Prosím o kontrolu logu

Zpráva

doomguy · #1 Příspěvek od **doomguy** » 16 pro 2011 19:26

Logfile of random's system information tool 1.09 (written by random/random)
Run by Karel at 2011-12-16 19:23:53
Microsoft Windows 7 Ultimate Service Pack 1
System drive G: has 23 GB (24%) free of 97 GB
Total RAM: 1791 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:24:16, on 16.12.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
G:\Windows\system32\taskhost.exe
G:\Windows\system32\Dwm.exe
G:\Windows\system32\taskhost.exe
G:\Program Files\Microsoft IntelliPoint\ipoint.exe
G:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
G:\Program Files\Microsoft Security Client\msseces.exe
G:\Program Files\Common Files\Java\Java Update\jusched.exe
G:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
G:\Program Files\Windows Sidebar\sidebar.exe
G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
G:\Users\Karel\Desktop\Skype.exe
G:\Windows\system32\wuauclt.exe
G:\Windows\explorer.exe
G:\Windows\explorer.exe
G:\Windows\explorer.exe
G:\Windows\explorer.exe
G:\Windows\explorer.exe
G:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
G:\Program Files\Vuze\Azureus.exe
G:\Program Files\Mozilla Firefox\firefox.exe
G:\Program Files\Mozilla Firefox\plugin-container.exe
G:\Users\Karel\Desktop\RSIT.exe
G:\Program Files\trend micro\Karel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - G:\Program Files\Vuze_Remote\prxtbVuze.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - G:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - G:\Program Files\Vuze_Remote\prxtbVuze.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - G:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - G:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - G:\Program Files\Vuze_Remote\prxtbVuze.dll
O4 - HKLM\..\Run: [PWRISOVM.EXE] G:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [IntelliPoint] "G:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [RtHDVCpl] G:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [MSC] "G:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "G:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "G:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "G:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "G:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LogMeIn GUI] "G:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKCU\..\Run: [Sidebar] G:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] G:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] G:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Download all with Free Download Manager - file://G:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://G:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://G:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://G:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://G:\PROGRA~1\MIF5BA~1\Office10\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: g:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: g:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted IP range: http://192.168.1.1
O15 - ESC Trusted IP range: http://192.168.1.1
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - G:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: AMD External Events Utility - AMD - G:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - G:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - G:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - G:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - G:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - G:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - G:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - G:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: TunngleService - Tunngle.net GmbH - G:\Program Files\Tunngle\TnglCtrl.exe

--
End of file - 6890 bytes

======Scheduled tasks folder======

G:\Windows\tasks\GoogleUpdateTaskMachineCore.job
G:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - G:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\k9lxisz5.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=G:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=G:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=G:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=G:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=G:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=G:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@parallelgraphics.com/Cortona]
"Description"=Cortona VRML Plugin
"Path"=G:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=G:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=G:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=G:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

G:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}

G:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

G:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

G:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\k9lxisz5.default\extensions\
LogMeInClient@logmein.com
{1018e4d6-728f-4b20-ad56-37578a4de76b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - G:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - G:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
Vuze Remote Toolbar - G:\Program Files\Vuze_Remote\prxtbVuze.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - G:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - G:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-11-11 57224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ba14329e-9550-4989-b3f2-9732e92d17cc} - Vuze Remote Toolbar - G:\Program Files\Vuze_Remote\prxtbVuze.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PWRISOVM.EXE"=G:\Program Files\PowerISO\PWRISOVM.EXE [2011-06-15 307200]
"IntelliPoint"=G:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-08-01 1821576]
"RtHDVCpl"=G:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-08-26 10828392]
"MSC"=G:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"LogMeIn Hamachi Ui"=G:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-15 1955208]
"SunJavaUpdateSched"=G:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-05-04 252136]
"Adobe Reader Speed Launcher"=G:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Adobe ARM"=G:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"StartCCC"=G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-25 343168]
"LogMeIn GUI"=G:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2011-09-16 63048]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"zASRockInstantBoot"= []
"ASRockOCTuner"= []
"Sidebar"=G:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

G:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - G:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=G:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"VIDC.IV41"=IR41_32.AX
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - G:\Windows\System32\Notepad.exe %1
.js - open - G:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-12-16 19:23:54 ----D---- G:\Program Files\trend micro
2011-12-16 19:23:53 ----D---- G:\rsit
2011-12-14 19:15:55 ----D---- G:\Program Files\Conduit
2011-12-14 19:15:49 ----D---- G:\Program Files\Vuze_Remote
2011-12-13 06:13:19 ----A---- G:\Windows\system32\LMIport.dll
2011-12-13 06:13:15 ----A---- G:\Windows\system32\LMIRfsClientNP.dll
2011-12-13 06:13:15 ----A---- G:\Windows\system32\drivers\LMIRfsDriver.sys
2011-12-13 06:13:03 ----A---- G:\Windows\system32\LMIinit.dll
2011-12-13 06:12:52 ----D---- G:\ProgramData\LogMeIn
2011-12-13 06:12:33 ----D---- G:\Program Files\LogMeIn
2011-12-11 21:05:54 ----A---- G:\Windows\system32\tzres.dll
2011-12-11 10:05:17 ----SHD---- G:\Config.Msi
2011-12-10 11:52:33 ----D---- G:\Program Files\CCleaner
2011-12-09 22:24:59 ----D---- G:\Program Files\SystemRequirementsLab
2011-12-09 22:24:54 ----D---- G:\Users\Karel\AppData\Roaming\SystemRequirementsLab
2011-12-09 17:32:59 ----D---- G:\Windows\system32\Music
2011-12-08 19:19:19 ----D---- G:\ProgramData\Blizzard Entertainment
2011-12-08 15:29:29 ----A---- G:\Windows\system32\fsutil.exe
2011-12-08 15:29:29 ----A---- G:\Windows\system32\esent.dll
2011-12-08 15:29:29 ----A---- G:\Windows\system32\drivers\storport.sys
2011-12-08 15:29:29 ----A---- G:\Windows\system32\drivers\nvstor.sys
2011-12-08 15:29:29 ----A---- G:\Windows\system32\drivers\nvraid.sys
2011-12-08 15:29:29 ----A---- G:\Windows\system32\drivers\ntfs.sys
2011-12-08 15:29:29 ----A---- G:\Windows\system32\drivers\iaStorV.sys
2011-12-08 15:29:29 ----A---- G:\Windows\system32\drivers\amdxata.sys
2011-12-08 15:29:29 ----A---- G:\Windows\system32\drivers\amdsata.sys
2011-12-08 15:29:28 ----A---- G:\Windows\system32\drivers\USBSTOR.SYS
2011-12-08 15:29:21 ----A---- G:\Windows\system32\drivers\usbuhci.sys
2011-12-08 15:29:21 ----A---- G:\Windows\system32\drivers\usbport.sys
2011-12-08 15:29:21 ----A---- G:\Windows\system32\drivers\usbohci.sys
2011-12-08 15:29:21 ----A---- G:\Windows\system32\drivers\usbhub.sys
2011-12-08 15:29:21 ----A---- G:\Windows\system32\drivers\usbehci.sys
2011-12-08 15:29:21 ----A---- G:\Windows\system32\drivers\usbd.sys
2011-12-08 15:29:20 ----A---- G:\Windows\system32\drivers\usbccgp.sys
2011-12-04 15:41:36 ----D---- G:\ProgramData\Codemasters
2011-12-04 15:34:12 ----A---- G:\Windows\system32\rapture3d_oal.dll
2011-12-04 15:34:12 ----A---- G:\Windows\system32\mkl_blueripple.dll
2011-12-04 15:34:10 ----D---- G:\Program Files\BRS
2011-12-04 15:34:07 ----D---- G:\Program Files\OpenAL
2011-12-04 15:34:06 ----RA---- G:\Windows\system32\tmpF694.tmp
2011-12-04 15:34:06 ----A---- G:\Windows\system32\wrap_oal.dll
2011-12-04 15:34:06 ----A---- G:\Windows\system32\OpenAL32.dll
2011-12-03 19:36:54 ----D---- G:\Program Files\Common Files\SWF Studio
2011-12-03 19:26:14 ----D---- G:\Program Files\Firefly Studios
2011-12-03 17:23:02 ----D---- G:\Program Files\Microsoft Games for Windows - LIVE
2011-12-03 12:57:43 ----A---- G:\Windows\ODBC.INI
2011-12-03 12:56:47 ----D---- G:\Program Files\Microsoft ActiveSync
2011-12-03 12:56:40 ----D---- G:\Program Files\Common Files\Designer
2011-12-03 12:56:17 ----D---- G:\Program Files\Microsoft Office
2011-12-02 22:53:07 ----A---- G:\Windows\system32\MFC71u.dll
2011-12-02 22:53:07 ----A---- G:\Windows\system32\drivers\BTCamDrv.sys
2011-12-02 22:41:40 ----A---- G:\Windows\system32\BTCamVideoSource.dll
2011-12-02 22:41:37 ----D---- G:\Program Files\Mobiola Web Camera for S60
2011-12-02 21:03:37 ----D---- G:\Program Files\Livestream Procaster
2011-12-01 16:11:34 ----A---- G:\Windows\system32\LicProtector310.exe
2011-12-01 16:10:43 ----D---- G:\Program Files\Free Offers from Freeze.com
2011-11-30 21:17:01 ----D---- G:\ProgramData\ATI
2011-11-30 21:10:15 ----D---- G:\Program Files\AMD APP
2011-11-28 16:25:59 ----A---- G:\Windows\system32\drivers\atksgt.sys
2011-11-28 16:25:58 ----A---- G:\Windows\system32\drivers\lirsgt.sys
2011-11-28 16:16:12 ----D---- G:\Users\Karel\AppData\Roaming\Ubisoft
2011-11-28 08:07:08 ----D---- G:\Program Files\Ubisoft
2011-11-27 19:38:02 ----D---- G:\Windows\system32\directx
2011-11-27 10:17:12 ----D---- G:\Program Files\IL-2 Sturmovik - 1946
2011-11-26 17:55:33 ----SHD---- G:\Windows\ftpcache
2011-11-26 10:55:56 ----D---- G:\Program Files\Common Files\Steam
2011-11-25 19:08:49 ----D---- G:\Program Files\ParallelGraphics
2011-11-25 19:08:48 ----D---- G:\Program Files\Common Files\ParallelGraphics
2011-11-25 19:07:47 ----D---- G:\Windows\JAVA
2011-11-22 20:00:19 ----D---- G:\Users\Karel\AppData\Roaming\Azureus
2011-11-22 19:59:38 ----D---- G:\Program Files\Vuze
2011-11-20 18:16:31 ----A---- G:\Windows\system32\mshtmled.dll
2011-11-20 18:16:31 ----A---- G:\Windows\system32\iertutil.dll
2011-11-20 18:16:30 ----A---- G:\Windows\system32\jscript9.dll
2011-11-20 18:16:30 ----A---- G:\Windows\system32\jscript.dll
2011-11-20 18:16:30 ----A---- G:\Windows\system32\ieui.dll
2011-11-20 18:16:29 ----A---- G:\Windows\system32\wininet.dll
2011-11-20 18:16:29 ----A---- G:\Windows\system32\urlmon.dll
2011-11-20 18:16:29 ----A---- G:\Windows\system32\jsproxy.dll
2011-11-20 18:16:28 ----A---- G:\Windows\system32\url.dll
2011-11-20 18:16:28 ----A---- G:\Windows\system32\ieframe.dll
2011-11-20 18:16:26 ----A---- G:\Windows\system32\mshtml.dll
2011-11-20 17:25:27 ----A---- G:\Windows\system32\shell32.dll
2011-11-20 17:25:25 ----A---- G:\Windows\system32\prevhost.exe
2011-11-20 17:25:24 ----A---- G:\Windows\system32\mssrch.dll
2011-11-20 17:25:23 ----A---- G:\Windows\system32\tquery.dll
2011-11-20 17:25:23 ----A---- G:\Windows\system32\SearchProtocolHost.exe
2011-11-20 17:25:23 ----A---- G:\Windows\system32\SearchIndexer.exe
2011-11-20 17:25:23 ----A---- G:\Windows\system32\SearchFilterHost.exe
2011-11-20 17:25:23 ----A---- G:\Windows\system32\mssvp.dll
2011-11-20 17:25:23 ----A---- G:\Windows\system32\mssphtb.dll
2011-11-20 17:25:23 ----A---- G:\Windows\system32\mssph.dll
2011-11-20 17:25:23 ----A---- G:\Windows\system32\msscntrs.dll
2011-11-20 17:25:22 ----A---- G:\Windows\system32\FntCache.dll
2011-11-20 17:25:22 ----A---- G:\Windows\system32\DWrite.dll
2011-11-20 17:25:21 ----A---- G:\Windows\system32\XpsPrint.dll
2011-11-20 17:25:21 ----A---- G:\Windows\system32\d2d1.dll
2011-11-20 17:25:20 ----A---- G:\Windows\system32\xmllite.dll
2011-11-20 17:25:20 ----A---- G:\Windows\explorer.exe
2011-11-20 17:25:19 ----A---- G:\Windows\system32\d3d10_1.dll
2011-11-20 17:25:18 ----A---- G:\Windows\system32\XpsGdiConverter.dll
2011-11-20 17:25:04 ----A---- G:\Windows\system32\drivers\Diskdump.sys
2011-11-20 17:24:24 ----A---- G:\Windows\system32\drivers\dxgmms1.sys
2011-11-20 15:16:55 ----D---- G:\Program Files\Rockstar Games
2011-11-19 17:20:50 ----D---- G:\Windows\Sun
2011-11-19 15:10:22 ----D---- G:\Users\Karel\AppData\Roaming\Media Player Classic
2011-11-17 19:16:24 ----D---- G:\Users\Karel\AppData\Roaming\ts3overlay
2011-11-17 19:14:39 ----D---- G:\Users\Karel\AppData\Roaming\TS3Client
2011-11-17 19:14:23 ----D---- G:\Program Files\TeamSpeak 3 Client
2011-11-17 12:41:48 ----D---- G:\Windows\system32\appmgmt
2011-11-17 12:25:59 ----A---- G:\Windows\system32\skyrmmem.dll
2011-11-17 12:25:59 ----A---- G:\Windows\system32\skyrmdd.dll
2011-11-17 12:25:51 ----A---- G:\Windows\system32\drivers\skyrm.sys
2011-11-17 12:25:50 ----D---- G:\Program Files\Scand LLC

======List of files/folders modified in the last 1 month======

2011-12-16 19:24:14 ----D---- G:\Windows\Prefetch
2011-12-16 19:23:54 ----RD---- G:\Program Files
2011-12-16 19:23:00 ----D---- G:\Windows\Temp
2011-12-16 19:18:43 ----D---- G:\Users\Karel\AppData\Roaming\Skype
2011-12-16 18:42:02 ----D---- G:\Windows\system32\config
2011-12-16 15:30:24 ----SHD---- G:\System Volume Information
2011-12-13 16:42:28 ----RD---- G:\Users
2011-12-13 06:15:25 ----SHD---- G:\Windows\Installer
2011-12-13 06:13:19 ----D---- G:\Windows\System32
2011-12-13 06:13:15 ----D---- G:\Windows\system32\drivers
2011-12-13 06:12:52 ----HD---- G:\ProgramData
2011-12-12 20:06:04 ----D---- G:\Users\Karel\AppData\Roaming\.minecraft
2011-12-12 09:14:27 ----D---- G:\Windows\rescache
2011-12-12 07:40:28 ----D---- G:\Windows\system32\wdi
2011-12-11 21:06:42 ----D---- G:\Windows\winsxs
2011-12-11 21:06:34 ----D---- G:\Windows\system32\en-US
2011-12-11 21:06:34 ----D---- G:\Windows\system32\cs-CZ
2011-12-11 10:07:14 ----RSD---- G:\Windows\assembly
2011-12-10 23:17:58 ----D---- G:\Windows\Microsoft.NET
2011-12-10 23:03:14 ----D---- G:\Windows\inf
2011-12-10 23:02:23 ----D---- G:\Windows\Logs
2011-12-10 22:10:01 ----D---- G:\Users\Karel\AppData\Roaming\Tunngle
2011-12-10 22:07:37 ----D---- G:\ProgramData\Tunngle
2011-12-10 17:40:08 ----D---- G:\Program Files\OpenTTD
2011-12-10 15:30:54 ----D---- G:\Windows
2011-12-10 11:56:09 ----D---- G:\Users\Karel\AppData\Roaming\Free Download Manager
2011-12-10 11:56:07 ----D---- G:\Windows\Panther
2011-12-10 11:56:04 ----D---- G:\Windows\debug
2011-12-10 11:47:32 ----D---- G:\Windows\system32\Tasks
2011-12-10 11:41:56 ----D---- G:\Program Files\Tunngle
2011-12-10 01:20:55 ----D---- G:\Windows\system32\DriverStore
2011-12-08 15:29:14 ----D---- G:\Windows\system32\catroot
2011-12-08 15:29:12 ----D---- G:\Windows\system32\catroot2
2011-12-08 15:27:42 ----A---- G:\Windows\system32\PerfStringBackup.INI
2011-12-05 16:43:58 ----SD---- G:\Users\Karel\AppData\Roaming\Microsoft
2011-12-03 20:58:09 ----D---- G:\PerfLogs
2011-12-03 19:36:54 ----D---- G:\Program Files\Common Files
2011-12-03 19:36:48 ----HD---- G:\Program Files\InstallShield Installation Information
2011-12-03 17:20:39 ----SD---- G:\ProgramData\Microsoft
2011-12-03 12:57:22 ----A---- G:\Windows\win.ini
2011-12-03 12:56:45 ----D---- G:\Program Files\Common Files\microsoft shared
2011-12-03 12:56:43 ----D---- G:\Windows\ShellNew
2011-12-03 12:56:29 ----D---- G:\Program Files\Common Files\System
2011-12-03 12:56:22 ----RSD---- G:\Windows\Fonts
2011-12-03 12:56:19 ----D---- G:\Windows\Help
2011-12-03 12:54:50 ----D---- G:\Windows\system
2011-12-03 11:35:38 ----AD---- G:\ProgramData\TEMP
2011-12-02 21:29:47 ----SHD---- G:\$Recycle.Bin
2011-12-02 20:00:01 ----A---- G:\Users\Karel\AppData\Roaming\Network Meter_Settings.ini
2011-11-30 21:10:07 ----D---- G:\Program Files\ATI Technologies
2011-11-30 21:09:50 ----D---- G:\ProgramData\AMD
2011-11-30 20:59:56 ----D---- G:\Program Files\Doom 3
2011-11-29 17:15:06 ----D---- G:\Program Files\Mozilla Firefox
2011-11-23 18:45:28 ----D---- G:\Windows\system32\drivers\UMDF
2011-11-20 18:39:39 ----D---- G:\Windows\system32\migration
2011-11-20 18:39:39 ----D---- G:\Program Files\Internet Explorer
2011-11-20 17:51:42 ----D---- G:\Windows\AppPatch
2011-11-20 17:26:18 ----D---- G:\Windows\SoftwareDistribution

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; G:\Windows\system32\DRIVERS\AtiPcie.sys [2010-06-17 14392]
R0 pciide;pciide; G:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; G:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; G:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 MpFilter;Microsoft Malware Protection Driver; G:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKsld64a04e4;MpKsld64a04e4; \??\G:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C1F632F1-17C5-48DA-985D-18236F183399}\MpKsld64a04e4.sys [2011-12-15 29904]
R1 SCDEmu;SCDEmu; G:\Windows\system32\drivers\SCDEmu.sys [2011-06-15 60156]
R2 AODDriver4.01;AODDriver4.01; \??\G:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2011-06-24 39424]
R2 lirsgt;lirsgt; G:\Windows\system32\DRIVERS\lirsgt.sys [2011-11-28 18048]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\G:\Windows\system32\drivers\LMIRfsDriver.sys [2011-09-16 47640]
R2 Parvdm;Parvdm; G:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdiox86;AMD IO Driver; G:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; G:\Windows\system32\DRIVERS\atikmdag.sys [2011-10-26 8853504]
R3 amdkmdap;amdkmdap; G:\Windows\system32\DRIVERS\atikmpag.sys [2011-10-26 264192]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; G:\Windows\system32\drivers\AtihdW73.sys [2011-06-06 211984]
R3 hamachi;Hamachi Network Interface; G:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); G:\Windows\system32\drivers\RTKVHDA.sys [2011-08-30 3659240]
R3 lmimirr;lmimirr; G:\Windows\system32\DRIVERS\lmimirr.sys [2011-09-16 10144]
R3 MpNWMon;Microsoft Malware Protection Network Driver; G:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 NisDrv;Microsoft Network Inspection System; G:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 Point32;Microsoft IntelliPoint Filter Driver; G:\Windows\system32\DRIVERS\point32.sys [2011-08-01 40936]
R3 RDPDR;Terminal Server Device Redirector Driver; G:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 RTL8167;Realtek 8167 NT Driver; G:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-30 187392]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); G:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 usbfilter;AMD USB Filter Driver; G:\Windows\system32\DRIVERS\usbfilter.sys [2011-08-17 41600]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\F:\hwinfo\HWiNFO32.SYS []
S1 MpKsl10c3a44a;MpKsl10c3a44a; \??\G:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1994F94-7CF9-402D-AB10-0BFB983DD06D}\MpKsl10c3a44a.sys []
S1 MpKsl4bfe65e3;MpKsl4bfe65e3; \??\G:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D043911E-A875-4AEC-BE0C-AECFD7026A81}\MpKsl4bfe65e3.sys []
S1 MpKsl6520a9ee;MpKsl6520a9ee; \??\G:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{066A8219-E5D5-4513-A4C3-DF2B6AE1A9C6}\MpKsl6520a9ee.sys []
S1 MpKslacd98a40;MpKslacd98a40; \??\G:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{08159659-0B3C-4E84-A37B-CED31389F6EE}\MpKslacd98a40.sys []
S1 MpKsld0517dcc;MpKsld0517dcc; \??\G:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CCB7A73D-F13A-4AE2-A37D-337B235C8D4E}\MpKsld0517dcc.sys []
S2 atksgt;atksgt; G:\Windows\system32\DRIVERS\atksgt.sys [2011-11-28 271360]
S2 LMIInfo;LogMeIn Kernel Information Provider; \??\G:\Program Files\LogMeIn\x86\RaInfo.sys [2011-09-16 12856]
S3 aic78xx;aic78xx; G:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; G:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AsrCDDrv;AsrCDDrv; \??\G:\Windows\system32\Drivers\AsrCDDrv.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; G:\Windows\system32\drivers\AtiHdmi.sys [2010-01-28 100352]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; G:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTCAMDRV;Mobiola Web Camera driver; G:\Windows\system32\DRIVERS\BTCamDrv.sys [2005-06-02 228352]
S3 dmvsc;dmvsc; G:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; G:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; G:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; G:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 skyrm;skyrm; G:\Windows\system32\DRIVERS\skyrm.sys [2010-04-29 2432]
S3 storvsc;storvsc; G:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; G:\Windows\System32\drivers\synth3dvsc.sys [2010-11-20 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver; G:\Windows\system32\drivers\terminpt.sys [2010-11-20 25600]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; G:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; G:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; G:\Windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
S3 usbscan;USB Scanner Driver; G:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 VGPU;VGPU; G:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; G:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; G:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; G:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; G:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; G:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S4 LMIRfsClientNP;LMIRfsClientNP; G:\Windows\system32\drivers\LMIRfsClientNP.sys []
S4 RsFx0103;RsFx0103 Driver; G:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; G:\Windows\system32\atiesrxx.exe [2011-10-26 176128]
R2 AMD FUEL Service;AMD FUEL Service; G:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-10-25 291840]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; G:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; G:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288]
R2 LMIGuardianSvc;LMIGuardianSvc; G:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe [2011-09-26 374152]
R2 MsMpSvc;Microsoft Antimalware Service; G:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 SQLWriter;SQL Server VSS Writer; G:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R2 wlidsvc;Windows Live ID Sign-in Assistant; G:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 AppMgmt;@appmgmts.dll,-3250; G:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 NisSrv;@G:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; G:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; G:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; G:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); G:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-11 136176]
S2 LMIMaint;LogMeIn Maintenance Service; G:\Program Files\LogMeIn\x86\RaMaint.exe [2011-09-26 136584]
S2 LogMeIn;LogMeIn; G:\Program Files\LogMeIn\x86\LogMeIn.exe [2011-09-16 390528]
S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); G:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
S3 aspnet_state;ASP.NET State Service; G:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); G:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-11 136176]
S3 IDriverT;InstallDriver Table Manager; G:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; G:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TunngleService;TunngleService; G:\Program Files\Tunngle\TnglCtrl.exe [2011-11-25 747880]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; G:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-03 1343400]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; G:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
S4 NetMsmqActivator;@G:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; G:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@G:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; G:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@G:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; G:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); G:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S4 SQLBrowser;SQL Server Browser; G:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 16 pro 2011 19:33

Zdravim a pekny vecer preji

Mohu mit dotaz, proc si bezny uzivatel kupuje nejvyssi licenci Windows Ultimate, ktera je urcena spise pro velke korporace, kdyz stejne nevyuzije nic vic nez nabizi verze Home Premium

doomguy · #3 Příspěvek od **doomguy** » 17 pro 2011 09:24

Omlovam se ze sem neodpovedel vcera silny vitr udelal neco s antenama od internetu,A windows ultimate mi doporucil kamarad protze je prý dobrý na hry (ja vetsinu casu u pocitace travim hranim her)..

#4 Příspěvek od **vyosek** » 17 pro 2011 09:41

Na hry staci i verze Home Premium, pripadne kdyz uz tak Profesional...Takze predpokladam, ze mate licenci radne zakoupenou

doomguy · #5 Příspěvek od **doomguy** » 17 pro 2011 09:53

Ja doufam taky....(bouzel je koupena ok jineho kamarada... rikal ze to nepouzil protze by mu to pry jeho pocitac neutahl) jinak atomaticke aktualizace funguji

#6 Příspěvek od **vyosek** » 17 pro 2011 10:02

doomguy píše:jinak atomaticke aktualizace funguji

Tak tohle pro dnesni cracky, loadery apod neni problem

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

doomguy · #7 Příspěvek od **doomguy** » 17 pro 2011 10:42

Program pri skenovani (nepamatuji si presne nazev) nejakeho zipfolder.dll vypsal hlasku : Cannot create file G:\Users\Karel\Desktop\cmd.bat pak zamrzl

#8 Příspěvek od **vyosek** » 17 pro 2011 11:02

Aha, opet ten bug OTL

Pouzijte tento (upraveny) skript

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
lsass.exe
ndis.sys
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%SystemDrive%\PhysicalMBR.bin /md5

doomguy · #9 Příspěvek od **doomguy** » 17 pro 2011 11:17

Otl.txt

OTL logfile created on: 12/17/2011 11:07:01 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = G:\Users\Karel\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

1.75 Gb Total Physical Memory | 0.68 Gb Available Physical Memory | 39.04% Memory free
3.50 Gb Paging File | 1.82 Gb Available in Paging File | 51.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = G: | %SystemRoot% = G:\Windows | %ProgramFiles% = G:\Program Files
Drive C: | 49.81 Gb Total Space | 3.75 Gb Free Space | 7.53% Space Free | Partition Type: NTFS
Drive D: | 300.88 Gb Total Space | 29.44 Gb Free Space | 9.79% Space Free | Partition Type: NTFS
Drive G: | 94.59 Gb Total Space | 22.75 Gb Free Space | 24.05% Space Free | Partition Type: NTFS
Drive H: | 20.48 Gb Total Space | 2.39 Gb Free Space | 11.65% Space Free | Partition Type: NTFS

Computer Name: KAREL-PC | User Name: Karel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011/12/17 10:08:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- G:\Users\Karel\Desktop\OTL.exe
PRC - [2011/12/13 19:17:30 | 000,924,632 | ---- | M] (Mozilla Corporation) -- G:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/11/10 04:11:50 | 000,417,792 | ---- | M] (AMD) -- G:\Windows\System32\atieclxx.exe
PRC - [2011/11/10 04:11:20 | 000,176,128 | ---- | M] (AMD) -- G:\Windows\System32\atiesrxx.exe
PRC - [2011/11/09 22:07:44 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- G:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011/09/26 18:15:36 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- G:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2011/09/26 08:49:06 | 017,353,352 | R--- | M] (Skype Technologies S.A.) -- G:\Users\Karel\Desktop\Skype.exe
PRC - [2011/08/15 16:18:14 | 001,955,208 | ---- | M] (LogMeIn Inc.) -- G:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011/08/15 16:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) -- G:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- G:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- G:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- G:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011/04/27 08:56:10 | 000,232,896 | ---- | M] (Vuze Inc.) -- G:\Program Files\Vuze\Azureus.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- G:\Windows\explorer.exe
PRC - [2010/11/20 22:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- G:\Windows\System32\taskhost.exe
PRC - [2010/08/09 13:47:54 | 000,248,832 | ---- | M] (FileHippo.com) -- G:\Program Files\FileHippo.com\UpdateChecker.exe

========== Modules (No Company Name) ==========

MOD - [2011/12/13 19:17:35 | 002,124,760 | ---- | M] () -- G:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/12/10 23:16:46 | 000,240,128 | ---- | M] () -- G:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\273292e88c7b60ecbae9d85e94cd097e\WindowsFormsIntegration.ni.dll
MOD - [2011/12/10 23:15:15 | 001,670,144 | ---- | M] () -- G:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\32f68764be7200d3796b55e377311245\Microsoft.VisualBasic.ni.dll
MOD - [2011/12/10 19:02:44 | 001,051,136 | ---- | M] () -- G:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\1049a76b3de293df726d380932215c91\System.Management.ni.dll
MOD - [2011/12/10 19:02:33 | 002,297,856 | ---- | M] () -- G:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll
MOD - [2011/12/10 11:49:31 | 000,368,128 | ---- | M] () -- G:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
MOD - [2011/12/10 11:49:04 | 011,819,520 | ---- | M] () -- G:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll
MOD - [2011/12/10 11:48:53 | 000,771,584 | ---- | M] () -- G:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MOD - [2011/12/10 11:48:16 | 014,339,072 | ---- | M] () -- G:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll
MOD - [2011/12/10 11:47:59 | 012,433,408 | ---- | M] () -- G:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011/12/10 11:47:53 | 001,587,200 | ---- | M] () -- G:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011/12/10 11:47:51 | 000,060,928 | ---- | M] () -- G:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\bb1d36ae26e7cadf563061596682e747\UIAutomationProvider.ni.dll
MOD - [2011/12/10 11:47:50 | 012,234,752 | ---- | M] () -- G:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
MOD - [2011/12/10 11:47:38 | 003,347,968 | ---- | M] () -- G:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/12/10 11:47:30 | 005,453,312 | ---- | M] () -- G:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011/12/10 11:47:23 | 000,971,264 | ---- | M] () -- G:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011/12/10 11:47:08 | 007,963,648 | ---- | M] () -- G:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/12/10 11:46:33 | 011,490,304 | ---- | M] () -- G:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/11/22 20:17:14 | 000,028,160 | ---- | M] () -- G:\Users\Karel\AppData\Roaming\Azureus\plugins\azutp\win32\utp.dll
MOD - [2011/11/16 14:47:05 | 008,527,008 | ---- | M] () -- G:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/11/12 10:37:13 | 008,013,664 | ---- | M] () -- G:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2011/11/09 22:10:38 | 000,369,152 | ---- | M] () -- G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011/11/09 22:07:50 | 000,095,232 | ---- | M] () -- G:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2011/10/04 16:57:00 | 000,335,239 | ---- | M] () -- G:\Program Files\K-Lite Codec Pack\Filters\LAV\swscale-lav-2.dll
MOD - [2011/10/04 16:57:00 | 000,215,296 | ---- | M] () -- G:\Program Files\K-Lite Codec Pack\Filters\LAV\avutil-lav-51.dll
MOD - [2011/10/04 16:56:58 | 005,616,084 | ---- | M] () -- G:\Program Files\K-Lite Codec Pack\Filters\LAV\avcodec-lav-53.dll
MOD - [2011/10/04 09:00:00 | 003,578,880 | ---- | M] () -- G:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax
MOD - [2011/06/13 04:48:56 | 003,715,584 | ---- | M] () -- G:\Users\Karel\Desktop\FormatFactory\FFModules\Filters\ffdshow\ffdshow.ax
MOD - [2011/04/27 08:56:18 | 000,102,400 | ---- | M] () -- G:\Program Files\Vuze\plugins\azitunes\jacob-1.14.3-x86.dll
MOD - [2011/04/27 08:56:10 | 000,087,480 | ---- | M] () -- G:\Program Files\Vuze\aereg.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/11/25 17:08:10 | 000,747,880 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- G:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2011/11/10 04:11:20 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- G:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011/11/09 22:07:44 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- G:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011/11/03 10:40:11 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- G:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/09/26 18:15:44 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- G:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2011/09/26 18:15:36 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- G:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011/09/16 15:10:50 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- G:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2011/08/15 16:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- G:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- G:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- G:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- G:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- G:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- G:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- G:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011/12/17 09:10:49 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- G:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C1F632F1-17C5-48DA-985D-18236F183399}\MpKsl00aa13c8.sys -- (MpKsl00aa13c8)
DRV - [2011/11/28 16:25:59 | 000,271,360 | ---- | M] () [Kernel | Auto | Stopped] -- G:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2011/11/28 16:25:58 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- G:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011/11/10 04:44:12 | 008,913,920 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- G:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/11/10 03:12:20 | 000,263,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- G:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011/10/17 18:40:44 | 000,085,520 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- G:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011/09/26 18:16:14 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- G:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2011/09/16 15:10:50 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- G:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2011/09/16 15:10:50 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- G:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2011/08/17 21:44:48 | 000,041,600 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- G:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2011/06/24 06:25:26 | 000,039,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- G:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.01)
DRV - [2011/06/15 09:23:56 | 000,060,156 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- G:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2011/04/27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- G:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- G:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/11/20 22:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- G:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- G:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- G:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 22:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- G:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010/11/20 22:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- G:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010/11/20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- G:\Windows\system32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- G:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- G:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- G:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- G:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/20 22:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- G:\Windows\system32\drivers\terminpt.sys -- (terminpt)
DRV - [2010/11/20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- G:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- G:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/06/17 10:15:36 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- G:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2010/04/29 15:21:36 | 000,002,432 | ---- | M] (Scand LLC) [Kernel | On_Demand | Stopped] -- G:\Windows\System32\drivers\skyrm.sys -- (skyrm)
DRV - [2010/02/18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- G:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2010/01/28 02:33:30 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- G:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/09/16 08:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- G:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV - [2009/03/30 03:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- G:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2009/03/18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- G:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2005/06/02 18:19:00 | 000,228,352 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- G:\Windows\System32\drivers\BTCamDrv.sys -- (BTCAMDRV)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - G:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3049283681-768927855-1199189573-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - G:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3049283681-768927855-1199189573-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: G:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: G:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: G:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: G:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: G:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: G:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@parallelgraphics.com/Cortona: G:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll (ParallelGraphics)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: G:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: G:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: G:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Components: G:\Program Files\Mozilla Firefox\components [2011/12/17 09:49:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Plugins: G:\Program Files\Mozilla Firefox\plugins

[2011/11/03 11:21:52 | 000,000,000 | ---D | M] (No name found) -- G:\Users\Karel\AppData\Roaming\Mozilla\Extensions
[2011/12/17 09:49:42 | 000,000,000 | ---D | M] (No name found) -- G:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\k9lxisz5.default\extensions
[2011/12/05 16:54:42 | 000,000,000 | ---D | M] (Flagfox) -- G:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\k9lxisz5.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011/12/13 16:40:33 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- G:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\k9lxisz5.default\extensions\LogMeInClient@logmein.com
[2011/12/17 09:49:12 | 000,000,000 | ---D | M] (No name found) -- G:\Program Files\Mozilla Firefox\extensions
[2011/12/17 09:49:12 | 000,000,000 | ---D | M] (No name found) -- G:\Program Files\Mozilla Firefox\distribution\extensions
() (No name found) -- G:\USERS\KAREL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K9LXISZ5.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI
() (No name found) -- G:\USERS\KAREL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K9LXISZ5.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2011/12/13 19:17:51 | 000,121,816 | ---- | M] (Mozilla Foundation) -- G:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/12/13 06:52:06 | 000,002,252 | ---- | M] () -- G:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/13 06:52:06 | 000,002,040 | ---- | M] () -- G:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - G:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - G:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - G:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - G:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - G:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3049283681-768927855-1199189573-1000\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - G:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O4 - HKLM..\Run: [LogMeIn GUI] G:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] G:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [MSC] G:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] G:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [StartCCC] G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-3049283681-768927855-1199189573-1000..\Run: [ASRockOCTuner] File not found
O4 - HKU\S-1-5-21-3049283681-768927855-1199189573-1000..\Run: [FileHippo.com] G:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-3049283681-768927855-1199189573-1000..\Run: [zASRockInstantBoot] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] G:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] G:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3049283681-768927855-1199189573-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download all with Free Download Manager - G:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - G:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - G:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - G:\Program Files\Free Download Manager\dllink.htm ()
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3049283681-768927855-1199189573-1000\..Trusted Ranges: Range1979 ([http] in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.168.254 192.168.167.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3621F856-B9C7-4E1C-B506-78D4EAE22127}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CAF743A9-D41A-48CD-B021-ED7D80C2E82F}: DhcpNameServer = 192.168.168.254 192.168.167.254
O20 - HKLM Winlogon: Shell - (explorer.exe) -G:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (G:\Windows\system32\userinit.exe) -G:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -G:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - G:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AUTORUN.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - G:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - G:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - G:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - G:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - G:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.IV41 - G:\Windows\System32\ir41_32.ax (Intel Corporation)
PhysicalDisk0 MBR saved to G:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011/12/17 11:04:15 | 000,000,000 | ---D | C] -- G:\Users\Karel\AppData\Roaming\Opera
[2011/12/17 11:04:15 | 000,000,000 | ---D | C] -- G:\Users\Karel\AppData\Local\Opera
[2011/12/17 11:04:10 | 000,000,000 | ---D | C] -- G:\Program Files\Opera
[2011/12/17 10:08:40 | 000,584,192 | ---- | C] (OldTimer Tools) -- G:\Users\Karel\Desktop\OTL.exe
[2011/12/17 10:01:33 | 000,000,000 | ---D | C] -- G:\Program Files\Common Files\Adobe
[2011/12/17 09:37:06 | 000,000,000 | ---D | C] -- G:\ProgramData\ATI
[2011/12/17 09:37:05 | 000,000,000 | ---D | C] -- G:\Program Files\AMD APP
[2011/12/17 09:36:54 | 000,000,000 | ---D | C] -- G:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2011/12/17 09:35:54 | 000,000,000 | -HSD | C] -- G:\Config.Msi
[2011/12/17 09:34:54 | 000,000,000 | ---D | C] -- G:\Windows\LastGood
[2011/12/16 19:36:45 | 000,000,000 | ---D | C] -- G:\Program Files\FileHippo.com
[2011/12/16 19:23:54 | 000,000,000 | ---D | C] -- G:\Program Files\trend micro
[2011/12/16 19:23:53 | 000,000,000 | ---D | C] -- G:\rsit
[2011/12/14 19:15:55 | 000,000,000 | ---D | C] -- G:\Program Files\Conduit
[2011/12/14 19:15:50 | 000,000,000 | ---D | C] -- G:\Users\Karel\AppData\Local\Conduit
[2011/12/14 19:15:49 | 000,000,000 | ---D | C] -- G:\Program Files\Vuze_Remote
[2011/12/13 06:13:49 | 000,000,000 | ---D | C] -- G:\Users\Karel\AppData\Local\LogMeIn
[2011/12/13 06:13:19 | 000,030,592 | ---- | C] (LogMeIn, Inc.) -- G:\Windows\System32\LMIport.dll
[2011/12/13 06:13:15 | 000,083,360 | ---- | C] (LogMeIn, Inc.) -- G:\Windows\System32\LMIRfsClientNP.dll
[2011/12/13 06:13:15 | 000,047,640 | ---- | C] (LogMeIn, Inc.) -- G:\Windows\System32\drivers\LMIRfsDriver.sys
[2011/12/13 06:13:03 | 000,087,424 | ---- | C] (LogMeIn, Inc.) -- G:\Windows\System32\LMIinit.dll
[2011/12/13 06:12:52 | 000,000,000 | ---D | C] -- G:\ProgramData\LogMeIn
[2011/12/13 06:12:33 | 000,000,000 | ---D | C] -- G:\Program Files\LogMeIn
[2011/12/11 21:05:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- G:\Windows\System32\tzres.dll
[2011/12/11 10:08:02 | 000,000,000 | ---D | C] -- G:\Users\Karel\AppData\Local\Skyrim
[2011/12/11 10:05:30 | 000,000,000 | ---D | C] -- G:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2011/12/10 23:02:13 | 000,000,000 | ---D | C] -- G:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic V - Collectors Edition
[2011/12/10 16:48:41 | 000,000,000 | ---D | C] -- G:\Users\Karel\jagexcache1
[2011/12/10 13:06:11 | 000,000,000 | ---D | C] -- G:\Users\Karel\Desktop\terraria 1.1
[2011/12/10 11:52:36 | 000,000,000 | ---D | C] -- G:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/12/10 11:52:33 | 000,000,000 | ---D | C] -- G:\Program Files\CCleaner
[9 G:\Windows\System32\*.tmp files -> G:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011/12/17 11:08:26 | 000,000,512 | ---- | M] () -- G:\PhysicalMBR.bin
[2011/12/17 11:04:12 | 000,001,779 | ---- | M] () -- G:\Users\Public\Desktop\Opera.lnk
[2011/12/17 10:46:02 | 000,020,640 | -H-- | M] () -- G:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/17 10:46:02 | 000,020,640 | -H-- | M] () -- G:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/17 10:14:02 | 000,000,938 | ---- | M] () -- G:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/17 10:08:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- G:\Users\Karel\Desktop\OTL.exe
[2011/12/17 10:01:50 | 000,001,993 | ---- | M] () -- G:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/12/17 09:49:13 | 000,001,096 | ---- | M] () -- G:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/17 09:47:52 | 000,000,972 | ---- | M] () -- G:\Users\Karel\Desktop\IrfanView.lnk
[2011/12/17 09:11:19 | 000,000,934 | ---- | M] () -- G:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/17 09:10:42 | 000,067,584 | --S- | M] () -- G:\Windows\bootstat.dat
[2011/12/17 09:10:39 | 1408,688,128 | -HS- | M] () -- G:\hiberfil.sys
[2011/12/16 19:36:46 | 000,001,919 | ---- | M] () -- G:\Users\Karel\Desktop\Update Checker.lnk
[2011/12/16 19:22:56 | 000,781,383 | ---- | M] () -- G:\Users\Karel\Desktop\RSIT.exe
[2011/12/15 20:01:49 | 000,001,923 | ---- | M] () -- G:\Users\Public\Desktop\CraftBukkit Server.lnk
[2011/12/15 20:00:24 | 000,000,024 | ---- | M] () -- G:\Users\Karel\random.dat
[2011/12/15 19:46:06 | 000,000,023 | ---- | M] () -- G:\Users\Karel\jagexappletviewer.preferences
[2011/12/15 19:36:59 | 000,000,044 | ---- | M] () -- G:\Users\Karel\jagex_cl_runescape_LIVE.dat
[2011/12/14 19:16:17 | 000,001,798 | ---- | M] () -- G:\Users\Public\Desktop\Vuze.lnk
[2011/12/14 19:16:17 | 000,001,798 | ---- | M] () -- G:\Users\Karel\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2011/12/14 18:01:55 | 000,000,722 | ---- | M] () -- G:\Users\Karel\Desktop\[CzT]Garrys_mod_11_Full_.torrent.lnk
[2011/12/12 20:03:27 | 000,000,303 | ---- | M] () -- G:\Windows\System32\AudioClient.properties
[2011/12/11 21:11:17 | 000,001,098 | ---- | M] () -- G:\Users\Karel\Desktop\Heroes of Might and Magic V.lnk
[2011/12/10 23:02:14 | 000,001,204 | ---- | M] () -- G:\Users\Karel\Desktop\Tribes of the East.lnk
[2011/12/10 23:02:13 | 000,001,114 | ---- | M] () -- G:\Users\Karel\Desktop\Hammers of Fate.lnk
[2011/12/10 19:31:10 | 000,000,000 | ---- | M] () -- G:\Users\Karel\Desktop\config.properties
[2011/12/10 19:30:54 | 000,639,988 | ---- | M] () -- G:\Users\Karel\Desktop\LazyRoadDesigner0.2.2.exe
[2011/12/10 16:48:41 | 000,000,045 | ---- | M] () -- G:\Users\Karel\jagex_cl_runescape_LIVE1.dat
[2011/12/10 12:02:56 | 000,001,297 | ---- | M] () -- G:\Users\Karel\Desktop\WoW.lnk
[2011/12/10 11:59:15 | 000,166,466 | ---- | M] () -- G:\Users\Karel\Documents\cc_20111210_115907.reg
[2011/12/10 11:52:36 | 000,000,969 | ---- | M] () -- G:\Users\Public\Desktop\CCleaner.lnk
[2011/12/10 11:41:56 | 000,000,927 | ---- | M] () -- G:\Users\Karel\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2011/12/10 11:41:56 | 000,000,903 | ---- | M] () -- G:\Users\Public\Desktop\Tunngle beta.lnk
[9 G:\Windows\System32\*.tmp files -> G:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/17 11:04:12 | 000,001,791 | ---- | C] () -- G:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2011/12/17 11:04:12 | 000,001,779 | ---- | C] () -- G:\Users\Public\Desktop\Opera.lnk
[2011/12/17 10:12:38 | 000,000,512 | ---- | C] () -- G:\PhysicalMBR.bin
[2011/12/17 10:01:50 | 000,002,441 | ---- | C] () -- G:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/12/17 10:01:50 | 000,001,993 | ---- | C] () -- G:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/12/16 19:36:46 | 000,001,949 | ---- | C] () -- G:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
[2011/12/16 19:36:46 | 000,001,919 | ---- | C] () -- G:\Users\Karel\Desktop\Update Checker.lnk
[2011/12/16 19:22:05 | 000,781,383 | ---- | C] () -- G:\Users\Karel\Desktop\RSIT.exe
[2011/12/13 06:12:40 | 000,000,962 | ---- | C] () -- G:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn.lnk
[2011/12/12 21:19:46 | 000,000,722 | ---- | C] () -- G:\Users\Karel\Desktop\[CzT]Garrys_mod_11_Full_.torrent.lnk
[2011/12/10 23:02:14 | 000,001,204 | ---- | C] () -- G:\Users\Karel\Desktop\Tribes of the East.lnk
[2011/12/10 23:02:13 | 000,001,114 | ---- | C] () -- G:\Users\Karel\Desktop\Hammers of Fate.lnk
[2011/12/10 23:02:13 | 000,001,098 | ---- | C] () -- G:\Users\Karel\Desktop\Heroes of Might and Magic V.lnk
[2011/12/10 19:31:10 | 000,000,000 | ---- | C] () -- G:\Users\Karel\Desktop\config.properties
[2011/12/10 16:48:41 | 000,000,045 | ---- | C] () -- G:\Users\Karel\jagex_cl_runescape_LIVE1.dat
[2011/12/10 12:02:58 | 000,001,297 | ---- | C] () -- G:\Users\Karel\Desktop\WoW.lnk
[2011/12/10 11:59:11 | 000,166,466 | ---- | C] () -- G:\Users\Karel\Documents\cc_20111210_115907.reg
[2011/12/10 11:52:36 | 000,000,969 | ---- | C] () -- G:\Users\Public\Desktop\CCleaner.lnk
[2011/12/03 12:57:43 | 000,000,376 | ---- | C] () -- G:\Windows\ODBC.INI
[2011/11/28 16:25:59 | 000,271,360 | ---- | C] () -- G:\Windows\System32\drivers\atksgt.sys
[2011/11/28 16:25:58 | 000,018,048 | ---- | C] () -- G:\Windows\System32\drivers\lirsgt.sys
[2011/11/16 23:30:53 | 000,000,000 | ---- | C] () -- G:\Windows\System32\Access.dat
[2011/11/16 12:37:50 | 000,000,331 | ---- | C] () -- G:\Windows\d3xp.ini
[2011/11/16 12:33:57 | 000,000,331 | ---- | C] () -- G:\Windows\doom3.ini
[2011/11/14 18:24:32 | 000,000,128 | ---- | C] () -- G:\Users\Karel\AppData\Roaming\Earthquakes Meter_Settings.ini
[2011/11/12 11:50:19 | 000,292,004 | ---- | C] () -- G:\Windows\System32\perfi005.dat
[2011/11/12 11:50:17 | 000,733,140 | ---- | C] () -- G:\Windows\System32\perfh005.dat
[2011/11/12 11:50:17 | 000,164,812 | ---- | C] () -- G:\Windows\System32\perfc005.dat
[2011/11/12 11:50:17 | 000,036,232 | ---- | C] () -- G:\Windows\System32\perfd005.dat
[2011/11/11 16:44:43 | 000,004,608 | ---- | C] () -- G:\Users\Karel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/10 03:28:32 | 000,204,960 | ---- | C] () -- G:\Windows\System32\ativvsvl.dat
[2011/11/10 03:28:32 | 000,157,152 | ---- | C] () -- G:\Windows\System32\ativvsva.dat
[2011/11/09 22:39:44 | 000,059,904 | ---- | C] () -- G:\Windows\System32\OpenVideo.dll
[2011/11/09 22:39:32 | 000,054,784 | ---- | C] () -- G:\Windows\System32\OVDecode.dll
[2011/11/03 19:20:27 | 000,000,297 | ---- | C] () -- G:\Users\Karel\AppData\Roaming\Network Meter_Settings.ini
[2011/11/03 12:49:57 | 000,007,605 | ---- | C] () -- G:\Users\Karel\AppData\Local\Resmon.ResmonCfg
[2011/11/03 11:13:33 | 000,175,616 | ---- | C] () -- G:\Windows\System32\unrar.dll
[2011/11/03 10:51:23 | 000,000,000 | ---- | C] () -- G:\Windows\ativpsrm.bin
[2011/11/03 10:48:09 | 000,073,728 | ---- | C] () -- G:\Windows\System32\RtNicProp32.dll
[2011/11/03 10:47:43 | 000,146,432 | ---- | C] () -- G:\Windows\System32\APOMngr.DLL
[2011/11/03 10:47:43 | 000,072,704 | ---- | C] () -- G:\Windows\System32\CmdRtr.DLL
[2011/10/25 21:21:34 | 000,056,832 | ---- | C] () -- G:\Windows\System32\OVDecoder.dll
[2011/10/21 20:30:14 | 000,243,168 | ---- | C] () -- G:\Windows\System32\atiicdxx.dat
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- G:\Windows\System32\xlive.dll.cat
[2011/09/12 23:06:16 | 000,003,917 | ---- | C] () -- G:\Windows\System32\atipblag.dat
[2010/11/20 22:29:34 | 000,080,896 | ---- | C] () -- G:\Windows\System32\RDVGHelper.exe
[2010/11/20 22:29:26 | 000,066,048 | ---- | C] () -- G:\Windows\System32\PrintBrmUi.exe
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- G:\Windows\bootstat.dat
[2009/07/14 05:33:53 | 000,305,248 | ---- | C] () -- G:\Windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,718,862 | ---- | C] () -- G:\Windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- G:\Windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,145,784 | ---- | C] () -- G:\Windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- G:\Windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- G:\Windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- G:\Windows\System32\dssec.dat
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- G:\Windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- G:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- G:\Windows\System32\BWContextHandler.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- G:\Windows\System32\mlang.dat
[1774/08/29 14:22:31 | 000,056,832 | ---- | C] () -- G:\Windows\System32\iyvu9_32.dll

========== LOP Check ==========

[2011/12/12 20:06:04 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\.minecraft
[2011/11/03 15:06:12 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Atari
[2011/12/17 11:05:48 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Azureus
[2011/11/04 14:04:07 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Canneverbe Limited
[2011/12/10 11:56:09 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Free Download Manager
[2011/11/11 13:00:54 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\GameRanger
[2011/11/03 11:21:44 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\IrfanView
[2011/11/16 18:49:18 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Mikrotik
[2011/12/17 11:04:15 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Opera
[2011/11/11 22:59:21 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Publish Providers
[2011/11/05 14:59:12 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Red Alert 3
[2011/11/11 23:33:00 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Sony
[2011/12/09 22:24:54 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\SystemRequirementsLab
[2011/12/10 11:56:09 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\TS3Client
[2011/11/17 19:16:24 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\ts3overlay
[2011/12/10 22:10:01 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Tunngle
[2011/11/28 16:16:12 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Ubisoft
[2009/07/14 05:53:46 | 000,008,554 | ---- | M] () -- G:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- G:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- G:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- G:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- G:\Windows\System32\autochk.exe
[2010/11/20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- G:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- G:\Windows\System32\drivers\cdrom.sys
[2010/11/20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- G:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- G:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- G:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010/11/20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- G:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- G:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- G:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/20 22:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- G:\Windows\System32\hal.dll
[2010/11/20 22:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- G:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll

< MD5 for: LSASS.EXE >
[2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- G:\Windows\System32\lsass.exe
[2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- G:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe

< MD5 for: NDIS.SYS >
[2010/11/20 22:29:12 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- G:\Windows\System32\drivers\ndis.sys
[2010/11/20 22:29:12 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- G:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: SCECLI.DLL >
[2010/11/20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- G:\Windows\System32\scecli.dll
[2010/11/20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- G:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- G:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- G:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- G:\Windows\SoftwareDistribution\Download\919003e3012e674674fc2a83c2329826\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2010/11/20 22:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- G:\Windows\System32\drivers\tcpip.sys
[2010/11/20 22:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- G:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- G:\Windows\SoftwareDistribution\Download\9276e2262e1abebb53ac9ff6635dbc66\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- G:\Windows\SoftwareDistribution\Download\9276e2262e1abebb53ac9ff6635dbc66\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011/04/25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- G:\Windows\SoftwareDistribution\Download\919003e3012e674674fc2a83c2329826\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- G:\Windows\System32\userinit.exe
[2010/11/20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- G:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- G:\Windows\System32\winlogon.exe
[2010/11/20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- G:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

< >

< %systemroot%*.* /U /s >
[4 G:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> G:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 G:\Windows\Installer\*.tmp files -> G:\Windows\Installer\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\1101e238ea27b8892c53f37c5c5bf883\*.tmp files -> G:\Windows\SoftwareDistribution\Download\1101e238ea27b8892c53f37c5c5bf883\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\268b07e40c14443c411701f5aa2187cb\*.tmp files -> G:\Windows\SoftwareDistribution\Download\268b07e40c14443c411701f5aa2187cb\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\2d9019a0f6a3970eca83aa2e2f7179c8\*.tmp files -> G:\Windows\SoftwareDistribution\Download\2d9019a0f6a3970eca83aa2e2f7179c8\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\45fb5a87fde1c664349967a002b4340b\*.tmp files -> G:\Windows\SoftwareDistribution\Download\45fb5a87fde1c664349967a002b4340b\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\48cb347d68b8f33f2a0229adb8b120df\*.tmp files -> G:\Windows\SoftwareDistribution\Download\48cb347d68b8f33f2a0229adb8b120df\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\5e3d08aec92cc4f855176a660e8767a8\*.tmp files -> G:\Windows\SoftwareDistribution\Download\5e3d08aec92cc4f855176a660e8767a8\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\743b1d5c690bdda14b99ef1a6cf084c7\*.tmp files -> G:\Windows\SoftwareDistribution\Download\743b1d5c690bdda14b99ef1a6cf084c7\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\79ce5c5a28fa33655cb5776afdc8406a\*.tmp files -> G:\Windows\SoftwareDistribution\Download\79ce5c5a28fa33655cb5776afdc8406a\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\7d55b9d333af4bd24a0bdbeea42ba2ca\*.tmp files -> G:\Windows\SoftwareDistribution\Download\7d55b9d333af4bd24a0bdbeea42ba2ca\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\8b9b43925e64efd61a4f0961fb562c38\*.tmp files -> G:\Windows\SoftwareDistribution\Download\8b9b43925e64efd61a4f0961fb562c38\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\8c2b310023fb7900dec1590ba5599bb0\*.tmp files -> G:\Windows\SoftwareDistribution\Download\8c2b310023fb7900dec1590ba5599bb0\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\9226904d10c1c1079f431fe4fa869d22\*.tmp files -> G:\Windows\SoftwareDistribution\Download\9226904d10c1c1079f431fe4fa869d22\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\99e9262ea3b2a988b0cb5a97f083df1e\*.tmp files -> G:\Windows\SoftwareDistribution\Download\99e9262ea3b2a988b0cb5a97f083df1e\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\9cdad94a115b897efd46c305b29e3f40\*.tmp files -> G:\Windows\SoftwareDistribution\Download\9cdad94a115b897efd46c305b29e3f40\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\9f424b7b61346055fab80a2aad3e6cff\*.tmp files -> G:\Windows\SoftwareDistribution\Download\9f424b7b61346055fab80a2aad3e6cff\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\cfeaec5ad873014e9f8890074a4e8211\*.tmp files -> G:\Windows\SoftwareDistribution\Download\cfeaec5ad873014e9f8890074a4e8211\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\d025d798f822870b9391d43142049e18\*.tmp files -> G:\Windows\SoftwareDistribution\Download\d025d798f822870b9391d43142049e18\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\e03255b7875d23d414447e096907c1c6\*.tmp files -> G:\Windows\SoftwareDistribution\Download\e03255b7875d23d414447e096907c1c6\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\fbd34a68c55ef10c21026b2a423bbb68\*.tmp files -> G:\Windows\SoftwareDistribution\Download\fbd34a68c55ef10c21026b2a423bbb68\*.tmp -> ]
[9 G:\Windows\System32\*.tmp files -> G:\Windows\System32\*.tmp -> ]
[2 G:\Windows\System32\catroot\*.tmp files -> G:\Windows\System32\catroot\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011/12/12 20:06:04 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\.minecraft
[2011/11/03 13:11:28 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Adobe
[2011/11/03 15:06:12 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Atari
[2011/11/03 10:50:40 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\ATI
[2011/12/17 11:10:50 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Azureus
[2011/11/04 14:04:07 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Canneverbe Limited
[2011/12/10 11:56:09 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Free Download Manager
[2011/11/11 13:00:54 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\GameRanger
[2011/11/03 10:41:41 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Identities
[2011/11/03 11:21:44 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\IrfanView
[2011/11/03 11:43:10 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Macromedia
[2010/11/21 01:46:50 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Media Center Programs
[2011/12/10 11:56:10 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Media Player Classic
[2011/12/05 16:43:58 | 000,000,000 | --SD | M] -- G:\Users\Karel\AppData\Roaming\Microsoft
[2011/11/16 18:49:18 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Mikrotik
[2011/11/03 11:21:52 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Mozilla
[2011/12/17 11:04:15 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Opera
[2011/11/11 22:59:21 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Publish Providers
[2011/11/05 14:59:12 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Red Alert 3
[2011/11/05 14:58:46 | 000,000,000 | RH-D | M] -- G:\Users\Karel\AppData\Roaming\SecuROM
[2011/12/17 11:02:52 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Skype
[2011/11/11 23:33:00 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Sony
[2011/12/09 22:24:54 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\SystemRequirementsLab
[2011/12/10 11:56:09 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\TS3Client
[2011/11/17 19:16:24 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\ts3overlay
[2011/12/10 22:10:01 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Tunngle
[2011/11/28 16:16:12 | 000,000,000 | ---D | M] -- G:\Users\Karel\AppData\Roaming\Ubisoft

< %APPDATA%\*.exe /s >
[2011/11/22 20:03:03 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- G:\Users\Karel\AppData\Roaming\Azureus\plugins\mlab\ShaperProbeC.exe
[2011/08/16 15:42:01 | 001,449,696 | ---- | M] (GameRanger Technologies) -- G:\Users\Karel\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
[2011/12/10 01:09:21 | 000,015,086 | R--- | M] () -- G:\Users\Karel\AppData\Roaming\Microsoft\Installer\{5D87C09F-512F-474A-A306-0FE3B89C396F}\launcher.exe
[2011/11/30 21:10:07 | 000,088,102 | R--- | M] () -- G:\Users\Karel\AppData\Roaming\Microsoft\Installer\{C496ED25-F3EC-0CBC-37DB-B31C6E6592C9}\ARPPRODUCTICON.exe
[2011/05/19 10:06:56 | 000,374,160 | ---- | M] (LogMeIn, Inc.) -- G:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\k9lxisz5.default\extensions\LogMeInClient@logmein.com\plugins\LMIGuardian.exe
[2011/05/16 12:31:42 | 000,070,984 | ---- | M] () -- G:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\k9lxisz5.default\extensions\LogMeInClient@logmein.com\plugins\LMIProxyHelper.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[9 G:\Windows\system32\*.tmp files -> G:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2011/12/17 09:11:19 | 000,000,934 | ---- | M] () -- G:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011/12/17 10:14:02 | 000,000,938 | ---- | M] () -- G:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[9 G:\Windows\system32\*.tmp files -> G:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011/12/17 10:46:02 | 000,020,640 | -H-- | M] () -- G:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/17 10:46:02 | 000,020,640 | -H-- | M] () -- G:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[9 G:\Windows\system32\*.tmp files -> G:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"zASRockInstantBoot" =
"ASRockOCTuner" =
"Sidebar" = G:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010/11/20 22:29:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
"FileHippo.com" = "G:\Program Files\FileHippo.com\UpdateChecker.exe" /background -- [2010/08/09 13:47:54 | 000,248,832 | ---- | M] (FileHippo.com)

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011/12/17 11:08:26 | 000,000,512 | ---- | M] () MD5=DAF7A9E19B48A4E6977B521744FD4E6A -- G:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 6168 bytes -> G:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 160 bytes -> G:\ProgramData\TEMP:9D1B94FD

< End of report >

doomguy · #10 Příspěvek od **doomguy** » 17 pro 2011 11:17

extras.txt

OTL Extras logfile created on: 12/17/2011 11:07:01 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = G:\Users\Karel\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

1.75 Gb Total Physical Memory | 0.68 Gb Available Physical Memory | 39.04% Memory free
3.50 Gb Paging File | 1.82 Gb Available in Paging File | 51.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = G: | %SystemRoot% = G:\Windows | %ProgramFiles% = G:\Program Files
Drive C: | 49.81 Gb Total Space | 3.75 Gb Free Space | 7.53% Space Free | Partition Type: NTFS
Drive D: | 300.88 Gb Total Space | 29.44 Gb Free Space | 9.79% Space Free | Partition Type: NTFS
Drive G: | 94.59 Gb Total Space | 22.75 Gb Free Space | 24.05% Space Free | Partition Type: NTFS
Drive H: | 20.48 Gb Total Space | 2.39 Gb Free Space | 11.65% Space Free | Partition Type: NTFS

Computer Name: KAREL-PC | User Name: Karel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- G:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = WinHelpCustomView.Scenario] -- Reg Error: Key error. File not found
.html [@ = Opera.HTML] -- G:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-3049283681-768927855-1199189573-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- G:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "G:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "G:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "G:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{04347DFD-87B6-4E30-B14D-5DF2888AD8F5}" = DOOM 3: Resurrection of Evil
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{05CAF469-9765-8FBF-10AD-FD621091824A}" = CCC Help English
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4(TM)
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217001FF}" = Java(TM) 7 Update 1
"{26D4FB2E-BA55-3E2C-CC6F-97D6A0A74306}" = AMD Fuel
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33571E15-3EB4-4190-BA74-C6CA97288461}" = Microsoft Flight Simulator X SDK
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{434D0FA1-3E0C-4D03-A5D4-5E1000008100}" = F1 2011
"{46F8CF66-AB83-38A7-99B2-A5BE507EE472}" = Microsoft Visual C++ 2010 Express - ENU
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E1D0591-14F7-736E-143A-62DC3E552A1A}" = Catalyst Control Center InstallProxy
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5CFF1768-BD1A-4AD4-8167-534A23522FED}" = Army Men(R) - RTS
"{5D87C09F-512F-474A-A306-0FE3B89C396F}" = RuneScape Launcher 1.2
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{662CFD19-EA80-4EFE-A0D8-EE10EFEB3C83}" = Livestream Procaster
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D592E30-11EC-11E0-859C-0013D3D69929}" = Vegas Pro 10.0
"{6F64A42C-6D93-6788-EB4F-07CC066DE194}" = Catalyst Control Center Graphics Previews Common
"{7032B400-11EC-11E0-A9BF-0013D3D69929}" = MSVCRT Redists
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76D1FBEB-FBBF-0D1E-BB0A-CAA0D19E2C7F}" = ccc-utility
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7B6C9592-EF3B-B71E-F9B6-44FB797C205E}" = AMD Drag and Drop Transcoding
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BBB5E4C-3F5E-4C07-BFBE-33B34600783A}" = LogMeIn Hamachi
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{8D8B8115-40C1-A707-B7DA-599514076A81}" = AMD VISION Engine Control Center
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A942958E-AF92-7901-861B-7F373A1B6ABA}" = AMD Catalyst Install Manager
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{BF926BD5-83E9-417F-BC56-1AC181A13168}" = SGCSim v5.1.0
"{C496ED25-F3EC-0CBC-37DB-B31C6E6592C9}" = Application Profiles
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.9 Game
"{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}" = THE SETTLERS - Rise of an Empire (All products)
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E217A3D4-2FF9-4D5F-9C20-1386E0FF9864}" = LogMeIn
"{EA11B681-D0F1-4675-BEFC-59BF222844F0}_is1" = Sins Of A Solar Empire: Diplomacy v1.32 Ironclad Online
"{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F48756D1-A348-2DA5-B59B-DF39F293F750}" = AMD Media Foundation Decoders
"{FB6908C2-2138-4D6E-9CAF-11D7AE6C3909}" = Doom 3
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"Anno 1701 CZ_is1" = Pro verzi 1.02
"ASRock InstantBoot_is1" = ASRock InstantBoot v1.24
"ASRock OC Tuner_is1" = ASRock OC Tuner v2.3.68
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Cortona® VRML Client" = Cortona® VRML Client
"Counter-Strike 1.6" = Counter-Strike 1.6
"CraftBukkit" = CraftBukkit
"FileHippo.com" = FileHippo.com Update Checker
"Fraps" = Fraps (remove only)
"Free Download Manager_is1" = Free Download Manager 3.0
"GFWL_{434D0FA1-3E0C-4D03-A5D4-5E1000008100}" = F1 2011
"Heroes of Might and Magic V - Collectors Edition3.1" = Heroes of Might and Magic V - Collectors Edition
"IL-2 Sturmovik - 1946" = IL-2 Sturmovik - 1946
"InstallShield_{04347DFD-87B6-4E30-B14D-5DF2888AD8F5}" = DOOM 3: Resurrection of Evil
"InstallShield_{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4(TM)
"InstallShield_{33571E15-3EB4-4190-BA74-C6CA97288461}" = Microsoft Flight Simulator X SDK
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.8.0 (Basic)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual C++ 2010 Express - ENU" = Microsoft Visual C++ 2010 Express - ENU
"Mozilla Firefox 9.0 (x86 en-US)" = Mozilla Firefox 9.0 (x86 en-US)
"OpenAL" = OpenAL
"OpenTTD" = OpenTTD 1.1.3
"Opera 11.60.1185" = Opera 11.60
"PowerISO" = PowerISO
"Serious Sam 3_is1" = 1.0
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Tunngle beta_is1" = Tunngle beta
"VRMLBrowser" = MS VRML2 Control
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3049283681-768927855-1199189573-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GameRanger" = GameRanger

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/16/2011 11:45:35 PM | Computer Name = Karel-PC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

Error - 12/17/2011 12:45:35 AM | Computer Name = Karel-PC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

Error - 12/17/2011 1:45:35 AM | Computer Name = Karel-PC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

Error - 12/17/2011 2:45:35 AM | Computer Name = Karel-PC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

Error - 12/17/2011 3:45:35 AM | Computer Name = Karel-PC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

Error - 12/17/2011 4:10:49 AM | Computer Name = Karel-PC | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.

Error - 12/17/2011 4:12:47 AM | Computer Name = Karel-PC | Source = WinMgmt | ID = 10
Description =

Error - 12/17/2011 5:01:02 AM | Computer Name = Karel-PC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

Error - 12/17/2011 5:40:30 AM | Computer Name = Karel-PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.31.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 15a8 Start Time:
01ccbc9fd270733f Termination Time: 12 Application Path: G:\Users\Karel\Desktop\OTL.exe

Report
Id: 255b98ec-2893-11e1-b45c-00252244b30b

Error - 12/17/2011 6:01:02 AM | Computer Name = Karel-PC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

[ System Events ]
Error - 12/16/2011 1:32:40 PM | Computer Name = Karel-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.117.1145.0 Update Source: %%859 Update Stage:
%%853 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error
code: 0x80240022 Error description: The program can't check for definition updates.

Error - 12/16/2011 1:32:40 PM | Computer Name = Karel-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.117.1145.0 Update Source: %%859 Update Stage:
%%853 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error
code: 0x80240022 Error description: The program can't check for definition updates.

Error - 12/16/2011 5:45:35 PM | Computer Name = Karel-PC | Source = DCOM | ID = 10001
Description =

Error - 12/17/2011 4:10:48 AM | Computer Name = Karel-PC | Source = Service Control Manager | ID = 7000
Description = The atksgt service failed to start due to the following error: %%1275

Error - 12/17/2011 4:10:48 AM | Computer Name = Karel-PC | Source = Application Popup | ID = 875
Description = Driver atksgt.sys has been blocked from loading.

Error - 12/17/2011 4:12:45 AM | Computer Name = Karel-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
HWiNFO32

Error - 12/17/2011 4:13:52 AM | Computer Name = Karel-PC | Source = DCOM | ID = 10001
Description =

Error - 12/17/2011 4:24:49 AM | Computer Name = Karel-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.117.1145.0 Update Source: %%859 Update Stage:
%%853 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error
code: 0x80240022 Error description: The program can't check for definition updates.

Error - 12/17/2011 4:24:49 AM | Computer Name = Karel-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.117.1145.0 Update Source: %%859 Update Stage:
%%853 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error
code: 0x80240022 Error description: The program can't check for definition updates.

Error - 12/17/2011 5:01:02 AM | Computer Name = Karel-PC | Source = DCOM | ID = 10001
Description =

< End of report >

#11 Příspěvek od **vyosek** » 17 pro 2011 11:22

Stahnete na plochu CKScanner

Spustte a kliknete na Search for files
Po dokonceni skenu kliknete na Save List to File a nasledne OK
Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte

Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)

G:\PhysicalMBR.bin
Kliknete na Prochazet
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Send File
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

doomguy · #12 Příspěvek od **doomguy** » 17 pro 2011 11:31

ckfiles.txt

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\amnesia - the dark descent\redist\sounds\11\11_glass_crack.snt
c:\program files\amnesia - the dark descent\redist\sounds\11\11_glass_crack01.ogg
c:\program files\amnesia - the dark descent\redist\sounds\11\11_glass_crack02.ogg
c:\program files\amnesia - the dark descent\redist\sounds\11\11_glass_crack03.ogg
c:\program files\amnesia - the dark descent\redist\static_objects\castlebase\ceiling\corridor_crack.dae
c:\program files\amnesia - the dark descent\redist\static_objects\castlebase\ceiling\corridor_crack.msh
c:\program files\amnesia - the dark descent\redist\static_objects\cellarbase\special\cracked_ceiling.dae
c:\program files\amnesia - the dark descent\redist\static_objects\cellarbase\special\cracked_ceiling.msh
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_blue.dds
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_blue.mat
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_blue01.dae
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_blue01.msh
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_blue02.dae
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_blue02.msh
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_blue03.dae
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_blue03.msh
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_blue04.dae
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_blue04.msh
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_blue_back.dds
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_blue_back.mat
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_brown.dds
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_brown.mat
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_brown01.dae
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_brown01.msh
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_brown02.dae
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_brown02.msh
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_brown03.dae
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_brown03.msh
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_brown04.dae
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_brown04.msh
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_brown_back.dds
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_brown_back.mat
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_nrm.dds
c:\program files\amnesia - the dark descent\redist\static_objects\decals\cracks_spec.dds
c:\program files\amnesia - the dark descent\redist\static_objects\dungeonbase\ceiling\default_cracked.dae
c:\program files\amnesia - the dark descent\redist\static_objects\dungeonbase\ceiling\default_cracked.msh
c:\program files\amnesia - the dark descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.dae
c:\program files\amnesia - the dark descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.msh
c:\program files\image-line\fl studio 10\plugins\fruity\effects\hardcore\presets\i cracked my tube!.hdprg
c:\program files\image-line\fl studio 10\plugins\fruity\generators\drumaxx\drum patches\sound fx\crack.dmpatch
c:\program files\image-line\fl studio 10\plugins\fruity\generators\drumpad\drum patches\sound fx\crack.dmpatch
c:\users\administrator\desktop\serious sam - the first encounter\help\modeler\headman\firecracker.tex
c:\users\administrator\desktop\serious sam - the first encounter\help\modeler\headman\firecracker.tga
c:\users\administrator\desktop\serious sam - the first encounter\help\modeler\headman\firecrackerhead.ini
c:\users\administrator\desktop\serious sam - the first encounter\help\modeler\headman\firecrackerhead.mdl
c:\users\administrator\desktop\serious sam - the first encounter\help\modeler\headman\firecrackerhead.tex
c:\users\administrator\desktop\serious sam - the first encounter\help\modeler\headman\firecrackerhead.tga
c:\users\administrator\desktop\serious sam - the first encounter\help\modeler\headman\projectile\firecracker.h
c:\users\administrator\desktop\serious sam - the first encounter\help\modeler\headman\projectile\firecracker.ini
c:\users\administrator\desktop\serious sam - the first encounter\help\modeler\headman\projectile\firecracker.lwo
c:\users\administrator\desktop\serious sam - the first encounter\help\modeler\headman\projectile\firecracker.map
c:\users\administrator\desktop\serious sam - the first encounter\help\modeler\headman\projectile\firecracker.mdl
c:\users\administrator\desktop\serious sam - the first encounter\help\modeler\headman\projectile\firecracker.scr
c:\users\administrator\desktop\serious sam - the first encounter\help\modeler\headman\projectile\firecracker.tbn
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrack.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackalphatest.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackalphatestlightmap.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackalphatestpointlight.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackalphatestshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcracklightmap.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcracklightmapshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncrack.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncracklightmap.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncrackparallaxdetail.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatest.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestlightmap.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestlightmapshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestpointlight.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncrackparallaxdetaillightmap.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncrackparallaxdetaillightmapshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailpointlight.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackndetailncrackshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackpointlight.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetailcrackshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrack.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackalphatest.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcracklightmap.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcracklightmapshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncrack.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetail.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatest.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestlightmap.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestlightmapshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestpointlight.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetaillightmap.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetaillightmapshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailpointlight.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackpointlight.cfx
c:\users\administrator\documents\battlefield 2\mods\bf2\cache\{d7b71ee2-d455-11cf-bf7f-1fb7bec2c535}_2965_3\rashaderstmbasedetaildirtcrackshadow.cfx
c:\users\administrator\downloads\c&c3 by ressurected\crack by hatred\retailexe\1.4\cnc3game.dat
scanner sequence 3.ZZ.11.MXAACW
----- EOF -----

virustotal.com scan link : http://www.virustotal.com/file-scan/rep ... 1324117291

#13 Příspěvek od **vyosek** » 17 pro 2011 11:34

Tuhle 7.254.254.254 IPinu znate, smeruje nekam do Ameru http://whois.domaintools.com/7.254.254.254

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - G:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3049283681-768927855-1199189573-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - G:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - G:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - G:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3049283681-768927855-1199189573-1000\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - G:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3049283681-768927855-1199189573-1000\..Trusted Ranges: Range1979 ([http] in Trusted sites)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\F\Shell - "" = AutoRun
[4 G:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> G:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 G:\Windows\Installer\*.tmp files -> G:\Windows\Installer\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\1101e238ea27b8892c53f37c5c5bf883\*.tmp files -> G:\Windows\SoftwareDistribution\Download\1101e238ea27b8892c53f37c5c5bf883\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\268b07e40c14443c411701f5aa2187cb\*.tmp files -> G:\Windows\SoftwareDistribution\Download\268b07e40c14443c411701f5aa2187cb\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\2d9019a0f6a3970eca83aa2e2f7179c8\*.tmp files -> G:\Windows\SoftwareDistribution\Download\2d9019a0f6a3970eca83aa2e2f7179c8\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\45fb5a87fde1c664349967a002b4340b\*.tmp files -> G:\Windows\SoftwareDistribution\Download\45fb5a87fde1c664349967a002b4340b\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\48cb347d68b8f33f2a0229adb8b120df\*.tmp files -> G:\Windows\SoftwareDistribution\Download\48cb347d68b8f33f2a0229adb8b120df\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\5e3d08aec92cc4f855176a660e8767a8\*.tmp files -> G:\Windows\SoftwareDistribution\Download\5e3d08aec92cc4f855176a660e8767a8\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\743b1d5c690bdda14b99ef1a6cf084c7\*.tmp files -> G:\Windows\SoftwareDistribution\Download\743b1d5c690bdda14b99ef1a6cf084c7\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\79ce5c5a28fa33655cb5776afdc8406a\*.tmp files -> G:\Windows\SoftwareDistribution\Download\79ce5c5a28fa33655cb5776afdc8406a\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\7d55b9d333af4bd24a0bdbeea42ba2ca\*.tmp files -> G:\Windows\SoftwareDistribution\Download\7d55b9d333af4bd24a0bdbeea42ba2ca\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\8b9b43925e64efd61a4f0961fb562c38\*.tmp files -> G:\Windows\SoftwareDistribution\Download\8b9b43925e64efd61a4f0961fb562c38\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\8c2b310023fb7900dec1590ba5599bb0\*.tmp files -> G:\Windows\SoftwareDistribution\Download\8c2b310023fb7900dec1590ba5599bb0\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\9226904d10c1c1079f431fe4fa869d22\*.tmp files -> G:\Windows\SoftwareDistribution\Download\9226904d10c1c1079f431fe4fa869d22\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\99e9262ea3b2a988b0cb5a97f083df1e\*.tmp files -> G:\Windows\SoftwareDistribution\Download\99e9262ea3b2a988b0cb5a97f083df1e\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\9cdad94a115b897efd46c305b29e3f40\*.tmp files -> G:\Windows\SoftwareDistribution\Download\9cdad94a115b897efd46c305b29e3f40\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\9f424b7b61346055fab80a2aad3e6cff\*.tmp files -> G:\Windows\SoftwareDistribution\Download\9f424b7b61346055fab80a2aad3e6cff\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\cfeaec5ad873014e9f8890074a4e8211\*.tmp files -> G:\Windows\SoftwareDistribution\Download\cfeaec5ad873014e9f8890074a4e8211\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\d025d798f822870b9391d43142049e18\*.tmp files -> G:\Windows\SoftwareDistribution\Download\d025d798f822870b9391d43142049e18\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\e03255b7875d23d414447e096907c1c6\*.tmp files -> G:\Windows\SoftwareDistribution\Download\e03255b7875d23d414447e096907c1c6\*.tmp -> ]
[1 G:\Windows\SoftwareDistribution\Download\fbd34a68c55ef10c21026b2a423bbb68\*.tmp files -> G:\Windows\SoftwareDistribution\Download\fbd34a68c55ef10c21026b2a423bbb68\*.tmp -> ]
[9 G:\Windows\System32\*.tmp files -> G:\Windows\System32\*.tmp -> ]
[2 G:\Windows\System32\catroot\*.tmp files -> G:\Windows\System32\catroot\*.tmp -> ]
[2011/12/17 09:11:19 | 000,000,934 | ---- | M] () -- G:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011/12/17 10:14:02 | 000,000,938 | ---- | M] () -- G:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

:services
gupdate
gupdatem

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PWRISOVM.EXE"=-
"LogMeIn Hamachi Ui"=-
"SunJavaUpdateSched"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"StartCCC"=-
"LogMeIn GUI"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"zASRockInstantBoot"=-
"ASRockOCTuner"=-
 
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

doomguy · #14 Příspěvek od **doomguy** » 17 pro 2011 11:57

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ deleted successfully.
G:\Program Files\Vuze_Remote\prxtbVuze.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-3049283681-768927855-1199189573-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
File G:\Program Files\Vuze_Remote\prxtbVuze.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
File G:\Program Files\Vuze_Remote\prxtbVuze.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
File G:\Program Files\Vuze_Remote\prxtbVuze.dll not found.
Registry value HKEY_USERS\S-1-5-21-3049283681-768927855-1199189573-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}\ not found.
File G:\Program Files\Vuze_Remote\prxtbVuze.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3049283681-768927855-1199189573-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1979\\http deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
G:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
G:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7C7F.tmp folder deleted successfully.
G:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
G:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPABC9.tmp folder deleted successfully.
G:\Windows\Installer\MSI7381.tmp deleted successfully.
G:\Windows\Installer\MSIF4F6.tmp deleted successfully.
G:\Windows\SoftwareDistribution\Download\1101e238ea27b8892c53f37c5c5bf883\BIT6959.tmp deleted successfully.
G:\Windows\SoftwareDistribution\Download\268b07e40c14443c411701f5aa2187cb\BITF386.tmp deleted successfully.
G:\Windows\SoftwareDistribution\Download\2d9019a0f6a3970eca83aa2e2f7179c8\BIT8242.tmp deleted successfully.
G:\Windows\SoftwareDistribution\Download\45fb5a87fde1c664349967a002b4340b\BIT62C1.tmp deleted successfully.
G:\Windows\SoftwareDistribution\Download\48cb347d68b8f33f2a0229adb8b120df\BIT5C7E.tmp deleted successfully.
G:\Windows\SoftwareDistribution\Download\5e3d08aec92cc4f855176a660e8767a8\BITB86D.tmp deleted successfully.
G:\Windows\SoftwareDistribution\Download\743b1d5c690bdda14b99ef1a6cf084c7\BITAC45.tmp deleted successfully.
G:\Windows\SoftwareDistribution\Download\79ce5c5a28fa33655cb5776afdc8406a\BIT3905.tmp deleted successfully.
G:\Windows\SoftwareDistribution\Download\7d55b9d333af4bd24a0bdbeea42ba2ca\BITE7EF.tmp deleted successfully.
G:\Windows\SoftwareDistribution\Download\8b9b43925e64efd61a4f0961fb562c38\BITF9FC.tmp deleted successfully.
G:\Windows\SoftwareDistribution\Download\8c2b310023fb7900dec1590ba5599bb0\BIT7245.tmp deleted successfully.
G:\Windows\SoftwareDistribution\Download\9226904d10c1c1079f431fe4fa869d22\BITF1FC.tmp deleted successfully.
G:\Windows\SoftwareDistribution\Download\99e9262ea3b2a988b0cb5a97f083df1e\BIT1915.tmp deleted successfully.
G:\Windows\SoftwareDistribution\Download\9cdad94a115b897efd46c305b29e3f40\BIT881.tmp deleted successfully.
G:\Windows\SoftwareDistribution\Download\9f424b7b61346055fab80a2aad3e6cff\BIT1D78.tmp deleted successfully.
G:\Windows\SoftwareDistribution\Download\cfeaec5ad873014e9f8890074a4e8211\BIT799.tmp deleted successfully.
G:\Windows\SoftwareDistribution\Download\d025d798f822870b9391d43142049e18\BITB056.tmp deleted successfully.
G:\Windows\SoftwareDistribution\Download\e03255b7875d23d414447e096907c1c6\BITBA19.tmp deleted successfully.
G:\Windows\SoftwareDistribution\Download\fbd34a68c55ef10c21026b2a423bbb68\BITB38D.tmp deleted successfully.
File delete failed. G:\Windows\System32\SET5D50.tmp scheduled to be deleted on reboot.
File delete failed. G:\Windows\System32\SET5E2C.tmp scheduled to be deleted on reboot.
File delete failed. G:\Windows\System32\SET70BB.tmp scheduled to be deleted on reboot.
G:\Windows\System32\SET732F.tmp deleted successfully.
File delete failed. G:\Windows\System32\SET736F.tmp scheduled to be deleted on reboot.
File delete failed. G:\Windows\System32\SET742E.tmp scheduled to be deleted on reboot.
G:\Windows\System32\SET748D.tmp deleted successfully.
G:\Windows\System32\tmpF636.tmp deleted successfully.
G:\Windows\System32\tmpF694.tmp deleted successfully.
G:\Windows\System32\catroot\TMPB1C3.tmp deleted successfully.
G:\Windows\System32\catroot\TMPD08C.tmp deleted successfully.
G:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
G:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PWRISOVM.EXE deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\StartCCC deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LogMeIn GUI deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\zASRockInstantBoot deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ASRockOCTuner deleted successfully.
========== FILES ==========
File/Folder G:\Windows\system32\*.tmp.dll not found.
G:\Windows\system32\SET5D50.tmp moved successfully.
G:\Windows\system32\SET5E2C.tmp moved successfully.
G:\Windows\system32\SET70BB.tmp moved successfully.
G:\Windows\system32\SET736F.tmp moved successfully.
G:\Windows\system32\SET742E.tmp moved successfully.
File/Folder G:\Windows\*.tmp not found.
========== COMMANDS ==========
G:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Karel
->Temp folder emptied: 1256551436 bytes
->Temporary Internet Files folder emptied: 1133097 bytes
->Java cache emptied: 1941597 bytes
->FireFox cache emptied: 317962162 bytes
->Opera cache emptied: 10922233 bytes
->Flash cache emptied: 5050 bytes

User: LogMeInRemoteUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1055669 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 157902 bytes

Total Files Cleaned = 1,516.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Karel
->Flash cache emptied: 0 bytes

User: LogMeInRemoteUser

User: Public

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 12172011_113751

Files\Folders moved on Reboot...
File\Folder G:\Windows\System32\SET5D50.tmp not found!
File\Folder G:\Windows\System32\SET5E2C.tmp not found!
File\Folder G:\Windows\System32\SET70BB.tmp not found!
File\Folder G:\Windows\System32\SET736F.tmp not found!
File\Folder G:\Windows\System32\SET742E.tmp not found!
File\Folder G:\Windows\temp\TMP000000011B416E190010F740 not found!
File\Folder G:\Windows\temp\TMP000000026FB91080B358ED76 not found!
File\Folder G:\Windows\temp\TMP00000003E7C9424477E9D1C4 not found!

Registry entries deleted on Reboot...

#15 Příspěvek od **vyosek** » 17 pro 2011 11:59

vyosek píše: Tuhle 7.254.254.254 IPinu znate, smeruje nekam do Ameru http://whois.domaintools.com/7.254.254.254

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu