VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

pokračování tématu Youtube Accelerator

https://forum.viry.cz:443/viewtopic.php?t=139522

Stránka 2 z 3

Re: pokračování tématu Youtube Accelerator

Napsal: 05 srp 2014 14:05
od vyosek
OuKej, uvidime jestli je to na FF ciste a pak co udela nova instalace

Re: pokračování tématu Youtube Accelerator

Napsal: 05 srp 2014 14:19
od pavel123
Tak bohužel, je to tam pořád. Otevírám zkusmo jen seznam a tentokrát už jsou tam jen 2 reklamy nebo spíš bannery, t oje sice určitý pokrok, ale není to ono :(
Ten profil, o kterém byla řeč, jsem ale před tím nenašel jinde, než ten ve FRST. Hledal jsem všechno se jménem mozilla, tak už nevím, kde by to jinde mohlo být.
Ještě mě napadá, jestli zrovna verze FF 31.0 nemá nějakou chybu ve filtrech. Uživatelský profil opět nemůžu najít.
Koukám do Document and Settings a ani po instalaci FF tam nikde není. Není tam ani složka Aplikační Data pod uživatelem Owner, jedině Application data pod All Users a to je prázdné.
Co kdybych to opět všechno odinstaloval a zkusil si stáhnout starší verzi FF a zakázal u ní automatické aktualizace?

Re: pokračování tématu Youtube Accelerator

Napsal: 05 srp 2014 16:31
od pavel123
Teď jsem si otevřel nějaký obrázek přes FF ze stránky, kde jsem byl už mnohokrát, je to firma Tony Clark, nějaké věco pro modeláře, nikdy jsem s tím neměl problém, tentokrát se mi natáhl nějaký trojský kůň, Esset ho zachytil a přesunul do karantény, odtud jsem ho smazal. Tak doufám, že se opravdu zachytil, že zas nemám v notebooku něco nového....
Připadá mi to, jako kdyby FF v mém ntb působil jako brána pro kdejakou havěť :( :(

Re: pokračování tématu Youtube Accelerator

Napsal: 05 srp 2014 16:39
od vyosek
:arrow: Pustte tam MBAM 1.75 dle kolegy
cernohous13 píše: :arrow: Stáhni a nainstaluj MBAM zde http://www.bleepingcomputer.com/downloa ... re/dl/241/ verzi 1.75
Při aktualizaci ti jako první nabídne instalaci nové verze - dáš Storno - bude aktualizována jen databáze
Po instalaci Spustit -> na 1.záložce "Kontrolor" -> Úplná kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení a program nezavírej

Re: pokračování tématu Youtube Accelerator

Napsal: 05 srp 2014 18:00
od pavel123
Díky, posílám log z MBAM.
Hlásí to nález 4 škodlivých objektů, mimo jiné i instalační soubor toho DocReaderu, kvůli jehož instalacito celé začlo :(
Teď mám ale jiný problém - ntb mám k internetu připojený přes wifi, je připojený k síti, signál je vynikající, ale přesto mi chrome hlásí, že se nelze připojit k internetu. Nepomohl ani restart chromu.
Nevím, že by běžící MBAM tomu připjení bránil? .... takže ten log jsem přetáhl přes flashku do pracovního pc a z toho to posílám.
Odcházím z práce, notebook se stále otevřeným MBAM tu nechávám, zítra u něj budu hned od rána.
P.


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.08.05.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: SASA [administrátor]

Ochrana: Povolena

5.8.2014 17:51:42
MBAM-log-2014-08-05 (18-47-36).txt

Typ: Kompletní kontrola (C:\|F:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 412988
Uplynulý čas: 55 minut, 1 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKLM\Software\focusbase (PUP.Optional.FocusBase.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 3
F:\Blender\SoftonicDownloader_for_blender-portable.exe (PUP.Optional.Softonic.A) -> Nebyla provedena žádná instrukce.
F:\MOD\DocReader\docreader_setup.exe (PUP.Optional.OutBrowse) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Owner\Local Settings\Temp\wiupdat.exe (Exploit.Drop.GS) -> Nebyla provedena žádná instrukce.

(konec)

Re: pokračování tématu Youtube Accelerator

Napsal: 05 srp 2014 18:02
od vyosek
:arrow: Nalezy MBAMu smazte

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
  • Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Re: pokračování tématu Youtube Accelerator

Napsal: 06 srp 2014 06:14
od pavel123
Zdravím,
posílám oba logy.
Bohužel trvá stav, že mi na ntb nejdou načítat internetové stránky při připojení přes wifi, i když je signál vynikající. Naštěstí mám i mobilní připojení přes usd modem (Vodafone) a přes to to funguje.
Co může MBAM provést s wifi připojením?

A teď ty logy:

OTL.Txt:

OTL logfile created on: 6.8.2014 6:51:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,75 Gb Total Physical Memory | 0,88 Gb Available Physical Memory | 50,30% Memory free
3,60 Gb Paging File | 2,80 Gb Available in Paging File | 77,91% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 71,78 Gb Free Space | 73,50% Space Free | Partition Type: NTFS
Drive E: | 38,22 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 200,43 Gb Total Space | 22,06 Gb Free Space | 11,01% Space Free | Partition Type: NTFS

Computer Name: SASA | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014.08.06 06:47:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
PRC - [2014.04.24 02:33:15 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.11.26 14:34:12 | 001,329,304 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2012.11.26 14:34:02 | 005,074,384 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2011.07.14 16:45:44 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
PRC - [2011.07.14 16:45:14 | 000,279,552 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
PRC - [2010.03.11 10:36:32 | 000,390,272 | ---- | M] (Bytemobile, Inc.) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\bmctl.exe
PRC - [2010.03.04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009.03.30 12:47:00 | 000,254,042 | ---- | M] (IDT, Inc.) -- c:\Program Files\IDT\WDM\stacsv.exe
PRC - [2009.02.18 13:41:56 | 000,737,280 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\AESTFltr.exe
PRC - [2008.12.11 14:23:08 | 001,456,768 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008.12.11 14:23:08 | 000,604,776 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.08.26 14:02:24 | 000,014,336 | ---- | M] (Agere Systems) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.01.18 18:35:32 | 000,028,672 | ---- | M] (Monet+, a.s.) -- C:\WINDOWS\system32\xmesrv.exe


========== Modules (No Company Name) ==========

MOD - [2014.04.24 02:33:13 | 000,390,472 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppgooglenaclpluginchrome.dll
MOD - [2014.04.24 02:33:10 | 004,081,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll
MOD - [2014.04.24 02:33:03 | 001,647,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
MOD - [2014.04.24 02:33:01 | 000,065,352 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
MOD - [2014.04.15 19:11:32 | 000,031,232 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.OutlookCon#\acf4d98025a5ccb1571abdbc24e23b3c\Vodafone.OutlookConnector.ni.dll
MOD - [2014.04.15 19:11:16 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\fd639d8d8def70deaf3b26cd073577f3\System.Runtime.Remoting.ni.dll
MOD - [2014.04.15 19:08:10 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2014.04.15 19:08:00 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2014.04.15 18:59:53 | 000,218,624 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.FNCClient11#\6d1b21650f981b7cea5dac8972d01a8f\Interop.FNCClient11Lib.ni.dll
MOD - [2014.04.15 18:59:53 | 000,034,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.UpdateMana#\87f65332c242d16e8c593815640d86eb\Vodafone.UpdateManager.ni.dll
MOD - [2014.04.15 18:59:52 | 000,192,512 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Model.Conn#\1be1b0fa8202ae142c27a759169c5207\Vodafone.Model.Connection.ni.dll
MOD - [2014.04.15 18:59:51 | 000,025,088 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Manag#\c29541d361e1fc7c6907b88eb64b26b4\Vodafone.View.ManagedToolTip.ni.dll
MOD - [2014.04.15 18:59:50 | 000,859,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Shared\3a0e1d35b68c66391102883f83e20bef\Vodafone.View.Shared.ni.dll
MOD - [2014.04.15 18:59:48 | 000,531,968 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Secon#\c99d6820881caed4fac5c048c1fe8bf3\Vodafone.View.SecondaryWindows.ni.dll
MOD - [2014.04.15 18:59:47 | 000,082,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Remot#\600c92d3ed8e5d47f48b1863fe050bc9\Vodafone.Core.Remoting.ni.dll
MOD - [2014.04.15 18:59:46 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.CoreI#\ec46b0ac2f56623628192686833ed538\Vodafone.Core.CoreInstanceProvider.ni.dll
MOD - [2014.04.15 18:59:45 | 000,734,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.WwanWrapper\16a931f6cf6d984abf9cad2b4896a58f\Vodafone.WwanWrapper.ni.dll
MOD - [2014.04.15 18:59:45 | 000,055,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.TrafficOpt#\b74a7dd588a83dac499178a4bca713eb\Vodafone.TrafficOptimiser.ni.dll
MOD - [2014.04.15 18:59:44 | 000,657,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Connection#\57ad376cba3df3b55c939f3e22bbc525\Vodafone.ConnectionServices.ni.dll
MOD - [2014.04.15 18:59:42 | 000,395,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.MbbManagem#\fe1c12fa4e653dff2d7537c302456af0\Vodafone.MbbManagement.ni.dll
MOD - [2014.04.15 18:59:41 | 000,506,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\42e9a6ebdbb26ad2ab860f1d7e1e0d64\Vodafone.DeviceAccess.Internals.ni.dll
MOD - [2014.04.15 18:59:41 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\361bc8a19d9f9528439da6f432587302\Vodafone.DeviceAccess.Interfaces.ni.dll
MOD - [2014.04.15 18:59:40 | 000,038,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\086ce8aea1c49ba48e0092004c8ce578\Vodafone.DeviceAccess.Factory.ni.dll
MOD - [2014.04.15 18:59:39 | 000,217,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Inter#\780caffd55151b7a2ec62df61cab4f05\Vodafone.Base.Internals.ni.dll
MOD - [2014.04.15 18:59:39 | 000,022,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.INSTALLERCO#\6dccba14217c12fb4a5591de73aa1ded\Interop.INSTALLERCONTROLLib.ni.dll
MOD - [2014.04.15 18:59:38 | 000,120,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Connection#\2ac43e310eaf37a4faa76ba7bbae4cfd\Vodafone.ConnectionManagement.ni.dll
MOD - [2014.04.15 18:59:38 | 000,031,744 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Facto#\d73c42d2bb2149b5e75343165ac85fa8\Vodafone.Base.Factory.ni.dll
MOD - [2014.04.15 18:59:37 | 000,119,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Vpn\06bd01696689b11ac96b4294ffa3f2ad\Vodafone.Vpn.ni.dll
MOD - [2014.04.15 18:59:37 | 000,070,144 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.VpnApiLib\23cb9ac0a3277e4cd2101407090f3db8\Interop.VpnApiLib.ni.dll
MOD - [2014.04.15 18:59:37 | 000,031,744 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.FCCOMINTDLL#\9939c86682256f87f3c73db5a579f6ae\Interop.FCCOMINTDLLLib.ni.dll
MOD - [2014.04.15 18:59:36 | 000,108,544 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.LanWlanMan#\3d6053b1687f2c1c8983045d0ec3c060\Vodafone.LanWlanManager.ni.dll
MOD - [2014.04.15 18:59:36 | 000,023,552 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Inter#\04236403c00d12b965cb5e58cd9f88c4\Vodafone.Core.Interfaces.ni.dll
MOD - [2014.04.15 18:59:33 | 001,033,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.BusinessLo#\f167675e1e0e4f44af648a987cf06769\Vodafone.BusinessLogic.ni.dll
MOD - [2014.04.15 18:59:31 | 000,050,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\437c0913424d7a4f39db778be67330f6\Vodafone.Contracts.Adapter.ni.dll
MOD - [2014.04.15 18:59:27 | 001,303,552 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\f299713c5a9a4ed5580f8979138fc7e5\Infragistics2.Win.UltraWinEditors.v9.2.ni.dll
MOD - [2014.04.15 18:59:24 | 003,346,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.M#\9a32f22658b61fecb230d846e5ec7279\Infragistics2.Win.Misc.v9.2.ni.dll
MOD - [2014.04.15 18:59:19 | 011,051,520 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.v#\85518a0338fa7334c40ea004d80d17f2\Infragistics2.Win.v9.2.ni.dll
MOD - [2014.04.15 18:59:07 | 000,871,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Share#\47aeb898d982b26d20eb7ee358f14f9d\Infragistics2.Shared.v9.2.ni.dll
MOD - [2014.04.15 18:59:04 | 007,135,744 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\625fc2f123a30f7f2a56c11206bc47d2\Infragistics2.Win.UltraWinToolbars.v9.2.ni.dll
MOD - [2014.04.15 18:58:56 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\fce9e5059ac44d3dad859001e9bdbcb8\Vodafone.Contracts.Presenter.ni.dll
MOD - [2014.04.15 18:58:55 | 000,114,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Contr#\577e3ee77b586051d50c79f439fccffc\Vodafone.Core.Contracts.ni.dll
MOD - [2014.04.15 18:58:54 | 000,132,608 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\52fb3d89ba8165755f07229efcc37c58\Vodafone.Contracts.Model.ni.dll
MOD - [2014.04.15 18:58:53 | 000,104,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\05c33eccd7844d004a4a1578030c4d4e\Vodafone.Contracts.View.ni.dll
MOD - [2014.04.15 18:58:53 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\1ed728bf4feffea3d5b1524032a416d5\Vodafone.DeviceAccess.Contracts.ni.dll
MOD - [2014.04.15 18:58:52 | 000,097,280 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\d59eb54f3953104d65df1bcb4329c277\Vodafone.Contracts.Common.ni.dll
MOD - [2014.04.15 18:58:52 | 000,047,104 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Common.Logging\6c7a86d70faf5a017b87743cea175e33\Common.Logging.ni.dll
MOD - [2014.04.15 18:58:51 | 002,104,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Spring.Core\e3e19e4b3ccd3f58c0eec81fa5807063\Spring.Core.ni.dll
MOD - [2014.04.15 18:58:49 | 000,042,496 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.InstancePr#\e491ad7405c883976ca22899c5e5a7b1\Vodafone.InstanceProvider.Impl.ni.dll
MOD - [2014.04.15 18:58:45 | 000,810,496 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Applicatio#\3da5a022f63ac96c35bfac6f072ea686\Vodafone.ApplicationHost.Impl.ni.dll
MOD - [2014.04.15 18:58:42 | 000,351,744 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.ReportingM#\46e4d8a24af304dc6feb6f89bbf25b6d\Vodafone.ReportingManager.ni.dll
MOD - [2014.04.15 18:58:41 | 000,197,632 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsContact#\e2beefb9e6c261f66500acd23b339a89\Vodafone.SmsContactManager.ni.dll
MOD - [2014.04.15 18:58:40 | 000,335,872 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.CommonDial#\5e6029fc9d5446ee26e30927c80034de\Vodafone.CommonDialogs.ni.dll
MOD - [2014.04.15 18:58:39 | 000,119,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.Shell32\9616ca21b2d6b54c510ff0f9b2e2545a\Interop.Shell32.ni.dll
MOD - [2014.04.15 18:58:38 | 000,080,384 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsProfile#\4d19bd1a5d93b0578583e0b306b28790\Vodafone.SmsProfileManager.ni.dll
MOD - [2014.04.15 18:58:38 | 000,067,072 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.SettingsMa#\a878abb5c1326696c1b3bdcb8e1fe782\Vodafone.SettingsManager.ni.dll
MOD - [2014.04.15 18:58:37 | 000,351,232 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DataAccess#\40127b9fbd0f04f22c9fc24dc3a7dfc9\Vodafone.DataAccessor.ni.dll
MOD - [2014.04.15 18:58:36 | 001,446,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MobileBroadbandReso#\2d4b6add1654568af942c79e1e10668a\MobileBroadbandResources.ni.dll
MOD - [2014.04.15 18:58:36 | 000,074,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.NtServiceM#\dcf57c9a2220cafa0a143f960ec9731d\Vodafone.NtServiceMessaging.ni.dll
MOD - [2014.04.15 18:58:35 | 000,352,768 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Win32\5ed01c070e0f96b878f60bccc634540b\Vodafone.Base.Win32.ni.dll
MOD - [2014.04.15 18:58:35 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8cd995f00848816e3ec49dc326e3d49b\System.ServiceProcess.ni.dll
MOD - [2014.04.15 18:58:25 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\7e310942e6e9a5d623e003130ec3d9bd\System.Transactions.ni.dll
MOD - [2014.04.15 18:58:05 | 000,019,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.MobileBroa#\9e59b9ac82d7e6e5ac6bd010fbdad100\Vodafone.MobileBroadband.CallbackHandler.ni.dll
MOD - [2014.04.15 18:58:04 | 000,181,248 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Common\bb2f26631d250577ca1b16a41ceece57\Vodafone.Common.ni.dll
MOD - [2014.04.15 18:58:00 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\5c157466d360a10b2c97e94b41ddc588\System.Management.ni.dll
MOD - [2014.04.15 18:57:59 | 000,171,520 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Contr#\e3ac5ed3a2f3d86bedec74d294cea2d1\Vodafone.Base.Contracts.ni.dll
MOD - [2014.04.15 18:57:58 | 000,671,744 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Data\11fa14ea217b5c73d3f7b770ecfc0720\Vodafone.Data.ni.dll
MOD - [2014.04.15 18:57:57 | 001,385,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Platform\73c88f4d5ec27923d3acd8417e45e556\Vodafone.Platform.ni.dll
MOD - [2014.04.15 18:57:55 | 000,098,304 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.LogEngine\48955f27fbb8479c5e7d080bcfba66a3\Vodafone.LogEngine.ni.dll
MOD - [2014.04.15 18:57:53 | 000,688,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\276e1fc8b4f195925982f516b26defcd\System.Security.ni.dll
MOD - [2014.04.15 18:57:49 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b6e70acd99dc22e29b7fc8f9ac340c4\System.Configuration.ni.dll
MOD - [2014.04.15 18:57:47 | 000,264,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MobileBroadband\a240f278b8258d126759a1c6a0865f1d\MobileBroadband.ni.exe
MOD - [2014.04.15 18:56:58 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\06b454361516e65eca55a743cd93cefc\Accessibility.ni.dll
MOD - [2014.04.15 18:55:27 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7faf645dc46781225cb722edf9e1e738\System.Xml.ni.dll
MOD - [2014.04.15 18:55:16 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1cdfe1998ad6794db3237006906c6fa2\System.Windows.Forms.ni.dll
MOD - [2014.04.15 18:55:00 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\424bff3295c6e7539cc6df62b9425bd0\System.Drawing.ni.dll
MOD - [2014.04.15 18:54:31 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\af8afdcab485e00a04b18ed487981f3d\System.Data.ni.dll
MOD - [2014.04.15 18:53:09 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3ba8c96828c9\System.ni.dll
MOD - [2014.04.15 18:52:56 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216ca83292cb2f21\mscorlib.ni.dll
MOD - [2010.03.04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2009.05.18 10:55:48 | 007,745,536 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2009.05.18 10:55:44 | 002,121,728 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
MOD - [2009.05.18 10:55:44 | 000,135,168 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2008.12.11 14:22:10 | 002,854,976 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2008.12.11 14:20:20 | 000,069,697 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008.04.14 14:00:00 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2014.07.17 07:42:17 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.09.12 08:22:24 | 000,182,696 | ---- | M] (Oracle Corporation) [Disabled | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.11.26 14:34:12 | 001,329,304 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2011.07.14 16:45:44 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService)
SRV - [2010.03.04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009.03.30 12:47:00 | 000,254,042 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2008.08.26 14:02:24 | 000,014,336 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.01.18 18:35:32 | 000,028,672 | ---- | M] (Monet+, a.s.) [Auto | Running] -- C:\WINDOWS\system32\xmesrv.exe -- (xmengine service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Disabled | Unknown] -- system32\DRIVERS\epfwtdir.sys -- (epfwtdir)
DRV - [2013.10.24 22:39:14 | 000,063,104 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\silabser.sys -- (silabser)
DRV - [2013.10.24 22:39:14 | 000,047,176 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\silabenm.sys -- (silabenm)
DRV - [2013.04.10 10:06:00 | 000,033,112 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.10.08 09:21:08 | 000,149,568 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2012.10.08 09:21:08 | 000,121,216 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2012.10.08 09:21:08 | 000,062,512 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2012.10.08 09:21:08 | 000,040,376 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2012.10.08 09:21:06 | 000,159,832 | ---- | M] (ESET) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2012.05.22 09:47:22 | 000,005,632 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2012.01.26 16:03:28 | 000,483,200 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2011.07.12 15:02:30 | 000,073,344 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2011.07.12 15:02:24 | 000,192,768 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011.05.12 12:30:53 | 000,003,078 | ---- | M] (ASIX s.r.o) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\asixio.sys -- (ASIXIo)
DRV - [2010.09.01 15:33:12 | 000,080,000 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum)
DRV - [2010.03.11 10:36:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2010.03.11 10:36:24 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2009.09.10 15:58:26 | 000,021,648 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OlyCamComm.sys -- (OlyCamComm)
DRV - [2009.08.10 13:07:32 | 000,089,600 | ---- | M] (Gemalto) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GemCCID.sys -- (GemCCID)
DRV - [2009.07.29 15:22:29 | 001,735,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2009.04.02 01:25:04 | 003,597,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.03.31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.30 12:47:00 | 001,550,891 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2009.03.27 10:08:00 | 000,296,960 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2009.03.26 14:39:14 | 001,765,168 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009.03.20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2009.03.20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2009.02.18 13:41:56 | 000,113,536 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2009.01.14 15:16:20 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2009.01.14 15:16:20 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2009.01.14 15:16:18 | 000,991,656 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2009.01.14 15:16:18 | 000,534,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2009.01.14 15:16:18 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008.10.29 15:43:44 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.04.14 01:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-583907252-1450960922-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-583907252-1450960922-1417001333-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-583907252-1450960922-1417001333-1003\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-583907252-1450960922-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-583907252-1450960922-1417001333-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... {startPage}
IE - HKU\S-1-5-21-583907252-1450960922-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: 45633fba7e7d40fea9c29%409dc18447eea04021a325caf3.com:0.95.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.666: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.666: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.666: C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.666: C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.666: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.08.30 10:27:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\ [2012.03.21 10:23:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014.07.30 08:20:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014.07.30 08:20:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013.02.04 14:09:20 | 000,000,000 | ---D | M]

[2009.07.31 17:43:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Extensions
[2014.08.05 09:39:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions
[2011.03.10 09:10:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2014.07.31 13:47:00 | 000,000,000 | ---D | M] ("Ge-Force") -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com
[2014.08.05 11:14:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com\extensionData
[2014.08.05 11:14:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com\extensionData\plugins
[2014.08.05 11:14:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com\extensionData\userCode
[2014.05.07 13:37:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profilesqplye22f.default\extensions
[2014.05.07 13:37:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profilesqplye22f.default\extensions\staged
[2014.08.05 15:07:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.08.05 15:07:33 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\QPLYE22F.DEFAULT\EXTENSIONS\45633FBA7E7D40FEA9C29@9DC18447EEA04021A325CAF3.COM

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: VyhledávánĂ­ Google = C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_1\
CHR - Extension: Peněženka Google = C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Gmail = C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2014.08.05 09:39:42 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-583907252-1450960922-1417001333-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-583907252-1450960922-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-583907252-1450960922-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Site Finder - {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} - Reg Error: Key error. File not found
O15 - HKU\S-1-5-21-583907252-1450960922-1417001333-1003\..Trusted Domains: iitech.dk ([]* in Trusted sites)
O15 - HKU\S-1-5-21-583907252-1450960922-1417001333-1003\..Trusted Domains: marketaccess.cz ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D0256610-12AC-42BE-9E20-502F197A7D36}: NameServer = 217.77.165.81 217.77.161.131
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.12.18 17:27:49 | 000,000,119 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.avis - C:\WINDOWS\System32\ff_acm.acm ()
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2014.08.06 06:47:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
[2014.08.05 17:48:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Data aplikací\Malwarebytes
[2014.08.05 17:48:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2014.08.05 17:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2014.08.05 17:47:59 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014.08.05 17:47:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014.08.05 17:43:14 | 010,284,816 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Plocha\mbam-setup-1.75.0.1300.exe
[2014.08.05 15:07:34 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014.08.05 15:05:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2014.08.04 11:56:41 | 000,000,000 | ---D | C] -- C:\FRST
[2014.08.04 11:54:44 | 001,084,928 | ---- | C] (Farbar) -- C:\Documents and Settings\Owner\Plocha\FRST.exe
[2014.08.01 12:46:58 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2014.08.01 09:23:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2014.07.31 13:53:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Data aplikací\Seznam.cz
[2014.07.31 13:49:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Data aplikací\Media Freeware
[2014.07.31 13:46:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data
[2014.07.31 13:45:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Data aplikací\CrashRpt
[2014.07.30 13:43:43 | 000,000,000 | ---D | C] -- C:\Program Files\Spirit Setings
[2014.07.30 08:20:38 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

========== Files - Modified Within 7 Days ==========

[2014.08.06 06:58:48 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.08.06 06:47:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
[2014.08.06 06:42:35 | 000,173,776 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2014.08.06 06:42:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.08.05 17:48:03 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2014.08.05 17:43:53 | 010,284,816 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Plocha\mbam-setup-1.75.0.1300.exe
[2014.08.05 15:07:36 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2014.08.05 12:52:00 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2014.08.05 09:39:42 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014.08.04 21:34:56 | 000,000,001 | ---- | M] () -- C:\Documents and Settings\Owner\Dokumenty\.spirit-settings.cfg
[2014.08.04 11:56:28 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Data aplikací\MSGBOX.EXE
[2014.08.04 11:56:28 | 000,015,327 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\LM.bat
[2014.08.04 11:54:52 | 001,084,928 | ---- | M] (Farbar) -- C:\Documents and Settings\Owner\Plocha\FRST.exe
[2014.08.03 18:14:46 | 000,372,080 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014.08.03 17:22:30 | 000,013,736 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.07.31 13:44:56 | 000,001,871 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2014.07.31 07:54:38 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014.07.30 13:43:47 | 000,001,598 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Spirit Settings.lnk

========== Files Created - No Company Name ==========

[2014.08.06 06:58:48 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.08.05 17:48:03 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2014.08.05 15:07:36 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2014.08.05 15:07:35 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
[2014.08.05 09:41:05 | 000,000,924 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2014.08.04 11:56:28 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Data aplikací\MSGBOX.EXE
[2014.08.04 11:56:28 | 000,015,327 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\LM.bat
[2014.07.30 14:54:52 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\Owner\Dokumenty\.spirit-settings.cfg
[2014.07.30 13:43:47 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Spirit Settings.lnk
[2014.07.30 13:43:47 | 000,001,598 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Spirit Settings.lnk
[2013.10.16 08:17:12 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.09.11 18:37:21 | 002,164,002 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-583907252-1450960922-1417001333-1003-0.dat
[2013.09.10 22:47:25 | 000,334,322 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2013.06.19 06:42:37 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.03.08 10:48:18 | 000,033,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2012.05.22 09:37:47 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Owner\Data aplikací\$_hpcst$.hpc
[2011.07.12 15:02:16 | 000,232,496 | R--- | C] () -- C:\Documents and Settings\All Users\Data aplikací\DeviceManager.xml.rc4
[2010.12.16 08:41:54 | 000,006,555 | ---- | C] () -- C:\Documents and Settings\Owner\_viminfo
[2010.09.10 08:58:50 | 000,000,559 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Data aplikací\CastleLinkProps.dat
[2009.07.30 14:40:42 | 000,114,176 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009.07.29 15:28:25 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013.09.23 09:39:01 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014.01.24 07:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\AVG
[2013.02.08 18:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\ESET
[2012.06.15 17:51:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Vodafone
[2010.09.29 09:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2013.02.04 09:54:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2014.01.23 08:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2012.12.18 09:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BlazeVideo
[2010.12.31 14:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
[2014.01.23 08:26:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.02.04 14:09:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.08.15 22:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OLYMPUS
[2012.05.22 10:00:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2014.07.31 15:16:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2012.03.21 10:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Vodafone
[2014.01.23 08:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVG
[2009.07.30 12:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Vodafone
[2010.11.05 14:10:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Abdiel
[2014.01.23 08:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\AVG
[2010.12.31 14:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Canneverbe Limited
[2012.06.07 08:14:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Castle Creations
[2013.02.04 14:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\ESET
[2013.09.10 21:13:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\marketaccess_cz
[2014.07.31 13:49:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Media Freeware
[2011.05.20 18:42:00 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Owner\Data aplikací\Microchip
[2012.05.22 10:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\PC Suite
[2012.05.22 11:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Samsung
[2014.07.31 14:02:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Seznam.cz
[2012.03.21 10:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Vodafone
[2013.08.08 21:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\{46577E3C-95B4-4f4f-B4A7-0C29D12FB15D}

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.29 14:51:20 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.07.29 14:55:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2014.08.05 09:41:05 | 000,000,924 | ---- | C] () -- C:\WINDOWS\Tasks\Google Software Updater.job

< >

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe

< MD5 for: SVCHOST.EXE >
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[20 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.11.05 14:10:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Abdiel
[2013.01.22 09:48:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Adobe
[2009.07.30 07:35:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\ATI
[2014.01.23 08:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\AVG
[2010.12.31 14:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Canneverbe Limited
[2012.06.07 08:14:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Castle Creations
[2010.10.05 14:11:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Corel
[2010.08.15 23:37:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\CyberLink
[2013.03.05 16:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\dvdcss
[2013.02.04 14:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\ESET
[2012.03.21 10:33:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\FLEXnet
[2013.01.11 14:57:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Google
[2013.03.08 10:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\GRETECH
[2009.11.09 14:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Help
[2014.01.24 09:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\hpqLog
[2009.07.29 14:57:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Identities
[2009.07.29 15:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\InstallShield
[2009.08.19 13:16:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Macromedia
[2014.08.05 17:48:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Malwarebytes
[2013.09.10 21:13:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\marketaccess_cz
[2014.07.31 13:49:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Media Freeware
[2011.05.20 18:42:00 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Owner\Data aplikací\Microchip
[2013.01.22 09:48:37 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Owner\Data aplikací\Microsoft
[2009.07.31 17:43:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Mozilla
[2012.05.22 10:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\PC Suite
[2011.11.24 15:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Real
[2012.05.22 11:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Samsung
[2014.07.31 14:02:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Seznam.cz
[2013.09.12 08:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Sun
[2013.03.08 10:32:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\vlc
[2012.03.21 10:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Vodafone
[2013.08.08 21:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\{46577E3C-95B4-4f4f-B4A7-0C29D12FB15D}

< %APPDATA%\*.exe /s >
[2007.03.22 12:46:42 | 000,126,976 | ---- | M] () -- C:\Documents and Settings\Owner\Data aplikací\GRETECH\GomPlayer\GrLauncher.exe
[2009.12.10 15:28:49 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Owner\Data aplikací\Microsoft\Installer\{20820A45-02A1-144C-21A3-A1812C5DDE23}\ARPPRODUCTICON.exe
[2014.02.21 12:48:33 | 000,503,376 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Owner\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\10.80\agent\rnupgagent.exe
[2013.05.16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Documents and Settings\Owner\Data aplikací\Seznam.cz\szninstall.exe
[2013.05.16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Documents and Settings\Owner\Data aplikací\Seznam.cz\sznsetup.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014.08.05 12:52:00 | 000,000,924 | ---- | M] () -- C:\WINDOWS\Tasks\Google Software Updater.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009.07.29 15:33:38 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.07.29 15:33:38 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.07.29 15:33:38 | 000,499,712 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.08.06 06:42:35 | 000,173,776 | ---- | M] () -- C:\WINDOWS\system32\ativvaxx.cap
[2014.08.03 18:14:46 | 000,372,080 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2014.08.03 17:22:30 | 000,013,736 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"LightScribe Control Panel" = C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden -- [2009.05.18 17:56:12 | 002,363,392 | ---- | M] (Hewlett-Packard Company)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2014.07.17 07:42:02 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=10F36FB8CD6218CD7F818268E0F3F9C6 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2014.04.24 02:33:15 | 000,841,032 | ---- | M] (Google Inc.) MD5=542459D16B416D054161007FC9B1246E -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.08.06 06:58:48 | 000,000,512 | ---- | M] () MD5=8D988375E3A08092A22EFDC5DFE4E939 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:56E2E879

< End of report >

Re: pokračování tématu Youtube Accelerator

Napsal: 06 srp 2014 06:18
od pavel123
Pokračování:

Extras.Txt:

OTL Extras logfile created on: 6.8.2014 6:51:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,75 Gb Total Physical Memory | 0,88 Gb Available Physical Memory | 50,30% Memory free
3,60 Gb Paging File | 2,80 Gb Available in Paging File | 77,91% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 71,78 Gb Free Space | 73,50% Space Free | Partition Type: NTFS
Drive E: | 38,22 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 200,43 Gb Total Space | 22,06 Gb Free Space | 11,01% Space Free | Partition Type: NTFS

Computer Name: SASA | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-583907252-1450960922-1417001333-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"{08807D11-5BD9-4A62-A8F7-93C49DDFE88F}" = Market Access by brokerjet – live verze
"{090765EE-74A0-4ABB-9B15-4C1F80AB3E10}" = Catalyst Control Center Graphics Full Existing
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F55F69B-FB6C-5157-A5DC-B8AC58048A1A}" = ATI Catalyst Install Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20820A45-02A1-144C-21A3-A1812C5DDE23}" = Catalyst Control Center InstallProxy
"{2576C501-677F-3206-C73C-E4F90F9433C4}" = ccc-core-preinstall
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2FF43F5D-5729-4E02-A548-310E30A5F29B}" = Microsoft CAPICOM 2.1.0.2 SDK
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.50 A1
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{390B21DF-7C00-8CE2-B205-B199BADCC4B7}" = Catalyst Control Center Graphics Previews Common
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40E009E6-B775-4642-A174-71CA2C3A2789}" = CS CryptoPlus v1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C35A5B5-940E-B44D-1ADA-52F1FE501FC7}" = Catalyst Control Center Graphics Full New
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{66B4E395-38E3-D233-FB72-EB81DF545985}" = Catalyst Control Center Graphics Light
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71536DEA-31B8-4728-80C2-9F7B360FA017}" = Castle Link
"{732A3F80-008B-4350-BD58-EC5AE98707B8}" = HP Common Access Service Library
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = HP Integrated Module with Bluetooth wireless technology
"{8913BD67-274C-0581-203B-9DA14CE43175}" = ccc-core-static
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B3E5A90-1F6E-4FAF-B84F-C306C8A80809}" = AeroFly Professional Deluxe
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISER_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISER_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISER_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISER_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISER_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISER_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISER_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISER_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISER_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISER_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISER_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISER_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{99DFA96E-68C8-48CC-B7A8-72FEF27F6CC1}" = ESET Smart Security
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A79E6F7D-002A-9B6C-7CB9-60CED94201DA}" = CCC Help English
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Czech
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{DB5443C9-A1C7-302A-1C1D-E24191B0E63D}" = Catalyst Control Center HydraVision Full
"{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software
"{E17E6A29-9FC8-30D8-8A33-0614F616A552}" = Catalyst Control Center Core Implementation
"{E2AC8456-E8E8-41CD-9344-D505FBF1F68F}" = MPLAB Tools v8.56
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{F639E2A2-FE6B-4527-B8BE-C1C423B81844}" = HP Webcam
"{FE6D6D42-6AE2-A259-F8C2-193CCE10C569}" = ccc-utility
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Balíček ovladače systému Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Any PDF to DWG Converter_is1" = Any PDF to DWG Converter 2010
"ATI Display Driver" = ATI Display Driver
"AutoCAD R14.0 Uninstall" = AutoCAD R14.0
"Broadcom 802.11b Network Adapter" = Bezdrátový adaptér Broadcom 802.11 LAN
"CCleaner" = CCleaner
"E77704EF5E71F4F18CADFBFA68595AFE036D5D97" = Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
"ENTERPRISER" = Microsoft Office Enterprise 2007
"F92C2D6CB4EA0EE558BDF5F8BDD69083DFC62179" = Balíček ovladače systému Windows - Silicon Laboratories (silabenm) Ports (10/18/2013 6.6.1.0)
"ffdshow_is1" = ffdshow [rev 2280] [2008-11-02]
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"InstallShield_{E2AC8456-E8E8-41CD-9344-D505FBF1F68F}" = MPLAB Tools v8.56
"InstallShield_{F639E2A2-FE6B-4527-B8BE-C1C423B81844}" = HP Webcam
"KONICA MINOLTA pagepro 4650 Installer" = KONICA MINOLTA pagepro 4650
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 31.0 (x86 cs)" = Mozilla Firefox 31.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PICC 9.71PL1" = HI-TECH C Compiler for the PIC10/12/16 MCUs V9.71aPL1
"PICC 9.81" = HI-TECH C Compiler for the PIC10/12/16 MCUs V9.81PL0
"RealPlayer 12.0" = RealPlayer
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Spirit Setings_is1" = Spirit Setings verze 1.0.24
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Vim 7.3" = Vim 7.3 (self-installing)
"VLC media player" = VLC media player 1.1.11
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-583907252-1450960922-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SeznamInstall" = Seznam Software

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 31.7.2014 7:49:40 | Computer Name = SASA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace sllauncher.exe, verze 5.1.30214.0, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 31.7.2014 7:54:11 | Computer Name = SASA | Source = Application Error | ID = 1000
Description = Chybující aplikace plugin-container.exe, verze 31.0.0.5310, chybující
modul mozalloc.dll, verze 31.0.0.5310, adresa chyby 0x0000141b.

Error - 31.7.2014 7:54:20 | Computer Name = SASA | Source = MsiInstaller | ID = 11309
Description = Product: Google Update Helper -- Error 1309. Error reading from file:
C:\Program Files\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.
System error 3. Verify that the file exists and that you can access it.

Error - 1.8.2014 1:06:40 | Computer Name = SASA | Source = VmbService | ID = 0
Description = GetLoggedOnUser

Error - 1.8.2014 10:27:00 | Computer Name = SASA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AcroRd32.exe, verze 11.0.7.79, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 3.8.2014 11:22:38 | Computer Name = SASA | Source = VmbService | ID = 0
Description = GetLoggedOnUser

Error - 4.8.2014 2:21:21 | Computer Name = SASA | Source = Application Error | ID = 1000
Description = Chybující aplikace plugin-container.exe, verze 31.0.0.5310, chybující
modul mozalloc.dll, verze 31.0.0.5310, adresa chyby 0x0000141b.

Error - 4.8.2014 2:52:52 | Computer Name = SASA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AcroRd32.exe, verze 11.0.7.79, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 4.8.2014 2:52:53 | Computer Name = SASA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AcroRd32.exe, verze 11.0.7.79, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 4.8.2014 13:58:07 | Computer Name = SASA | Source = VmbService | ID = 0
Description = System.Runtime.InteropServices.COMException (0x80080005) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

at System.Management.ManagementObjectCollection.get_Count() at Vodafone.Base.Internals.WmiHandler.WmiHandler.GetLoggedOnUser(String&
domain, String& user) at Vodafone.NtService.Core.DeviceManager.ProcessDeviceChangeQueue()

at Vodafone.NtService.Core.DeviceManager.DeviceChange()

[ System Events ]
Error - 4.8.2014 1:40:40 | Computer Name = SASA | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.40 pro síťovou kartu s adresou 0025566A8C7D
byla serverem DHCP 192.168.0.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 4.8.2014 2:56:01 | Computer Name = SASA | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: avgtp

Error - 4.8.2014 5:39:26 | Computer Name = SASA | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: avgtp

Error - 4.8.2014 8:11:52 | Computer Name = SASA | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 172.16.0.255 pro síťovou kartu se síťovou
adresou 0025566A8C7D byla ukončena.

Error - 4.8.2014 13:58:03 | Computer Name = SASA | Source = DCOM | ID = 10010
Description = Server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 5.8.2014 0:35:18 | Computer Name = SASA | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: avgtp

Error - 5.8.2014 1:00:03 | Computer Name = SASA | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.4 pro síťovou kartu s adresou 0025566A8C7D
byla serverem DHCP 192.168.0.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 5.8.2014 3:41:12 | Computer Name = SASA | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: avgtp

Error - 5.8.2014 12:41:06 | Computer Name = SASA | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 172.16.0.111 pro síťovou kartu se síťovou
adresou 0025566A8C7D byla ukončena.

Error - 6.8.2014 0:42:49 | Computer Name = SASA | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: avgtp


< End of report >

Re: pokračování tématu Youtube Accelerator

Napsal: 06 srp 2014 07:27
od vyosek
:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Disabled | Unknown] -- system32\DRIVERS\epfwtdir.sys -- (epfwtdir)
DRV - [2013.04.10 10:06:00 | 000,033,112 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\QPLYE22F.DEFAULT\EXTENSIONS\45633FBA7E7D40FEA9C29@9DC18447EEA04021A325CAF3.COM
[2014.07.31 13:47:00 | 000,000,000 | ---D | M] ("Ge-Force") -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\ [2012.03.21 10:23:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013.02.04 14:09:20 | 000,000,000 | ---D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra Button: Site Finder - {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} - Reg Error: Key error. File not found
O15 - HKU\S-1-5-21-583907252-1450960922-1417001333-1003\..Trusted Domains: iitech.dk ([]* in Trusted sites)
O15 - HKU\S-1-5-21-583907252-1450960922-1417001333-1003\..Trusted Domains: marketaccess.cz ([]* in Trusted sites)
[2014.08.04 11:56:28 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Data aplikací\MSGBOX.EXE
[2014.08.04 11:56:28 | 000,015,327 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\LM.bat
[2014.01.23 08:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2014.01.24 07:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\AVG
[2010.09.29 09:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2013.02.04 09:54:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2014.01.23 08:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2014.01.23 08:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVG
[2014.01.23 08:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\AVG
[2013.08.08 21:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\{46577E3C-95B4-4f4f-B4A7-0C29D12FB15D}
[2014.08.05 12:52:00 | 000,000,924 | ---- | M] () -- C:\WINDOWS\Tasks\Google Software Updater.job
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:56E2E879

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: pokračování tématu Youtube Accelerator

Napsal: 06 srp 2014 07:52
od pavel123
Díky.
Píšu teď z druhého pc.
Jak dlouho by tak proces v OTP měl trvat? Už několik minut (určitě víc než 10minut) je stav stále stejný, dole na liště OTP je napsáno "Killing processes. DONT INTERRUPT... " mám obavu, jestli se to nějak nezacyklilo...

Re: pokračování tématu Youtube Accelerator

Napsal: 06 srp 2014 07:54
od vyosek
Zkuste jej spustit v nouzovem rezimu...

Re: pokračování tématu Youtube Accelerator

Napsal: 06 srp 2014 07:59
od pavel123
Takže ho mám nějakým způsobem zavřít a ntb restartovat do nouzového režimu?
V nejhorším, pokud OTP nepůjde zavřít, mám notebook prostě natvrdo vypnout?

Re: pokračování tématu Youtube Accelerator

Napsal: 06 srp 2014 08:16
od pavel123
Natvrdo jsem ho vypnul - stejně s tím nic jiného nešlo udělat, ale bohužel jsem narazil na to, že nevím, jak ho spustit v nouzovém režimu. Je to HP Compaq 615.
Když jsem se posledně na Vaše forum obracel, šlo o notebook syna, to bylo Lenovo a tam se nouzový režim vždycky nabídl automaticky po vypnutí natvrdo.
U tohodle HP se to nenabízí, jedině v určitý moment stisknout esc, tak se nabídnou nějaké možnosti, ale nouzový režim ne.

Re: pokračování tématu Youtube Accelerator

Napsal: 06 srp 2014 08:25
od vyosek
Zkuste mackat F8 ihned po restartu...

Re: pokračování tématu Youtube Accelerator

Napsal: 06 srp 2014 08:44
od pavel123
Povedlo se, díky :) a v nouzovém režimu to proběhlo.

Takže dávám log z OTM:

All processes killed
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Error: No service named epfwtdir was found to stop!
Service\Driver key epfwtdir not found.
File system32\DRIVERS\epfwtdir.sys not found.
Service avgtp stopped successfully!
Service avgtp deleted successfully!
C:\WINDOWS\system32\drivers\avgtpx86.sys moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com\skin folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com\locale\en-US folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com\locale folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com\extensionData\userCode folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com\extensionData\plugins folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com\extensionData folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com\defaults folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com\chrome\content\core folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com\chrome\content\api folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com\chrome\content folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com\chrome folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com deleted successfully.
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\components folder moved successfully.
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\chrome\content folder moved successfully.
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\chrome folder moved successfully.
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com deleted successfully.
C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird\Components folder moved successfully.
C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D}\ not found.
Registry key HKEY_USERS\S-1-5-21-583907252-1450960922-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\iitech.dk\ not found.
Registry key HKEY_USERS\S-1-5-21-583907252-1450960922-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\marketaccess.cz\ not found.
C:\Documents and Settings\Owner\Local Settings\Data aplikací\MSGBOX.EXE moved successfully.
C:\Documents and Settings\Owner\Plocha\LM.bat moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL2014 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL\Program Statistics folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\AVG\AWL2014\TuningIndex folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\AVG\AWL2014\Backups folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\AVG\AWL2014 folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\AVG\AWL\CrashDumps folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\AVG\AWL folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\AVG folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Alwil Software\Avast5\sounds folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Alwil Software\Avast5\report folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Alwil Software\Avast5\moved folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Alwil Software\Avast5\log folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Alwil Software\Avast5\journal folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Alwil Software\Avast5\integ folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Alwil Software\Avast5\HtmlData folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Alwil Software\Avast5\fw folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Alwil Software\Avast5\chest folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Alwil Software\Avast5\backup folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Alwil Software\Avast5\arpot\TEMP folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Alwil Software\Avast5\arpot folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Alwil Software\Avast5 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Alwil Software folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVAST Software folder moved successfully.
Folder C:\Documents and Settings\All Users\Data aplikací\AVG\ not found.
C:\Documents and Settings\LocalService\Data aplikací\AVG\AWL2014\Backups folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG\AWL2014 folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG\AWL\CrashDumps folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG\AWL folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\AVG\AWL2014\TuningIndex folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\AVG\AWL2014\StartUp Manager folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\AVG\AWL2014\Dashboard folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\AVG\AWL2014\Backups folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\AVG\AWL2014 folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\AVG\AWL\CrashDumps folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\AVG\AWL folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\AVG folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\{46577E3C-95B4-4f4f-B4A7-0C29D12FB15D}\cache folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\{46577E3C-95B4-4f4f-B4A7-0C29D12FB15D} folder moved successfully.
C:\WINDOWS\Tasks\Google Software Updater.job moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:56E2E879 deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: admin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Owner
->Temp folder emptied: 11528010 bytes
->Temporary Internet Files folder emptied: 261321 bytes
->FireFox cache emptied: 34952887 bytes
->Google Chrome cache emptied: 27851200 bytes
->Flash cache emptied: 1787 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 71,00 mb


[EMPTYFLASH]

User: admin
->Flash cache emptied: 0 bytes

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: Owner
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: admin

User: Administrator

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Owner

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 08062014_093707

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Všechny časy jsou v UTC+01:00
Stránka 2 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz