041,472 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX for Maya\Maya 2012\plug-ins\PhysX_2.8.4\PhysXUpdateLoader.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2012.10.26 18:04:12 | 000,329,056 | ---- | M] () -- \Program Files\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2_loader.dll
[2012.10.26 18:01:02 | 000,293,376 | ---- | M] () -- \Program Files\Ubisoft\Ubisoft Game Launcher\uplay_r1_loader.dll
[2012.05.03 23:03:14 | 000,370,070 | ---- | M] () -- \Program Files\Youtube Downloader HD\downloader-hd.ico
[2012.09.17 17:30:12 | 005,106,176 | ---- | M] () -- \Program Files\Youtube Downloader HD\YouTubeDownloaderHD.exe
[2012.10.21 15:10:14 | 000,000,061 | ---- | M] () -- \Program Files\Youtube Downloader HD\YoutubeDownloaderHD.url
[2012.10.21 15:10:14 | 000,001,139 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD\Youtube Downloader HD.lnk
[2008.02.04 10:32:50 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.10.21 15:10:14 | 000,001,139 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD\Youtube Downloader HD.lnk
[2008.02.04 10:32:50 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.16 20:46:40 | 000,105,903 | ---- | M] () -- \Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O9RT6OMG\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012.12.25 13:07:55 | 000,000,753 | ---- | M] () -- \Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O9RT6OMG\AdLoader[1].htm
[2012.10.21 15:10:14 | 000,001,121 | ---- | M] () -- \Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Youtube Downloader HD.lnk
[2012.12.03 11:08:20 | 000,000,042 | ---- | M] () -- \Users\Martin\AppData\Roaming\Youtube Downloader HD\YouTubeDownloaderHD.ini
[2009.07.14 13:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 09:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 09:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 09:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009.07.14 03:17:55 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.07.14 03:17:55 | 000,507,568 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winload.exe_75835076
[2009.07.14 03:17:55 | 000,442,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 09:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 173 bytes -> C:\ProgramData\TEMP:BF3D62E7
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:A1EDB939

< End of report >

Re: Skype vir

Napsal: 25 pro 2012 19:47
od lokem22
OTL Extras logfile created on: 25.12.2012 19:10:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Martin\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,04 Gb Available Physical Memory | 34,58% Memory free
6,00 Gb Paging File | 3,38 Gb Available in Paging File | 56,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 68,26 Gb Total Space | 29,77 Gb Free Space | 43,61% Space Free | Partition Type: NTFS
Drive D: | 229,73 Gb Total Space | 23,44 Gb Free Space | 10,20% Space Free | Partition Type: NTFS
Drive G: | 2,39 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: MARTIN-PC | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2514172838-1309040562-4224439681-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- D:\Programy\Nainstalovaný software\Adobe Photoshop CS6\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D1637A8-414C-4201-A096-46DDCDECBC4E}" = lport=138 | protocol=17 | dir=in | app=system |
"{12273BD2-C8E7-45DF-B6D9-79678DCDB6A4}" = lport=139 | protocol=6 | dir=in | app=system |
"{34A09BF5-2036-4C58-B6D1-F3BE41538F6E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{47A25C21-AD09-4B3B-A307-80F703390A55}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4B4904DF-A69F-4D4B-831C-35952F346107}" = lport=137 | protocol=17 | dir=in | app=system |
"{4F7BE261-7E89-4812-9D34-822A004ED5BE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{502F8B9B-7439-4A0C-9C03-9C6C7187D7E0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{77CC6529-76EF-416A-ADBF-362EF3BF7525}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7E4B2443-30F3-4201-8471-0A7B6CA5C44D}" = rport=137 | protocol=17 | dir=out | app=system |
"{86E59E78-CA20-45AE-A023-387B359D456E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{914E44BE-E67A-4D42-8293-A4838416AAE5}" = rport=139 | protocol=6 | dir=out | app=system |
"{969783EB-7D35-4EBD-A3A9-378D911A60DB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A3E8A729-6F17-410F-8EBB-B76A3A3E7D07}" = rport=138 | protocol=17 | dir=out | app=system |
"{A9B43EC0-E516-4382-9DD6-487463C83061}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C3D3F500-5EBD-4AA6-8F38-AEFB4C3631DD}" = rport=445 | protocol=6 | dir=out | app=system |
"{CD51A62E-0785-476D-8EC3-D04A0F414C00}" = lport=445 | protocol=6 | dir=in | app=system |
"{D2CA90F6-0E2D-4A4E-B4F3-D17AD64137F7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DE45CD6A-1CA3-4954-8FA8-5393C2A2B0EC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ECEF60AD-AFE4-4916-BED9-2D314F2BF2D1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F3C6D3F4-0441-40D4-A6A0-12B3CFDF9ACF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FCC7EA19-126B-4E53-B9DD-E4A7350F99E4}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0074822D-FD9A-4BFF-BF52-361CFED2B314}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{00C1033F-36AA-44EB-BC40-FB429EB4D3D6}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{014C6475-7785-4D95-8873-A98664A4C30E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{03D48100-53F4-45C7-AE86-7D22F133F982}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\3dsmax.exe |
"{03FC95B1-4B63-4468-91C9-D21EB8535D89}" = protocol=17 | dir=in | app=d:\hry\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{0613457C-C0E4-4AB8-9A64-A4E0965E3518}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe |
"{06456874-FFE5-4299-A3D4-C6A41D98160D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0F52F524-3AAD-4B8E-A15C-BBE575E445BF}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"{178E2022-971C-41A6-99D7-4B84E1F71327}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{1A6968BF-DB71-4555-BA64-4F31399AC0F1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1B230BF5-E39D-4A31-8B07-4339E96ACEBC}" = protocol=6 | dir=in | app=d:\hry\battlefield bad company 2\bfbc2updater.exe |
"{2511BA6B-CBA0-463C-B219-FE221A6E9D07}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe |
"{28F33330-B202-4705-88D1-9390049CC36E}" = protocol=6 | dir=in | app=d:\hry\call of duty 4 modern warfare.rar\iw3mp.exe |
"{2B0A32BB-E122-42FD-B320-55C695933C72}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{2DD6790F-23E2-4DC7-9BB5-3231C889305D}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2013\nvidia\raysat_3dsmax2013_32.exe |
"{3428340A-50F0-405B-9745-637D00AAA1C6}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2013\3dsmax.exe |
"{35750EAA-4BDA-466C-BBF5-D184A634EE77}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{3A07AB29-F27E-4CF6-BEAA-F0E9A437FA23}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{3A0CDEFA-0F5C-495D-8ACD-BCC6C7A93EA0}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2013\3dsmax.exe |
"{3B089B5F-24C8-4099-9919-E76B728EF9C1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4990871E-AF2B-4967-82EB-97A3E9924F67}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe |
"{4FD04693-707E-4940-9BBF-073447819574}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{534A26A9-F25D-4F47-8C05-BD7C806BA2E4}" = protocol=6 | dir=in | app=d:\hry\steam\steamapps\common\arma 2\arma2.exe |
"{54B8BD0A-5B25-4482-9DFC-40EC6226DBCD}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe |
"{55EBB1F4-729D-44B1-9C2D-A165C7C45207}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5754C548-8D0E-4C69-8544-F13A9EC90056}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5A5E4C3B-68B2-4EB5-8560-C4C4117F1482}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5C95B15B-5A1A-4A8E-B991-71A288502A1A}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{5F813537-43DE-4C9C-A2B2-4CBEA5DC082B}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2013\nvidia\raysat_3dsmax2013_32.exe |
"{622D1B8F-DB63-4DC3-AD27-8331E663524A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{63EA427E-78B1-43A4-B5D3-2F801B0AFF7D}" = protocol=6 | dir=in | app=d:\hry\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{655150C3-D445-4127-ACC0-90E6EBAD6380}" = protocol=17 | dir=in | app=d:\hry\call of duty 4 modern warfare.rar\iw3mp.exe |
"{6E3F8795-742F-47C1-92D7-3F446714B171}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{72173598-3FA5-4A9D-B5C0-E0B8B863CC2D}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{74C27530-F0D7-4A44-856B-741CE382094F}" = protocol=6 | dir=in | app=d:\hry\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{75E1B5B0-B28C-4527-BEB6-4C1A8DC302E6}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2013\nvidia\raysat_3dsmax2013_32server.exe |
"{7BA67F0E-DB0E-439B-AF14-FDF114836F4C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7D296C32-F226-45AA-AF60-513A40E2BCBF}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{7E63B389-625D-4252-9133-0FDE97E400E9}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe |
"{7ED469A4-A3EF-45FD-8E3A-7D90250E618B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{80623E1D-1C53-4C13-8CCC-5C9643D9B1BC}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2013\nvidia\raysat_3dsmax2013_32server.exe |
"{8258B845-5BD0-46F7-A74E-876C6B844C3B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{83D8C25A-0233-4C16-A255-3E3752DA821F}" = protocol=17 | dir=in | app=d:\hry\steam\steamapps\common\arma 2\arma2.exe |
"{8A63EEDB-9D8C-44C9-B326-63B80F91C1A4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8B3980FD-4352-47EE-8C93-781D024B1697}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{8D29077C-EE48-4416-8AD5-B05E54DDD374}" = protocol=17 | dir=in | app=d:\hry\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{8F24E8BC-F813-45F8-91FD-DD4D7F98F8CA}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"{90FAEB71-3A0E-4FE1-999A-CED8170FA537}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{943C27F9-035B-4C0F-A622-39DE0D3E4E03}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{956A0772-16C4-44A1-AC5A-5F18F9E0E563}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"{988E8AB3-9EBE-473A-9F75-32AC1F5F2C8F}" = protocol=6 | dir=out | app=system |
"{9ADC3DFC-A735-4E6A-88D2-ED95FBADC21F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9FEC5699-4A43-4ABC-9350-AEB1CEBE4595}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A0671A34-DFCD-4F8B-A038-A20ACA080DEB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A966C4ED-9C36-426E-908F-2F438D9A1F07}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2012\3dsmax.exe |
"{ACD30AB9-B344-489E-AE9F-C6D31330A0A6}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\3dsmax.exe |
"{B3CECCF5-1563-4426-94B5-4958D428385D}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_32.exe |
"{B93B4DDD-E5CE-49C6-8722-26A14F7FECDB}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{BEFD48E9-C981-4007-9660-555D9F404209}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C358DE27-409B-4EA4-A2BA-57239DDB3A83}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C55DBC36-0F6A-4297-8558-4B27C2B6E194}" = protocol=17 | dir=in | app=d:\hry\battlefield bad company 2\bfbc2updater.exe |
"{CC378F91-2780-49CB-A79A-0C866F23CE07}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{D63DDE86-FEF4-495D-BE60-1365DCB93798}" = protocol=6 | dir=in | app=d:\hry\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{D92B4984-C29F-431E-9B18-7B78CCA7453F}" = protocol=6 | dir=in | app=d:\hry\steam\steam.exe |
"{DBAC728A-FDE3-4327-AF26-070E45C5FACB}" = protocol=17 | dir=in | app=d:\hry\steam\steam.exe |
"{E27F0C46-0B86-4F67-9DF5-4AF50133597F}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_32.exe |
"{E2C53513-A601-460A-8D71-4239340F0C59}" = protocol=17 | dir=in | app=d:\hry\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{E9929F8A-8050-48DE-9C89-F6FA8B459FF5}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{ED5BA858-2D21-4EFA-9C78-FCDD8DC6DE26}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2012\3dsmax.exe |
"{F43F44AC-16E6-4BA5-9723-BF6258295D0F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F74BBD4E-2DF3-4B23-B109-748144BF4D35}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"{FB73951D-B3C4-404C-A159-446A66389C99}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe |
"TCP Query User{0133E4EE-589C-458F-8F81-DA8069716A16}C:\program files\icq7m\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"TCP Query User{022FAB5D-B33A-4AED-9904-5D2A2A32626C}D:\hry\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=d:\hry\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{3C9B0326-90DC-4981-9A81-71458C4CEF9B}C:\users\martin\desktop\nightfallbuild\nightfall.exe" = protocol=6 | dir=in | app=c:\users\martin\desktop\nightfallbuild\nightfall.exe |
"TCP Query User{4994F135-F21C-4077-93FE-23CB152A7C6D}D:\autodesk entertainment creation suite 2013\motionbuilder danko (32-bit)\bin\win32\motionbuilder.exe" = protocol=6 | dir=in | app=d:\autodesk entertainment creation suite 2013\motionbuilder danko (32-bit)\bin\win32\motionbuilder.exe |
"TCP Query User{6011CD14-75B6-4B91-B82B-72523C884FB2}D:\hry\assassin's creed ii cz (v1.01)\fifa 13\game\fifa13.exe" = protocol=6 | dir=in | app=d:\hry\assassin's creed ii cz (v1.01)\fifa 13\game\fifa13.exe |
"TCP Query User{8B1129FD-605D-45F9-A897-2C1C33228F25}C:\users\martin\desktop\nightfall_build\nightfall.exe" = protocol=6 | dir=in | app=c:\users\martin\desktop\nightfall_build\nightfall.exe |
"TCP Query User{E6B8EA11-F7C6-436F-959B-47C061D24999}D:\hry\assassins creed iii\assassins creed iii\ac3sp.exe" = protocol=6 | dir=in | app=d:\hry\assassins creed iii\assassins creed iii\ac3sp.exe |
"UDP Query User{02CBEB13-94FE-4F76-A6C4-DB4EFC5BE5E0}C:\program files\icq7m\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"UDP Query User{0EA8D341-37DA-48E3-827B-94B6AC97797B}D:\hry\assassin's creed ii cz (v1.01)\fifa 13\game\fifa13.exe" = protocol=17 | dir=in | app=d:\hry\assassin's creed ii cz (v1.01)\fifa 13\game\fifa13.exe |
"UDP Query User{422F6096-DD5E-4EC1-AF65-1954262015FF}D:\hry\assassins creed iii\assassins creed iii\ac3sp.exe" = protocol=17 | dir=in | app=d:\hry\assassins creed iii\assassins creed iii\ac3sp.exe |
"UDP Query User{48C11BFF-265C-4D7D-9BC7-8AF5558BC4B1}C:\users\martin\desktop\nightfall_build\nightfall.exe" = protocol=17 | dir=in | app=c:\users\martin\desktop\nightfall_build\nightfall.exe |
"UDP Query User{4CA99C5C-005A-4826-8669-E338DA9CEF22}D:\hry\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=d:\hry\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{63C03EE0-E1C6-4495-A30A-7C2460A401AB}C:\users\martin\desktop\nightfallbuild\nightfall.exe" = protocol=17 | dir=in | app=c:\users\martin\desktop\nightfallbuild\nightfall.exe |
"UDP Query User{8347D42F-6D5A-42BA-9DE3-0F45CEB821B5}D:\autodesk entertainment creation suite 2013\motionbuilder danko (32-bit)\bin\win32\motionbuilder.exe" = protocol=17 | dir=in | app=d:\autodesk entertainment creation suite 2013\motionbuilder danko (32-bit)\bin\win32\motionbuilder.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{06E18300-BB64-1632-8E6A-2593FC67BB74}" = Autodesk Revit Interoperability for 3ds Max and 3ds Max Design 2013 32-bit
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F414901-5ED4-11E1-86F3-F04DA23A5C58}" = Vegas Pro 11.0
"{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}" = Autodesk Material Library 2013
"{147894EE-5ED4-11E1-A8FF-F04DA23A5C58}" = MSVCRT Redists
"{1585EBE4-2F65-2DE6-A531-301DFAB68B5E}" = AMD Drag and Drop Transcoding
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{317AC0C7-FEBF-0409-87A3-4FC70D0ED900}" = Autodesk 3ds Max 2010 32-bit
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3BCD05CE-8CDE-9503-8794-D8CDB9FA8562}" = Catalyst Control Center InstallProxy
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2013.0.0
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C70E8D3-78D4-493E-A4CF-1BE881E2DA99}" = FumeFX 3.0.1 R2013 32-bit
"{5061ACBA-7A0A-42FE-93FF-403B2099D200}" = Autodesk Essential Skills Movies for 3ds Max 2013 32-bit
"{531AC43D-0010-1033-B544-B674C4C0B4BA}" = Autodesk Mudbox 2012 32-bit - English
"{531AC43D-EF8F-404C-B544-B674C4C0B4BA}" = Autodesk Mudbox 2012 32-bit - English
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58760EEC-8B6A-43F4-81AA-696E381DFADD}" = Autodesk Material Library Medium Resolution Image Library 2013
"{606E12B9-641F-4644-A22A-FF38AE980AFD}" = Autodesk Material Library Base Resolution Image Library 2013
"{60A08432-00DD-0409-AC2C-143C75460878}" = Autodesk 3ds Max 2010 32-bit Components
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{6232599C-A2B0-416F-8BFA-22016F4CC22F}" = OMP Index Reference Increment
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{696BB53C-28E6-1632-974E-D42FFF5B8E04}" = Autodesk Inventor Server Engine for 3ds Max 2013 32-bit
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74AD1757-8887-D3F0-23C4-1E16B77A6ABC}" = AMD Media Foundation Decoders
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79130390-599A-0409-93EB-B6A759E2ABB0}" = Autodesk 3ds Max 2013 32-bit
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{92203FA0-7C43-429F-857C-0AE197D8199C}" = Composite 2013
"{9255C64F-906F-4E19-900F-8DB2E63D87D3}" = Autodesk MotionBuilder 2013 32-bit
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}" = Microsoft IntelliType Pro 8.2
"{A04F8183-B0AC-44B1-9947-DC8AFD1194DD}" = Autodesk MatchMover 2013 32-bit
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A675D66E-0CBD-4A8F-0068-82B774DD4C9E}" = Autodesk Mudbox 2013 32-bit
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{AC968B0F-024A-4323-BD6B-C2A85D183F34}" = GHOST
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BBDAC608-4458-4ef1-BC04-C1C9B39A7F69}" = Suites Exclusives Standard 2013 32-bit
"{BBDAC608-4458-4ef1-BC04-C1C9B39A7F70}" = Turtle for Maya 2013 32-bit
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BF9D2E61-64C4-64EA-6AF7-29EB5A110C26}" = AMD Catalyst Install Manager
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D6D5CB84-0E6E-4E69-B300-C690B6911029}" = Nero 8
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00}" = Autodesk 3ds Max 2010 Tutorials Files
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F63F15F6-2505-4B57-91AA-7EBD75C5477C}" = Autodesk DirectConnect 2013 32-bit
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FEC02973-0781-49C7-9F04-28DA9BAF0372}" = Composite 2012
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"«Hitman Absolution - Professional Edition»_is1" = «Hitman Absolution - Professional Edition» v.1.0.433.1
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Autodesk 3ds Max 2013 32-bit" = Autodesk 3ds Max 2013 32-bit
"Autodesk DirectConnect 2013 32-bit" = Autodesk DirectConnect 2013 32-bit
"Autodesk FBX Plugin 2009.4 - 3ds Max 2010" = Autodesk FBX Plugin 2009.4 - 3ds Max 2010
"Autodesk FBX Plug-in 2013.1 - 3ds Max 2013" = Autodesk FBX Plug-in 2013.1 - 3ds Max 2013
"Autodesk MotionBuilder 2013 32-bit" = Autodesk MotionBuilder 2013 32-bit
"Autodesk Mudbox 2013 32-bit" = Autodesk Mudbox 2013 32-bit
"avast!" = avast! Antivirus
"BattlEye for OA" = BattlEye for OA Uninstall
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"GameParkClient_is1" = GamePark
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Mozilla Firefox 17.0.1 (x86 cs)" = Mozilla Firefox 17.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Steam App 33910" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The KMPlayer" = The KMPlayer (remove only)
"Uplay" = Uplay
"uTorrent" = µTorrent
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.9.5
"ZAV1_is1" = ZAV 4.48 (32bit)

========== Last 20 Event Log Errors ==========

[ Antivirus Events ]
Error - 4.12.2012 18:35:58 | Computer Name = Martin-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Martin\AppData\Roaming\Skype\martin.tlusty95\bistats.db-journal failed,
00000005.

[ Application Events ]
Error - 12.12.2012 18:56:15 | Computer Name = Martin-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro D:\Autodesk Entertainment Creation
Suite 2013\Composite 2013\python\lib\distutils\command\wininst-8_d.exe se nezdařilo.
Závislé
sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 12.12.2012 18:57:56 | Computer Name = Martin-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Autodesk\Composite
2012\python\lib\distutils\command\wininst-8_d.exe se nezdařilo. Závislé sestavení
Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 12.12.2012 18:58:55 | Computer Name = Martin-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku 3. Hodnota
MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version
v prvku assemblyIdentity je neplatná.

Error - 19.12.2012 9:02:43 | Computer Name = Martin-PC | Source = PandoraService.exe | ID = 0
Description =

Error - 20.12.2012 14:44:11 | Computer Name = Martin-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro D:\Autodesk Entertainment Creation
Suite 2013\Composite 2013\python\lib\distutils\command\wininst-8_d.exe se nezdařilo.
Závislé
sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 20.12.2012 14:47:02 | Computer Name = Martin-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Autodesk\Composite
2012\python\lib\distutils\command\wininst-8_d.exe se nezdařilo. Závislé sestavení
Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 20.12.2012 14:49:17 | Computer Name = Martin-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku 3. Hodnota
MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version
v prvku assemblyIdentity je neplatná.

Error - 20.12.2012 16:23:59 | Computer Name = Martin-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iw3mp.exe, verze: 0.0.0.0, časové razítko:
0x4859a219 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00000000 ID chybujícího procesu: 0x9bc Čas spuštění
chybující aplikace: 0x01cddeefdc0ce110 Cesta k chybující aplikaci: D:\Hry\Call of
duty 4 modern warfare.rar\iw3mp.exe Cesta k chybujícímu modulu: unknown ID zprávy:
2f5ce180-4ae3-11e2-b6e5-6c626d0ff836

Error - 22.12.2012 11:48:50 | Computer Name = Martin-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WSCommCntr4.exe, verze: 3.5.19.0, časové
razítko: 0x4f175a2a Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385,
časové razítko: 0x4a5bdadb Kód výjimky: 0xc0000005 Posun chyby: 0x0002fc47 ID chybujícího
procesu: 0x16e4 Čas spuštění chybující aplikace: 0x01cde05bd56b5f90 Cesta k chybující
aplikaci: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe
Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 141df860-4c4f-11e2-b3f5-6c626d0ff836

Error - 23.12.2012 11:57:37 | Computer Name = Martin-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WSCommCntr4.exe, verze: 3.5.19.0, časové
razítko: 0x4f175a2a Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385,
časové razítko: 0x4a5bdadb Kód výjimky: 0xc0000005 Posun chyby: 0x0002fc47 ID chybujícího
procesu: 0x15b8 Čas spuštění chybující aplikace: 0x01cde1263995d520 Cesta k chybující
aplikaci: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe
Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 78ad9860-4d19-11e2-b220-6c626d0ff836

[ System Events ]
Error - 12.12.2012 17:35:51 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 13.12.2012 11:43:54 | Computer Name = Martin-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 16.12.2012 15:32:01 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7034
Description = Služba AfterFLICS v3 byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 16.12.2012 15:32:01 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7034
Description = Služba mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit
byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 16.12.2012 15:32:01 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7034
Description = Služba mental ray 3.10 Satellite for Autodesk 3ds Max 2013 32-bit
byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 16.12.2012 15:32:04 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 16.12.2012 15:35:51 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 16.12.2012 15:39:11 | Computer Name = Martin-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (20:38:08, ?16.?12.?2012) bylo neočekávané.

Error - 21.12.2012 6:44:02 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Steam Client Service bylo dosaženo
časového limitu (30000 ms).

Error - 21.12.2012 6:44:02 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7000
Description = Služba Steam Client Service neuspěla při spuštění v důsledku následující
chyby: %%1053


< End of report >

Re: Skype vir

Napsal: 25 pro 2012 19:52
od lokem22
OTL Extras logfile created on: 25.12.2012 19:10:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Martin\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,04 Gb Available Physical Memory | 34,58% Memory free
6,00 Gb Paging File | 3,38 Gb Available in Paging File | 56,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 68,26 Gb Total Space | 29,77 Gb Free Space | 43,61% Space Free | Partition Type: NTFS
Drive D: | 229,73 Gb Total Space | 23,44 Gb Free Space | 10,20% Space Free | Partition Type: NTFS
Drive G: | 2,39 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: MARTIN-PC | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2514172838-1309040562-4224439681-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- D:\Programy\Nainstalovaný software\Adobe Photoshop CS6\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D1637A8-414C-4201-A096-46DDCDECBC4E}" = lport=138 | protocol=17 | dir=in | app=system |
"{12273BD2-C8E7-45DF-B6D9-79678DCDB6A4}" = lport=139 | protocol=6 | dir=in | app=system |
"{34A09BF5-2036-4C58-B6D1-F3BE41538F6E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{47A25C21-AD09-4B3B-A307-80F703390A55}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4B4904DF-A69F-4D4B-831C-35952F346107}" = lport=137 | protocol=17 | dir=in | app=system |
"{4F7BE261-7E89-4812-9D34-822A004ED5BE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{502F8B9B-7439-4A0C-9C03-9C6C7187D7E0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{77CC6529-76EF-416A-ADBF-362EF3BF7525}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7E4B2443-30F3-4201-8471-0A7B6CA5C44D}" = rport=137 | protocol=17 | dir=out | app=system |
"{86E59E78-CA20-45AE-A023-387B359D456E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{914E44BE-E67A-4D42-8293-A4838416AAE5}" = rport=139 | protocol=6 | dir=out | app=system |
"{969783EB-7D35-4EBD-A3A9-378D911A60DB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A3E8A729-6F17-410F-8EBB-B76A3A3E7D07}" = rport=138 | protocol=17 | dir=out | app=system |
"{A9B43EC0-E516-4382-9DD6-487463C83061}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C3D3F500-5EBD-4AA6-8F38-AEFB4C3631DD}" = rport=445 | protocol=6 | dir=out | app=system |
"{CD51A62E-0785-476D-8EC3-D04A0F414C00}" = lport=445 | protocol=6 | dir=in | app=system |
"{D2CA90F6-0E2D-4A4E-B4F3-D17AD64137F7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DE45CD6A-1CA3-4954-8FA8-5393C2A2B0EC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ECEF60AD-AFE4-4916-BED9-2D314F2BF2D1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F3C6D3F4-0441-40D4-A6A0-12B3CFDF9ACF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FCC7EA19-126B-4E53-B9DD-E4A7350F99E4}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0074822D-FD9A-4BFF-BF52-361CFED2B314}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{00C1033F-36AA-44EB-BC40-FB429EB4D3D6}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{014C6475-7785-4D95-8873-A98664A4C30E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{03D48100-53F4-45C7-AE86-7D22F133F982}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\3dsmax.exe |
"{03FC95B1-4B63-4468-91C9-D21EB8535D89}" = protocol=17 | dir=in | app=d:\hry\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{0613457C-C0E4-4AB8-9A64-A4E0965E3518}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe |
"{06456874-FFE5-4299-A3D4-C6A41D98160D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0F52F524-3AAD-4B8E-A15C-BBE575E445BF}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"{178E2022-971C-41A6-99D7-4B84E1F71327}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{1A6968BF-DB71-4555-BA64-4F31399AC0F1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1B230BF5-E39D-4A31-8B07-4339E96ACEBC}" = protocol=6 | dir=in | app=d:\hry\battlefield bad company 2\bfbc2updater.exe |
"{2511BA6B-CBA0-463C-B219-FE221A6E9D07}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe |
"{28F33330-B202-4705-88D1-9390049CC36E}" = protocol=6 | dir=in | app=d:\hry\call of duty 4 modern warfare.rar\iw3mp.exe |
"{2B0A32BB-E122-42FD-B320-55C695933C72}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{2DD6790F-23E2-4DC7-9BB5-3231C889305D}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2013\nvidia\raysat_3dsmax2013_32.exe |
"{3428340A-50F0-405B-9745-637D00AAA1C6}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2013\3dsmax.exe |
"{35750EAA-4BDA-466C-BBF5-D184A634EE77}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{3A07AB29-F27E-4CF6-BEAA-F0E9A437FA23}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{3A0CDEFA-0F5C-495D-8ACD-BCC6C7A93EA0}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2013\3dsmax.exe |
"{3B089B5F-24C8-4099-9919-E76B728EF9C1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4990871E-AF2B-4967-82EB-97A3E9924F67}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe |
"{4FD04693-707E-4940-9BBF-073447819574}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{534A26A9-F25D-4F47-8C05-BD7C806BA2E4}" = protocol=6 | dir=in | app=d:\hry\steam\steamapps\common\arma 2\arma2.exe |
"{54B8BD0A-5B25-4482-9DFC-40EC6226DBCD}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe |
"{55EBB1F4-729D-44B1-9C2D-A165C7C45207}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5754C548-8D0E-4C69-8544-F13A9EC90056}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5A5E4C3B-68B2-4EB5-8560-C4C4117F1482}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5C95B15B-5A1A-4A8E-B991-71A288502A1A}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{5F813537-43DE-4C9C-A2B2-4CBEA5DC082B}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2013\nvidia\raysat_3dsmax2013_32.exe |
"{622D1B8F-DB63-4DC3-AD27-8331E663524A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{63EA427E-78B1-43A4-B5D3-2F801B0AFF7D}" = protocol=6 | dir=in | app=d:\hry\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{655150C3-D445-4127-ACC0-90E6EBAD6380}" = protocol=17 | dir=in | app=d:\hry\call of duty 4 modern warfare.rar\iw3mp.exe |
"{6E3F8795-742F-47C1-92D7-3F446714B171}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{72173598-3FA5-4A9D-B5C0-E0B8B863CC2D}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{74C27530-F0D7-4A44-856B-741CE382094F}" = protocol=6 | dir=in | app=d:\hry\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{75E1B5B0-B28C-4527-BEB6-4C1A8DC302E6}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2013\nvidia\raysat_3dsmax2013_32server.exe |
"{7BA67F0E-DB0E-439B-AF14-FDF114836F4C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7D296C32-F226-45AA-AF60-513A40E2BCBF}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{7E63B389-625D-4252-9133-0FDE97E400E9}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe |
"{7ED469A4-A3EF-45FD-8E3A-7D90250E618B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{80623E1D-1C53-4C13-8CCC-5C9643D9B1BC}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2013\nvidia\raysat_3dsmax2013_32server.exe |
"{8258B845-5BD0-46F7-A74E-876C6B844C3B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{83D8C25A-0233-4C16-A255-3E3752DA821F}" = protocol=17 | dir=in | app=d:\hry\steam\steamapps\common\arma 2\arma2.exe |
"{8A63EEDB-9D8C-44C9-B326-63B80F91C1A4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8B3980FD-4352-47EE-8C93-781D024B1697}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{8D29077C-EE48-4416-8AD5-B05E54DDD374}" = protocol=17 | dir=in | app=d:\hry\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{8F24E8BC-F813-45F8-91FD-DD4D7F98F8CA}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"{90FAEB71-3A0E-4FE1-999A-CED8170FA537}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{943C27F9-035B-4C0F-A622-39DE0D3E4E03}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{956A0772-16C4-44A1-AC5A-5F18F9E0E563}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"{988E8AB3-9EBE-473A-9F75-32AC1F5F2C8F}" = protocol=6 | dir=out | app=system |
"{9ADC3DFC-A735-4E6A-88D2-ED95FBADC21F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9FEC5699-4A43-4ABC-9350-AEB1CEBE4595}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A0671A34-DFCD-4F8B-A038-A20ACA080DEB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A966C4ED-9C36-426E-908F-2F438D9A1F07}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2012\3dsmax.exe |
"{ACD30AB9-B344-489E-AE9F-C6D31330A0A6}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\3dsmax.exe |
"{B3CECCF5-1563-4426-94B5-4958D428385D}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_32.exe |
"{B93B4DDD-E5CE-49C6-8722-26A14F7FECDB}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{BEFD48E9-C981-4007-9660-555D9F404209}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C358DE27-409B-4EA4-A2BA-57239DDB3A83}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C55DBC36-0F6A-4297-8558-4B27C2B6E194}" = protocol=17 | dir=in | app=d:\hry\battlefield bad company 2\bfbc2updater.exe |
"{CC378F91-2780-49CB-A79A-0C866F23CE07}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{D63DDE86-FEF4-495D-BE60-1365DCB93798}" = protocol=6 | dir=in | app=d:\hry\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{D92B4984-C29F-431E-9B18-7B78CCA7453F}" = protocol=6 | dir=in | app=d:\hry\steam\steam.exe |
"{DBAC728A-FDE3-4327-AF26-070E45C5FACB}" = protocol=17 | dir=in | app=d:\hry\steam\steam.exe |
"{E27F0C46-0B86-4F67-9DF5-4AF50133597F}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_32.exe |
"{E2C53513-A601-460A-8D71-4239340F0C59}" = protocol=17 | dir=in | app=d:\hry\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{E9929F8A-8050-48DE-9C89-F6FA8B459FF5}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{ED5BA858-2D21-4EFA-9C78-FCDD8DC6DE26}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2012\3dsmax.exe |
"{F43F44AC-16E6-4BA5-9723-BF6258295D0F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F74BBD4E-2DF3-4B23-B109-748144BF4D35}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"{FB73951D-B3C4-404C-A159-446A66389C99}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe |
"TCP Query User{0133E4EE-589C-458F-8F81-DA8069716A16}C:\program files\icq7m\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"TCP Query User{022FAB5D-B33A-4AED-9904-5D2A2A32626C}D:\hry\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=d:\hry\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{3C9B0326-90DC-4981-9A81-71458C4CEF9B}C:\users\martin\desktop\nightfallbuild\nightfall.exe" = protocol=6 | dir=in | app=c:\users\martin\desktop\nightfallbuild\nightfall.exe |
"TCP Query User{4994F135-F21C-4077-93FE-23CB152A7C6D}D:\autodesk entertainment creation suite 2013\motionbuilder danko (32-bit)\bin\win32\motionbuilder.exe" = protocol=6 | dir=in | app=d:\autodesk entertainment creation suite 2013\motionbuilder danko (32-bit)\bin\win32\motionbuilder.exe |
"TCP Query User{6011CD14-75B6-4B91-B82B-72523C884FB2}D:\hry\assassin's creed ii cz (v1.01)\fifa 13\game\fifa13.exe" = protocol=6 | dir=in | app=d:\hry\assassin's creed ii cz (v1.01)\fifa 13\game\fifa13.exe |
"TCP Query User{8B1129FD-605D-45F9-A897-2C1C33228F25}C:\users\martin\desktop\nightfall_build\nightfall.exe" = protocol=6 | dir=in | app=c:\users\martin\desktop\nightfall_build\nightfall.exe |
"TCP Query User{E6B8EA11-F7C6-436F-959B-47C061D24999}D:\hry\assassins creed iii\assassins creed iii\ac3sp.exe" = protocol=6 | dir=in | app=d:\hry\assassins creed iii\assassins creed iii\ac3sp.exe |
"UDP Query User{02CBEB13-94FE-4F76-A6C4-DB4EFC5BE5E0}C:\program files\icq7m\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"UDP Query User{0EA8D341-37DA-48E3-827B-94B6AC97797B}D:\hry\assassin's creed ii cz (v1.01)\fifa 13\game\fifa13.exe" = protocol=17 | dir=in | app=d:\hry\assassin's creed ii cz (v1.01)\fifa 13\game\fifa13.exe |
"UDP Query User{422F6096-DD5E-4EC1-AF65-1954262015FF}D:\hry\assassins creed iii\assassins creed iii\ac3sp.exe" = protocol=17 | dir=in | app=d:\hry\assassins creed iii\assassins creed iii\ac3sp.exe |
"UDP Query User{48C11BFF-265C-4D7D-9BC7-8AF5558BC4B1}C:\users\martin\desktop\nightfall_build\nightfall.exe" = protocol=17 | dir=in | app=c:\users\martin\desktop\nightfall_build\nightfall.exe |
"UDP Query User{4CA99C5C-005A-4826-8669-E338DA9CEF22}D:\hry\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=d:\hry\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{63C03EE0-E1C6-4495-A30A-7C2460A401AB}C:\users\martin\desktop\nightfallbuild\nightfall.exe" = protocol=17 | dir=in | app=c:\users\martin\desktop\nightfallbuild\nightfall.exe |
"UDP Query User{8347D42F-6D5A-42BA-9DE3-0F45CEB821B5}D:\autodesk entertainment creation suite 2013\motionbuilder danko (32-bit)\bin\win32\motionbuilder.exe" = protocol=17 | dir=in | app=d:\autodesk entertainment creation suite 2013\motionbuilder danko (32-bit)\bin\win32\motionbuilder.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{06E18300-BB64-1632-8E6A-2593FC67BB74}" = Autodesk Revit Interoperability for 3ds Max and 3ds Max Design 2013 32-bit
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F414901-5ED4-11E1-86F3-F04DA23A5C58}" = Vegas Pro 11.0
"{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}" = Autodesk Material Library 2013
"{147894EE-5ED4-11E1-A8FF-F04DA23A5C58}" = MSVCRT Redists
"{1585EBE4-2F65-2DE6-A531-301DFAB68B5E}" = AMD Drag and Drop Transcoding
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{317AC0C7-FEBF-0409-87A3-4FC70D0ED900}" = Autodesk 3ds Max 2010 32-bit
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3BCD05CE-8CDE-9503-8794-D8CDB9FA8562}" = Catalyst Control Center InstallProxy
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2013.0.0
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C70E8D3-78D4-493E-A4CF-1BE881E2DA99}" = FumeFX 3.0.1 R2013 32-bit
"{5061ACBA-7A0A-42FE-93FF-403B2099D200}" = Autodesk Essential Skills Movies for 3ds Max 2013 32-bit
"{531AC43D-0010-1033-B544-B674C4C0B4BA}" = Autodesk Mudbox 2012 32-bit - English
"{531AC43D-EF8F-404C-B544-B674C4C0B4BA}" = Autodesk Mudbox 2012 32-bit - English
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58760EEC-8B6A-43F4-81AA-696E381DFADD}" = Autodesk Material Library Medium Resolution Image Library 2013
"{606E12B9-641F-4644-A22A-FF38AE980AFD}" = Autodesk Material Library Base Resolution Image Library 2013
"{60A08432-00DD-0409-AC2C-143C75460878}" = Autodesk 3ds Max 2010 32-bit Components
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{6232599C-A2B0-416F-8BFA-22016F4CC22F}" = OMP Index Reference Increment
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{696BB53C-28E6-1632-974E-D42FFF5B8E04}" = Autodesk Inventor Server Engine for 3ds Max 2013 32-bit
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74AD1757-8887-D3F0-23C4-1E16B77A6ABC}" = AMD Media Foundation Decoders
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79130390-599A-0409-93EB-B6A759E2ABB0}" = Autodesk 3ds Max 2013 32-bit
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{92203FA0-7C43-429F-857C-0AE197D8199C}" = Composite 2013
"{9255C64F-906F-4E19-900F-8DB2E63D87D3}" = Autodesk MotionBuilder 2013 32-bit
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}" = Microsoft IntelliType Pro 8.2
"{A04F8183-B0AC-44B1-9947-DC8AFD1194DD}" = Autodesk MatchMover 2013 32-bit
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A675D66E-0CBD-4A8F-0068-82B774DD4C9E}" = Autodesk Mudbox 2013 32-bit
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{AC968B0F-024A-4323-BD6B-C2A85D183F34}" = GHOST
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BBDAC608-4458-4ef1-BC04-C1C9B39A7F69}" = Suites Exclusives Standard 2013 32-bit
"{BBDAC608-4458-4ef1-BC04-C1C9B39A7F70}" = Turtle for Maya 2013 32-bit
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BF9D2E61-64C4-64EA-6AF7-29EB5A110C26}" = AMD Catalyst Install Manager
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D6D5CB84-0E6E-4E69-B300-C690B6911029}" = Nero 8
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00}" = Autodesk 3ds Max 2010 Tutorials Files
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F63F15F6-2505-4B57-91AA-7EBD75C5477C}" = Autodesk DirectConnect 2013 32-bit
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FEC02973-0781-49C7-9F04-28DA9BAF0372}" = Composite 2012
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"«Hitman Absolution - Professional Edition»_is1" = «Hitman Absolution - Professional Edition» v.1.0.433.1
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Autodesk 3ds Max 2013 32-bit" = Autodesk 3ds Max 2013 32-bit
"Autodesk DirectConnect 2013 32-bit" = Autodesk DirectConnect 2013 32-bit
"Autodesk FBX Plugin 2009.4 - 3ds Max 2010" = Autodesk FBX Plugin 2009.4 - 3ds Max 2010
"Autodesk FBX Plug-in 2013.1 - 3ds Max 2013" = Autodesk FBX Plug-in 2013.1 - 3ds Max 2013
"Autodesk MotionBuilder 2013 32-bit" = Autodesk MotionBuilder 2013 32-bit
"Autodesk Mudbox 2013 32-bit" = Autodesk Mudbox 2013 32-bit
"avast!" = avast! Antivirus
"BattlEye for OA" = BattlEye for OA Uninstall
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"GameParkClient_is1" = GamePark
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Mozilla Firefox 17.0.1 (x86 cs)" = Mozilla Firefox 17.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Steam App 33910" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The KMPlayer" = The KMPlayer (remove only)
"Uplay" = Uplay
"uTorrent" = µTorrent
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.9.5
"ZAV1_is1" = ZAV 4.48 (32bit)

========== Last 20 Event Log Errors ==========

[ Antivirus Events ]
Error - 4.12.2012 18:35:58 | Computer Name = Martin-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Martin\AppData\Roaming\Skype\martin.tlusty95\bistats.db-journal failed,
00000005.

[ Application Events ]
Error - 12.12.2012 18:56:15 | Computer Name = Martin-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro D:\Autodesk Entertainment Creation
Suite 2013\Composite 2013\python\lib\distutils\command\wininst-8_d.exe se nezdařilo.
Závislé
sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 12.12.2012 18:57:56 | Computer Name = Martin-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Autodesk\Composite
2012\python\lib\distutils\command\wininst-8_d.exe se nezdařilo. Závislé sestavení
Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 12.12.2012 18:58:55 | Computer Name = Martin-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku 3. Hodnota
MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version
v prvku assemblyIdentity je neplatná.

Error - 19.12.2012 9:02:43 | Computer Name = Martin-PC | Source = PandoraService.exe | ID = 0
Description =

Error - 20.12.2012 14:44:11 | Computer Name = Martin-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro D:\Autodesk Entertainment Creation
Suite 2013\Composite 2013\python\lib\distutils\command\wininst-8_d.exe se nezdařilo.
Závislé
sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 20.12.2012 14:47:02 | Computer Name = Martin-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Autodesk\Composite
2012\python\lib\distutils\command\wininst-8_d.exe se nezdařilo. Závislé sestavení
Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 20.12.2012 14:49:17 | Computer Name = Martin-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku 3. Hodnota
MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version
v prvku assemblyIdentity je neplatná.

Error - 20.12.2012 16:23:59 | Computer Name = Martin-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iw3mp.exe, verze: 0.0.0.0, časové razítko:
0x4859a219 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00000000 ID chybujícího procesu: 0x9bc Čas spuštění
chybující aplikace: 0x01cddeefdc0ce110 Cesta k chybující aplikaci: D:\Hry\Call of
duty 4 modern warfare.rar\iw3mp.exe Cesta k chybujícímu modulu: unknown ID zprávy:
2f5ce180-4ae3-11e2-b6e5-6c626d0ff836

Error - 22.12.2012 11:48:50 | Computer Name = Martin-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WSCommCntr4.exe, verze: 3.5.19.0, časové
razítko: 0x4f175a2a Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385,
časové razítko: 0x4a5bdadb Kód výjimky: 0xc0000005 Posun chyby: 0x0002fc47 ID chybujícího
procesu: 0x16e4 Čas spuštění chybující aplikace: 0x01cde05bd56b5f90 Cesta k chybující
aplikaci: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe
Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 141df860-4c4f-11e2-b3f5-6c626d0ff836

Error - 23.12.2012 11:57:37 | Computer Name = Martin-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WSCommCntr4.exe, verze: 3.5.19.0, časové
razítko: 0x4f175a2a Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385,
časové razítko: 0x4a5bdadb Kód výjimky: 0xc0000005 Posun chyby: 0x0002fc47 ID chybujícího
procesu: 0x15b8 Čas spuštění chybující aplikace: 0x01cde1263995d520 Cesta k chybující
aplikaci: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe
Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 78ad9860-4d19-11e2-b220-6c626d0ff836

[ System Events ]
Error - 12.12.2012 17:35:51 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 13.12.2012 11:43:54 | Computer Name = Martin-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 16.12.2012 15:32:01 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7034
Description = Služba AfterFLICS v3 byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 16.12.2012 15:32:01 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7034
Description = Služba mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit
byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 16.12.2012 15:32:01 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7034
Description = Služba mental ray 3.10 Satellite for Autodesk 3ds Max 2013 32-bit
byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 16.12.2012 15:32:04 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 16.12.2012 15:35:51 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 16.12.2012 15:39:11 | Computer Name = Martin-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (20:38:08, ?16.?12.?2012) bylo neočekávané.

Error - 21.12.2012 6:44:02 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Steam Client Service bylo dosaženo
časového limitu (30000 ms).

Error - 21.12.2012 6:44:02 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7000
Description = Služba Steam Client Service neuspěla při spuštění v důsledku následující
chyby: %%1053


< End of report >

Re: Skype vir

Napsal: 25 pro 2012 20:18
od vyosek
:arrow: Na office jste licenci koupenuo nemel, predpokladam ze na ty Windows Ultimate tez ne ze :?:

Re: Skype vir

Napsal: 26 pro 2012 13:33
od lokem22
No..já nevim. Počítač jsem dostal a už tam všechno bylo nainstalovany.

Re: Skype vir

Napsal: 27 pro 2012 02:33
od vyosek
:arrow: Tak vas nekdo tzv ojebal, je tam crack na ne..Tentokrate dodelame rozdelanou praci ale priste bude pomoc odmitnuta :!: Nehlede na to spoustu cracku\keygenu :twisted:

:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Martin\AppData\Local\Temp\CFcatchme.sys -- (CFcatchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Martin\AppData\Local\Temp\catchme.sys -- (catchme)
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2514172838-1309040562-4224439681-1000\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2514172838-1309040562-4224439681-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2514172838-1309040562-4224439681-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2514172838-1309040562-4224439681-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=111304&tt=270912_7a_3912_6&babsrc=SP_ss&mntrId=c42b09d4000000000000001f1f8e1039
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[13 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 173 bytes -> C:\ProgramData\TEMP:BF3D62E7
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:A1EDB939

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=-
"QuickTime Task"=-
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=-
"DAEMON Tools Lite"=-
"ICQ"=-
"Klrory"=-

:files
C:\Users\Martin\AppData\Roaming\????.exe
c:\Users\Martin\AppData\Roaming\uTorrent\*crack*.*
c:\Program Files\Sony\Vegas Pro 11.0\Keygen.exe
c:\Users\Martin\AppData\Roaming\uTorrent\ADOBE.CS6.0.MASTER.COLLECTION.WIN.KEYGEN-XFORCE.torrent
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: Skype vir

Napsal: 28 pro 2012 16:22
od lokem22
Ok..děkuju..takže abyste mi tu příště zase pomohli, tak musim mít v počítači všechno origo?

All processes killed
========== OTL ==========
Service CFcatchme stopped successfully!
Service CFcatchme deleted successfully!
File C:\Users\Martin\AppData\Local\Temp\CFcatchme.sys not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\Users\Martin\AppData\Local\Temp\catchme.sys not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-2514172838-1309040562-4224439681-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-2514172838-1309040562-4224439681-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2514172838-1309040562-4224439681-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2514172838-1309040562-4224439681-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE4.tmp folder deleted successfully.
C:\Windows\temp\~679A.tmp deleted successfully.
C:\Windows\temp\~6C99.tmp deleted successfully.
C:\Windows\temp\~6E9C.tmp deleted successfully.
C:\Windows\temp\~72EF.tmp deleted successfully.
C:\Windows\temp\~73CA.tmp deleted successfully.
C:\Windows\temp\~7511.tmp deleted successfully.
C:\Windows\temp\~7743.tmp deleted successfully.
C:\Windows\temp\~77B0.tmp deleted successfully.
C:\Windows\temp\~7926.tmp deleted successfully.
C:\Windows\temp\~7FFA.tmp deleted successfully.
C:\Windows\temp\~88A1.tmp deleted successfully.
C:\Windows\temp\~977F.tmp deleted successfully.
C:\Windows\temp\~9B95.tmp deleted successfully.
C:\Windows\temp\~C3DC.tmp deleted successfully.
C:\Windows\temp\~DAF5.tmp deleted successfully.
C:\Windows\temp\~E551.tmp deleted successfully.
ADS C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
ADS C:\ProgramData\TEMP:BF3D62E7 deleted successfully.
ADS C:\ProgramData\TEMP:A1EDB939 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Klrory not found.
========== FILES ==========
File\Folder C:\Users\Martin\AppData\Roaming\????.exe not found.
c:\Users\Martin\AppData\Roaming\uTorrent\Assassins.Creed.3.Cracked-P2P.1.torrent moved successfully.
c:\Users\Martin\AppData\Roaming\uTorrent\Assassins.Creed.3.Cracked-P2P.torrent moved successfully.
c:\Users\Martin\AppData\Roaming\uTorrent\Battlefield.3.CRACK.ONLY-RELOADED.rar.torrent moved successfully.
c:\Users\Martin\AppData\Roaming\uTorrent\Exkluzivní obsah + crack.rar.torrent moved successfully.
c:\Users\Martin\AppData\Roaming\uTorrent\Medal of Honor Warfighter crack only-FLT + update-FLT.torrent moved successfully.
c:\Program Files\Sony\Vegas Pro 11.0\Keygen.exe moved successfully.
c:\Users\Martin\AppData\Roaming\uTorrent\ADOBE.CS6.0.MASTER.COLLECTION.WIN.KEYGEN-XFORCE.torrent moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Martin
->Temp folder emptied: 30726493 bytes
->Temporary Internet Files folder emptied: 18323930 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 206599418 bytes
->Flash cache emptied: 1950 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8778 bytes
RecycleBin emptied: 17981277592 bytes

Total Files Cleaned = 17 392,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Martin
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Martin
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12282012_160944

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Re: Skype vir

Napsal: 28 pro 2012 16:25
od vyosek
:arrow: Musime mit co zadaji pravidla fora - system a zabezpeceni. Ale samozrejme tu nebude resit PC, ktere je neustale zaliskane vlastni blbosti crackama apod...

:arrow: Jak se chova PC :???:

Re: Skype vir

Napsal: 28 pro 2012 16:28
od lokem22
Ok..je mi to jasny. PC už vypadá v pohodě..už se nic neposílá a skype nepadá.

Re: Skype vir

Napsal: 28 pro 2012 16:29
od vyosek
Tak jeste uklidime :James008:

:arrow: Odinstalujte Combofix
  • Prejmenujte ComboFix na Uninstall
  • Spustte jej
  • Tohle smaze Combofix a jeho slozky
:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|
Všechny časy jsou v UTC+01:00
Stránka 2 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz