Dobrý večer, Avast mi začal házet okno "zablokován škodlivý url". Vyskakuje v Mozille ať otevírám jakoukoliv stránku/odkaz apod. Předem děkuji za pomoc s řešením problému.
Infection Details
URL: http://193.107.16.124/script.js
Process: file://C:\Users\Mira\AppData\Local\Temp\nsd6FFC.tmp\UAC.dll
Infection: al
Log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Mira at 2012-01-30 21:50:51
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 29 GB (12%) free of 238 GB
Total RAM: 3071 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:51:21, on 30.1.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ACEngSvr.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Smart PDF Creator\SmartSoft PDF Printer Agent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system\Cm106eye.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Downloads\RSIT.exe
C:\Program Files\trend micro\Mira.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss ... 2423086e4e
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Cm106Sound] RunDll32 cm106.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SmartSoft PDF Printer Agent] "C:\Program Files\Smart PDF Creator\SmartSoft PDF Printer Agent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.5\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3530115336-4176716947-819615222-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3530115336-4176716947-819615222-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
--
End of file - 11395 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default
prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.4.3&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.104.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.104.0\npesnlaunch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@parallelgraphics.com/Cortona]
"Description"=Cortona VRML Plugin
"Path"=C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.95\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.95\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
npCortona.xpt
npwachk.xpt
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npCortona.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\
battlefieldheroespatcher@ea.com
ffxtlbr@babylon.com
nostmp
plugin2@gameplaylabs.com
plugin3@gameplaylabs.com
{800b5000-a755-47e1-992b-48a1c1357f07}
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\
conduit.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll [2011-08-14 270960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-21 1018680]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll [2011-08-14 237680]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2009-04-01 98304]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"ATKOSD2"=C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2009-06-10 8568832]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-21 1545512]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-08-12 7707168]
"ADSMTray"=C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-12-18 39424]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-11-28 3744552]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-10-06 59240]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-01 59240]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888]
"Cm106Sound"=RunDll32 cm106.cpl,CMICtrlWnd []
"SmartSoft PDF Printer Agent"=C:\Program Files\Smart PDF Creator\SmartSoft PDF Printer Agent.exe [2011-12-12 52944]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-01-16 421736]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2011-09-23 2648384]
"ICQ"=C:\Program Files\ICQ7.5\ICQ.exe [2011-08-01 124480]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe
C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codecp.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-01-30 21:50:51 ----D---- C:\rsit
2012-01-30 21:50:51 ----D---- C:\Program Files\trend micro
2012-01-24 00:04:57 ----D---- C:\Program Files\iPod
2012-01-22 22:27:33 ----D---- C:\Users\Mira\AppData\Roaming\vlc
2012-01-22 22:26:58 ----D---- C:\Program Files\VideoLAN
2012-01-12 09:07:53 ----A---- C:\Windows\system32\schannel.dll
2012-01-12 09:07:53 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-01-12 09:07:52 ----A---- C:\Windows\system32\webio.dll
2012-01-12 09:07:52 ----A---- C:\Windows\system32\lsass.exe
2012-01-12 09:07:52 ----A---- C:\Windows\system32\lsasrv.dll
2012-01-12 09:07:52 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-01-12 09:07:52 ----A---- C:\Windows\system32\drivers\cng.sys
2012-01-12 09:07:51 ----A---- C:\Windows\system32\sspisrv.dll
2012-01-12 09:07:51 ----A---- C:\Windows\system32\sspicli.dll
2012-01-12 09:07:51 ----A---- C:\Windows\system32\secur32.dll
2012-01-12 01:20:47 ----D---- C:\Program Files\Adobe
2012-01-11 20:28:57 ----A---- C:\Windows\system32\jscript.dll
2012-01-11 20:28:56 ----A---- C:\Windows\system32\ntdll.dll
2012-01-11 20:28:55 ----A---- C:\Windows\system32\packager.dll
2012-01-11 20:28:53 ----A---- C:\Windows\system32\quartz.dll
2012-01-11 20:28:53 ----A---- C:\Windows\system32\qdvd.dll
2012-01-10 16:31:41 ----D---- C:\Users\Mira\AppData\Roaming\Smart PDF Creator
2012-01-10 16:31:30 ----D---- C:\Program Files\Smart PDF Creator
2012-01-06 23:57:00 ----D---- C:\Program Files\Origin Games
2012-01-06 22:15:12 ----D---- C:\Users\Mira\AppData\Roaming\Origin
2012-01-06 22:14:37 ----D---- C:\D
2012-01-05 23:19:07 ----A---- C:\Windows\system32\nvhdap32.dll
2012-01-05 23:19:07 ----A---- C:\Windows\system32\nvhdagenco3220103.dll
2012-01-05 23:19:07 ----A---- C:\Windows\system32\drivers\nvhda32v.sys
2012-01-05 23:19:06 ----A---- C:\Windows\system32\OpenCL.dll
2012-01-05 23:19:06 ----A---- C:\Windows\system32\nvoglv32.dll
2012-01-05 23:19:06 ----A---- C:\Windows\system32\nvcuvid.dll
2012-01-05 23:19:06 ----A---- C:\Windows\system32\nvcuvenc.dll
2012-01-05 23:19:06 ----A---- C:\Windows\system32\nvcuda.dll
2012-01-05 23:19:06 ----A---- C:\Windows\system32\nvcompiler.dll
2012-01-05 23:19:06 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
======List of files/folders modified in the last 1 month======
2012-01-30 21:50:54 ----D---- C:\Windows\Temp
2012-01-30 21:50:51 ----RD---- C:\Program Files
2012-01-30 21:50:25 ----D---- C:\Downloads
2012-01-30 21:41:45 ----D---- C:\Program Files\Mozilla Firefox
2012-01-30 21:33:37 ----D---- C:\Windows\Prefetch
2012-01-30 21:24:59 ----D---- C:\Windows\inf
2012-01-30 21:24:59 ----AD---- C:\Windows
2012-01-30 18:59:26 ----D---- C:\Windows\System32
2012-01-30 18:59:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-30 17:58:53 ----D---- C:\Users\Mira\AppData\Roaming\ICQ
2012-01-30 16:47:32 ----D---- C:\Windows\system32\Tasks
2012-01-30 12:46:34 ----D---- C:\Windows\system32\config
2012-01-29 12:42:56 ----D---- C:\Windows\SoftwareDistribution
2012-01-26 18:59:24 ----SHD---- C:\System Volume Information
2012-01-24 00:37:08 ----D---- C:\Users\Mira\AppData\Roaming\Media Player Classic
2012-01-24 00:21:38 ----SHD---- C:\Config.Msi
2012-01-24 00:05:54 ----SHD---- C:\Windows\Installer
2012-01-24 00:05:29 ----D---- C:\Program Files\iTunes
2012-01-24 00:04:57 ----D---- C:\Program Files\Common Files\Apple
2012-01-22 20:19:50 ----A---- C:\Windows\system32\PnkBstrB.exe
2012-01-17 10:03:36 ----D---- C:\Windows\system32\catroot2
2012-01-12 11:58:42 ----D---- C:\Windows\winsxs
2012-01-12 11:57:02 ----D---- C:\Windows\system32\drivers
2012-01-12 09:05:27 ----D---- C:\Windows\system32\catroot
2012-01-12 01:20:53 ----D---- C:\Program Files\Common Files\Adobe
2012-01-12 01:20:52 ----D---- C:\ProgramData\Adobe
2012-01-12 01:18:38 ----D---- C:\Windows\debug
2012-01-12 01:12:51 ----A---- C:\Windows\system32\MRT.exe
2012-01-12 01:12:35 ----D---- C:\Windows\ehome
2012-01-07 08:47:53 ----A---- C:\Windows\system32\PnkBstrA.exe
2012-01-07 08:27:03 ----D---- C:\Windows\Logs
2012-01-07 08:23:23 ----RSD---- C:\Windows\assembly
2012-01-06 23:04:39 ----D---- C:\ProgramData\Origin
2012-01-05 23:24:15 ----D---- C:\Program Files\NVIDIA Corporation
2012-01-05 23:23:37 ----RD---- C:\Users
2012-01-05 23:23:37 ----D---- C:\ProgramData\NVIDIA
2012-01-05 23:23:12 ----D---- C:\Windows\system32\DriverStore
2012-01-05 23:23:04 ----D---- C:\NVIDIA
2012-01-03 13:04:43 ----D---- C:\Windows\Microsoft.NET
2012-01-03 12:27:38 ----HD---- C:\Program Files\InstallShield Installation Information
2011-12-31 09:31:36 ----D---- C:\Windows\Minidump
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-12-17 30264]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15416]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2004-10-28 6656]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-18 691696]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-01-30 281760]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-01-30 25888]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2009-06-25 48128]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2009-06-25 44544]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2009-06-25 38400]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-12-25 25280]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-08-12 2748192]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-21 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-04-27 50688]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2009-05-13 14392]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2011-11-09 147776]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1766592]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-21 213552]
R3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-05-10 42496]
R3 USBMULCD;USB Multi-Channel Audio Device Interface; C:\Windows\system32\drivers\CM106.sys [2009-06-11 1516544]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968]
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys [2004-08-09 114016]
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys [2004-07-19 7040]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-01-14 47616]
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
S0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2004-12-03 20544]
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 AF15BDA;AF9015 BDA Device; C:\Windows\system32\DRIVERS\AF15BDA.sys [2010-04-21 483200]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2011-05-10 18432]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSGB6.sys [2009-07-13 48128]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-23 131000]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2008-08-13 100920]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 582944]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-06-21 246584]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-12-17 645440]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2011-12-17 2348864]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-01-07 76888]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-01-16 821608]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-30 136176]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-30 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-11-06 419624]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-12 1343400]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
zablokován škodlivý URL
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: zablokován škodlivý URL
Zdravim a pekny den preji 
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
- Ukoncete vsechny programy
- Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
- Zvolte moznost Scan
- Po dokonceni skenu kliknete na Report - otevre se log, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: zablokován škodlivý URL
RogueKiller V7.0.2 [01/30/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User: Mira [Admin rights]
Mode: Scan -- Date : 01/30/2012 22:17:39
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Registry Entries: 2 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [LOADED] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] f62b5003da5c93667fc564558bfb9755
[BSP] c83f6d3cdea8c218388548da794008b8 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 12001 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 24579450 | Size: 238464 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 512955450 | Size: 226471 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1].txt >>
RKreport[1].txt
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User: Mira [Admin rights]
Mode: Scan -- Date : 01/30/2012 22:17:39
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Registry Entries: 2 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [LOADED] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] f62b5003da5c93667fc564558bfb9755
[BSP] c83f6d3cdea8c218388548da794008b8 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 12001 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 24579450 | Size: 238464 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 512955450 | Size: 226471 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1].txt >>
RKreport[1].txt
Re: zablokován škodlivý URL
Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe
- Ulozte nejlepe na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na MBRScan pravym a dejte Run As Administrator ci Spustit jako spravce
- Kliknete na Report
- Po chvilce se objevi log do souboru MBRScan.txt, ten sem vlozte
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: zablokován škodlivý URL
Kód: Vybrat vše
MBRScan v1.0.8
OS : Windows 7 Service Pack 1 (32 bit)
PROCESSOR : x86 Family 6 Model 23 Stepping 10, GenuineIntel
BOOT : Normal Boot
DATE : 2012/01/30 (ISO 8601) at 22:26:45
________________________________________________________________________________
DISK : Device\Harddisk0\DR0 __ST950032 5AS (0002)
BUS_TYPE : (0x03) P-ATA
USE_PIO : NO
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________
Device\Harddisk0\DR0 465.8 Go [Fixed] ==> 7 MBR Code
MBR_MD5 : F62B5003DA5C93667FC564558BFB9755
MBR_SHA1 : 8EAFF1C2CA88974BFF237A740FD0D3B9B49057FB
Device\Harddisk0\Partition1 11.72 Go 0x1C Hidden FAT32 [LBA]
Device\Harddisk0\Partition2 232.9 Go 0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition3 221.2 Go 0x07 NTFS / HPFS
________________________________________________________________________________
############################### Additional scan ################################
Device\Harddisk0\DR0 => 7 MBR Code found in sector 61
Device\Harddisk0\DR0 => 7 MBR Code found in sector 62
________________________________________________________________________________
_______MBR \Device\Harddisk0\DR0
0x00000000 33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00 3À.м.|.À.ؾ.|¿.
0x00000010 06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00 .¹..üó¤Ph..Ëû¹..
0x00000020 BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10 ½¾..~..|......Å.
0x00000030 E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00 âñÍ..V.UÆF..ÆF..
0x00000040 B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09 ´A»ªUÍ.]r..ûUªu.
0x00000050 F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74 ÷Á..t.þF.f`.~..t
0x00000060 26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00 &fh....f.v.h..h.
0x00000070 7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13 |h..h..´B.V..ôÍ.
0x00000080 9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00 ..Ä..ë.¸..».|.V.
0x00000090 8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE .v..N..n.Í.fas.þ
0x000000A0 4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84 N.u..~......².ë.
0x000000B0 55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55 U2ä.V.Í.]ë..>þ}U
0x000000C0 AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64 ªun.v.è..u.ú°Ñæd
0x000000D0 E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75 è..°ßæ`è|.°.ædèu
0x000000E0 00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54 .û¸.»Í.f#Àu;f.ûT
0x000000F0 43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00 CPAu2.ù..r,fh.».
0x00000100 00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66 .fh....fh....fSf
0x00000110 53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66 SfUfh....fh.|..f
0x00000120 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD ah...Í.Z2öê.|..Í
0x00000130 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4 ..·.ë..¶.ë..µ.2ä
0x00000140 05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD ....ð¬<.t.»..´.Í
0x00000150 10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8 .ëòôëý+Éädë.$.àø
0x00000160 24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 $.ÃInvalid parti
0x00000170 74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 tion table.Error
0x00000180 20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 loading operati
0x00000190 6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E ng system.Missin
0x000001A0 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 g operating syst
0x000001B0 65 6D 00 00 00 63 7B 9A 29 6C 64 97 00 00 00 01 em...c{.)ld.....
0x000001C0 01 00 1C FE FF FF 3F 00 00 00 3B 0D 77 01 80 FE ...þ..?...;.w..þ
0x000001D0 FF FF 07 FE FF FF 7A 0D 77 01 C0 06 1C 1D 00 FE ...þ..z.w.À....þ
0x000001E0 FF FF 0F FE FF FF 3A 14 93 1E 07 38 A5 1B 00 00 ...þ..:....8¥...
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª
Re: zablokován škodlivý URL
OTL Extras logfile created on: 30.1.2012 22:31:16 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Mira\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 1,67 Gb Available Physical Memory | 55,73% Memory free
6,00 Gb Paging File | 4,46 Gb Available in Paging File | 74,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 28,51 Gb Free Space | 12,24% Space Free | Partition Type: NTFS
Drive D: | 221,16 Gb Total Space | 50,78 Gb Free Space | 22,96% Space Free | Partition Type: NTFS
Computer Name: MIRASUS | User Name: Mira | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3530115336-4176716947-819615222-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 29
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D316CFB-1825-4030-A13A-29D18DC6B177}" = OfficeSharedAddInSetup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E86E575-2B04-4FEC-ADA3-72D47CB4777C}" = Cortona3D Viewer
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5U8xx Media Driver ver.3.62.02
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6C472DFC-6D44-4947-9E1A-F79A2469D953}" = eTesty - autoškola
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8B7IL77L-LKS1-AC3-BATAC-18CD6E6334R1}_is1" = Batman Arkham City version 1.0
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Software Bluetooth WIDCOMM
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 290.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 290.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.11.1107
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.6.24
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.9.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D42F84B6-3709-4A50-8502-6719D16AE6C8}" = SRS Premium Sound Control Panel
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher Enhanced Edition
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"Battle City (VirtuaNES 0.97 emulation)" = Battle City (VirtuaNES 0.97 emulation)
"Battlelog Web Plugins" = Battlelog Web Plugins
"BK-Soft Kill Win 2.2" = BK-Soft Kill Win 2.2
"BSPlayer" = BSPlayer
"BSPlayer1" = BSPlayer
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"C-Media CM106 Like Sound Driver" = USB Multi-Channel Audio Device
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESN Sonar-0.70.4" = ESN Sonar
"Hamachi" = Hamachi 1.0.2.5
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{9208F706-6528-4591-A997-F41395FBD8A7}" = Spider-Man(R) - Web of Shadows(TM) 1.1 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"Kill Winamp_is1" = KillWinamp 1.60
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.6.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"Mumble" = Mumble and Murmur
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Smart PDF Creator_is1" = Smart PDF Creator 6.3.0.467
"Stronghold 3_is1" = Stronghold 3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"USB 2.0 2.0M UVC WebCam" = USB 2.0 2.0M UVC WebCam
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"yBook_is1" = yBook
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3530115336-4176716947-819615222-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Winamp Detect" = Winamp Application Detect
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 24.1.2010 6:36:57 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
Error - 24.1.2010 6:36:58 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
Error - 24.1.2010 6:36:58 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
Error - 24.1.2010 6:36:58 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
Error - 24.1.2010 6:36:58 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
Error - 24.1.2010 6:36:59 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
Error - 24.1.2010 6:36:59 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
Error - 24.1.2010 6:37:00 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
Error - 24.1.2010 6:37:00 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
Error - 24.1.2010 6:37:25 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
[ Application Events ]
Error - 27.1.2012 15:30:18 | Computer Name = MIRASUS | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 27.1.2012 15:30:18 | Computer Name = MIRASUS | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1342
Error - 27.1.2012 15:30:18 | Computer Name = MIRASUS | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1342
Error - 27.1.2012 15:30:20 | Computer Name = MIRASUS | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 27.1.2012 15:30:20 | Computer Name = MIRASUS | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2605
Error - 27.1.2012 15:30:20 | Computer Name = MIRASUS | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2605
Error - 28.1.2012 16:38:02 | Computer Name = MIRASUS | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 28.1.2012 16:38:02 | Computer Name = MIRASUS | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1170
Error - 28.1.2012 16:38:02 | Computer Name = MIRASUS | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1170
Error - 30.1.2012 13:21:06 | Computer Name = MIRASUS | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro d:\Games\anno 1701\Tools\Tages\DrvSetup_x64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
[ OSession Events ]
Error - 8.11.2010 14:48:29 | Computer Name = MIRASUS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 5413 seconds with 660 seconds of active time. This session ended with a
crash.
Error - 18.1.2012 10:32:43 | Computer Name = MIRASUS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 30.1.2012 17:56:56 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 30.1.2012 17:56:57 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 30.1.2012 17:56:57 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 30.1.2012 17:56:58 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 30.1.2012 17:56:58 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 30.1.2012 17:56:59 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 30.1.2012 17:57:00 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 30.1.2012 17:57:00 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 30.1.2012 17:57:01 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 30.1.2012 17:57:01 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
< End of report >
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Mira\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 1,67 Gb Available Physical Memory | 55,73% Memory free
6,00 Gb Paging File | 4,46 Gb Available in Paging File | 74,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 28,51 Gb Free Space | 12,24% Space Free | Partition Type: NTFS
Drive D: | 221,16 Gb Total Space | 50,78 Gb Free Space | 22,96% Space Free | Partition Type: NTFS
Computer Name: MIRASUS | User Name: Mira | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3530115336-4176716947-819615222-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 29
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D316CFB-1825-4030-A13A-29D18DC6B177}" = OfficeSharedAddInSetup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E86E575-2B04-4FEC-ADA3-72D47CB4777C}" = Cortona3D Viewer
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5U8xx Media Driver ver.3.62.02
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6C472DFC-6D44-4947-9E1A-F79A2469D953}" = eTesty - autoškola
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8B7IL77L-LKS1-AC3-BATAC-18CD6E6334R1}_is1" = Batman Arkham City version 1.0
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Software Bluetooth WIDCOMM
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 290.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 290.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.11.1107
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.6.24
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.9.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D42F84B6-3709-4A50-8502-6719D16AE6C8}" = SRS Premium Sound Control Panel
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher Enhanced Edition
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"Battle City (VirtuaNES 0.97 emulation)" = Battle City (VirtuaNES 0.97 emulation)
"Battlelog Web Plugins" = Battlelog Web Plugins
"BK-Soft Kill Win 2.2" = BK-Soft Kill Win 2.2
"BSPlayer" = BSPlayer
"BSPlayer1" = BSPlayer
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"C-Media CM106 Like Sound Driver" = USB Multi-Channel Audio Device
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESN Sonar-0.70.4" = ESN Sonar
"Hamachi" = Hamachi 1.0.2.5
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{9208F706-6528-4591-A997-F41395FBD8A7}" = Spider-Man(R) - Web of Shadows(TM) 1.1 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"Kill Winamp_is1" = KillWinamp 1.60
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.6.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"Mumble" = Mumble and Murmur
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Smart PDF Creator_is1" = Smart PDF Creator 6.3.0.467
"Stronghold 3_is1" = Stronghold 3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"USB 2.0 2.0M UVC WebCam" = USB 2.0 2.0M UVC WebCam
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"yBook_is1" = yBook
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3530115336-4176716947-819615222-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Winamp Detect" = Winamp Application Detect
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 24.1.2010 6:36:57 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
Error - 24.1.2010 6:36:58 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
Error - 24.1.2010 6:36:58 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
Error - 24.1.2010 6:36:58 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
Error - 24.1.2010 6:36:58 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
Error - 24.1.2010 6:36:59 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
Error - 24.1.2010 6:36:59 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
Error - 24.1.2010 6:37:00 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
Error - 24.1.2010 6:37:00 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
Error - 24.1.2010 6:37:25 | Computer Name = MIRASUS | Source = avast! | ID = 33554522
Description =
[ Application Events ]
Error - 27.1.2012 15:30:18 | Computer Name = MIRASUS | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 27.1.2012 15:30:18 | Computer Name = MIRASUS | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1342
Error - 27.1.2012 15:30:18 | Computer Name = MIRASUS | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1342
Error - 27.1.2012 15:30:20 | Computer Name = MIRASUS | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 27.1.2012 15:30:20 | Computer Name = MIRASUS | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2605
Error - 27.1.2012 15:30:20 | Computer Name = MIRASUS | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2605
Error - 28.1.2012 16:38:02 | Computer Name = MIRASUS | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 28.1.2012 16:38:02 | Computer Name = MIRASUS | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1170
Error - 28.1.2012 16:38:02 | Computer Name = MIRASUS | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1170
Error - 30.1.2012 13:21:06 | Computer Name = MIRASUS | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro d:\Games\anno 1701\Tools\Tages\DrvSetup_x64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
[ OSession Events ]
Error - 8.11.2010 14:48:29 | Computer Name = MIRASUS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 5413 seconds with 660 seconds of active time. This session ended with a
crash.
Error - 18.1.2012 10:32:43 | Computer Name = MIRASUS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 30.1.2012 17:56:56 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 30.1.2012 17:56:57 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 30.1.2012 17:56:57 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 30.1.2012 17:56:58 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 30.1.2012 17:56:58 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 30.1.2012 17:56:59 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 30.1.2012 17:57:00 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 30.1.2012 17:57:00 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 30.1.2012 17:57:01 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
Error - 30.1.2012 17:57:01 | Computer Name = MIRASUS | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.
< End of report >
Re: zablokován škodlivý URL
Ja si sem log vlozim at se lepe lusti
OTL logfile created on: 30.1.2012 22:31:16 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Mira\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 1,67 Gb Available Physical Memory | 55,73% Memory free
6,00 Gb Paging File | 4,46 Gb Available in Paging File | 74,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 28,51 Gb Free Space | 12,24% Space Free | Partition Type: NTFS
Drive D: | 221,16 Gb Total Space | 50,78 Gb Free Space | 22,96% Space Free | Partition Type: NTFS
Computer Name: MIRASUS | User Name: Mira | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.01.30 22:28:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Mira\Desktop\OTL.exe
PRC - [2012.01.30 22:25:35 | 000,143,360 | ---- | M] (Eric_71) -- C:\Users\Mira\Desktop\MbrScan.exe
PRC - [2012.01.30 22:15:13 | 001,201,664 | ---- | M] () -- C:\Downloads\RogueKiller.exe
PRC - [2011.12.21 08:39:32 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.12.17 22:05:00 | 002,348,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2011.12.17 20:39:44 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011.12.17 20:39:33 | 000,857,920 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011.12.12 13:44:50 | 000,052,944 | ---- | M] () -- C:\Program Files\Smart PDF Creator\SmartSoft PDF Printer Agent.exe
PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.10.02 23:08:12 | 000,233,472 | R--- | M] (ATK) -- C:\Program Files\P4G\batterylife.exe
PRC - [2009.08.12 09:33:28 | 001,033,448 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
PRC - [2009.07.24 10:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009.07.23 10:30:06 | 000,544,768 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2009.07.01 18:03:12 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2009.07.01 18:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009.06.29 10:39:50 | 000,157,752 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
PRC - [2009.06.24 12:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009.06.11 14:09:36 | 000,221,184 | R--- | M] () -- C:\Windows\system\cm106eye.exe
PRC - [2009.06.10 09:12:00 | 008,568,832 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009.05.18 15:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009.04.23 21:24:44 | 000,178,744 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe
PRC - [2009.04.20 11:09:30 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2009.04.01 21:05:34 | 000,098,304 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2008.12.22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe
PRC - [2008.08.13 21:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008.08.13 20:59:52 | 000,100,920 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008.08.13 16:21:56 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2008.03.31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007.11.30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007.11.20 13:50:36 | 001,145,400 | ---- | M] (ASUS) -- C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
PRC - [2007.08.08 00:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2005.07.06 15:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe
========== Modules (No Company Name) ==========
MOD - [2012.01.03 09:45:08 | 000,016,832 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll
MOD - [2011.12.21 08:39:32 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.12.12 13:44:50 | 000,052,944 | ---- | M] () -- C:\Program Files\Smart PDF Creator\SmartSoft PDF Printer Agent.exe
MOD - [2011.11.18 13:57:28 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011.06.24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.08.19 06:01:31 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll
MOD - [2009.07.25 13:58:02 | 000,023,040 | ---- | M] () -- C:\Program Files\P4G\OvrClk.dll
MOD - [2009.07.24 10:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009.07.01 18:03:24 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2009.06.11 14:09:38 | 000,491,520 | R--- | M] () -- C:\Windows\system\cmau106.dll
MOD - [2009.06.11 14:09:36 | 000,221,184 | R--- | M] () -- C:\Windows\system\cm106eye.exe
MOD - [2009.05.05 10:00:46 | 000,012,288 | ---- | M] () -- C:\Program Files\P4G\DevMng.dll
MOD - [2009.03.20 10:01:38 | 000,188,416 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswsysmon.dll
MOD - [2009.03.19 14:29:12 | 000,094,208 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\LogonStartup.dll
MOD - [2008.09.30 23:02:44 | 000,009,216 | ---- | M] () -- C:\Program Files\ASUS\Splendid\GLCDdll.dll
MOD - [2008.09.03 15:28:24 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.08.29 10:55:00 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.05.16 11:28:20 | 000,208,896 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswcore.dll
MOD - [2008.05.16 11:28:10 | 000,081,920 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswobj.dll
MOD - [2007.11.30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
MOD - [2007.08.02 09:53:06 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswresmgr.dll
MOD - [2007.07.27 15:10:02 | 000,049,152 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ResItf.dll
MOD - [2007.06.19 11:38:08 | 000,208,896 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswui.dll
MOD - [2007.06.15 10:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007.06.01 17:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
MOD - [2007.05.14 11:10:40 | 000,061,440 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswgblset.dll
MOD - [2007.03.09 16:16:52 | 000,106,496 | ---- | M] () -- C:\Program Files\ATKGFNEX\AGFNEX.dll
MOD - [2006.12.09 09:34:36 | 000,139,264 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipsw_cfgmgr.dll
MOD - [2006.12.07 09:29:06 | 000,007,168 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\iphelper.dll
MOD - [2006.12.06 16:55:32 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswhlp.dll
MOD - [2006.12.06 16:55:22 | 000,086,016 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswds.dll
MOD - [2006.12.06 16:42:26 | 000,094,208 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\cxcmrt.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.12.17 22:05:00 | 002,348,864 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.11.06 19:40:41 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.06.12 06:23:00 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.01 18:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2008.08.13 20:59:52 | 000,100,920 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2008.03.31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2007.08.08 00:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
========== Driver Services (SafeList) ==========
DRV - [2011.12.17 22:05:00 | 011,149,632 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:07 | 000,055,128 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.11.09 15:21:40 | 000,147,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011.05.10 07:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010.12.25 20:58:10 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.04.21 17:47:56 | 000,483,200 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2010.01.30 22:23:20 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.01.30 22:23:20 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.12.18 18:16:11 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.12.17 16:33:21 | 000,030,264 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2009.10.05 16:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.07.21 02:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.13 23:02:53 | 000,048,128 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH)
DRV - [2009.06.25 16:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009.06.25 16:25:58 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2009.06.25 16:10:48 | 000,044,544 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2009.06.18 12:18:00 | 000,015,416 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\lullaby.sys -- (lullaby)
DRV - [2009.06.11 14:09:56 | 001,516,544 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CM106.sys -- (USBMULCD)
DRV - [2009.06.05 11:14:40 | 001,766,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009.05.13 02:06:48 | 000,014,392 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2009.04.27 09:26:42 | 000,050,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV - [2008.05.23 17:25:42 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007.08.03 05:26:22 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007.07.24 11:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2005.01.14 17:14:07 | 000,047,616 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2004.12.03 11:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004.10.28 11:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.08.09 12:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.08.09 12:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.07.19 15:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2003.12.01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
IE - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss ... 2423086e4e
IE - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No CLSID value found
IE - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_result ... r=1.3.3&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.4.3&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@parallelgraphics.com/Cortona: C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll (ParallelGraphics)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.95\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.95\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.30 21:41:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.12 01:20:54 | 000,000,000 | ---D | M]
[2009.12.18 19:30:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mira\AppData\Roaming\Mozilla\Extensions
[2012.01.30 22:12:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions
[2011.11.17 22:48:23 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\ffxtlbr@babylon.com
[2011.03.23 22:21:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\nostmp
[2009.07.01 13:22:12 | 000,000,880 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\conduit.xml
[2012.01.27 09:24:36 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-1.xml
[2011.05.09 09:11:43 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-10.xml
[2011.08.22 20:06:16 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-11.xml
[2011.09.01 20:27:40 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-12.xml
[2011.09.10 16:49:39 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-13.xml
[2011.10.03 05:20:31 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-14.xml
[2011.10.14 09:24:00 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-15.xml
[2011.11.10 13:23:45 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-16.xml
[2011.11.17 23:27:41 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-17.xml
[2011.11.29 16:49:39 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-18.xml
[2012.01.08 17:00:51 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-19.xml
[2009.12.20 15:46:06 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-2.xml
[2012.01.30 21:41:55 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-20.xml
[2010.01.07 07:08:41 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-3.xml
[2010.12.12 21:29:48 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-4.xml
[2011.02.01 23:08:19 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-5.xml
[2011.03.06 21:13:07 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-6.xml
[2011.03.23 20:15:06 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-7.xml
[2011.03.23 22:25:45 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-8.xml
[2011.05.01 09:39:12 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-9.xml
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin.xml
[2012.01.30 21:41:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.12.17 17:14:11 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
() (No name found) -- C:\USERS\MIRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8BDHD9XK.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
() (No name found) -- C:\USERS\MIRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8BDHD9XK.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\MIRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8BDHD9XK.DEFAULT\EXTENSIONS\EXTENSION@FIREFOX.COM.XPI
[2011.12.21 08:39:32 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.08.09 16:17:46 | 000,873,888 | ---- | M] (ParallelGraphics) -- C:\Program Files\mozilla firefox\plugins\npCortona.dll
[2011.10.03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009.12.18 01:31:54 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011.11.17 22:48:09 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.12.21 07:21:58 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.12.21 07:21:58 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.12.21 07:21:58 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.12.21 07:21:58 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.12.21 07:21:58 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\..\Toolbar\WebBrowser: (no name) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No CLSID value found.
O4 - HKLM..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Cm106Sound] RunDll32 cm106.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [SmartSoft PDF Printer Agent] C:\Program Files\Smart PDF Creator\SmartSoft PDF Printer Agent.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft)
O4 - HKU\S-1-5-21-3530115336-4176716947-819615222-1001..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-3530115336-4176716947-819615222-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3530115336-4176716947-819615222-1001..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3530115336-4176716947-819615222-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDow ... rtScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C6413F8-EDF5-47AF-8772-485F4DB5496E}: DhcpNameServer = 160.218.167.5 160.218.161.60
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49578C75-553F-44D6-B0CF-19F816FC9B6C}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E777499-731C-465C-8DD3-EA2279F61B4F}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6FFF9895-6124-4DAC-BE1E-208161F56321}: DhcpNameServer = 160.218.161.60 194.228.211.33
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A70E5D2F-B457-4F26-8AE7-33C51FD7E0C4}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.05.19 21:00:41 | 000,000,000 | ---D | M] - D:\Autodrom -- [ NTFS ]
O33 - MountPoints2\{e506ac32-8224-11e0-b777-002243cba8c3}\Shell - "" = AutoRun
O33 - MountPoints2\{e506ac32-8224-11e0-b777-002243cba8c3}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{fa6f468f-eaf1-11de-aae8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fa6f468f-eaf1-11de-aae8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\InstAll.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.01.30 22:28:40 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Mira\Desktop\OTL.exe
[2012.01.30 22:27:30 | 000,523,264 | ---- | C] (OldTimer Tools) -- C:\Users\Mira\Desktop\OTM.exe
[2012.01.30 22:25:31 | 000,143,360 | ---- | C] (Eric_71) -- C:\Users\Mira\Desktop\MbrScan.exe
[2012.01.30 22:15:21 | 000,000,000 | ---D | C] -- C:\Users\Mira\Desktop\RK_Quarantine
[2012.01.30 21:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.01.30 21:50:51 | 000,000,000 | ---D | C] -- C:\rsit
[2012.01.30 21:44:16 | 000,000,000 | ---D | C] -- C:\Users\Mira\Desktop\Legislativa
[2012.01.28 00:39:18 | 000,000,000 | ---D | C] -- C:\Users\Mira\Desktop\Milionář z chatrče
[2012.01.24 00:05:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.01.24 00:04:57 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2009.12.17 12:28:33 | 000,013,880 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
[2008.08.11 21:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files\Common Files\MSIactionall.dll
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.01.30 22:34:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.01.30 22:28:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Mira\Desktop\OTL.exe
[2012.01.30 22:27:36 | 000,523,264 | ---- | M] (OldTimer Tools) -- C:\Users\Mira\Desktop\OTM.exe
[2012.01.30 22:25:35 | 000,143,360 | ---- | M] (Eric_71) -- C:\Users\Mira\Desktop\MbrScan.exe
[2012.01.30 22:17:24 | 000,111,872 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012.01.30 22:15:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.30 21:41:47 | 000,001,103 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.01.30 18:59:26 | 000,631,292 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.01.30 18:59:26 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.30 18:59:26 | 000,121,914 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.01.30 18:59:26 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.30 12:40:09 | 000,015,152 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.30 12:40:09 | 000,015,152 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.30 12:34:03 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.30 12:32:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.30 12:31:49 | 2415,218,688 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.28 13:56:45 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.01.24 00:05:32 | 000,001,760 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.01.30 22:34:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.01.30 22:17:09 | 000,111,872 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012.01.30 21:41:47 | 000,001,103 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.01.30 21:41:46 | 000,001,115 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.01.24 00:05:32 | 000,001,760 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.01.05 22:19:10 | 000,007,610 | ---- | C] () -- C:\Users\Mira\AppData\Local\Resmon.ResmonCfg
[2011.12.28 18:54:56 | 000,143,360 | R--- | C] () -- C:\Windows\Vmix106.dll
[2011.12.28 18:54:51 | 000,000,166 | ---- | C] () -- C:\Windows\Cm106.ini.cfl
[2011.12.28 18:54:50 | 000,544,768 | R--- | C] () -- C:\Windows\System32\Cmeau106.exe
[2011.12.28 18:54:01 | 000,299,008 | R--- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
[2011.12.28 18:54:01 | 000,002,391 | R--- | C] () -- C:\Windows\Cm106.ini.cfg
[2011.12.28 18:54:01 | 000,000,093 | ---- | C] () -- C:\Windows\Cm106.ini.imi
[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.08.25 21:37:04 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.08.25 21:37:00 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.08.25 21:37:00 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.08.25 21:37:00 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.04.15 23:12:03 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.12.11 19:02:40 | 000,024,064 | ---- | C] () -- C:\Users\Mira\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.17 09:17:07 | 002,601,752 | ---- | C] () -- C:\Windows\System32\pbsvc_moh.exe
[2010.08.19 05:52:34 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2010.05.23 18:41:01 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2010.05.08 15:57:29 | 000,000,003 | ---- | C] () -- C:\Windows\treeskp.sys
[2010.05.08 15:57:29 | 000,000,003 | ---- | C] () -- C:\Windows\sbacknt.bin
[2010.05.01 14:48:08 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2010.04.21 17:50:23 | 000,000,014 | ---- | C] () -- C:\Windows\System32\systeminfo.dll
[2010.04.21 17:48:02 | 000,000,140 | ---- | C] () -- C:\Windows\System32\AF15IRTBL.bin
[2010.03.23 00:03:07 | 000,000,604 | ---- | C] () -- C:\Windows\Spiderman.INI
[2010.03.13 09:56:14 | 000,425,472 | ---- | C] () -- C:\Windows\System32\QESQL04.DLL
[2010.03.13 09:56:14 | 000,203,264 | ---- | C] () -- C:\Windows\System32\QELIB.DLL
[2010.01.30 22:23:20 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.01.30 22:23:20 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009.12.28 19:52:39 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009.12.18 19:44:39 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009.12.18 19:44:39 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009.12.18 19:44:39 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009.12.17 17:53:49 | 000,139,688 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.12.17 17:53:49 | 000,138,056 | ---- | C] () -- C:\Users\Mira\AppData\Roaming\PnkBstrK.sys
[2009.12.17 17:53:18 | 000,281,880 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2009.12.17 17:53:15 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009.12.17 17:53:14 | 000,000,296 | ---- | C] () -- C:\Windows\game.ini
[2009.12.17 17:35:41 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.12.17 16:33:43 | 000,053,248 | ---- | C] () -- C:\Windows\System32\LogonStart.dll
[2009.12.17 16:26:00 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\SAMSFPA.DAT
[2009.12.17 12:38:23 | 001,766,592 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009.12.17 12:38:23 | 000,035,264 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2009.12.17 12:29:13 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.11.06 09:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.08.26 10:31:02 | 000,631,292 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.08.26 10:31:02 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.08.26 10:31:02 | 000,121,914 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.08.26 10:31:02 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.08.20 06:47:58 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,409,008 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,616,008 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,106,388 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.11 14:10:10 | 000,000,518 | R--- | C] () -- C:\Windows\cm106.ini
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.04.08 10:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.05.22 08:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
========== LOP Check ==========
[2011.11.17 22:48:08 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Babylon
[2009.12.18 15:30:25 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\BSplayer
[2009.12.17 17:30:44 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\BSplayer Pro
[2011.12.25 07:48:55 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\DAEMON Tools Lite
[2011.09.14 18:35:29 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\GetRightToGo
[2010.11.14 21:02:09 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\GHISLER
[2012.01.30 17:58:53 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\ICQ
[2010.07.21 19:39:09 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Mumble
[2012.01.07 00:00:49 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Origin
[2011.11.08 16:03:32 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Posta
[2011.07.02 15:52:39 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\PunkBuster
[2010.08.19 12:15:28 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Sierra Entertainment
[2012.01.10 16:31:51 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Smart PDF Creator
[2011.10.02 12:26:39 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\TS3Client
[2011.09.23 11:41:17 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\ts3overlay
[2011.11.07 20:38:11 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Ubisoft
[2010.05.08 15:57:24 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\vghd
[2012.01.12 20:44:55 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
OTL logfile created on: 30.1.2012 22:31:16 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Mira\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 1,67 Gb Available Physical Memory | 55,73% Memory free
6,00 Gb Paging File | 4,46 Gb Available in Paging File | 74,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 28,51 Gb Free Space | 12,24% Space Free | Partition Type: NTFS
Drive D: | 221,16 Gb Total Space | 50,78 Gb Free Space | 22,96% Space Free | Partition Type: NTFS
Computer Name: MIRASUS | User Name: Mira | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.01.30 22:28:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Mira\Desktop\OTL.exe
PRC - [2012.01.30 22:25:35 | 000,143,360 | ---- | M] (Eric_71) -- C:\Users\Mira\Desktop\MbrScan.exe
PRC - [2012.01.30 22:15:13 | 001,201,664 | ---- | M] () -- C:\Downloads\RogueKiller.exe
PRC - [2011.12.21 08:39:32 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.12.17 22:05:00 | 002,348,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2011.12.17 20:39:44 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011.12.17 20:39:33 | 000,857,920 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011.12.12 13:44:50 | 000,052,944 | ---- | M] () -- C:\Program Files\Smart PDF Creator\SmartSoft PDF Printer Agent.exe
PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.10.02 23:08:12 | 000,233,472 | R--- | M] (ATK) -- C:\Program Files\P4G\batterylife.exe
PRC - [2009.08.12 09:33:28 | 001,033,448 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
PRC - [2009.07.24 10:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009.07.23 10:30:06 | 000,544,768 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2009.07.01 18:03:12 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2009.07.01 18:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009.06.29 10:39:50 | 000,157,752 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
PRC - [2009.06.24 12:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009.06.11 14:09:36 | 000,221,184 | R--- | M] () -- C:\Windows\system\cm106eye.exe
PRC - [2009.06.10 09:12:00 | 008,568,832 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009.05.18 15:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009.04.23 21:24:44 | 000,178,744 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe
PRC - [2009.04.20 11:09:30 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2009.04.01 21:05:34 | 000,098,304 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2008.12.22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe
PRC - [2008.08.13 21:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008.08.13 20:59:52 | 000,100,920 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008.08.13 16:21:56 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2008.03.31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007.11.30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007.11.20 13:50:36 | 001,145,400 | ---- | M] (ASUS) -- C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
PRC - [2007.08.08 00:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2005.07.06 15:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe
========== Modules (No Company Name) ==========
MOD - [2012.01.03 09:45:08 | 000,016,832 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll
MOD - [2011.12.21 08:39:32 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.12.12 13:44:50 | 000,052,944 | ---- | M] () -- C:\Program Files\Smart PDF Creator\SmartSoft PDF Printer Agent.exe
MOD - [2011.11.18 13:57:28 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011.06.24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.08.19 06:01:31 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll
MOD - [2009.07.25 13:58:02 | 000,023,040 | ---- | M] () -- C:\Program Files\P4G\OvrClk.dll
MOD - [2009.07.24 10:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009.07.01 18:03:24 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2009.06.11 14:09:38 | 000,491,520 | R--- | M] () -- C:\Windows\system\cmau106.dll
MOD - [2009.06.11 14:09:36 | 000,221,184 | R--- | M] () -- C:\Windows\system\cm106eye.exe
MOD - [2009.05.05 10:00:46 | 000,012,288 | ---- | M] () -- C:\Program Files\P4G\DevMng.dll
MOD - [2009.03.20 10:01:38 | 000,188,416 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswsysmon.dll
MOD - [2009.03.19 14:29:12 | 000,094,208 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\LogonStartup.dll
MOD - [2008.09.30 23:02:44 | 000,009,216 | ---- | M] () -- C:\Program Files\ASUS\Splendid\GLCDdll.dll
MOD - [2008.09.03 15:28:24 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.08.29 10:55:00 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.05.16 11:28:20 | 000,208,896 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswcore.dll
MOD - [2008.05.16 11:28:10 | 000,081,920 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswobj.dll
MOD - [2007.11.30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
MOD - [2007.08.02 09:53:06 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswresmgr.dll
MOD - [2007.07.27 15:10:02 | 000,049,152 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ResItf.dll
MOD - [2007.06.19 11:38:08 | 000,208,896 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswui.dll
MOD - [2007.06.15 10:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007.06.01 17:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
MOD - [2007.05.14 11:10:40 | 000,061,440 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswgblset.dll
MOD - [2007.03.09 16:16:52 | 000,106,496 | ---- | M] () -- C:\Program Files\ATKGFNEX\AGFNEX.dll
MOD - [2006.12.09 09:34:36 | 000,139,264 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipsw_cfgmgr.dll
MOD - [2006.12.07 09:29:06 | 000,007,168 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\iphelper.dll
MOD - [2006.12.06 16:55:32 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswhlp.dll
MOD - [2006.12.06 16:55:22 | 000,086,016 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswds.dll
MOD - [2006.12.06 16:42:26 | 000,094,208 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\cxcmrt.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.12.17 22:05:00 | 002,348,864 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.11.06 19:40:41 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.06.12 06:23:00 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.01 18:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2008.08.13 20:59:52 | 000,100,920 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2008.03.31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2007.08.08 00:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
========== Driver Services (SafeList) ==========
DRV - [2011.12.17 22:05:00 | 011,149,632 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:07 | 000,055,128 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.11.09 15:21:40 | 000,147,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011.05.10 07:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010.12.25 20:58:10 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.04.21 17:47:56 | 000,483,200 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2010.01.30 22:23:20 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.01.30 22:23:20 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.12.18 18:16:11 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.12.17 16:33:21 | 000,030,264 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2009.10.05 16:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.07.21 02:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.13 23:02:53 | 000,048,128 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH)
DRV - [2009.06.25 16:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009.06.25 16:25:58 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2009.06.25 16:10:48 | 000,044,544 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2009.06.18 12:18:00 | 000,015,416 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\lullaby.sys -- (lullaby)
DRV - [2009.06.11 14:09:56 | 001,516,544 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CM106.sys -- (USBMULCD)
DRV - [2009.06.05 11:14:40 | 001,766,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009.05.13 02:06:48 | 000,014,392 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2009.04.27 09:26:42 | 000,050,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV - [2008.05.23 17:25:42 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007.08.03 05:26:22 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007.07.24 11:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2005.01.14 17:14:07 | 000,047,616 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2004.12.03 11:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004.10.28 11:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.08.09 12:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.08.09 12:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.07.19 15:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2003.12.01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
IE - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss ... 2423086e4e
IE - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No CLSID value found
IE - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_result ... r=1.3.3&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.4.3&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@parallelgraphics.com/Cortona: C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll (ParallelGraphics)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.95\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.95\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.30 21:41:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.12 01:20:54 | 000,000,000 | ---D | M]
[2009.12.18 19:30:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mira\AppData\Roaming\Mozilla\Extensions
[2012.01.30 22:12:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions
[2011.11.17 22:48:23 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\ffxtlbr@babylon.com
[2011.03.23 22:21:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\nostmp
[2009.07.01 13:22:12 | 000,000,880 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\conduit.xml
[2012.01.27 09:24:36 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-1.xml
[2011.05.09 09:11:43 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-10.xml
[2011.08.22 20:06:16 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-11.xml
[2011.09.01 20:27:40 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-12.xml
[2011.09.10 16:49:39 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-13.xml
[2011.10.03 05:20:31 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-14.xml
[2011.10.14 09:24:00 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-15.xml
[2011.11.10 13:23:45 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-16.xml
[2011.11.17 23:27:41 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-17.xml
[2011.11.29 16:49:39 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-18.xml
[2012.01.08 17:00:51 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-19.xml
[2009.12.20 15:46:06 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-2.xml
[2012.01.30 21:41:55 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-20.xml
[2010.01.07 07:08:41 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-3.xml
[2010.12.12 21:29:48 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-4.xml
[2011.02.01 23:08:19 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-5.xml
[2011.03.06 21:13:07 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-6.xml
[2011.03.23 20:15:06 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-7.xml
[2011.03.23 22:25:45 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-8.xml
[2011.05.01 09:39:12 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-9.xml
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin.xml
[2012.01.30 21:41:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.12.17 17:14:11 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
() (No name found) -- C:\USERS\MIRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8BDHD9XK.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
() (No name found) -- C:\USERS\MIRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8BDHD9XK.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\MIRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8BDHD9XK.DEFAULT\EXTENSIONS\EXTENSION@FIREFOX.COM.XPI
[2011.12.21 08:39:32 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.08.09 16:17:46 | 000,873,888 | ---- | M] (ParallelGraphics) -- C:\Program Files\mozilla firefox\plugins\npCortona.dll
[2011.10.03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009.12.18 01:31:54 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011.11.17 22:48:09 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.12.21 07:21:58 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.12.21 07:21:58 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.12.21 07:21:58 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.12.21 07:21:58 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.12.21 07:21:58 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\..\Toolbar\WebBrowser: (no name) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No CLSID value found.
O4 - HKLM..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Cm106Sound] RunDll32 cm106.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [SmartSoft PDF Printer Agent] C:\Program Files\Smart PDF Creator\SmartSoft PDF Printer Agent.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft)
O4 - HKU\S-1-5-21-3530115336-4176716947-819615222-1001..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-3530115336-4176716947-819615222-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3530115336-4176716947-819615222-1001..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3530115336-4176716947-819615222-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDow ... rtScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C6413F8-EDF5-47AF-8772-485F4DB5496E}: DhcpNameServer = 160.218.167.5 160.218.161.60
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49578C75-553F-44D6-B0CF-19F816FC9B6C}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E777499-731C-465C-8DD3-EA2279F61B4F}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6FFF9895-6124-4DAC-BE1E-208161F56321}: DhcpNameServer = 160.218.161.60 194.228.211.33
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A70E5D2F-B457-4F26-8AE7-33C51FD7E0C4}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.05.19 21:00:41 | 000,000,000 | ---D | M] - D:\Autodrom -- [ NTFS ]
O33 - MountPoints2\{e506ac32-8224-11e0-b777-002243cba8c3}\Shell - "" = AutoRun
O33 - MountPoints2\{e506ac32-8224-11e0-b777-002243cba8c3}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{fa6f468f-eaf1-11de-aae8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fa6f468f-eaf1-11de-aae8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\InstAll.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.01.30 22:28:40 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Mira\Desktop\OTL.exe
[2012.01.30 22:27:30 | 000,523,264 | ---- | C] (OldTimer Tools) -- C:\Users\Mira\Desktop\OTM.exe
[2012.01.30 22:25:31 | 000,143,360 | ---- | C] (Eric_71) -- C:\Users\Mira\Desktop\MbrScan.exe
[2012.01.30 22:15:21 | 000,000,000 | ---D | C] -- C:\Users\Mira\Desktop\RK_Quarantine
[2012.01.30 21:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.01.30 21:50:51 | 000,000,000 | ---D | C] -- C:\rsit
[2012.01.30 21:44:16 | 000,000,000 | ---D | C] -- C:\Users\Mira\Desktop\Legislativa
[2012.01.28 00:39:18 | 000,000,000 | ---D | C] -- C:\Users\Mira\Desktop\Milionář z chatrče
[2012.01.24 00:05:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.01.24 00:04:57 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2009.12.17 12:28:33 | 000,013,880 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
[2008.08.11 21:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files\Common Files\MSIactionall.dll
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.01.30 22:34:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.01.30 22:28:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Mira\Desktop\OTL.exe
[2012.01.30 22:27:36 | 000,523,264 | ---- | M] (OldTimer Tools) -- C:\Users\Mira\Desktop\OTM.exe
[2012.01.30 22:25:35 | 000,143,360 | ---- | M] (Eric_71) -- C:\Users\Mira\Desktop\MbrScan.exe
[2012.01.30 22:17:24 | 000,111,872 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012.01.30 22:15:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.30 21:41:47 | 000,001,103 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.01.30 18:59:26 | 000,631,292 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.01.30 18:59:26 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.30 18:59:26 | 000,121,914 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.01.30 18:59:26 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.30 12:40:09 | 000,015,152 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.30 12:40:09 | 000,015,152 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.30 12:34:03 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.30 12:32:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.30 12:31:49 | 2415,218,688 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.28 13:56:45 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.01.24 00:05:32 | 000,001,760 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.01.30 22:34:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.01.30 22:17:09 | 000,111,872 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012.01.30 21:41:47 | 000,001,103 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.01.30 21:41:46 | 000,001,115 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.01.24 00:05:32 | 000,001,760 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.01.05 22:19:10 | 000,007,610 | ---- | C] () -- C:\Users\Mira\AppData\Local\Resmon.ResmonCfg
[2011.12.28 18:54:56 | 000,143,360 | R--- | C] () -- C:\Windows\Vmix106.dll
[2011.12.28 18:54:51 | 000,000,166 | ---- | C] () -- C:\Windows\Cm106.ini.cfl
[2011.12.28 18:54:50 | 000,544,768 | R--- | C] () -- C:\Windows\System32\Cmeau106.exe
[2011.12.28 18:54:01 | 000,299,008 | R--- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
[2011.12.28 18:54:01 | 000,002,391 | R--- | C] () -- C:\Windows\Cm106.ini.cfg
[2011.12.28 18:54:01 | 000,000,093 | ---- | C] () -- C:\Windows\Cm106.ini.imi
[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.08.25 21:37:04 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.08.25 21:37:00 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.08.25 21:37:00 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.08.25 21:37:00 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.04.15 23:12:03 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.12.11 19:02:40 | 000,024,064 | ---- | C] () -- C:\Users\Mira\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.17 09:17:07 | 002,601,752 | ---- | C] () -- C:\Windows\System32\pbsvc_moh.exe
[2010.08.19 05:52:34 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2010.05.23 18:41:01 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2010.05.08 15:57:29 | 000,000,003 | ---- | C] () -- C:\Windows\treeskp.sys
[2010.05.08 15:57:29 | 000,000,003 | ---- | C] () -- C:\Windows\sbacknt.bin
[2010.05.01 14:48:08 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2010.04.21 17:50:23 | 000,000,014 | ---- | C] () -- C:\Windows\System32\systeminfo.dll
[2010.04.21 17:48:02 | 000,000,140 | ---- | C] () -- C:\Windows\System32\AF15IRTBL.bin
[2010.03.23 00:03:07 | 000,000,604 | ---- | C] () -- C:\Windows\Spiderman.INI
[2010.03.13 09:56:14 | 000,425,472 | ---- | C] () -- C:\Windows\System32\QESQL04.DLL
[2010.03.13 09:56:14 | 000,203,264 | ---- | C] () -- C:\Windows\System32\QELIB.DLL
[2010.01.30 22:23:20 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.01.30 22:23:20 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009.12.28 19:52:39 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009.12.18 19:44:39 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009.12.18 19:44:39 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009.12.18 19:44:39 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009.12.17 17:53:49 | 000,139,688 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.12.17 17:53:49 | 000,138,056 | ---- | C] () -- C:\Users\Mira\AppData\Roaming\PnkBstrK.sys
[2009.12.17 17:53:18 | 000,281,880 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2009.12.17 17:53:15 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009.12.17 17:53:14 | 000,000,296 | ---- | C] () -- C:\Windows\game.ini
[2009.12.17 17:35:41 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.12.17 16:33:43 | 000,053,248 | ---- | C] () -- C:\Windows\System32\LogonStart.dll
[2009.12.17 16:26:00 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\SAMSFPA.DAT
[2009.12.17 12:38:23 | 001,766,592 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009.12.17 12:38:23 | 000,035,264 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2009.12.17 12:29:13 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.11.06 09:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.08.26 10:31:02 | 000,631,292 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.08.26 10:31:02 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.08.26 10:31:02 | 000,121,914 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.08.26 10:31:02 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.08.20 06:47:58 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,409,008 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,616,008 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,106,388 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.11 14:10:10 | 000,000,518 | R--- | C] () -- C:\Windows\cm106.ini
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.04.08 10:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.05.22 08:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
========== LOP Check ==========
[2011.11.17 22:48:08 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Babylon
[2009.12.18 15:30:25 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\BSplayer
[2009.12.17 17:30:44 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\BSplayer Pro
[2011.12.25 07:48:55 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\DAEMON Tools Lite
[2011.09.14 18:35:29 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\GetRightToGo
[2010.11.14 21:02:09 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\GHISLER
[2012.01.30 17:58:53 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\ICQ
[2010.07.21 19:39:09 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Mumble
[2012.01.07 00:00:49 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Origin
[2011.11.08 16:03:32 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Posta
[2011.07.02 15:52:39 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\PunkBuster
[2010.08.19 12:15:28 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Sierra Entertainment
[2012.01.10 16:31:51 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Smart PDF Creator
[2011.10.02 12:26:39 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\TS3Client
[2011.09.23 11:41:17 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\ts3overlay
[2011.11.07 20:38:11 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Ubisoft
[2010.05.08 15:57:24 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\vghd
[2012.01.12 20:44:55 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: zablokován škodlivý URL
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\System32\drivers\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011.06.21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< >
< %systemroot%*.* /U /s >
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\System32\drivers\UMDF\*.tmp files -> C:\Windows\System32\drivers\UMDF\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.12.17 17:38:44 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Adobe
[2011.11.15 20:23:22 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Apple Computer
[2011.11.17 22:48:08 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Babylon
[2009.12.18 15:30:25 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\BSplayer
[2009.12.17 17:30:44 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\BSplayer Pro
[2011.12.25 07:48:55 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\DAEMON Tools Lite
[2011.09.14 18:35:29 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\GetRightToGo
[2010.11.14 21:02:09 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\GHISLER
[2010.12.25 22:35:48 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Hamachi
[2012.01.30 17:58:53 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\ICQ
[2009.12.17 11:32:58 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Identities
[2009.12.17 12:31:35 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\InstallShield
[2009.12.17 12:39:22 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Macromedia
[2009.07.14 08:48:18 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Media Center Programs
[2012.01.24 00:37:08 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Media Player Classic
[2011.12.05 08:11:18 | 000,000,000 | --SD | M] -- C:\Users\Mira\AppData\Roaming\Microsoft
[2009.12.18 19:30:28 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Mozilla
[2010.07.21 19:39:09 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Mumble
[2011.02.11 15:29:55 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Nero
[2011.09.28 16:50:15 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\NVIDIA
[2012.01.07 00:00:49 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Origin
[2011.11.08 16:03:32 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Posta
[2011.07.02 15:52:39 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\PunkBuster
[2010.02.24 09:15:28 | 000,000,000 | RH-D | M] -- C:\Users\Mira\AppData\Roaming\SecuROM
[2010.08.19 12:15:28 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Sierra Entertainment
[2011.10.28 16:49:50 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Skype
[2012.01.10 16:31:51 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Smart PDF Creator
[2009.12.17 12:29:31 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Talkback
[2011.10.02 12:26:39 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\TS3Client
[2011.09.23 11:41:17 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\ts3overlay
[2011.11.07 20:38:11 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Ubisoft
[2011.10.02 12:26:39 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Ventrilo
[2010.05.08 15:57:24 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\vghd
[2012.01.23 20:45:22 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\vlc
[2011.10.05 17:31:02 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Winamp
[2009.12.21 12:10:16 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2007.08.18 09:54:02 | 000,020,480 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2007.08.18 09:53:50 | 000,016,384 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\BSplayer\AC3 Filter\dialog_patch.exe
[2008.04.13 17:26:54 | 000,036,396 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\BSplayer\AC3 Filter\uninstall.exe
[2008.04.01 11:51:06 | 000,691,717 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2008.03.29 17:42:00 | 000,103,424 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2008.03.29 17:42:02 | 000,335,872 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2008.03.29 17:41:54 | 000,135,168 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2008.06.10 09:11:02 | 000,041,412 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2010.05.31 20:02:08 | 000,001,078 | R--- | M] () -- C:\Users\Mira\AppData\Roaming\Microsoft\Installer\{6C472DFC-6D44-4947-9E1A-F79A2469D953}\_511E40F8F51A826696DCAB.exe
[2010.05.31 20:02:08 | 000,001,078 | R--- | M] () -- C:\Users\Mira\AppData\Roaming\Microsoft\Installer\{6C472DFC-6D44-4947-9E1A-F79A2469D953}\_A17AA8D98E556D75E7296B.exe
[2010.05.20 17:44:55 | 000,005,120 | R--- | M] () -- C:\Users\Mira\AppData\Roaming\Microsoft\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe
[2010.05.13 07:19:54 | 000,010,134 | R--- | M] () -- C:\Users\Mira\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2011.02.02 11:00:32 | 000,034,592 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\nostmp\content\getPlusPlus_Adobe_reg.exe
[2011.02.17 22:46:25 | 000,835,440 | R--- | M] () -- C:\Users\Mira\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2012.01.30 12:34:03 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.01.30 22:15:00 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.12.18 18:16:11 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
[2012.01.30 22:17:24 | 000,111,872 | ---- | M] () -- C:\Windows\system32\drivers\TrueSight.sys
< %systemroot%\system32\*.* /3 >
[2012.01.30 12:40:09 | 000,015,152 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.30 12:40:09 | 000,015,152 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.28 13:56:45 | 000,002,577 | ---- | M] () -- C:\Windows\system32\config.nt
[2012.01.30 18:59:26 | 000,121,914 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.01.30 18:59:26 | 000,106,388 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.01.30 18:59:26 | 000,631,292 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.01.30 18:59:26 | 000,616,008 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.01.30 18:59:26 | 001,470,062 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2009.10.30 12:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd)
"ccleaner" = "C:\Program Files\CCleaner\CCleaner.exe" /AUTO -- [2011.09.23 16:26:18 | 002,648,384 | ---- | M] (Piriform Ltd)
"ICQ" = "C:\Program Files\ICQ7.5\ICQ.exe" silent loginmode=4 -- [2011.08.01 09:28:16 | 000,124,480 | ---- | M] (ICQ, LLC.)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2011.12.21 08:39:32 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=11CCA710674739E3DB8F7450A5B650B6 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2010.11.20 13:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.01.30 22:34:35 | 000,000,512 | ---- | M] () MD5=F62B5003DA5C93667FC564558BFB9755 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2011.12.09 19:23:58 | 000,004,328 | ---- | M] () -- \Downloads\JDownloader\jd\plugins\hoster\CrackedCom.class
[2011.04.26 22:01:14 | 387,895,684 | ---- | M] () -- \Games\Záloha WoW\Movies\New\Isis Taylor\porno in the crack Isis Taylor.wmv
< *keygen* /s >
< *loader* /s >
[2009.11.15 14:53:18 | 000,000,506 | -HS- | M] () -- \Downloads\USDownloader.exe.manifest
[2009.12.01 23:25:06 | 000,214,528 | ---- | M] () -- \Downloads\JDownloader\JDownloader.exe
[2011.01.27 19:22:58 | 000,593,293 | ---- | M] () -- \Downloads\JDownloader\JDownloader.jar
[2009.12.27 18:54:10 | 000,000,100 | ---- | M] () -- \Downloads\JDownloader\jd\img\hosterlogos\ipauploader.com.png
[2009.12.27 18:54:10 | 000,000,105 | ---- | M] () -- \Downloads\JDownloader\jd\img\hosterlogos\jdupdateloader.png
[2009.12.01 23:26:58 | 000,000,113 | ---- | M] () -- \Downloads\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2010.01.19 12:23:04 | 000,003,107 | ---- | M] () -- \Downloads\JDownloader\jd\plugins\decrypter\UploaderRo.class
[2009.12.01 23:25:08 | 000,003,264 | ---- | M] () -- \Downloads\JDownloader\jd\plugins\hoster\IPAUploaderCom.class
[2011.12.09 19:20:24 | 000,007,073 | ---- | M] () -- \Downloads\JDownloader\jd\plugins\hoster\UploaderPl.class
[2009.12.01 23:25:14 | 000,032,222 | ---- | M] () -- \Downloads\JDownloader\licenses\jdownloader.license
[2009.03.27 18:20:48 | 000,015,737 | ---- | M] () -- \Downloads\Langs\USDownloader.ara.lng
[2008.11.25 09:29:58 | 000,017,652 | ---- | M] () -- \Downloads\Langs\USDownloader.bul.lng
[2007.06.14 14:02:10 | 000,018,268 | ---- | M] () -- \Downloads\Langs\USDownloader.cat.lng
[2008.09.10 22:55:24 | 000,013,529 | ---- | M] () -- \Downloads\Langs\USDownloader.chs.lng
[2009.12.17 17:37:47 | 000,016,996 | ---- | M] () -- \Downloads\Langs\USDownloader.cze.lng
[2008.08.07 17:54:58 | 000,017,527 | ---- | M] () -- \Downloads\Langs\USDownloader.de.lng
[2008.06.27 15:06:52 | 000,017,786 | ---- | M] () -- \Downloads\Langs\USDownloader.du.lng
[2007.06.14 14:03:14 | 000,017,427 | ---- | M] () -- \Downloads\Langs\USDownloader.ell.lng
[2008.06.24 23:56:06 | 000,016,557 | ---- | M] () -- \Downloads\Langs\USDownloader.eng.lng
[2009.02.02 14:30:30 | 000,016,371 | ---- | M] () -- \Downloads\Langs\USDownloader.est.lng
[2008.04.20 01:05:08 | 000,019,089 | ---- | M] () -- \Downloads\Langs\USDownloader.fre.lng
[2008.10.23 11:12:58 | 000,017,548 | ---- | M] () -- \Downloads\Langs\USDownloader.gal.lng
[2008.11.22 16:49:18 | 000,019,443 | ---- | M] () -- \Downloads\Langs\USDownloader.hu.lng
[2007.06.19 13:48:14 | 000,017,335 | ---- | M] () -- \Downloads\Langs\USDownloader.it.lng
[2008.07.02 13:35:08 | 000,016,525 | ---- | M] () -- \Downloads\Langs\USDownloader.lit.lng
[2007.12.16 04:50:52 | 000,016,839 | ---- | M] () -- \Downloads\Langs\USDownloader.nor.lng
[2008.03.13 15:46:26 | 000,016,695 | ---- | M] () -- \Downloads\Langs\USDownloader.pl.lng
[2007.06.18 22:11:58 | 000,017,909 | ---- | M] () -- \Downloads\Langs\USDownloader.ptbr.lng
[2008.11.19 17:13:38 | 000,017,758 | ---- | M] () -- \Downloads\Langs\USDownloader.ro.lng
[2007.07.26 12:58:28 | 000,013,780 | ---- | M] () -- \Downloads\Langs\USDownloader.rus.lng
[2008.06.27 23:56:08 | 000,016,918 | ---- | M] () -- \Downloads\Langs\USDownloader.ser.lng
[2007.11.20 11:44:34 | 000,016,760 | ---- | M] () -- \Downloads\Langs\USDownloader.sk.lng
[2008.12.22 12:21:12 | 000,018,346 | ---- | M] () -- \Downloads\Langs\USDownloader.spa.lng
[2007.07.09 17:41:56 | 000,016,202 | ---- | M] () -- \Downloads\Langs\USDownloader.swe.lng
[2008.07.04 10:59:50 | 000,017,726 | ---- | M] () -- \Downloads\Langs\USDownloader.tr.lng
[2008.05.06 01:41:22 | 000,013,624 | ---- | M] () -- \Downloads\Langs\USDownloader.tw.lng
[2007.06.14 14:05:38 | 000,017,043 | ---- | M] () -- \Downloads\Langs\USDownloader.ukr.lng
[2009.03.20 18:41:36 | 000,034,304 | ---- | M] () -- \Downloads\Plugins\SexUploader.plg
[2010.09.21 17:36:17 | 002,705,537 | ---- | M] () -- \Games\World of Warcraft\wow-2.1.1.1897-enGB-tools-downloader.exe
[2010.02.01 10:44:07 | 002,391,456 | ---- | M] () -- \Games\World of Warcraft\WoW-3.2.0.10192-to-3.3.0.10958-enGB-downloader.exe
[2010.02.01 12:28:33 | 002,336,112 | ---- | M] () -- \Games\World of Warcraft\WoW-3.3.0.10958-to-3.3.0.11159-enGB-downloader.exe
[2010.02.03 11:42:56 | 002,350,144 | ---- | M] () -- \Games\World of Warcraft\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe
[2010.05.08 12:57:30 | 002,654,392 | ---- | M] () -- \Games\World of Warcraft\WoW-3.3.2.11403-to-3.3.3.11685-enGB-downloader.exe
[2010.05.08 13:28:53 | 002,640,192 | ---- | M] () -- \Games\World of Warcraft\WoW-3.3.3.11685-to-3.3.3.11723-enGB-downloader.exe
[2010.06.30 16:36:30 | 002,711,048 | ---- | M] () -- \Games\World of Warcraft\WoW-3.3.3.11723-to-3.3.5.12213-enGB-downloader.exe
[2010.06.30 16:39:08 | 002,710,448 | ---- | M] () -- \Games\World of Warcraft\WoW-3.3.5.12213-to-3.3.5.12340-enGB-downloader.exe
[2011.09.19 17:46:38 | 000,006,061 | ---- | M] () -- \Games\World of Warcraft\Interface\AddOns\AtlasLoot_Loader\AtlasLoot_Loader.lua
[2011.09.19 17:46:38 | 000,000,930 | ---- | M] () -- \Games\World of Warcraft\Interface\AddOns\AtlasLoot_Loader\AtlasLoot_Loader.toc
[2011.01.21 15:45:48 | 000,000,672 | ---- | M] () -- \Games\World of Warcraft\Logs\Downloader Termination.log
[2011.06.25 20:00:22 | 000,030,877 | ---- | M] () -- \Games\World of Warcraft\Logs\Downloader.log
[2011.09.18 14:18:21 | 000,000,078 | ---- | M] () -- \Games\World of Warcraft\WTF\Account\104570202#1\SavedVariables\AtlasLoot_Loader.lua
[2011.09.15 21:19:46 | 000,000,078 | ---- | M] () -- \Games\World of Warcraft\WTF\Account\104570202#1\SavedVariables\AtlasLoot_Loader.lua.bak
[2011.10.13 00:13:10 | 000,000,078 | ---- | M] () -- \Games\World of Warcraft\WTF\Account\KINCMIREK\SavedVariables\AtlasLoot_Loader.lua
[2011.09.19 18:08:19 | 000,000,078 | ---- | M] () -- \Games\World of Warcraft\WTF\Account\KINCMIREK\SavedVariables\AtlasLoot_Loader.lua.bak
[2011.09.19 17:46:38 | 000,006,061 | ---- | M] () -- \Games\Záloha WoW\UI CATACLYSM\Interface\AddOns\AtlasLoot_Loader\AtlasLoot_Loader.lua
[2011.09.19 17:46:38 | 000,000,930 | ---- | M] () -- \Games\Záloha WoW\UI CATACLYSM\Interface\AddOns\AtlasLoot_Loader\AtlasLoot_Loader.toc
[2011.09.18 14:18:21 | 000,000,078 | ---- | M] () -- \Games\Záloha WoW\UI CATACLYSM\WTF\Account\104570202#1\SavedVariables\AtlasLoot_Loader.lua
[2011.09.15 21:19:46 | 000,000,078 | ---- | M] () -- \Games\Záloha WoW\UI CATACLYSM\WTF\Account\104570202#1\SavedVariables\AtlasLoot_Loader.lua.bak
[2011.09.19 18:14:40 | 000,000,078 | ---- | M] () -- \Games\Záloha WoW\UI CATACLYSM\WTF\Account\KINCMIREK\SavedVariables\AtlasLoot_Loader.lua
[2011.09.19 18:08:19 | 000,000,078 | ---- | M] () -- \Games\Záloha WoW\UI CATACLYSM\WTF\Account\KINCMIREK\SavedVariables\AtlasLoot_Loader.lua.bak
[2011.11.11 18:25:36 | 000,059,240 | ---- | M] () -- \Program Files\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
[2011.11.11 18:25:36 | 000,718,696 | ---- | M] () -- \Program Files\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader_main.dll
[2011.06.09 10:38:38 | 000,000,147 | ---- | M] () -- \Program Files\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011.05.11 16:00:15 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.05.11 16:00:15 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.05.11 16:00:15 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.08.29 20:13:36 | 000,002,886 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2011.07.27 14:22:00 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.05.11 16:00:29 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011.05.11 16:00:30 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.11.10 15:19:07 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.6\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.11.10 15:19:08 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.6\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.11.10 15:19:07 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.6\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.11.18 13:58:30 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.6\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.10.17 14:10:26 | 000,071,528 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.11.06 11:09:52 | 000,083,816 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2010.08.18 00:38:16 | 000,071,008 | ---- | M] () -- \Program Files\Steam\steamapps\common\mafia ii - public demo\pc\PhysXLoader.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2010.05.08 15:57:27 | 000,152,936 | ---- | M] () -- \Program Files\vghd\VirtuaGirl_Downloader.exe
[2008.06.20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2009.12.18 18:17:18 | 000,057,728 | ---- | M] () -- \Users\Mira\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DTLite.gadget\img\dt_dadget_loader.png
[2012.01.30 21:34:44 | 000,000,000 | ---- | M] () -- \Users\Mira\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8HTOWD90\bbloader[1].js
[2012.01.30 21:34:41 | 000,002,752 | ---- | M] () -- \Users\Mira\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PUCEACP3\mtBbylnLoader[1].js
[2009.12.20 15:46:55 | 000,002,635 | ---- | M] () -- \Users\Mira\AppData\Local\VirtualStore\Program Files\USDownloader\USDownloader.ini
[2009.12.20 15:46:51 | 001,198,989 | ---- | M] () -- \Users\Mira\AppData\Local\VirtualStore\Program Files\USDownloader\USDownloader.log
[2010.09.10 12:35:09 | 000,001,108 | ---- | M] () -- \Users\Mira\Desktop\JDownloader.lnk
[2010.01.31 22:56:27 | 002,199,272 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0-enGB-downloader.exe
[2010.01.31 22:24:04 | 002,067,232 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe
[2009.12.18 19:37:12 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2012.01.27 10:06:19 | 000,014,512 | ---- | M] () -- \Windows\Prefetch\JDOWNLOADER.EXE-AA9C3AE0.pf
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[5 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.08.26 10:30:16 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.08.26 10:30:16 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.08.26 10:30:16 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2011.04.10 20:10:51 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011.04.10 20:10:51 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011.04.10 20:10:51 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.08.26 10:29:02 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 24 bytes -> C:\Windows:97D6688A3B93CA39
< End of report >
< >
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\System32\drivers\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011.06.21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< >
< %systemroot%*.* /U /s >
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\System32\drivers\UMDF\*.tmp files -> C:\Windows\System32\drivers\UMDF\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.12.17 17:38:44 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Adobe
[2011.11.15 20:23:22 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Apple Computer
[2011.11.17 22:48:08 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Babylon
[2009.12.18 15:30:25 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\BSplayer
[2009.12.17 17:30:44 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\BSplayer Pro
[2011.12.25 07:48:55 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\DAEMON Tools Lite
[2011.09.14 18:35:29 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\GetRightToGo
[2010.11.14 21:02:09 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\GHISLER
[2010.12.25 22:35:48 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Hamachi
[2012.01.30 17:58:53 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\ICQ
[2009.12.17 11:32:58 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Identities
[2009.12.17 12:31:35 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\InstallShield
[2009.12.17 12:39:22 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Macromedia
[2009.07.14 08:48:18 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Media Center Programs
[2012.01.24 00:37:08 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Media Player Classic
[2011.12.05 08:11:18 | 000,000,000 | --SD | M] -- C:\Users\Mira\AppData\Roaming\Microsoft
[2009.12.18 19:30:28 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Mozilla
[2010.07.21 19:39:09 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Mumble
[2011.02.11 15:29:55 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Nero
[2011.09.28 16:50:15 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\NVIDIA
[2012.01.07 00:00:49 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Origin
[2011.11.08 16:03:32 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Posta
[2011.07.02 15:52:39 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\PunkBuster
[2010.02.24 09:15:28 | 000,000,000 | RH-D | M] -- C:\Users\Mira\AppData\Roaming\SecuROM
[2010.08.19 12:15:28 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Sierra Entertainment
[2011.10.28 16:49:50 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Skype
[2012.01.10 16:31:51 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Smart PDF Creator
[2009.12.17 12:29:31 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Talkback
[2011.10.02 12:26:39 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\TS3Client
[2011.09.23 11:41:17 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\ts3overlay
[2011.11.07 20:38:11 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Ubisoft
[2011.10.02 12:26:39 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Ventrilo
[2010.05.08 15:57:24 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\vghd
[2012.01.23 20:45:22 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\vlc
[2011.10.05 17:31:02 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\Winamp
[2009.12.21 12:10:16 | 000,000,000 | ---D | M] -- C:\Users\Mira\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2007.08.18 09:54:02 | 000,020,480 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2007.08.18 09:53:50 | 000,016,384 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\BSplayer\AC3 Filter\dialog_patch.exe
[2008.04.13 17:26:54 | 000,036,396 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\BSplayer\AC3 Filter\uninstall.exe
[2008.04.01 11:51:06 | 000,691,717 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2008.03.29 17:42:00 | 000,103,424 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2008.03.29 17:42:02 | 000,335,872 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2008.03.29 17:41:54 | 000,135,168 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2008.06.10 09:11:02 | 000,041,412 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2010.05.31 20:02:08 | 000,001,078 | R--- | M] () -- C:\Users\Mira\AppData\Roaming\Microsoft\Installer\{6C472DFC-6D44-4947-9E1A-F79A2469D953}\_511E40F8F51A826696DCAB.exe
[2010.05.31 20:02:08 | 000,001,078 | R--- | M] () -- C:\Users\Mira\AppData\Roaming\Microsoft\Installer\{6C472DFC-6D44-4947-9E1A-F79A2469D953}\_A17AA8D98E556D75E7296B.exe
[2010.05.20 17:44:55 | 000,005,120 | R--- | M] () -- C:\Users\Mira\AppData\Roaming\Microsoft\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe
[2010.05.13 07:19:54 | 000,010,134 | R--- | M] () -- C:\Users\Mira\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2011.02.02 11:00:32 | 000,034,592 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\nostmp\content\getPlusPlus_Adobe_reg.exe
[2011.02.17 22:46:25 | 000,835,440 | R--- | M] () -- C:\Users\Mira\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2012.01.30 12:34:03 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.01.30 22:15:00 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.12.18 18:16:11 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
[2012.01.30 22:17:24 | 000,111,872 | ---- | M] () -- C:\Windows\system32\drivers\TrueSight.sys
< %systemroot%\system32\*.* /3 >
[2012.01.30 12:40:09 | 000,015,152 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.30 12:40:09 | 000,015,152 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.28 13:56:45 | 000,002,577 | ---- | M] () -- C:\Windows\system32\config.nt
[2012.01.30 18:59:26 | 000,121,914 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.01.30 18:59:26 | 000,106,388 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.01.30 18:59:26 | 000,631,292 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.01.30 18:59:26 | 000,616,008 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.01.30 18:59:26 | 001,470,062 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2009.10.30 12:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd)
"ccleaner" = "C:\Program Files\CCleaner\CCleaner.exe" /AUTO -- [2011.09.23 16:26:18 | 002,648,384 | ---- | M] (Piriform Ltd)
"ICQ" = "C:\Program Files\ICQ7.5\ICQ.exe" silent loginmode=4 -- [2011.08.01 09:28:16 | 000,124,480 | ---- | M] (ICQ, LLC.)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2011.12.21 08:39:32 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=11CCA710674739E3DB8F7450A5B650B6 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2010.11.20 13:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.01.30 22:34:35 | 000,000,512 | ---- | M] () MD5=F62B5003DA5C93667FC564558BFB9755 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2011.12.09 19:23:58 | 000,004,328 | ---- | M] () -- \Downloads\JDownloader\jd\plugins\hoster\CrackedCom.class
[2011.04.26 22:01:14 | 387,895,684 | ---- | M] () -- \Games\Záloha WoW\Movies\New\Isis Taylor\porno in the crack Isis Taylor.wmv
< *keygen* /s >
< *loader* /s >
[2009.11.15 14:53:18 | 000,000,506 | -HS- | M] () -- \Downloads\USDownloader.exe.manifest
[2009.12.01 23:25:06 | 000,214,528 | ---- | M] () -- \Downloads\JDownloader\JDownloader.exe
[2011.01.27 19:22:58 | 000,593,293 | ---- | M] () -- \Downloads\JDownloader\JDownloader.jar
[2009.12.27 18:54:10 | 000,000,100 | ---- | M] () -- \Downloads\JDownloader\jd\img\hosterlogos\ipauploader.com.png
[2009.12.27 18:54:10 | 000,000,105 | ---- | M] () -- \Downloads\JDownloader\jd\img\hosterlogos\jdupdateloader.png
[2009.12.01 23:26:58 | 000,000,113 | ---- | M] () -- \Downloads\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2010.01.19 12:23:04 | 000,003,107 | ---- | M] () -- \Downloads\JDownloader\jd\plugins\decrypter\UploaderRo.class
[2009.12.01 23:25:08 | 000,003,264 | ---- | M] () -- \Downloads\JDownloader\jd\plugins\hoster\IPAUploaderCom.class
[2011.12.09 19:20:24 | 000,007,073 | ---- | M] () -- \Downloads\JDownloader\jd\plugins\hoster\UploaderPl.class
[2009.12.01 23:25:14 | 000,032,222 | ---- | M] () -- \Downloads\JDownloader\licenses\jdownloader.license
[2009.03.27 18:20:48 | 000,015,737 | ---- | M] () -- \Downloads\Langs\USDownloader.ara.lng
[2008.11.25 09:29:58 | 000,017,652 | ---- | M] () -- \Downloads\Langs\USDownloader.bul.lng
[2007.06.14 14:02:10 | 000,018,268 | ---- | M] () -- \Downloads\Langs\USDownloader.cat.lng
[2008.09.10 22:55:24 | 000,013,529 | ---- | M] () -- \Downloads\Langs\USDownloader.chs.lng
[2009.12.17 17:37:47 | 000,016,996 | ---- | M] () -- \Downloads\Langs\USDownloader.cze.lng
[2008.08.07 17:54:58 | 000,017,527 | ---- | M] () -- \Downloads\Langs\USDownloader.de.lng
[2008.06.27 15:06:52 | 000,017,786 | ---- | M] () -- \Downloads\Langs\USDownloader.du.lng
[2007.06.14 14:03:14 | 000,017,427 | ---- | M] () -- \Downloads\Langs\USDownloader.ell.lng
[2008.06.24 23:56:06 | 000,016,557 | ---- | M] () -- \Downloads\Langs\USDownloader.eng.lng
[2009.02.02 14:30:30 | 000,016,371 | ---- | M] () -- \Downloads\Langs\USDownloader.est.lng
[2008.04.20 01:05:08 | 000,019,089 | ---- | M] () -- \Downloads\Langs\USDownloader.fre.lng
[2008.10.23 11:12:58 | 000,017,548 | ---- | M] () -- \Downloads\Langs\USDownloader.gal.lng
[2008.11.22 16:49:18 | 000,019,443 | ---- | M] () -- \Downloads\Langs\USDownloader.hu.lng
[2007.06.19 13:48:14 | 000,017,335 | ---- | M] () -- \Downloads\Langs\USDownloader.it.lng
[2008.07.02 13:35:08 | 000,016,525 | ---- | M] () -- \Downloads\Langs\USDownloader.lit.lng
[2007.12.16 04:50:52 | 000,016,839 | ---- | M] () -- \Downloads\Langs\USDownloader.nor.lng
[2008.03.13 15:46:26 | 000,016,695 | ---- | M] () -- \Downloads\Langs\USDownloader.pl.lng
[2007.06.18 22:11:58 | 000,017,909 | ---- | M] () -- \Downloads\Langs\USDownloader.ptbr.lng
[2008.11.19 17:13:38 | 000,017,758 | ---- | M] () -- \Downloads\Langs\USDownloader.ro.lng
[2007.07.26 12:58:28 | 000,013,780 | ---- | M] () -- \Downloads\Langs\USDownloader.rus.lng
[2008.06.27 23:56:08 | 000,016,918 | ---- | M] () -- \Downloads\Langs\USDownloader.ser.lng
[2007.11.20 11:44:34 | 000,016,760 | ---- | M] () -- \Downloads\Langs\USDownloader.sk.lng
[2008.12.22 12:21:12 | 000,018,346 | ---- | M] () -- \Downloads\Langs\USDownloader.spa.lng
[2007.07.09 17:41:56 | 000,016,202 | ---- | M] () -- \Downloads\Langs\USDownloader.swe.lng
[2008.07.04 10:59:50 | 000,017,726 | ---- | M] () -- \Downloads\Langs\USDownloader.tr.lng
[2008.05.06 01:41:22 | 000,013,624 | ---- | M] () -- \Downloads\Langs\USDownloader.tw.lng
[2007.06.14 14:05:38 | 000,017,043 | ---- | M] () -- \Downloads\Langs\USDownloader.ukr.lng
[2009.03.20 18:41:36 | 000,034,304 | ---- | M] () -- \Downloads\Plugins\SexUploader.plg
[2010.09.21 17:36:17 | 002,705,537 | ---- | M] () -- \Games\World of Warcraft\wow-2.1.1.1897-enGB-tools-downloader.exe
[2010.02.01 10:44:07 | 002,391,456 | ---- | M] () -- \Games\World of Warcraft\WoW-3.2.0.10192-to-3.3.0.10958-enGB-downloader.exe
[2010.02.01 12:28:33 | 002,336,112 | ---- | M] () -- \Games\World of Warcraft\WoW-3.3.0.10958-to-3.3.0.11159-enGB-downloader.exe
[2010.02.03 11:42:56 | 002,350,144 | ---- | M] () -- \Games\World of Warcraft\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe
[2010.05.08 12:57:30 | 002,654,392 | ---- | M] () -- \Games\World of Warcraft\WoW-3.3.2.11403-to-3.3.3.11685-enGB-downloader.exe
[2010.05.08 13:28:53 | 002,640,192 | ---- | M] () -- \Games\World of Warcraft\WoW-3.3.3.11685-to-3.3.3.11723-enGB-downloader.exe
[2010.06.30 16:36:30 | 002,711,048 | ---- | M] () -- \Games\World of Warcraft\WoW-3.3.3.11723-to-3.3.5.12213-enGB-downloader.exe
[2010.06.30 16:39:08 | 002,710,448 | ---- | M] () -- \Games\World of Warcraft\WoW-3.3.5.12213-to-3.3.5.12340-enGB-downloader.exe
[2011.09.19 17:46:38 | 000,006,061 | ---- | M] () -- \Games\World of Warcraft\Interface\AddOns\AtlasLoot_Loader\AtlasLoot_Loader.lua
[2011.09.19 17:46:38 | 000,000,930 | ---- | M] () -- \Games\World of Warcraft\Interface\AddOns\AtlasLoot_Loader\AtlasLoot_Loader.toc
[2011.01.21 15:45:48 | 000,000,672 | ---- | M] () -- \Games\World of Warcraft\Logs\Downloader Termination.log
[2011.06.25 20:00:22 | 000,030,877 | ---- | M] () -- \Games\World of Warcraft\Logs\Downloader.log
[2011.09.18 14:18:21 | 000,000,078 | ---- | M] () -- \Games\World of Warcraft\WTF\Account\104570202#1\SavedVariables\AtlasLoot_Loader.lua
[2011.09.15 21:19:46 | 000,000,078 | ---- | M] () -- \Games\World of Warcraft\WTF\Account\104570202#1\SavedVariables\AtlasLoot_Loader.lua.bak
[2011.10.13 00:13:10 | 000,000,078 | ---- | M] () -- \Games\World of Warcraft\WTF\Account\KINCMIREK\SavedVariables\AtlasLoot_Loader.lua
[2011.09.19 18:08:19 | 000,000,078 | ---- | M] () -- \Games\World of Warcraft\WTF\Account\KINCMIREK\SavedVariables\AtlasLoot_Loader.lua.bak
[2011.09.19 17:46:38 | 000,006,061 | ---- | M] () -- \Games\Záloha WoW\UI CATACLYSM\Interface\AddOns\AtlasLoot_Loader\AtlasLoot_Loader.lua
[2011.09.19 17:46:38 | 000,000,930 | ---- | M] () -- \Games\Záloha WoW\UI CATACLYSM\Interface\AddOns\AtlasLoot_Loader\AtlasLoot_Loader.toc
[2011.09.18 14:18:21 | 000,000,078 | ---- | M] () -- \Games\Záloha WoW\UI CATACLYSM\WTF\Account\104570202#1\SavedVariables\AtlasLoot_Loader.lua
[2011.09.15 21:19:46 | 000,000,078 | ---- | M] () -- \Games\Záloha WoW\UI CATACLYSM\WTF\Account\104570202#1\SavedVariables\AtlasLoot_Loader.lua.bak
[2011.09.19 18:14:40 | 000,000,078 | ---- | M] () -- \Games\Záloha WoW\UI CATACLYSM\WTF\Account\KINCMIREK\SavedVariables\AtlasLoot_Loader.lua
[2011.09.19 18:08:19 | 000,000,078 | ---- | M] () -- \Games\Záloha WoW\UI CATACLYSM\WTF\Account\KINCMIREK\SavedVariables\AtlasLoot_Loader.lua.bak
[2011.11.11 18:25:36 | 000,059,240 | ---- | M] () -- \Program Files\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
[2011.11.11 18:25:36 | 000,718,696 | ---- | M] () -- \Program Files\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader_main.dll
[2011.06.09 10:38:38 | 000,000,147 | ---- | M] () -- \Program Files\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011.05.11 16:00:15 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.05.11 16:00:15 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.05.11 16:00:15 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.08.29 20:13:36 | 000,002,886 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2011.07.27 14:22:00 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.05.11 16:00:29 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011.05.11 16:00:30 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.11.10 15:19:07 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.6\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.11.10 15:19:08 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.6\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.11.10 15:19:07 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.6\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.11.18 13:58:30 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.6\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.10.17 14:10:26 | 000,071,528 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.11.06 11:09:52 | 000,083,816 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2010.08.18 00:38:16 | 000,071,008 | ---- | M] () -- \Program Files\Steam\steamapps\common\mafia ii - public demo\pc\PhysXLoader.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2010.05.08 15:57:27 | 000,152,936 | ---- | M] () -- \Program Files\vghd\VirtuaGirl_Downloader.exe
[2008.06.20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2009.12.18 18:17:18 | 000,057,728 | ---- | M] () -- \Users\Mira\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DTLite.gadget\img\dt_dadget_loader.png
[2012.01.30 21:34:44 | 000,000,000 | ---- | M] () -- \Users\Mira\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8HTOWD90\bbloader[1].js
[2012.01.30 21:34:41 | 000,002,752 | ---- | M] () -- \Users\Mira\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PUCEACP3\mtBbylnLoader[1].js
[2009.12.20 15:46:55 | 000,002,635 | ---- | M] () -- \Users\Mira\AppData\Local\VirtualStore\Program Files\USDownloader\USDownloader.ini
[2009.12.20 15:46:51 | 001,198,989 | ---- | M] () -- \Users\Mira\AppData\Local\VirtualStore\Program Files\USDownloader\USDownloader.log
[2010.09.10 12:35:09 | 000,001,108 | ---- | M] () -- \Users\Mira\Desktop\JDownloader.lnk
[2010.01.31 22:56:27 | 002,199,272 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0-enGB-downloader.exe
[2010.01.31 22:24:04 | 002,067,232 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe
[2009.12.18 19:37:12 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2012.01.27 10:06:19 | 000,014,512 | ---- | M] () -- \Windows\Prefetch\JDOWNLOADER.EXE-AA9C3AE0.pf
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[5 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.08.26 10:30:16 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.08.26 10:30:16 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.08.26 10:30:16 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2011.04.10 20:10:51 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011.04.10 20:10:51 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011.04.10 20:10:51 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.08.26 10:29:02 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 24 bytes -> C:\Windows:97D6688A3B93CA39
< End of report >
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: zablokován škodlivý URL
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss ... 2423086e4e IE - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-3530115336-4176716947-819615222-1001\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No CLSID value found FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q=" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.3&q=" [2011.11.17 22:48:23 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\ffxtlbr@babylon.com [2011.03.23 22:21:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\nostmp [2009.07.01 13:22:12 | 000,000,880 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\conduit.xml [2012.01.27 09:24:36 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-1.xml [2011.05.09 09:11:43 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-10.xml [2011.08.22 20:06:16 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-11.xml [2011.09.01 20:27:40 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-12.xml [2011.09.10 16:49:39 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-13.xml [2011.10.03 05:20:31 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-14.xml [2011.10.14 09:24:00 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-15.xml [2011.11.10 13:23:45 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-16.xml [2011.11.17 23:27:41 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-17.xml [2011.11.29 16:49:39 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-18.xml [2012.01.08 17:00:51 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-19.xml [2009.12.20 15:46:06 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-2.xml [2012.01.30 21:41:55 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-20.xml [2010.01.07 07:08:41 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-3.xml [2010.12.12 21:29:48 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-4.xml [2011.02.01 23:08:19 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-5.xml [2011.03.06 21:13:07 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-6.xml [2011.03.23 20:15:06 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-7.xml [2011.03.23 22:25:45 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-8.xml [2011.05.01 09:39:12 | 000,000,950 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-9.xml [2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin.xml [2009.12.17 17:14:11 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} () (No name found) -- C:\USERS\MIRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8BDHD9XK.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI () (No name found) -- C:\USERS\MIRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8BDHD9XK.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\MIRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8BDHD9XK.DEFAULT\EXTENSIONS\EXTENSION@FIREFOX.COM.XPI O13 - gopher Prefix: missing O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found O33 - MountPoints2\{e506ac32-8224-11e0-b777-002243cba8c3}\Shell - "" = AutoRun O33 - MountPoints2\{fa6f468f-eaf1-11de-aae8-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\H\Shell - "" = AutoRun [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ] [5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\System32\drivers\UMDF\*.tmp files -> C:\Windows\System32\drivers\UMDF\*.tmp -> ] [2012.01.30 12:34:03 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2012.01.30 22:15:00 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job @Alternate Data Stream - 24 bytes -> C:\Windows:97D6688A3B93CA39 :services gupdate gupdatem :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "WinampAgent"=- "SunJavaUpdateSched"=- "QuickTime Task"=- "SmartSoft PDF Printer Agent"=- "Adobe Reader Speed Launcher"=- "Adobe ARM"=- "iTunesHelper"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"=- "ICQ"=- :files C:\USERS\MIRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8BDHD9XK.DEFAULT\EXTENSIONS\EXTENSION@FIREFOX.COM.XPI %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: zablokován škodlivý URL
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKU\S-1-5-21-3530115336-4176716947-819615222-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3530115336-4176716947-819615222-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3530115336-4176716947-819615222-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "BS Player Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.3.3&q=" removed from browser.search.defaulturl
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.4.3&q=" removed from keyword.URL
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\ffxtlbr@babylon.com\defaults\preferences folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\ffxtlbr@babylon.com\defaults folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\ffxtlbr@babylon.com\content\imgs\mnRadio folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\ffxtlbr@babylon.com\content\imgs folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\ffxtlbr@babylon.com\content folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\ffxtlbr@babylon.com\components folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\ffxtlbr@babylon.com folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\nostmp\plugins folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\nostmp\content folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\nostmp folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\conduit.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-18.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-19.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-20.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e506ac32-8224-11e0-b777-002243cba8c3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e506ac32-8224-11e0-b777-002243cba8c3}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fa6f468f-eaf1-11de-aae8-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fa6f468f-eaf1-11de-aae8-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ deleted successfully.
C:\Windows\85EBB28365AF4C539EBE7C0A232762F7.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\85EBB28365AF4C539EBE7C0A232762F7.TMP folder deleted successfully.
C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP folder deleted successfully.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP folder deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4EDA.tmp\System.Web.RegularExpressions.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4EDA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6FF6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFCD.tmp folder deleted successfully.
C:\Windows\Installer\MSI2CF9.tmp deleted successfully.
C:\Windows\Installer\MSI3169.tmp deleted successfully.
C:\Windows\Installer\MSI92D6.tmp deleted successfully.
C:\Windows\Installer\MSIB872.tmp deleted successfully.
C:\Windows\System32\ConduitEngine.tmp deleted successfully.
C:\Windows\System32\SET8078.tmp deleted successfully.
C:\Windows\System32\SET82F8.tmp deleted successfully.
C:\Windows\System32\tmp354B.tmp deleted successfully.
C:\Windows\System32\tmp354C.tmp deleted successfully.
C:\Windows\System32\drivers\UMDF\SET77CE.tmp deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
ADS C:\Windows:97D6688A3B93CA39 deleted successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SmartSoft PDF Printer Agent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
========== FILES ==========
C:\USERS\MIRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8BDHD9XK.DEFAULT\EXTENSIONS\extension@firefox.com.xpi moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Mira
->Temp folder emptied: 15584696 bytes
->Temporary Internet Files folder emptied: 39688094 bytes
->Java cache emptied: 34543235 bytes
->FireFox cache emptied: 684109942 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 2042 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 13474 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 738,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Mira
->Flash cache emptied: 0 bytes
User: Public
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 01312012_135038
Files\Folders moved on Reboot...
File\Folder C:\Users\Mira\AppData\Local\Temp\~DF7A085748B90248FE.TMP not found!
File\Folder C:\Users\Mira\AppData\Local\Temp\~DFE93CD3D3CF76ADFC.TMP not found!
C:\Users\Mira\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRF{142BC0ED-5BDB-415C-AFBC-EEA00788897D}.tmp moved successfully.
C:\Users\Mira\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{60D16A7B-AEBB-4D46-B928-39F9C38A439A}.tmp moved successfully.
C:\Users\Mira\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{79BC87FC-AC6D-4A62-84E6-E5BC7DE04D7C}.tmp moved successfully.
C:\Users\Mira\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{F4A39145-22E4-4BF9-B1B4-692004BE48F3}.tmp moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKU\S-1-5-21-3530115336-4176716947-819615222-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3530115336-4176716947-819615222-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3530115336-4176716947-819615222-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "BS Player Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.3.3&q=" removed from browser.search.defaulturl
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.4.3&q=" removed from keyword.URL
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\ffxtlbr@babylon.com\defaults\preferences folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\ffxtlbr@babylon.com\defaults folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\ffxtlbr@babylon.com\content\imgs\mnRadio folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\ffxtlbr@babylon.com\content\imgs folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\ffxtlbr@babylon.com\content folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\ffxtlbr@babylon.com\components folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\ffxtlbr@babylon.com folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\nostmp\plugins folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\nostmp\content folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\extensions\nostmp folder moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\conduit.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-18.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-19.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-20.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\8bdhd9xk.default\searchplugins\icqplugin.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e506ac32-8224-11e0-b777-002243cba8c3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e506ac32-8224-11e0-b777-002243cba8c3}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fa6f468f-eaf1-11de-aae8-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fa6f468f-eaf1-11de-aae8-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ deleted successfully.
C:\Windows\85EBB28365AF4C539EBE7C0A232762F7.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\85EBB28365AF4C539EBE7C0A232762F7.TMP folder deleted successfully.
C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP folder deleted successfully.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP folder deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4EDA.tmp\System.Web.RegularExpressions.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4EDA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6FF6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFCD.tmp folder deleted successfully.
C:\Windows\Installer\MSI2CF9.tmp deleted successfully.
C:\Windows\Installer\MSI3169.tmp deleted successfully.
C:\Windows\Installer\MSI92D6.tmp deleted successfully.
C:\Windows\Installer\MSIB872.tmp deleted successfully.
C:\Windows\System32\ConduitEngine.tmp deleted successfully.
C:\Windows\System32\SET8078.tmp deleted successfully.
C:\Windows\System32\SET82F8.tmp deleted successfully.
C:\Windows\System32\tmp354B.tmp deleted successfully.
C:\Windows\System32\tmp354C.tmp deleted successfully.
C:\Windows\System32\drivers\UMDF\SET77CE.tmp deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
ADS C:\Windows:97D6688A3B93CA39 deleted successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SmartSoft PDF Printer Agent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
========== FILES ==========
C:\USERS\MIRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8BDHD9XK.DEFAULT\EXTENSIONS\extension@firefox.com.xpi moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Mira
->Temp folder emptied: 15584696 bytes
->Temporary Internet Files folder emptied: 39688094 bytes
->Java cache emptied: 34543235 bytes
->FireFox cache emptied: 684109942 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 2042 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 13474 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 738,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Mira
->Flash cache emptied: 0 bytes
User: Public
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 01312012_135038
Files\Folders moved on Reboot...
File\Folder C:\Users\Mira\AppData\Local\Temp\~DF7A085748B90248FE.TMP not found!
File\Folder C:\Users\Mira\AppData\Local\Temp\~DFE93CD3D3CF76ADFC.TMP not found!
C:\Users\Mira\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRF{142BC0ED-5BDB-415C-AFBC-EEA00788897D}.tmp moved successfully.
C:\Users\Mira\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{60D16A7B-AEBB-4D46-B928-39F9C38A439A}.tmp moved successfully.
C:\Users\Mira\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{79BC87FC-AC6D-4A62-84E6-E5BC7DE04D7C}.tmp moved successfully.
C:\Users\Mira\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{F4A39145-22E4-4BF9-B1B4-692004BE48F3}.tmp moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Re: zablokován škodlivý URL
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis)Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Napiste co PC"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: zablokován škodlivý URL
Hláška už se neukazuje, počítač běží jak má. Děkuji mnohokrát.
Re: zablokován škodlivý URL
Tak jeste drobny uklid 
OTC http://oldtimer.geekstogo.com/OTC.exe
A je to 
Neni zac, rado se stalo 
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
A je to Neni zac, rado se stalo "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?