Zdravím lidi. Mám takový problém, že když dám stránku http://www.facebook.com tak mě vyjede Facebook stránka ale bez designu. Prostě všechny písmena a odkazy apod. jsou na levé straně obrazovky. Totéž mi dělá také stránka http://www.Youtube.com Opravdu nevím čím to může být, zkoušel jsem vypnout antivir, vypnout Firewall, projet pc antivirem. Prostě jsem zkoušel všechno co jsem našel na netu na toto podobné téma ale všechno bez výsledků. Také jsem se dočet, že existuje něco jako HijackThis takže jestli chcete, můžu Vám sem hodit log z hijacku. PS.: Souborem Hosts to určitě není, kontroloval jsem ho. PS2: Začalo mi to dělat v pátek odpoledne, ještě ráno to šlo bez problému. Budu rád za každou rozumnou odpověď. Děkuji
Edit:// Možná špatná sekce, nevím asi jo. Doufám že to nevadí.
Screenshot: http://2i.cz/2i/i/4fd48a2e/2cd4710d67fa ... af7c.f.jpg
Log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin at 2012-06-10 15:33:15
Systém Microsoft Windows XP Professional Service Pack 3
System drive D: has 97 GB (40%) free of 243 GB
Total RAM: 2815 MB (76% free)
HijackThis download failed
======Scheduled tasks folder======
D:\WINDOWS\tasks\Adobe Flash Player Updater.job
D:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PC-LUK-Admin.job
D:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004Core.job
D:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004UA.job
D:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004Core.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004UA.job
D:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
=========Mozilla firefox=========
ProfilePath - D:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\v03yqg63.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "toolbar@ask.com:3.14.1.100012, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, jqs@sun.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.19"
prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?clien ... YYYYCZ&&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.4.1]
"Description"=
"Path"=D:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
D:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
D:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
D:\Program Files\Mozilla Firefox\plugins\
npdnu.dll
npdnu.xpt
npdnupdater2.dll
npdnupdater2.xpt
nppdf32.dll
D:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
D:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\v03yqg63.default\searchplugins\
askcom.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - D:\Program Files\Winamp Toolbar\winamptb.dll [2012-03-19 1937736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-05-11 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-04-09 3991200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - D:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2012-05-28 761840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - D:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2012-05-11 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - D:\Program Files\Ask.com\GenericAskToolbar.dll [2012-04-09 1519272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - D:\Program Files\Winamp Toolbar\winamptb.dll [2012-03-19 1937736]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-05-11 256112]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - D:\Program Files\Ask.com\GenericAskToolbar.dll [2012-04-09 1519272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"Alcmtr"=D:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AlwaysReady Power Message APP"=D:\WINDOWS\ARPWRMSG.EXE [2008-12-27 77312]
"ehTray"=D:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"avgnt"=D:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-05-09 348624]
"AdobeAAMUpdater-1.0"=D:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-05-09 500208]
"SwitchBoard"=D:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=D:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"nwiz"=nwiz.exe /installquiet []
"NvMediaCenter"=D:\WINDOWS\system32\NvMcTray.dll [2010-01-31 110696]
"NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2010-01-31 13666920]
"UpdatePDRShortCut"=D:\Program Files\CyberLink\PowerDirector10\MUITransfer\MUIStartMenu.exe [2010-09-17 222504]
"MSConfig"=D:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-12-19 195584]
"Adobe ARM"=D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"SunJavaUpdateSched"=D:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
""= []
"ApnUpdater"=D:\Program Files\Ask.com\Updater\Updater.exe [2012-04-09 1557160]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=D:\Program Files\Windows Sidebar\sidebar.exe [2008-04-11 1276416]
"Steam"=D:\Program Files\Steam\steam.exe [2012-05-06 1242448]
"DAEMON Tools Lite"=D:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-12-19 40960]
"Google Update"=D:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2012-06-08 116648]
"swg"=D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-05-28 39408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
D:\Program Files\BitTorrent\BitTorrent.exe [2012-05-30 6380400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
D:\Program Files\Clownfish\Clownfish.exe [2012-05-08 1091320]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
D:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [2012-05-07 137536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileZilla Server Interface]
D:\Program Files\FileZilla Server\FileZilla Server Interface.exe [2012-02-26 1044992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
D:\Program Files\Skype\Phone\Skype.exe [2012-05-03 17355912]
D:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění
GIGABYTE Gamer HUD Lite.lnk - D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\wpdshserviceobj.dll [2008-12-14 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=D:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009\Windows XP Ultimate 2009.msstyles
"InstallTheme"=D:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009.theme
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Steam\steamapps\common\world of battles\release\launcher.exe"="D:\Program Files\Steam\steamapps\common\world of battles\release\launcher.exe:*:Enabled:World of Battles"
"D:\Program Files\BitTorrent\BitTorrent.exe"="D:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"D:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="D:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"D:\Program Files\Steam\steamapps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe"="D:\Program Files\Steam\steamapps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe:*:Enabled:Super Monday Night Combat"
"D:\Program Files\Steam\steamapps\common\arma 2 free\ArmA2Free.exe"="D:\Program Files\Steam\steamapps\common\arma 2 free\ArmA2Free.exe:*:Enabled:ARMA 2: Free"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"D:\Program Files\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe"="D:\Program Files\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe:*:Enabled:EE-AOC"
"D:\Documents and Settings\Admin\Data aplikací\GameRanger\GameRanger\GameRanger.exe"="D:\Documents and Settings\Admin\Data aplikací\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger"
"D:\WINDOWS\system32\dplaysvr.exe"="D:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"D:\Program Files\Stronghold Crusader\Stronghold Crusader.exe"="D:\Program Files\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"D:\Program Files\Sierra\Empire Earth\Empire Earth.exe"="D:\Program Files\Sierra\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth"
"D:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe"="D:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe:*:Enabled:Crysis2"
"D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe"="D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2"
"D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe"="D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer"
"D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe"="D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe:*:Enabled:Aliens vs. Predator"
"D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe"="D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe:*:Enabled:Aliens vs. Predator"
"D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP.exe"="D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP.exe:*:Enabled:Aliens vs. Predator"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=D:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=D:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.HFYU"=huffyuv.dll
"VIDC.FPS1"=frapsvid.dll
======List of files/folders created in the last 1 month======
2012-06-10 15:33:15 ----D---- D:\rsit
2012-06-10 15:33:15 ----D---- D:\Program Files\trend micro
2012-06-10 12:41:34 ----SD---- D:\ComboFix
2012-06-10 12:41:34 ----D---- D:\WINDOWS\ERDNT
2012-06-10 12:41:08 ----D---- D:\Qoobox
2012-06-09 12:06:59 ----D---- D:\Program Files\Ask.com
2012-06-09 11:56:06 ----D---- D:\Documents and Settings\All Users\Data aplikací\Ask
2012-06-09 11:56:00 ----D---- D:\Program Files\Common Files\Java
2012-06-09 11:55:39 ----D---- D:\Program Files\Oracle
2012-06-09 11:55:30 ----D---- D:\Documents and Settings\Admin\Data aplikací\Oracle
2012-06-09 11:55:24 ----A---- D:\WINDOWS\system32\javaws.exe
2012-06-09 11:55:18 ----A---- D:\WINDOWS\system32\javaw.exe
2012-06-09 11:55:18 ----A---- D:\WINDOWS\system32\java.exe
2012-06-08 23:05:53 ----D---- D:\Documents and Settings\All Users\Data aplikací\Solidshield
2012-06-08 22:53:03 ----D---- D:\Documents and Settings\All Users\Data aplikací\EA Core
2012-06-08 22:30:22 ----D---- D:\Program Files\CCleaner
2012-06-08 22:28:49 ----D---- D:\Program Files\Electronic Arts
2012-06-08 21:43:04 ----D---- D:\WINDOWS\pss
2012-06-08 21:19:44 ----D---- D:\WINDOWS\system32\appmgmt
2012-06-07 17:40:25 ----D---- D:\Program Files\kopiieCall of Duty Moders Warfare 3
2012-06-06 16:23:45 ----D---- D:\Program Files\GotCLIP Downloader
2012-06-03 19:02:18 ----D---- D:\Documents and Settings\Admin\Data aplikací\CyberLink
2012-06-03 19:01:21 ----D---- D:\Documents and Settings\All Users\Data aplikací\SmartSound Software Inc
2012-06-03 19:01:19 ----D---- D:\Program Files\SmartSound Software
2012-06-03 18:56:57 ----D---- D:\Program Files\CyberLink
2012-06-03 18:23:02 ----A---- D:\CyberLink.1703_GM5_Trial_VDE120314-02.exe
2012-06-03 18:22:45 ----D---- D:\Documents and Settings\All Users\Data aplikací\CyberLink
2012-06-03 15:05:09 ----D---- D:\Documents and Settings\Admin\Data aplikací\Sony
2012-06-03 10:02:15 ----AD---- D:\Documents and Settings\All Users\Data aplikací\TEMP
2012-06-02 14:24:28 ----D---- D:\Documents and Settings\Admin\Data aplikací\Audacity
2012-06-02 14:24:13 ----D---- D:\Program Files\Audacity
2012-06-02 03:02:13 ----D---- D:\Fraps
2012-06-01 18:11:09 ----D---- D:\Program Files\Origin Games
2012-06-01 18:11:06 ----D---- D:\Documents and Settings\Admin\Data aplikací\Origin
2012-06-01 18:10:56 ----D---- D:\Documents and Settings\All Users\Data aplikací\Origin
2012-06-01 18:10:56 ----D---- D:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2012-06-01 18:10:37 ----D---- D:\Program Files\Origin
2012-05-31 17:48:10 ----A---- D:\WINDOWS\NeroDigital.ini
2012-05-31 17:34:24 ----D---- D:\Documents and Settings\Admin\Data aplikací\Toribash
2012-05-31 17:32:10 ----D---- D:\Program Files\Taksi
2012-05-31 17:12:42 ----A---- D:\WINDOWS\system32\D3DX81ab.dll
2012-05-31 17:12:25 ----D---- D:\Program Files\Quobi
2012-05-31 15:42:25 ----D---- D:\WINDOWS\system32\LogFiles
2012-05-30 21:19:08 ----D---- D:\Program Files\Call of Duty Moders Warfare 3
2012-05-30 19:39:50 ----D---- D:\GAMES
2012-05-29 07:14:47 ----A---- D:\WINDOWS\system32\CmdLineExt.dll
2012-05-29 07:14:11 ----D---- D:\Documents and Settings\Admin\Data aplikací\Leadertech
2012-05-27 20:50:27 ----A---- D:\WINDOWS\system32\LMRTREND.dll
2012-05-27 20:50:26 ----A---- D:\WINDOWS\system32\dxtmsft3.dll
2012-05-27 20:50:23 ----A---- D:\WINDOWS\system32\unam4ie.exe
2012-05-27 20:50:21 ----A---- D:\WINDOWS\system32\vidx16.dll
2012-05-27 20:50:20 ----A---- D:\WINDOWS\system32\w95inf32.dll
2012-05-27 20:50:20 ----A---- D:\WINDOWS\system32\w95inf16.dll
2012-05-27 20:50:20 ----A---- D:\WINDOWS\system32\qcut.dll
2012-05-27 20:45:01 ----A---- D:\WINDOWS\IsUninst.exe
2012-05-27 20:27:42 ----D---- D:\Program Files\GIGABYTE
2012-05-27 18:14:41 ----A---- D:\WINDOWS\eReg.dat
2012-05-27 18:11:38 ----D---- D:\Program Files\EA SPORTS
2012-05-27 16:44:26 ----A---- D:\WINDOWS\system32\IR41_32.DLL
2012-05-27 16:44:03 ----D---- D:\UbiSoft
2012-05-27 16:43:42 ----D---- D:\WINDOWS\UbiSoft
2012-05-27 15:53:01 ----D---- D:\WINDOWS\Minidump
2012-05-26 11:25:34 ----D---- D:\Documents and Settings\All Users\Data aplikací\Alternative Software Ltd
2012-05-26 11:25:34 ----D---- D:\Documents and Settings\Admin\Data aplikací\Alternative Software Ltd
2012-05-26 11:23:57 ----D---- D:\Program Files\Alternative Software Ltd
2012-05-25 22:19:44 ----A---- D:\WINDOWS\SIERRA.INI
2012-05-25 22:19:18 ----D---- D:\Program Files\Sierra
2012-05-25 20:19:46 ----D---- D:\Documents and Settings\Admin\Data aplikací\TS3Client
2012-05-25 16:06:21 ----D---- D:\Program Files\Stronghold Crusader
2012-05-25 14:53:04 ----D---- D:\Documents and Settings\Admin\Data aplikací\GameRanger
2012-05-24 23:03:08 ----D---- D:\Program Files\Microsoft.NET
2012-05-23 06:16:52 ----A---- D:\WINDOWS\system32\CmdLineExt03.dll
2012-05-23 06:10:48 ----D---- D:\Program Files\Starbreeze Studios
2012-05-19 18:10:18 ----A---- D:\WINDOWS\wordpad.INI
2012-05-15 14:43:00 ----A---- D:\WINDOWS\system32\d3d9caps.dat
2012-05-13 21:14:16 ----A---- D:\WINDOWS\system32\drivers\usbprint.sys
2012-05-13 00:45:53 ----D---- D:\Program Files\Lua
2012-05-13 00:45:02 ----D---- D:\Program Files\Notepad++
2012-05-13 00:45:02 ----D---- D:\Documents and Settings\Admin\Data aplikací\Notepad++
2012-05-11 20:11:17 ----D---- D:\Documents and Settings\Admin\Data aplikací\Google
======List of files/folders modified in the last 1 month======
2012-06-10 15:33:23 ----D---- D:\WINDOWS\Prefetch
2012-06-10 15:33:15 ----RD---- D:\Program Files
2012-06-10 14:47:16 ----SHD---- D:\WINDOWS\Installer
2012-06-10 14:47:14 ----SD---- D:\WINDOWS\Tasks
2012-06-10 14:43:21 ----D---- D:\Program Files\Steam
2012-06-10 14:08:49 ----SHD---- D:\System Volume Information
2012-06-10 12:49:16 ----D---- D:\WINDOWS
2012-06-10 12:41:08 ----D---- D:\WINDOWS\system32\drivers
2012-06-10 12:40:58 ----D---- D:\WINDOWS\Temp
2012-06-10 12:30:08 ----D---- D:\WINDOWS\system32\CatRoot2
2012-06-10 12:28:52 ----D---- D:\WINDOWS\Registration
2012-06-10 12:28:03 ----D---- D:\Documents and Settings\All Users\Data aplikací\boost_interprocess
2012-06-10 12:26:37 ----A---- D:\WINDOWS\SchedLgU.Txt
2012-06-09 14:41:16 ----D---- D:\WINDOWS\system32\DirectX
2012-06-09 14:41:14 ----HD---- D:\WINDOWS\inf
2012-06-09 14:40:57 ----RSD---- D:\WINDOWS\assembly
2012-06-09 14:40:32 ----D---- D:\WINDOWS\Logs
2012-06-09 14:40:31 ----D---- D:\WINDOWS\WinSxS
2012-06-09 11:56:08 ----SD---- D:\Documents and Settings\Admin\Data aplikací\Microsoft
2012-06-09 11:56:08 ----D---- D:\Documents and Settings\Admin\Data aplikací\Adobe
2012-06-09 11:56:00 ----D---- D:\Program Files\Common Files
2012-06-09 11:55:49 ----D---- D:\WINDOWS\system32
2012-06-09 11:55:00 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2012-06-09 11:54:54 ----D---- D:\Program Files\Java
2012-06-09 10:43:16 ----D---- D:\Program Files\Common Files\Adobe
2012-06-09 10:43:06 ----D---- D:\Documents and Settings\All Users\Data aplikací\Adobe
2012-06-09 10:43:04 ----D---- D:\Program Files\Adobe
2012-06-09 10:08:15 ----D---- D:\WINDOWS\system32\drivers\etc
2012-06-08 22:33:40 ----D---- D:\Documents and Settings\Admin\Data aplikací\Winamp
2012-06-08 22:33:40 ----D---- D:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
2012-06-08 22:33:27 ----D---- D:\Documents and Settings\Admin\Data aplikací\FileZilla
2012-06-08 22:33:27 ----D---- D:\Documents and Settings\Admin\Data aplikací\BitTorrent
2012-06-08 22:33:12 ----D---- D:\WINDOWS\Debug
2012-06-08 21:43:45 ----A---- D:\WINDOWS\win.ini
2012-06-08 21:43:45 ----A---- D:\WINDOWS\system.ini
2012-06-08 21:26:49 ----D---- D:\Documents and Settings\Admin\Data aplikací\Skype
2012-06-08 20:22:17 ----D---- D:\Program Files\Mozilla Maintenance Service
2012-06-07 20:23:04 ----SD---- D:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-06-07 20:23:03 ----D---- D:\WINDOWS\system32\drivers\UMDF
2012-06-06 14:56:05 ----D---- D:\Program Files\Mozilla Firefox
2012-06-05 14:53:22 ----D---- D:\Documents and Settings\Admin\Data aplikací\.techniclauncher
2012-06-05 03:22:04 ----D---- D:\Program Files\BitTorrent
2012-06-05 03:22:03 ----D---- D:\Program Files\Google
2012-06-03 19:01:25 ----HD---- D:\Program Files\InstallShield Installation Information
2012-06-03 18:59:24 ----RSD---- D:\WINDOWS\Fonts
2012-05-28 14:57:46 ----D---- D:\Documents and Settings
2012-05-27 20:50:27 ----D---- D:\Program Files\Windows Media Player
2012-05-27 20:50:23 ----D---- D:\WINDOWS\Help
2012-05-27 20:35:01 ----D---- D:\WINDOWS\repair
2012-05-27 20:25:22 ----RSHDC---- D:\WINDOWS\system32\dllcache
2012-05-27 18:10:38 ----D---- D:\Program Files\Common Files\InstallShield
2012-05-27 16:44:26 ----A---- D:\WINDOWS\system32\ir32_32.dll
2012-05-25 21:48:39 ----RD---- D:\Program Files\Skype
2012-05-24 23:16:55 ----D---- D:\WINDOWS\Microsoft.NET
2012-05-24 23:08:04 ----D---- D:\WINDOWS\system32\cs-cz
2012-05-24 23:03:15 ----D---- D:\WINDOWS\system32\en-us
2012-05-11 20:11:31 ----D---- D:\Documents and Settings\All Users\Data aplikací\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; D:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; D:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); D:\WINDOWS\system32\drivers\sfdrv01.sys [2006-05-10 51200]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); D:\WINDOWS\system32\drivers\sfhlp02.sys [2006-05-10 6656]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); D:\WINDOWS\system32\drivers\sfsync04.sys [2006-05-10 52224]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-12-14 77568]
R1 AmdK8;AMD Processor Driver; D:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-19 36864]
R1 avipbb;avipbb; D:\WINDOWS\system32\DRIVERS\avipbb.sys [2012-05-09 137928]
R1 avkmgr;avkmgr; D:\WINDOWS\system32\DRIVERS\avkmgr.sys [2011-09-16 36000]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; D:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-05-07 242240]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 nvport;NVIDIA PORT IO Control Driver; \??\D:\WINDOWS\system32\Drivers\nvport.sys []
R1 ssmdrv;ssmdrv; D:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 avgntflt;avgntflt; D:\WINDOWS\system32\DRIVERS\avgntflt.sys [2012-05-09 83392]
R3 aracpi;aracpi; D:\WINDOWS\system32\DRIVERS\aracpi.sys [2008-12-27 22784]
R3 arhidfltr;MS Ar HID Filter Driver; D:\WINDOWS\system32\DRIVERS\arhidfltr.sys [2008-12-27 19200]
R3 arkbcfltr;Microsoft PS2 Keyboard Filter; D:\WINDOWS\system32\DRIVERS\arkbcfltr.sys [2008-12-27 5376]
R3 armoucfltr;Microsoft PS2 Mouse Filter; D:\WINDOWS\system32\DRIVERS\armoucfltr.sys [2008-12-27 4992]
R3 Arp1394;Protokol 1394 ARP Client; D:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-12-27 60800]
R3 ARPolicy;ARPolicy; D:\WINDOWS\system32\DRIVERS\arpolicy.sys [2008-12-27 10112]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-12-27 12160]
R3 NIC1394;1394 Net Driver; D:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-12-27 61824]
R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-01-30 10279520]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; D:\WINDOWS\system32\drivers\nvhda32.sys [2009-11-12 57320]
R3 pfc;Padus ASPI Shell; D:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; D:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2007-11-21 104320]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; D:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-04 105856]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; D:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
S3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\D:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys []
S3 WpdUsb;WpdUsb; D:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-12-14 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-12-14 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Realtime Protection; D:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-05-09 110032]
R2 AntiVirSchedulerService;Avira Scheduler; D:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-05-09 86224]
R2 ARSVC;ARSVC; D:\WINDOWS\arservice.exe [2008-12-27 58880]
R2 ehRecvr;Služba přijímače aplikace Media Center; D:\WINDOWS\eHome\ehRecvr.exe [2008-12-22 238592]
R2 ehSched;Služba plánování aplikace Media Center; D:\WINDOWS\eHome\ehSched.exe [2008-12-22 103424]
R2 FileZilla Server;FileZilla Server FTP server; D:\Program Files\FileZilla Server\FileZilla Server.exe [2012-02-26 632320]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-04-04 161664]
R2 McrdSvc;Media Center Extender Service; D:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 nvsvc;NVIDIA Display Driver Service; D:\WINDOWS\system32\nvsvc32.exe [2010-01-31 154216]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); D:\Program Files\CyberLink\Shared files\RichVideo.exe [2012-04-24 254512]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); D:\WINDOWS\system32\sfrem01.exe [2006-05-10 353912]
S2 Skype C2C Service;Skype C2C Service; D:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-04-09 3063968]
S2 SkypeUpdate;Skype Updater; D:\Program Files\Skype\Updater\Updater.exe [2012-04-05 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-07 257696]
S3 aspnet_state;Stavová služba ASP.NET; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 gusvc;Google Software Updater; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-05-28 182768]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 MozillaMaintenance;Mozilla Maintenance Service; D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-06 113120]
S3 Steam Client Service;Steam Client Service; D:\Program Files\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 SwitchBoard;SwitchBoard; D:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nelze načíst Youtube a Facebook
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Nelze načíst Youtube a Facebook
Zdravim 
Zkousel jste jiny prohlizec? Dela to ve vsech?
Kontrola logu bude nejakou dobu trvat
Zkousel jste jiny prohlizec? Dela to ve vsech?
Kontrola logu bude nejakou dobu trvat
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Nelze načíst Youtube a Facebook
Kdo vam poradil ComboFix? Doufam, ze jste ho nespoustel! 
Pokud mate v pc neco od IObit, odinstalujte to. Dokaze to nadelat vice skody, nez uzitku. Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe , ulozte nejlepe na plochu a spustte.Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem files)
Kód: Vybrat vše
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
D:\Program Files\Ask.com
D:\WINDOWS\tasks\Adobe Flash Player Updater.job
D:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PC-LUK-Admin.job
D:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004Core.job
D:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004UA.job
D:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004Core.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004UA.job
D:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
D:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\v03yqg63.default\searchplugins\askcom.xml
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}"=-
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=-
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-
"SwitchBoard"=-
"AdobeCS5ServiceManager"=-
"NvMediaCenter"=-
"UpdatePDRShortCut"=-
"MSConfig"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
""=-
"ApnUpdater"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"-
"Google Update"=-
"swg"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
:services
WinRing0_1_2_0
JavaQuickStarterService
Skype C2C Service
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gusvc
SwitchBoard
:commands
[RESETHOSTS]
[Purity]
[EMPTYTEMP]
[EMPTYFLASH]Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Nelze načíst Youtube a Facebook
Dělá to ve všech prohlížečích, dokonce i na mém druhém PC. A combofix jsem si akorát stáhl, kdyby byl náhodou potřeba
A OTM přestal reagovat když jsem tam vložil kód. Zkoušel jsem to 3x a vždy přestal reagovat. Nechal jsem to být asi tak hodinku a pořád se to nehlo, jen to psalo že OTM nereaguje. A nic od IObit nemám.
A OTM přestal reagovat když jsem tam vložil kód. Zkoušel jsem to 3x a vždy přestal reagovat. Nechal jsem to být asi tak hodinku a pořád se to nehlo, jen to psalo že OTM nereaguje. A nic od IObit nemám.
Re: Nelze načíst Youtube a Facebook
No, tim druhym pc jste me trochu dostal 
Spustte OTM znovu, ale tentokrat v nouzovem rezimu (asi ho blokuje antivir) - restartujte pc, mackejte klavesu F8 - pripadne jinou, zalezi na typu stroje a zvolte moznost nouzovy rezim, nebo tady jiny postup http://forum.viry.cz/viewtopic.php?f=46&t=7554
Spustte OTM znovu, ale tentokrat v nouzovem rezimu (asi ho blokuje antivir) - restartujte pc, mackejte klavesu F8 - pripadne jinou, zalezi na typu stroje a zvolte moznost nouzovy rezim, nebo tady jiny postup http://forum.viry.cz/viewtopic.php?f=46&t=7554
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Nelze načíst Youtube a Facebook
Bohužel to nepomohlo. Stále přestává reagovat. Asi si nerozumí s mým počítačem nebo nevím.
Re: Nelze načíst Youtube a Facebook
Zkusime to tedy jinak
1) Otevrte Poznamkovy blok (pokud ho nemate na plose, tak kliknete na Start, pak programy a prislusenstvi)
2) Zkopirujte do nej ten zeleny text
3) Vlevo nahore kliknete na napis Soubor
4) Kliknete na napis Ulozit jako...
5) Napiste spravne ten cerveny nazev oprava.reg a pak vyberte u moznosti Ulozit jako typ : Vsechny soubory
6) Ulozte, nejlepe na plochu
7) No a na to, co jste prave ulozil, 2x kliknete, ono se to spusti a pak to jen potvrdte
8) Pak ten soubor muzete smazat
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokracovani zitra odpoledne, dnes uz se k pc nedostanu.
1) Otevrte Poznamkovy blok (pokud ho nemate na plose, tak kliknete na Start, pak programy a prislusenstvi)
2) Zkopirujte do nej ten zeleny text
Kód: Vybrat vše
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}"=-
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=-
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-
"SwitchBoard"=-
"AdobeCS5ServiceManager"=-
"NvMediaCenter"=-
"UpdatePDRShortCut"=-
"MSConfig"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
""=-
"ApnUpdater"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"-
"Google Update"=-
"swg"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
4) Kliknete na napis Ulozit jako...
5) Napiste spravne ten cerveny nazev oprava.reg a pak vyberte u moznosti Ulozit jako typ : Vsechny soubory
6) Ulozte, nejlepe na plochu
7) No a na to, co jste prave ulozil, 2x kliknete, ono se to spusti a pak to jen potvrdte
8) Pak ten soubor muzete smazat
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokracovani zitra odpoledne, dnes uz se k pc nedostanu.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Nelze načíst Youtube a Facebook
Jeste by bylo dobre po tom prvnim kroku (predtim, nez spustite OTL) restartovat pc
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Nelze načíst Youtube a Facebook
OTL.Txt 1/2
OTL logfile created on: 10.6.2012 20:04:46 - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = D:\Documents and Settings\Admin\Dokumenty\Stažené soubory
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,75 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 78,79% Memory free
4,59 Gb Paging File | 3,90 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 97,65 Gb Total Space | 86,09 Gb Free Space | 88,16% Space Free | Partition Type: NTFS
Drive D: | 237,69 Gb Total Space | 94,84 Gb Free Space | 39,90% Space Free | Partition Type: NTFS
Drive E: | 7,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive K: | 3,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: PC-LUK | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.06.10 20:03:23 | 000,596,480 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Admin\Dokumenty\Stažené soubory\OTL.exe
PRC - [2012.06.06 14:55:48 | 000,913,888 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.05.09 02:10:15 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.09 02:10:15 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.05.09 02:10:14 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.09 02:10:14 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.06 22:39:36 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Program Files\Steam\Steam.exe
PRC - [2012.04.09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- D:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.04.04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012.02.26 19:12:28 | 000,632,320 | ---- | M] (FileZilla Project) -- D:\Program Files\FileZilla Server\FileZilla server.exe
PRC - [2010.02.25 11:37:58 | 001,678,848 | ---- | M] () -- D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
PRC - [2008.12.27 00:47:22 | 000,077,312 | ---- | M] (Microsoft) -- D:\WINDOWS\arpwrmsg.exe
PRC - [2008.12.27 00:47:22 | 000,058,880 | ---- | M] (Microsoft) -- D:\WINDOWS\arservice.exe
PRC - [2008.12.19 17:13:58 | 001,486,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012.06.06 14:55:48 | 002,042,848 | ---- | M] () -- D:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.05.31 21:57:52 | 020,313,384 | ---- | M] () -- D:\Program Files\Steam\bin\libcef.dll
MOD - [2012.05.31 21:57:47 | 001,099,576 | ---- | M] () -- D:\Program Files\Steam\bin\avcodec-53.dll
MOD - [2012.05.31 21:57:47 | 000,895,312 | ---- | M] () -- D:\Program Files\Steam\bin\chromehtml.dll
MOD - [2012.05.31 21:57:47 | 000,190,776 | ---- | M] () -- D:\Program Files\Steam\bin\avformat-53.dll
MOD - [2012.05.31 21:57:47 | 000,123,192 | ---- | M] () -- D:\Program Files\Steam\bin\avutil-51.dll
MOD - [2012.05.09 02:10:15 | 000,398,288 | ---- | M] () -- D:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012.01.08 18:11:12 | 000,093,696 | ---- | M] () -- D:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2010.02.25 11:37:58 | 001,678,848 | ---- | M] () -- D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
MOD - [2009.11.12 10:12:50 | 000,188,416 | ---- | M] () -- D:\Program Files\GIGABYTE\Gamer HUD Lite\GVDisplayLib.dll
MOD - [2008.12.27 00:47:22 | 000,050,176 | ---- | M] () -- D:\WINDOWS\armcex.dll
MOD - [2008.12.27 00:47:20 | 000,291,840 | ---- | M] () -- D:\WINDOWS\system32\sbe.dll
MOD - [2008.04.14 11:21:48 | 000,014,336 | ---- | M] () -- D:\WINDOWS\system32\msdmo.dll
MOD - [2008.03.23 02:31:42 | 000,026,576 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vshell32.dll
MOD - [2008.03.23 02:31:40 | 000,040,400 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vuser32.dll
MOD - [2008.03.23 02:31:40 | 000,011,216 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vuxtheme.dll
MOD - [2008.03.23 02:31:36 | 000,082,384 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vntdll.dll
MOD - [2008.03.23 02:31:36 | 000,058,320 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vkernel32.dll
MOD - [2008.03.23 02:31:34 | 000,019,920 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vmsvcrt.dll
MOD - [2008.03.23 02:31:32 | 000,046,032 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vadvapi32.dll
MOD - [2008.03.23 02:31:30 | 000,047,056 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vgdiplus.dll
MOD - [2008.03.23 02:31:30 | 000,008,144 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vdwmapi.dll
MOD - [2008.03.23 02:30:36 | 000,096,208 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vcomctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2012.06.06 14:55:48 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.09 02:10:15 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.09 02:10:14 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.07 10:19:21 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.04.09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- D:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.04.05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- D:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.02.26 19:12:28 | 000,632,320 | ---- | M] (FileZilla Project) [Auto | Running] -- D:\Program Files\FileZilla Server\FileZilla server.exe -- (FileZilla Server)
SRV - [2011.03.16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- D:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- D:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2008.12.27 00:47:22 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- D:\WINDOWS\arservice.exe -- (ARSVC)
SRV - [2006.05.10 14:29:04 | 000,353,912 | ---- | M] (Protection Technology (StarForce)) [Auto | Stopped] -- D:\WINDOWS\System32\sfrem01.exe -- (sfrem01) SF FrontLine Drivers Auto Removal (v1)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.05.09 02:10:15 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.09 02:10:15 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.05.07 12:29:24 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.09.16 16:09:17 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.11.01 06:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- D:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2010.06.17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.11.12 08:44:27 | 000,057,320 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2008.04.17 19:03:26 | 004,707,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.01.04 06:40:16 | 000,105,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.11.21 03:39:22 | 000,104,320 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.06.19 08:07:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.05.10 13:29:04 | 000,052,224 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2006.05.10 13:09:38 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006.05.10 12:50:28 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2006.05.05 19:21:00 | 000,004,608 | ---- | M] (NVIDIA Corporation.) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\nvport.sys -- (nvport)
DRV - [2006.03.29 08:49:26 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - D:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/red ... 06-05-2012
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-854245398-1788223648-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\InprocServer32 File not found
IE - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - D:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
IE - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\SearchScopes\{218C57F2-2215-4D58-ADFC-24FB37D368BA}: "URL" = http://websearch.ask.com/redirect?clien ... FCFF49E7E2
IE - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... 1I7SKPB_en
IE - HKU\S-1-5-21-854245398-1788223648-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.14.1.100012
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?clien ... YYYYCZ&&q="
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: D:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: D:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012.06.06 14:55:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2012.06.09 10:43:16 | 000,000,000 | ---D | M]
[2012.05.06 23:09:09 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Admin\Data aplikací\Mozilla\Extensions
[2012.06.10 15:14:05 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\v03yqg63.default\extensions
[2012.06.06 14:55:54 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2012.05.06 22:37:12 | 000,000,000 | ---D | M] (Skype Click to Call) -- D:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- D:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\V03YQG63.DEFAULT\EXTENSIONS\{76063E7F-3558-4B68-8287-54EB6512ADC0}.XPI
File not found (No name found) -- D:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\V03YQG63.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8}.XPI
[2012.06.06 14:55:49 | 000,085,472 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.04.21 07:47:43 | 000,002,208 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.04.21 07:47:43 | 000,000,638 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.04.21 07:47:44 | 000,001,367 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.04.21 07:47:44 | 000,000,654 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.04.21 07:47:44 | 000,001,179 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = D:\Documents and Settings\Admin\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = D:\Documents and Settings\Admin\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = D:\Documents and Settings\Admin\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = D:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: downloadUpdater (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = D:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = D:\Documents and Settings\Admin\Local Settings\Data aplikac\u00ED\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = D:\Documents and Settings\Admin\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = D:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = D:\WINDOWS\system32\npdeployJava1.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: James White = D:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\
CHR - Extension: YouTube = D:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = D:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Gmail = D:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2012.06.09 11:45:10 | 000,000,703 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\Toolbar\WebBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] D:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlwaysReady Power Message APP] D:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NvCplDaemon] D:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /installquiet File not found
O4 - HKU\S-1-5-21-854245398-1788223648-682003330-1004..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-854245398-1788223648-682003330-1004..\Run: [Steam] D:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - Startup: D:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění\GIGABYTE Gamer HUD Lite.lnk = D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = D:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009\Windows XP Ultimate 2009.msstyles (Guliwer Company)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = D:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-854245398-1788223648-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-854245398-1788223648-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.252
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{376AA0DA-0FDD-4AB8-A8D8-B502D74D0EB6}: DhcpNameServer = 192.168.100.252
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.05.06 22:35:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011.02.28 21:14:49 | 000,467,168 | R--- | M] (Electronic Arts) - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2011.02.28 21:22:39 | 000,000,000 | R--D | M] - E:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2011.02.28 21:22:37 | 004,032,512 | R--- | M] () - E:\autorun.dat -- [ CDFS ]
O32 - AutoRun File - [2011.02.28 21:22:37 | 000,000,152 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006.05.25 00:09:19 | 000,000,000 | R--D | M] - K:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2004.11.18 20:14:58 | 000,000,043 | R--- | M] () - K:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{a4bfe84e-9799-11e1-819a-00251161f68f}\Shell - "" = AutoRun
O33 - MountPoints2\{a4bfe84e-9799-11e1-819a-00251161f68f}\Shell\AutoRun\command - "" = K:\Setup.exe -- [2004.11.18 20:14:58 | 001,523,712 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: wuauserv - C:\WINDOWS\system32\wuauserv.dll File not found
Drivers32: msacm.iac2 - D:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - D:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - D:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - D:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - D:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - D:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.HFYU - D:\WINDOWS\System32\HUFFYUV.DLL (Disappearing Inc.)
Drivers32: vidc.iv31 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - D:\WINDOWS\System32\IR41_32.DLL (Intel Corporation)
Drivers32: vidc.iv50 - D:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to D:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2012.06.10 18:42:55 | 000,000,000 | ---D | C] -- D:\_OTM
[2012.06.10 18:42:01 | 000,523,264 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Admin\Plocha\OTM.exe
[2012.06.10 17:35:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\AliensVsPredator
[2012.06.10 15:33:15 | 000,000,000 | ---D | C] -- D:\Program Files\trend micro
[2012.06.10 15:33:15 | 000,000,000 | ---D | C] -- D:\rsit
[2012.06.10 14:08:39 | 004,539,885 | R--- | C] (Swearware) -- D:\Documents and Settings\Admin\Plocha\ComboFix.exe
[2012.06.10 12:41:34 | 000,000,000 | --SD | C] -- D:\ComboFix
[2012.06.10 12:41:34 | 000,000,000 | ---D | C] -- D:\WINDOWS\ERDNT
[2012.06.10 12:41:08 | 000,000,000 | ---D | C] -- D:\Qoobox
[2012.06.09 12:06:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\AskToolbar
[2012.06.09 11:56:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\Ask
[2012.06.09 11:56:00 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Java
[2012.06.09 11:55:39 | 000,000,000 | ---D | C] -- D:\Program Files\Oracle
[2012.06.09 11:55:30 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\Oracle
[2012.06.09 11:55:24 | 000,227,720 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\javaws.exe
[2012.06.09 11:55:18 | 000,174,024 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\javaw.exe
[2012.06.09 11:55:18 | 000,174,024 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\java.exe
[2012.06.09 11:37:19 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.06.09 10:28:13 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Admin\IECompatCache
[2012.06.09 00:09:18 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- D:\Documents and Settings\Admin\Plocha\HiJackThis.exe
[2012.06.08 23:06:35 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\Crysis2
[2012.06.08 23:05:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\Solidshield
[2012.06.08 22:53:03 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\EA Core
[2012.06.08 22:45:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Electronic Arts
[2012.06.08 22:33:11 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Admin\Recent
[2012.06.08 22:30:22 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner
[2012.06.08 22:28:49 | 000,000,000 | ---D | C] -- D:\Program Files\Electronic Arts
[2012.06.08 21:43:04 | 000,000,000 | ---D | C] -- D:\WINDOWS\pss
[2012.06.08 21:19:44 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\appmgmt
[2012.06.08 20:35:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\Downloads
[2012.06.08 20:33:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\Google Chrome
[2012.06.07 17:40:25 | 000,000,000 | ---D | C] -- D:\Program Files\kopiieCall of Duty Moders Warfare 3
[2012.06.06 16:23:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\GotCLIP Downloader
[2012.06.06 16:23:45 | 000,000,000 | ---D | C] -- D:\Program Files\GotCLIP Downloader
[2012.06.03 23:41:24 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Data aplikací\CyberLink
[2012.06.03 19:02:50 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\CyberLink
[2012.06.03 19:02:32 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\CyberLink
[2012.06.03 19:02:18 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\CyberLink
[2012.06.03 19:01:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\NewBlue
[2012.06.03 19:01:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\SmartSound Software Inc
[2012.06.03 19:01:19 | 000,000,000 | ---D | C] -- D:\Program Files\SmartSound Software
[2012.06.03 18:59:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\Apple Computer
[2012.06.03 18:59:26 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\CyberLink PowerDirector 10
[2012.06.03 18:56:57 | 000,000,000 | ---D | C] -- D:\Program Files\CyberLink
[2012.06.03 18:22:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\CyberLink
[2012.06.03 15:33:19 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Data aplikací\Adobe
[2012.06.03 15:05:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\Sony
[2012.06.03 10:03:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\Fraps
[2012.06.03 10:02:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\TEMP
[2012.06.02 18:12:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\WMTools Downloaded Files
[2012.06.02 14:24:28 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\Audacity
[2012.06.02 14:24:13 | 000,000,000 | ---D | C] -- D:\Program Files\Audacity
[2012.06.02 03:02:13 | 000,000,000 | ---D | C] -- D:\Fraps
[2012.06.01 18:11:26 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikac
[2012.06.01 18:11:09 | 000,000,000 | ---D | C] -- D:\Program Files\Origin Games
[2012.06.01 18:11:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\Origin
[2012.06.01 18:11:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\Origin
[2012.06.01 18:11:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Origin
[2012.06.01 18:10:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\Origin
[2012.06.01 18:10:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2012.06.01 18:10:37 | 000,000,000 | ---D | C] -- D:\Program Files\Origin
[2012.06.01 18:04:50 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\Downloaded Installations
[2012.05.31 17:34:24 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\Toribash
[2012.05.31 17:32:10 | 000,000,000 | ---D | C] -- D:\Program Files\Taksi
[2012.05.31 17:13:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\Quobi
[2012.05.31 17:12:42 | 000,679,936 | ---- | C] (Generated for JEDI. www.delphi-jedi.org) -- D:\WINDOWS\System32\D3DX81ab.dll
[2012.05.31 17:12:42 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Quobi
[2012.05.31 17:12:25 | 000,000,000 | ---D | C] -- D:\Program Files\Quobi
[2012.05.31 15:42:25 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\LogFiles
[2012.05.30 21:25:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\My Cheat Tables
[2012.05.30 21:19:08 | 000,000,000 | ---D | C] -- D:\Program Files\Call of Duty Moders Warfare 3
[2012.05.30 19:39:50 | 000,000,000 | ---D | C] -- D:\GAMES
[2012.05.29 07:47:25 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\NHL09
[2012.05.29 07:14:47 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- D:\WINDOWS\System32\CmdLineExt.dll
[2012.05.29 07:14:11 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\Leadertech
[2012.05.27 22:35:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\Street Racing Syndicate
[2012.05.27 20:50:27 | 000,140,800 | ---- | C] (The Duck Corporation) -- D:\WINDOWS\System32\tm20dec.ax
[2012.05.27 20:50:27 | 000,038,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\LMRTREND.dll
[2012.05.27 20:50:26 | 000,182,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dxtmsft3.dll
[2012.05.27 20:50:23 | 000,063,488 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\unam4ie.exe
[2012.05.27 20:50:21 | 000,011,776 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mciqtz.drv
[2012.05.27 20:50:20 | 000,194,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\qcut.dll
[2012.05.27 20:50:20 | 000,004,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\w95inf32.dll
[2012.05.27 20:50:20 | 000,002,272 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\w95inf16.dll
[2012.05.27 20:49:44 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Synetic
[2012.05.27 20:45:01 | 000,305,152 | ---- | C] (InstallShield Software Corporation) -- D:\WINDOWS\IsUninst.exe
[2012.05.27 20:44:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\WINDOWS
[2012.05.27 20:29:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\temp
[2012.05.27 20:27:43 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\GIGABYTE
[2012.05.27 20:27:42 | 000,000,000 | ---D | C] -- D:\Program Files\GIGABYTE
[2012.05.27 19:36:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Plocha\Hry
[2012.05.27 18:14:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\EA SPORTS
[2012.05.27 18:11:38 | 000,000,000 | ---D | C] -- D:\Program Files\EA SPORTS
[2012.05.27 16:44:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\Ubi Soft Games
[2012.05.27 16:44:26 | 000,744,960 | ---- | C] (Intel Corporation) -- D:\WINDOWS\System32\IR41_32.DLL
[2012.05.27 16:44:03 | 000,000,000 | ---D | C] -- D:\UbiSoft
[2012.05.27 16:43:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\UbiSoft
[2012.05.27 15:53:01 | 000,000,000 | ---D | C] -- D:\WINDOWS\Minidump
[2012.05.27 15:18:44 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\TopCD
[2012.05.26 11:25:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\Alternative Software Ltd
[2012.05.26 11:25:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\Alternative Software Ltd
[2012.05.26 11:24:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\Návrat krále
[2012.05.26 11:24:19 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Návrat krále
[2012.05.26 11:23:57 | 000,000,000 | ---D | C] -- D:\Program Files\Alternative Software Ltd
[2012.05.25 22:19:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\Sierra
[2012.05.25 22:19:18 | 000,000,000 | ---D | C] -- D:\Program Files\Sierra
[2012.05.25 20:19:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\TS3Client
[2012.05.25 20:19:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\TeamSpeak 3 Client
[2012.05.25 20:19:26 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\TeamSpeak 3 Client
[2012.05.25 16:06:21 | 000,000,000 | ---D | C] -- D:\Program Files\Stronghold Crusader
[2012.05.25 14:53:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\GameRanger
[2012.05.24 23:03:08 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft.NET
[2012.05.23 06:15:42 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Starbreeze Studios
[2012.05.23 06:10:48 | 000,000,000 | ---D | C] -- D:\Program Files\Starbreeze Studios
[2012.05.13 21:14:16 | 000,025,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbprint.sys
[2012.05.13 00:45:53 | 000,000,000 | ---D | C] -- D:\Program Files\Lua
[2012.05.13 00:45:03 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Notepad++
[2012.05.13 00:45:03 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\Notepad++
[2012.05.13 00:45:02 | 000,000,000 | ---D | C] -- D:\Program Files\Notepad++
[2012.05.13 00:45:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\Notepad++
[2012.05.12 15:07:27 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Admin\PrivacIE
[2012.05.11 22:09:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\ArmA 2 Other Profiles
[2012.05.11 22:04:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\Winamp Toolbar
[2012.05.11 20:11:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\Google
[2012.05.11 20:11:10 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\ArmA 2 Free
[2012.05.11 20:11:10 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\ArmA 2
[2012.05.11 20:11:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\Bohemia Interactive
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.06.10 20:06:25 | 000,000,512 | ---- | M] () -- D:\PhysicalMBR.bin
[2012.06.10 19:46:21 | 000,271,641 | ---- | M] () -- D:\WINDOWS\System32\NvApps.xml
[2012.06.10 19:45:27 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2012.06.10 19:38:22 | 000,501,958 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2012.06.10 19:38:22 | 000,496,948 | ---- | M] () -- D:\WINDOWS\System32\perfh005.dat
[2012.06.10 19:38:22 | 000,102,102 | ---- | M] () -- D:\WINDOWS\System32\perfc005.dat
[2012.06.10 19:38:22 | 000,087,482 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2012.06.10 19:32:33 | 000,001,324 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat
[2012.06.10 18:42:03 | 000,523,264 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Admin\Plocha\OTM.exe
[2012.06.10 14:08:49 | 000,781,383 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\RSIT.exe
[2012.06.10 14:08:44 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- D:\Documents and Settings\Admin\Plocha\HiJackThis.exe
[2012.06.10 12:49:54 | 000,088,648 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\omg.jpg
[2012.06.10 12:40:51 | 004,539,885 | R--- | M] (Swearware) -- D:\Documents and Settings\Admin\Plocha\ComboFix.exe
[2012.06.10 12:26:25 | 000,000,206 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122555.reg
[2012.06.10 12:25:49 | 000,000,206 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122548.reg
[2012.06.10 12:25:42 | 000,000,206 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122540.reg
[2012.06.10 12:25:34 | 000,000,482 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122531.reg
[2012.06.10 12:25:22 | 000,035,604 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122517.reg
[2012.06.10 12:16:41 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2012.06.09 15:09:44 | 000,000,215 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Call of Duty Modern Warfare 2 - Multiplayer.url
[2012.06.09 11:55:03 | 000,174,024 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\System32\javaw.exe
[2012.06.09 11:55:03 | 000,174,024 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\System32\java.exe
[2012.06.09 11:45:10 | 000,000,703 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts
[2012.06.09 11:37:19 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.06.09 10:43:16 | 000,001,734 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Adobe Reader X.lnk
[2012.06.08 22:45:46 | 000,002,002 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Crysis® 2.lnk
[2012.06.08 22:30:25 | 000,000,682 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2012.06.07 20:23:03 | 000,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2012.06.06 17:58:32 | 000,000,708 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Call of Duty Modern Warfare 3.lnk
[2012.06.06 17:00:19 | 000,000,215 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Call of Duty Modern Warfare 2.url
[2012.06.06 16:23:46 | 000,001,938 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\GotCLIP Downloader.lnk
[2012.06.05 16:21:54 | 000,000,215 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Aliens vs. Predator.url
[2012.06.05 16:11:52 | 000,000,069 | ---- | M] () -- D:\WINDOWS\NeroDigital.ini
[2012.06.05 16:04:39 | 000,023,040 | ---- | M] () -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.05 03:22:21 | 003,444,808 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2012.06.05 01:55:01 | 000,001,402 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\meta.xml
[2012.06.04 19:53:48 | 000,003,850 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\destructionderby.lua
[2012.06.04 19:53:45 | 000,000,879 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\destructionderby_c.lua
[2012.06.04 18:18:01 | 2979,178,496 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Lp3.mpg
[2012.06.03 23:28:24 | 000,257,538 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\minecraftpartner.jpg
[2012.06.03 18:59:26 | 000,001,094 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\CyberLink PowerDirector 10.lnk
[2012.06.03 18:51:22 | 592,056,056 | ---- | M] () -- D:\CyberLink.1703_GM5_Trial_VDE120314-02.exe
[2012.06.03 10:03:33 | 000,000,478 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Fraps.lnk
[2012.06.02 14:24:23 | 000,000,682 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Audacity.lnk
[2012.06.01 18:11:00 | 000,000,654 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Origin.lnk
[2012.06.01 18:04:58 | 000,001,112 | ---- | M] () -- D:\WINDOWS\System32\ealregsnapshot1.reg
[2012.06.01 16:00:54 | 000,000,812 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\digital.zip
[2012.05.31 21:32:59 | 000,069,950 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\395179_2299207378961_1812470427_1408973_1063339649_n.jpg
[2012.05.31 21:32:41 | 000,082,163 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\401104_2299207018952_1812470427_1408972_2041825112_n.jpg
[2012.05.31 17:32:15 | 000,002,201 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Taksi Desktop Video Recorder.lnk
[2012.05.31 17:12:57 | 000,000,698 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Quobi.lnk
[2012.05.29 07:14:47 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- D:\WINDOWS\System32\CmdLineExt.dll
[2012.05.29 00:36:32 | 000,000,667 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\MATIK 6-9.lnk
[2012.05.27 20:50:25 | 000,000,782 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Windows Media Player.lnk
[2012.05.27 20:50:24 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2012.05.27 20:50:24 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2012.05.27 20:50:19 | 000,004,608 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\System32\w95inf32.dll
[2012.05.27 20:50:19 | 000,002,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\System32\w95inf16.dll
[2012.05.27 20:27:44 | 000,001,830 | ---- | M] () -- D:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění\GIGABYTE Gamer HUD Lite.lnk
[2012.05.27 18:14:41 | 000,000,465 | ---- | M] () -- D:\WINDOWS\eReg.dat
[2012.05.27 16:44:26 | 000,744,960 | ---- | M] (Intel Corporation) -- D:\WINDOWS\System32\IR41_32.DLL
[2012.05.27 14:12:16 | 000,000,671 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Script Editor.lnk
[2012.05.25 22:23:57 | 000,000,599 | ---- | M] () -- D:\WINDOWS\SIERRA.INI
[2012.05.25 17:23:36 | 000,000,732 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Stronghold Crusader.lnk
[2012.05.23 06:19:28 | 000,043,520 | ---- | M] () -- D:\WINDOWS\System32\CmdLineExt03.dll
[2012.05.23 06:15:44 | 000,000,990 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\The Chronicles of Riddick - Escape From Butcher Bay.lnk
[2012.05.19 18:10:18 | 000,000,754 | ---- | M] () -- D:\WINDOWS\wordpad.INI
[2012.05.19 13:28:20 | 000,000,132 | ---- | M] () -- D:\Documents and Settings\Admin\Data aplikací\Adobe Formát PNG CS5 – předvolby
[2012.05.13 00:45:03 | 000,000,748 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Notepad++.lnk
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.06.10 20:06:25 | 000,000,512 | ---- | C] () -- D:\PhysicalMBR.bin
[2012.06.10 12:49:54 | 000,088,648 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\omg.jpg
[2012.06.10 12:40:54 | 000,781,383 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\RSIT.exe
[2012.06.10 12:26:24 | 000,000,206 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122555.reg
[2012.06.10 12:25:48 | 000,000,206 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122548.reg
[2012.06.10 12:25:41 | 000,000,206 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122540.reg
[2012.06.10 12:25:33 | 000,000,482 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122531.reg
[2012.06.10 12:25:20 | 000,035,604 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122517.reg
[2012.06.09 15:09:43 | 000,000,215 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Call of Duty Modern Warfare 2 - Multiplayer.url
[2012.06.09 10:43:16 | 000,001,804 | ---- | C] () -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader X.lnk
[2012.06.09 10:43:16 | 000,001,734 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Adobe Reader X.lnk
[2012.06.08 22:45:46 | 000,002,002 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Crysis® 2.lnk
[2012.06.08 22:30:25 | 000,000,682 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2012.06.08 22:23:38 | 000,000,990 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\The Chronicles of Riddick - Escape From Butcher Bay.lnk
[2012.06.08 22:23:16 | 000,000,732 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Stronghold Crusader.lnk
[2012.06.07 20:23:46 | 000,029,090 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Fotografie-0077.jpg
[2012.06.06 17:58:32 | 000,000,708 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Call of Duty Modern Warfare 3.lnk
[2012.06.06 17:00:19 | 000,000,215 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Call of Duty Modern Warfare 2.url
[2012.06.06 16:23:46 | 000,001,938 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\GotCLIP Downloader.lnk
[2012.06.05 16:21:53 | 000,000,215 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Aliens vs. Predator.url
[2012.06.04 20:57:32 | 000,001,402 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\meta.xml
[2012.06.04 19:53:45 | 000,000,879 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\destructionderby_c.lua
[2012.06.04 19:53:41 | 000,003,850 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\destructionderby.lua
[2012.06.04 17:04:06 | 2979,178,496 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Lp3.mpg
[2012.06.03 23:28:23 | 000,257,538 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\minecraftpartner.jpg
[2012.06.03 18:59:26 | 000,001,094 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\CyberLink PowerDirector 10.lnk
[2012.06.03 18:23:02 | 592,056,056 | ---- | C] () -- D:\CyberLink.1703_GM5_Trial_VDE120314-02.exe
[2012.06.03 18:05:34 | 000,000,786 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Windows Movie Maker.lnk
[2012.06.02 14:24:23 | 000,000,688 | ---- | C] () -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Audacity.lnk
[2012.06.02 14:24:23 | 000,000,682 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Audacity.lnk
[2012.06.02 03:02:14 | 000,000,478 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Fraps.lnk
[2012.06.01 18:11:00 | 000,000,654 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Origin.lnk
[2012.06.01 18:04:58 | 000,001,112 | ---- | C] () -- D:\WINDOWS\System32\ealregsnapshot1.reg
[2012.06.01 16:00:53 | 000,000,812 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\digital.zip
[2012.05.31 21:32:55 | 000,069,950 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\395179_2299207378961_1812470427_1408973_1063339649_n.jpg
[2012.05.31 21:32:33 | 000,082,163 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\401104_2299207018952_1812470427_1408972_2041825112_n.jpg
[2012.05.31 17:48:10 | 000,000,069 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2012.05.31 17:48:08 | 000,023,040 | ---- | C] () -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.31 17:32:11 | 000,002,201 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Taksi Desktop Video Recorder.lnk
[2012.05.31 17:32:11 | 000,001,880 | ---- | C] () -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Taksi Desktop Video Recorder.lnk
[2012.05.31 17:12:57 | 000,000,698 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Quobi.lnk
[2012.05.27 20:50:21 | 000,010,240 | ---- | C] () -- D:\WINDOWS\System32\vidx16.dll
[2012.05.27 20:50:21 | 000,005,672 | ---- | C] () -- D:\WINDOWS\System32\quartz.vxd
[2012.05.27 20:27:44 | 000,001,830 | ---- | C] () -- D:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění\GIGABYTE Gamer HUD Lite.lnk
[2012.05.27 18:14:41 | 000,000,465 | ---- | C] () -- D:\WINDOWS\eReg.dat
[2012.05.27 13:08:27 | 000,000,671 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Script Editor.lnk
[2012.05.25 22:19:44 | 000,000,599 | ---- | C] () -- D:\WINDOWS\SIERRA.INI
[2012.05.25 22:05:06 | 000,000,667 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\MATIK 6-9.lnk
[2012.05.25 14:53:16 | 000,001,016 | ---- | C] () -- D:\Documents and Settings\Admin\Nabídka Start\Programy\GameRanger.lnk
[2012.05.23 06:16:52 | 000,043,520 | ---- | C] () -- D:\WINDOWS\System32\CmdLineExt03.dll
[2012.05.19 18:10:18 | 000,000,754 | ---- | C] () -- D:\WINDOWS\wordpad.INI
[2012.05.16 16:16:14 | 000,000,132 | ---- | C] () -- D:\Documents and Settings\Admin\Data aplikací\Adobe Formát PNG CS5 – předvolby
[2012.05.15 14:43:00 | 000,001,324 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat
[2012.05.13 00:45:03 | 000,000,748 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Notepad++.lnk
[2012.05.09 04:26:38 | 000,000,132 | ---- | C] () -- D:\Documents and Settings\Admin\Data aplikací\Adobe Formát GIF CS5 – předvolby
[2012.05.08 03:01:55 | 000,003,072 | ---- | C] () -- D:\WINDOWS\System32\iacenc.dll
[2012.05.07 00:10:14 | 000,004,249 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2012.05.07 00:03:03 | 003,444,808 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2012.05.06 23:09:10 | 000,000,000 | ---- | C] () -- D:\WINDOWS\nsreg.dat
[2012.05.06 22:57:52 | 000,188,400 | ---- | C] () -- D:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2012.05.06 22:44:58 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2012.05.06 22:32:12 | 000,021,812 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2012.05.06 21:03:33 | 000,000,032 | ---- | C] () -- D:\Documents and Settings\All Users\Data aplikací\ezsid.dat
========== LOP Check ==========
[2012.05.07 12:30:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\.minecraft
[2012.06.05 14:53:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\.techniclauncher
[2012.05.26 11:25:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Alternative Software Ltd
[2012.06.02 15:03:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Audacity
[2012.06.08 22:33:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\BitTorrent
[2012.06.08 22:33:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
[2012.06.08 22:33:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\FileZilla
[2012.05.25 14:53:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\GameRanger
[2012.05.29 07:14:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Leadertech
[2012.05.13 00:54:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Notepad++
[2012.06.09 11:55:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Oracle
[2012.06.01 18:13:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Origin
[2012.06.03 16:46:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Sony
[2012.05.09 03:49:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.05.25 20:25:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\TS3Client
[2012.05.26 11:25:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Alternative Software Ltd
[2012.06.09 11:56:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Ask
[2012.06.10 19:45:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\boost_interprocess
[2012.05.08 07:41:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2012.06.08 22:53:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\EA Core
[2012.06.01 18:10:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2012.05.07 15:44:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\IObit
[2012.05.08 08:09:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\MTA San Andreas All
[2012.06.01 18:19:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Origin
[2012.05.09 03:23:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2012.06.03 19:13:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\SmartSound Software Inc
[2012.06.08 23:06:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Solidshield
[2012.06.03 18:56:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\TEMP
[2012.05.28 15:00:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Ostatni\Data aplikací\AskToolbar
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2008.12.27 02:28:13 | 018,677,326 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.12.27 02:28:13 | 018,677,326 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 02:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 11:22:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- D:\WINDOWS\system32\autochk.exe
[2008.04.14 11:22:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- D:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.12.27 02:28:13 | 018,677,326 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.05.02 15:19:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- D:\WINDOWS\Driver Cache\i386\cdrom.sys
[2008.05.02 15:19:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- D:\WINDOWS\system32\dllcache\cdrom.sys
[2008.05.02 14:19:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- D:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2008.04.14 11:21:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- D:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 11:21:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- D:\WINDOWS\system32\dllcache\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 11:21:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- D:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 11:21:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- D:\WINDOWS\system32\eventlog.dll
[2012.01.31 12:22:06 | 000,006,952 | ---- | M] () MD5=D9A27F35D231BAC3AD58E922C7644E8B -- D:\Program Files\CyberLink\PowerDirector10\EventLog.dll
< MD5 for: EXPLORER.EXE >
[2008.12.19 17:13:58 | 001,486,336 | ---- | M] (Microsoft Corporation) MD5=D39127310CBAD1485EC5001A4ED1D853 -- D:\WINDOWS\explorer.exe
< MD5 for: HAL.DLL >
[2008.12.27 02:28:13 | 018,677,326 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 02:31:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- D:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2008.12.27 02:28:13 | 018,677,326 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
< MD5 for: ISAPNP.SYS >
[2008.12.27 02:28:13 | 018,677,326 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 10:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- D:\WINDOWS\system32\drivers\isapnp.sys
OTL logfile created on: 10.6.2012 20:04:46 - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = D:\Documents and Settings\Admin\Dokumenty\Stažené soubory
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,75 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 78,79% Memory free
4,59 Gb Paging File | 3,90 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 97,65 Gb Total Space | 86,09 Gb Free Space | 88,16% Space Free | Partition Type: NTFS
Drive D: | 237,69 Gb Total Space | 94,84 Gb Free Space | 39,90% Space Free | Partition Type: NTFS
Drive E: | 7,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive K: | 3,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: PC-LUK | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.06.10 20:03:23 | 000,596,480 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Admin\Dokumenty\Stažené soubory\OTL.exe
PRC - [2012.06.06 14:55:48 | 000,913,888 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.05.09 02:10:15 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.09 02:10:15 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.05.09 02:10:14 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.09 02:10:14 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.06 22:39:36 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Program Files\Steam\Steam.exe
PRC - [2012.04.09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- D:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.04.04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012.02.26 19:12:28 | 000,632,320 | ---- | M] (FileZilla Project) -- D:\Program Files\FileZilla Server\FileZilla server.exe
PRC - [2010.02.25 11:37:58 | 001,678,848 | ---- | M] () -- D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
PRC - [2008.12.27 00:47:22 | 000,077,312 | ---- | M] (Microsoft) -- D:\WINDOWS\arpwrmsg.exe
PRC - [2008.12.27 00:47:22 | 000,058,880 | ---- | M] (Microsoft) -- D:\WINDOWS\arservice.exe
PRC - [2008.12.19 17:13:58 | 001,486,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012.06.06 14:55:48 | 002,042,848 | ---- | M] () -- D:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.05.31 21:57:52 | 020,313,384 | ---- | M] () -- D:\Program Files\Steam\bin\libcef.dll
MOD - [2012.05.31 21:57:47 | 001,099,576 | ---- | M] () -- D:\Program Files\Steam\bin\avcodec-53.dll
MOD - [2012.05.31 21:57:47 | 000,895,312 | ---- | M] () -- D:\Program Files\Steam\bin\chromehtml.dll
MOD - [2012.05.31 21:57:47 | 000,190,776 | ---- | M] () -- D:\Program Files\Steam\bin\avformat-53.dll
MOD - [2012.05.31 21:57:47 | 000,123,192 | ---- | M] () -- D:\Program Files\Steam\bin\avutil-51.dll
MOD - [2012.05.09 02:10:15 | 000,398,288 | ---- | M] () -- D:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012.01.08 18:11:12 | 000,093,696 | ---- | M] () -- D:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2010.02.25 11:37:58 | 001,678,848 | ---- | M] () -- D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
MOD - [2009.11.12 10:12:50 | 000,188,416 | ---- | M] () -- D:\Program Files\GIGABYTE\Gamer HUD Lite\GVDisplayLib.dll
MOD - [2008.12.27 00:47:22 | 000,050,176 | ---- | M] () -- D:\WINDOWS\armcex.dll
MOD - [2008.12.27 00:47:20 | 000,291,840 | ---- | M] () -- D:\WINDOWS\system32\sbe.dll
MOD - [2008.04.14 11:21:48 | 000,014,336 | ---- | M] () -- D:\WINDOWS\system32\msdmo.dll
MOD - [2008.03.23 02:31:42 | 000,026,576 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vshell32.dll
MOD - [2008.03.23 02:31:40 | 000,040,400 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vuser32.dll
MOD - [2008.03.23 02:31:40 | 000,011,216 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vuxtheme.dll
MOD - [2008.03.23 02:31:36 | 000,082,384 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vntdll.dll
MOD - [2008.03.23 02:31:36 | 000,058,320 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vkernel32.dll
MOD - [2008.03.23 02:31:34 | 000,019,920 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vmsvcrt.dll
MOD - [2008.03.23 02:31:32 | 000,046,032 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vadvapi32.dll
MOD - [2008.03.23 02:31:30 | 000,047,056 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vgdiplus.dll
MOD - [2008.03.23 02:31:30 | 000,008,144 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vdwmapi.dll
MOD - [2008.03.23 02:30:36 | 000,096,208 | ---- | M] () -- D:\Program Files\Alky for Applications\Libraries\vcomctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2012.06.06 14:55:48 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.09 02:10:15 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.09 02:10:14 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.07 10:19:21 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.04.09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- D:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.04.05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- D:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.02.26 19:12:28 | 000,632,320 | ---- | M] (FileZilla Project) [Auto | Running] -- D:\Program Files\FileZilla Server\FileZilla server.exe -- (FileZilla Server)
SRV - [2011.03.16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- D:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- D:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2008.12.27 00:47:22 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- D:\WINDOWS\arservice.exe -- (ARSVC)
SRV - [2006.05.10 14:29:04 | 000,353,912 | ---- | M] (Protection Technology (StarForce)) [Auto | Stopped] -- D:\WINDOWS\System32\sfrem01.exe -- (sfrem01) SF FrontLine Drivers Auto Removal (v1)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.05.09 02:10:15 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.09 02:10:15 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.05.07 12:29:24 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.09.16 16:09:17 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.11.01 06:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- D:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2010.06.17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.11.12 08:44:27 | 000,057,320 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2008.04.17 19:03:26 | 004,707,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.01.04 06:40:16 | 000,105,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.11.21 03:39:22 | 000,104,320 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.06.19 08:07:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.05.10 13:29:04 | 000,052,224 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2006.05.10 13:09:38 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006.05.10 12:50:28 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2006.05.05 19:21:00 | 000,004,608 | ---- | M] (NVIDIA Corporation.) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\nvport.sys -- (nvport)
DRV - [2006.03.29 08:49:26 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - D:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/red ... 06-05-2012
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-854245398-1788223648-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\InprocServer32 File not found
IE - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - D:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
IE - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\SearchScopes\{218C57F2-2215-4D58-ADFC-24FB37D368BA}: "URL" = http://websearch.ask.com/redirect?clien ... FCFF49E7E2
IE - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... 1I7SKPB_en
IE - HKU\S-1-5-21-854245398-1788223648-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.14.1.100012
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?clien ... YYYYCZ&&q="
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: D:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: D:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012.06.06 14:55:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2012.06.09 10:43:16 | 000,000,000 | ---D | M]
[2012.05.06 23:09:09 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Admin\Data aplikací\Mozilla\Extensions
[2012.06.10 15:14:05 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\v03yqg63.default\extensions
[2012.06.06 14:55:54 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2012.05.06 22:37:12 | 000,000,000 | ---D | M] (Skype Click to Call) -- D:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- D:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\V03YQG63.DEFAULT\EXTENSIONS\{76063E7F-3558-4B68-8287-54EB6512ADC0}.XPI
File not found (No name found) -- D:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\V03YQG63.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8}.XPI
[2012.06.06 14:55:49 | 000,085,472 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.04.21 07:47:43 | 000,002,208 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.04.21 07:47:43 | 000,000,638 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.04.21 07:47:44 | 000,001,367 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.04.21 07:47:44 | 000,000,654 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.04.21 07:47:44 | 000,001,179 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = D:\Documents and Settings\Admin\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = D:\Documents and Settings\Admin\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = D:\Documents and Settings\Admin\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = D:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: downloadUpdater (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = D:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = D:\Documents and Settings\Admin\Local Settings\Data aplikac\u00ED\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = D:\Documents and Settings\Admin\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = D:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = D:\WINDOWS\system32\npdeployJava1.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: James White = D:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\
CHR - Extension: YouTube = D:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = D:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Gmail = D:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2012.06.09 11:45:10 | 000,000,703 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\Toolbar\WebBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] D:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlwaysReady Power Message APP] D:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NvCplDaemon] D:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /installquiet File not found
O4 - HKU\S-1-5-21-854245398-1788223648-682003330-1004..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-854245398-1788223648-682003330-1004..\Run: [Steam] D:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - Startup: D:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění\GIGABYTE Gamer HUD Lite.lnk = D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = D:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009\Windows XP Ultimate 2009.msstyles (Guliwer Company)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = D:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-854245398-1788223648-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-854245398-1788223648-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.252
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{376AA0DA-0FDD-4AB8-A8D8-B502D74D0EB6}: DhcpNameServer = 192.168.100.252
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.05.06 22:35:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011.02.28 21:14:49 | 000,467,168 | R--- | M] (Electronic Arts) - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2011.02.28 21:22:39 | 000,000,000 | R--D | M] - E:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2011.02.28 21:22:37 | 004,032,512 | R--- | M] () - E:\autorun.dat -- [ CDFS ]
O32 - AutoRun File - [2011.02.28 21:22:37 | 000,000,152 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006.05.25 00:09:19 | 000,000,000 | R--D | M] - K:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2004.11.18 20:14:58 | 000,000,043 | R--- | M] () - K:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{a4bfe84e-9799-11e1-819a-00251161f68f}\Shell - "" = AutoRun
O33 - MountPoints2\{a4bfe84e-9799-11e1-819a-00251161f68f}\Shell\AutoRun\command - "" = K:\Setup.exe -- [2004.11.18 20:14:58 | 001,523,712 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: wuauserv - C:\WINDOWS\system32\wuauserv.dll File not found
Drivers32: msacm.iac2 - D:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - D:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - D:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - D:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - D:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - D:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.HFYU - D:\WINDOWS\System32\HUFFYUV.DLL (Disappearing Inc.)
Drivers32: vidc.iv31 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - D:\WINDOWS\System32\IR41_32.DLL (Intel Corporation)
Drivers32: vidc.iv50 - D:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to D:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2012.06.10 18:42:55 | 000,000,000 | ---D | C] -- D:\_OTM
[2012.06.10 18:42:01 | 000,523,264 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Admin\Plocha\OTM.exe
[2012.06.10 17:35:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\AliensVsPredator
[2012.06.10 15:33:15 | 000,000,000 | ---D | C] -- D:\Program Files\trend micro
[2012.06.10 15:33:15 | 000,000,000 | ---D | C] -- D:\rsit
[2012.06.10 14:08:39 | 004,539,885 | R--- | C] (Swearware) -- D:\Documents and Settings\Admin\Plocha\ComboFix.exe
[2012.06.10 12:41:34 | 000,000,000 | --SD | C] -- D:\ComboFix
[2012.06.10 12:41:34 | 000,000,000 | ---D | C] -- D:\WINDOWS\ERDNT
[2012.06.10 12:41:08 | 000,000,000 | ---D | C] -- D:\Qoobox
[2012.06.09 12:06:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\AskToolbar
[2012.06.09 11:56:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\Ask
[2012.06.09 11:56:00 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Java
[2012.06.09 11:55:39 | 000,000,000 | ---D | C] -- D:\Program Files\Oracle
[2012.06.09 11:55:30 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\Oracle
[2012.06.09 11:55:24 | 000,227,720 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\javaws.exe
[2012.06.09 11:55:18 | 000,174,024 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\javaw.exe
[2012.06.09 11:55:18 | 000,174,024 | ---- | C] (Oracle Corporation) -- D:\WINDOWS\System32\java.exe
[2012.06.09 11:37:19 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.06.09 10:28:13 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Admin\IECompatCache
[2012.06.09 00:09:18 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- D:\Documents and Settings\Admin\Plocha\HiJackThis.exe
[2012.06.08 23:06:35 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\Crysis2
[2012.06.08 23:05:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\Solidshield
[2012.06.08 22:53:03 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\EA Core
[2012.06.08 22:45:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Electronic Arts
[2012.06.08 22:33:11 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Admin\Recent
[2012.06.08 22:30:22 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner
[2012.06.08 22:28:49 | 000,000,000 | ---D | C] -- D:\Program Files\Electronic Arts
[2012.06.08 21:43:04 | 000,000,000 | ---D | C] -- D:\WINDOWS\pss
[2012.06.08 21:19:44 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\appmgmt
[2012.06.08 20:35:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\Downloads
[2012.06.08 20:33:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\Google Chrome
[2012.06.07 17:40:25 | 000,000,000 | ---D | C] -- D:\Program Files\kopiieCall of Duty Moders Warfare 3
[2012.06.06 16:23:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\GotCLIP Downloader
[2012.06.06 16:23:45 | 000,000,000 | ---D | C] -- D:\Program Files\GotCLIP Downloader
[2012.06.03 23:41:24 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Data aplikací\CyberLink
[2012.06.03 19:02:50 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\CyberLink
[2012.06.03 19:02:32 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\CyberLink
[2012.06.03 19:02:18 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\CyberLink
[2012.06.03 19:01:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\NewBlue
[2012.06.03 19:01:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\SmartSound Software Inc
[2012.06.03 19:01:19 | 000,000,000 | ---D | C] -- D:\Program Files\SmartSound Software
[2012.06.03 18:59:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\Apple Computer
[2012.06.03 18:59:26 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\CyberLink PowerDirector 10
[2012.06.03 18:56:57 | 000,000,000 | ---D | C] -- D:\Program Files\CyberLink
[2012.06.03 18:22:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\CyberLink
[2012.06.03 15:33:19 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Data aplikací\Adobe
[2012.06.03 15:05:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\Sony
[2012.06.03 10:03:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\Fraps
[2012.06.03 10:02:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\TEMP
[2012.06.02 18:12:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\WMTools Downloaded Files
[2012.06.02 14:24:28 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\Audacity
[2012.06.02 14:24:13 | 000,000,000 | ---D | C] -- D:\Program Files\Audacity
[2012.06.02 03:02:13 | 000,000,000 | ---D | C] -- D:\Fraps
[2012.06.01 18:11:26 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikac
[2012.06.01 18:11:09 | 000,000,000 | ---D | C] -- D:\Program Files\Origin Games
[2012.06.01 18:11:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\Origin
[2012.06.01 18:11:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\Origin
[2012.06.01 18:11:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Origin
[2012.06.01 18:10:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\Origin
[2012.06.01 18:10:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2012.06.01 18:10:37 | 000,000,000 | ---D | C] -- D:\Program Files\Origin
[2012.06.01 18:04:50 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\Downloaded Installations
[2012.05.31 17:34:24 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\Toribash
[2012.05.31 17:32:10 | 000,000,000 | ---D | C] -- D:\Program Files\Taksi
[2012.05.31 17:13:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\Quobi
[2012.05.31 17:12:42 | 000,679,936 | ---- | C] (Generated for JEDI. www.delphi-jedi.org) -- D:\WINDOWS\System32\D3DX81ab.dll
[2012.05.31 17:12:42 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Quobi
[2012.05.31 17:12:25 | 000,000,000 | ---D | C] -- D:\Program Files\Quobi
[2012.05.31 15:42:25 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\LogFiles
[2012.05.30 21:25:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\My Cheat Tables
[2012.05.30 21:19:08 | 000,000,000 | ---D | C] -- D:\Program Files\Call of Duty Moders Warfare 3
[2012.05.30 19:39:50 | 000,000,000 | ---D | C] -- D:\GAMES
[2012.05.29 07:47:25 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\NHL09
[2012.05.29 07:14:47 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- D:\WINDOWS\System32\CmdLineExt.dll
[2012.05.29 07:14:11 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\Leadertech
[2012.05.27 22:35:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\Street Racing Syndicate
[2012.05.27 20:50:27 | 000,140,800 | ---- | C] (The Duck Corporation) -- D:\WINDOWS\System32\tm20dec.ax
[2012.05.27 20:50:27 | 000,038,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\LMRTREND.dll
[2012.05.27 20:50:26 | 000,182,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dxtmsft3.dll
[2012.05.27 20:50:23 | 000,063,488 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\unam4ie.exe
[2012.05.27 20:50:21 | 000,011,776 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\mciqtz.drv
[2012.05.27 20:50:20 | 000,194,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\qcut.dll
[2012.05.27 20:50:20 | 000,004,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\w95inf32.dll
[2012.05.27 20:50:20 | 000,002,272 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\w95inf16.dll
[2012.05.27 20:49:44 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Synetic
[2012.05.27 20:45:01 | 000,305,152 | ---- | C] (InstallShield Software Corporation) -- D:\WINDOWS\IsUninst.exe
[2012.05.27 20:44:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\WINDOWS
[2012.05.27 20:29:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\temp
[2012.05.27 20:27:43 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\GIGABYTE
[2012.05.27 20:27:42 | 000,000,000 | ---D | C] -- D:\Program Files\GIGABYTE
[2012.05.27 19:36:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Plocha\Hry
[2012.05.27 18:14:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\EA SPORTS
[2012.05.27 18:11:38 | 000,000,000 | ---D | C] -- D:\Program Files\EA SPORTS
[2012.05.27 16:44:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\Ubi Soft Games
[2012.05.27 16:44:26 | 000,744,960 | ---- | C] (Intel Corporation) -- D:\WINDOWS\System32\IR41_32.DLL
[2012.05.27 16:44:03 | 000,000,000 | ---D | C] -- D:\UbiSoft
[2012.05.27 16:43:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\UbiSoft
[2012.05.27 15:53:01 | 000,000,000 | ---D | C] -- D:\WINDOWS\Minidump
[2012.05.27 15:18:44 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\TopCD
[2012.05.26 11:25:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\Alternative Software Ltd
[2012.05.26 11:25:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\Alternative Software Ltd
[2012.05.26 11:24:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\Návrat krále
[2012.05.26 11:24:19 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Návrat krále
[2012.05.26 11:23:57 | 000,000,000 | ---D | C] -- D:\Program Files\Alternative Software Ltd
[2012.05.25 22:19:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\Sierra
[2012.05.25 22:19:18 | 000,000,000 | ---D | C] -- D:\Program Files\Sierra
[2012.05.25 20:19:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\TS3Client
[2012.05.25 20:19:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\TeamSpeak 3 Client
[2012.05.25 20:19:26 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\TeamSpeak 3 Client
[2012.05.25 16:06:21 | 000,000,000 | ---D | C] -- D:\Program Files\Stronghold Crusader
[2012.05.25 14:53:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\GameRanger
[2012.05.24 23:03:08 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft.NET
[2012.05.23 06:15:42 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Starbreeze Studios
[2012.05.23 06:10:48 | 000,000,000 | ---D | C] -- D:\Program Files\Starbreeze Studios
[2012.05.13 21:14:16 | 000,025,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbprint.sys
[2012.05.13 00:45:53 | 000,000,000 | ---D | C] -- D:\Program Files\Lua
[2012.05.13 00:45:03 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Notepad++
[2012.05.13 00:45:03 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\Notepad++
[2012.05.13 00:45:02 | 000,000,000 | ---D | C] -- D:\Program Files\Notepad++
[2012.05.13 00:45:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\Notepad++
[2012.05.12 15:07:27 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Admin\PrivacIE
[2012.05.11 22:09:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\ArmA 2 Other Profiles
[2012.05.11 22:04:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\Winamp Toolbar
[2012.05.11 20:11:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Data aplikací\Google
[2012.05.11 20:11:10 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\ArmA 2 Free
[2012.05.11 20:11:10 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Dokumenty\ArmA 2
[2012.05.11 20:11:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Nabídka Start\Programy\Bohemia Interactive
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.06.10 20:06:25 | 000,000,512 | ---- | M] () -- D:\PhysicalMBR.bin
[2012.06.10 19:46:21 | 000,271,641 | ---- | M] () -- D:\WINDOWS\System32\NvApps.xml
[2012.06.10 19:45:27 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2012.06.10 19:38:22 | 000,501,958 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2012.06.10 19:38:22 | 000,496,948 | ---- | M] () -- D:\WINDOWS\System32\perfh005.dat
[2012.06.10 19:38:22 | 000,102,102 | ---- | M] () -- D:\WINDOWS\System32\perfc005.dat
[2012.06.10 19:38:22 | 000,087,482 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2012.06.10 19:32:33 | 000,001,324 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat
[2012.06.10 18:42:03 | 000,523,264 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Admin\Plocha\OTM.exe
[2012.06.10 14:08:49 | 000,781,383 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\RSIT.exe
[2012.06.10 14:08:44 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- D:\Documents and Settings\Admin\Plocha\HiJackThis.exe
[2012.06.10 12:49:54 | 000,088,648 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\omg.jpg
[2012.06.10 12:40:51 | 004,539,885 | R--- | M] (Swearware) -- D:\Documents and Settings\Admin\Plocha\ComboFix.exe
[2012.06.10 12:26:25 | 000,000,206 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122555.reg
[2012.06.10 12:25:49 | 000,000,206 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122548.reg
[2012.06.10 12:25:42 | 000,000,206 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122540.reg
[2012.06.10 12:25:34 | 000,000,482 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122531.reg
[2012.06.10 12:25:22 | 000,035,604 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122517.reg
[2012.06.10 12:16:41 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2012.06.09 15:09:44 | 000,000,215 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Call of Duty Modern Warfare 2 - Multiplayer.url
[2012.06.09 11:55:03 | 000,174,024 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\System32\javaw.exe
[2012.06.09 11:55:03 | 000,174,024 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\System32\java.exe
[2012.06.09 11:45:10 | 000,000,703 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts
[2012.06.09 11:37:19 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.06.09 10:43:16 | 000,001,734 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Adobe Reader X.lnk
[2012.06.08 22:45:46 | 000,002,002 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Crysis® 2.lnk
[2012.06.08 22:30:25 | 000,000,682 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2012.06.07 20:23:03 | 000,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2012.06.06 17:58:32 | 000,000,708 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Call of Duty Modern Warfare 3.lnk
[2012.06.06 17:00:19 | 000,000,215 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Call of Duty Modern Warfare 2.url
[2012.06.06 16:23:46 | 000,001,938 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\GotCLIP Downloader.lnk
[2012.06.05 16:21:54 | 000,000,215 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Aliens vs. Predator.url
[2012.06.05 16:11:52 | 000,000,069 | ---- | M] () -- D:\WINDOWS\NeroDigital.ini
[2012.06.05 16:04:39 | 000,023,040 | ---- | M] () -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.05 03:22:21 | 003,444,808 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2012.06.05 01:55:01 | 000,001,402 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\meta.xml
[2012.06.04 19:53:48 | 000,003,850 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\destructionderby.lua
[2012.06.04 19:53:45 | 000,000,879 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\destructionderby_c.lua
[2012.06.04 18:18:01 | 2979,178,496 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Lp3.mpg
[2012.06.03 23:28:24 | 000,257,538 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\minecraftpartner.jpg
[2012.06.03 18:59:26 | 000,001,094 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\CyberLink PowerDirector 10.lnk
[2012.06.03 18:51:22 | 592,056,056 | ---- | M] () -- D:\CyberLink.1703_GM5_Trial_VDE120314-02.exe
[2012.06.03 10:03:33 | 000,000,478 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Fraps.lnk
[2012.06.02 14:24:23 | 000,000,682 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Audacity.lnk
[2012.06.01 18:11:00 | 000,000,654 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Origin.lnk
[2012.06.01 18:04:58 | 000,001,112 | ---- | M] () -- D:\WINDOWS\System32\ealregsnapshot1.reg
[2012.06.01 16:00:54 | 000,000,812 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\digital.zip
[2012.05.31 21:32:59 | 000,069,950 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\395179_2299207378961_1812470427_1408973_1063339649_n.jpg
[2012.05.31 21:32:41 | 000,082,163 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\401104_2299207018952_1812470427_1408972_2041825112_n.jpg
[2012.05.31 17:32:15 | 000,002,201 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Taksi Desktop Video Recorder.lnk
[2012.05.31 17:12:57 | 000,000,698 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Quobi.lnk
[2012.05.29 07:14:47 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- D:\WINDOWS\System32\CmdLineExt.dll
[2012.05.29 00:36:32 | 000,000,667 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\MATIK 6-9.lnk
[2012.05.27 20:50:25 | 000,000,782 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Windows Media Player.lnk
[2012.05.27 20:50:24 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2012.05.27 20:50:24 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2012.05.27 20:50:19 | 000,004,608 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\System32\w95inf32.dll
[2012.05.27 20:50:19 | 000,002,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\System32\w95inf16.dll
[2012.05.27 20:27:44 | 000,001,830 | ---- | M] () -- D:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění\GIGABYTE Gamer HUD Lite.lnk
[2012.05.27 18:14:41 | 000,000,465 | ---- | M] () -- D:\WINDOWS\eReg.dat
[2012.05.27 16:44:26 | 000,744,960 | ---- | M] (Intel Corporation) -- D:\WINDOWS\System32\IR41_32.DLL
[2012.05.27 14:12:16 | 000,000,671 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Script Editor.lnk
[2012.05.25 22:23:57 | 000,000,599 | ---- | M] () -- D:\WINDOWS\SIERRA.INI
[2012.05.25 17:23:36 | 000,000,732 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Stronghold Crusader.lnk
[2012.05.23 06:19:28 | 000,043,520 | ---- | M] () -- D:\WINDOWS\System32\CmdLineExt03.dll
[2012.05.23 06:15:44 | 000,000,990 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\The Chronicles of Riddick - Escape From Butcher Bay.lnk
[2012.05.19 18:10:18 | 000,000,754 | ---- | M] () -- D:\WINDOWS\wordpad.INI
[2012.05.19 13:28:20 | 000,000,132 | ---- | M] () -- D:\Documents and Settings\Admin\Data aplikací\Adobe Formát PNG CS5 – předvolby
[2012.05.13 00:45:03 | 000,000,748 | ---- | M] () -- D:\Documents and Settings\Admin\Plocha\Notepad++.lnk
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.06.10 20:06:25 | 000,000,512 | ---- | C] () -- D:\PhysicalMBR.bin
[2012.06.10 12:49:54 | 000,088,648 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\omg.jpg
[2012.06.10 12:40:54 | 000,781,383 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\RSIT.exe
[2012.06.10 12:26:24 | 000,000,206 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122555.reg
[2012.06.10 12:25:48 | 000,000,206 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122548.reg
[2012.06.10 12:25:41 | 000,000,206 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122540.reg
[2012.06.10 12:25:33 | 000,000,482 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122531.reg
[2012.06.10 12:25:20 | 000,035,604 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\cc_20120610_122517.reg
[2012.06.09 15:09:43 | 000,000,215 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Call of Duty Modern Warfare 2 - Multiplayer.url
[2012.06.09 10:43:16 | 000,001,804 | ---- | C] () -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader X.lnk
[2012.06.09 10:43:16 | 000,001,734 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Adobe Reader X.lnk
[2012.06.08 22:45:46 | 000,002,002 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Crysis® 2.lnk
[2012.06.08 22:30:25 | 000,000,682 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2012.06.08 22:23:38 | 000,000,990 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\The Chronicles of Riddick - Escape From Butcher Bay.lnk
[2012.06.08 22:23:16 | 000,000,732 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Stronghold Crusader.lnk
[2012.06.07 20:23:46 | 000,029,090 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Fotografie-0077.jpg
[2012.06.06 17:58:32 | 000,000,708 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Call of Duty Modern Warfare 3.lnk
[2012.06.06 17:00:19 | 000,000,215 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Call of Duty Modern Warfare 2.url
[2012.06.06 16:23:46 | 000,001,938 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\GotCLIP Downloader.lnk
[2012.06.05 16:21:53 | 000,000,215 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Aliens vs. Predator.url
[2012.06.04 20:57:32 | 000,001,402 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\meta.xml
[2012.06.04 19:53:45 | 000,000,879 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\destructionderby_c.lua
[2012.06.04 19:53:41 | 000,003,850 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\destructionderby.lua
[2012.06.04 17:04:06 | 2979,178,496 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Lp3.mpg
[2012.06.03 23:28:23 | 000,257,538 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\minecraftpartner.jpg
[2012.06.03 18:59:26 | 000,001,094 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\CyberLink PowerDirector 10.lnk
[2012.06.03 18:23:02 | 592,056,056 | ---- | C] () -- D:\CyberLink.1703_GM5_Trial_VDE120314-02.exe
[2012.06.03 18:05:34 | 000,000,786 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Windows Movie Maker.lnk
[2012.06.02 14:24:23 | 000,000,688 | ---- | C] () -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Audacity.lnk
[2012.06.02 14:24:23 | 000,000,682 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Audacity.lnk
[2012.06.02 03:02:14 | 000,000,478 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Fraps.lnk
[2012.06.01 18:11:00 | 000,000,654 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Origin.lnk
[2012.06.01 18:04:58 | 000,001,112 | ---- | C] () -- D:\WINDOWS\System32\ealregsnapshot1.reg
[2012.06.01 16:00:53 | 000,000,812 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\digital.zip
[2012.05.31 21:32:55 | 000,069,950 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\395179_2299207378961_1812470427_1408973_1063339649_n.jpg
[2012.05.31 21:32:33 | 000,082,163 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\401104_2299207018952_1812470427_1408972_2041825112_n.jpg
[2012.05.31 17:48:10 | 000,000,069 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2012.05.31 17:48:08 | 000,023,040 | ---- | C] () -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.31 17:32:11 | 000,002,201 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Taksi Desktop Video Recorder.lnk
[2012.05.31 17:32:11 | 000,001,880 | ---- | C] () -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Taksi Desktop Video Recorder.lnk
[2012.05.31 17:12:57 | 000,000,698 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Quobi.lnk
[2012.05.27 20:50:21 | 000,010,240 | ---- | C] () -- D:\WINDOWS\System32\vidx16.dll
[2012.05.27 20:50:21 | 000,005,672 | ---- | C] () -- D:\WINDOWS\System32\quartz.vxd
[2012.05.27 20:27:44 | 000,001,830 | ---- | C] () -- D:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění\GIGABYTE Gamer HUD Lite.lnk
[2012.05.27 18:14:41 | 000,000,465 | ---- | C] () -- D:\WINDOWS\eReg.dat
[2012.05.27 13:08:27 | 000,000,671 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Script Editor.lnk
[2012.05.25 22:19:44 | 000,000,599 | ---- | C] () -- D:\WINDOWS\SIERRA.INI
[2012.05.25 22:05:06 | 000,000,667 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\MATIK 6-9.lnk
[2012.05.25 14:53:16 | 000,001,016 | ---- | C] () -- D:\Documents and Settings\Admin\Nabídka Start\Programy\GameRanger.lnk
[2012.05.23 06:16:52 | 000,043,520 | ---- | C] () -- D:\WINDOWS\System32\CmdLineExt03.dll
[2012.05.19 18:10:18 | 000,000,754 | ---- | C] () -- D:\WINDOWS\wordpad.INI
[2012.05.16 16:16:14 | 000,000,132 | ---- | C] () -- D:\Documents and Settings\Admin\Data aplikací\Adobe Formát PNG CS5 – předvolby
[2012.05.15 14:43:00 | 000,001,324 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat
[2012.05.13 00:45:03 | 000,000,748 | ---- | C] () -- D:\Documents and Settings\Admin\Plocha\Notepad++.lnk
[2012.05.09 04:26:38 | 000,000,132 | ---- | C] () -- D:\Documents and Settings\Admin\Data aplikací\Adobe Formát GIF CS5 – předvolby
[2012.05.08 03:01:55 | 000,003,072 | ---- | C] () -- D:\WINDOWS\System32\iacenc.dll
[2012.05.07 00:10:14 | 000,004,249 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2012.05.07 00:03:03 | 003,444,808 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2012.05.06 23:09:10 | 000,000,000 | ---- | C] () -- D:\WINDOWS\nsreg.dat
[2012.05.06 22:57:52 | 000,188,400 | ---- | C] () -- D:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2012.05.06 22:44:58 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2012.05.06 22:32:12 | 000,021,812 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2012.05.06 21:03:33 | 000,000,032 | ---- | C] () -- D:\Documents and Settings\All Users\Data aplikací\ezsid.dat
========== LOP Check ==========
[2012.05.07 12:30:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\.minecraft
[2012.06.05 14:53:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\.techniclauncher
[2012.05.26 11:25:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Alternative Software Ltd
[2012.06.02 15:03:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Audacity
[2012.06.08 22:33:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\BitTorrent
[2012.06.08 22:33:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
[2012.06.08 22:33:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\FileZilla
[2012.05.25 14:53:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\GameRanger
[2012.05.29 07:14:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Leadertech
[2012.05.13 00:54:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Notepad++
[2012.06.09 11:55:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Oracle
[2012.06.01 18:13:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Origin
[2012.06.03 16:46:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Sony
[2012.05.09 03:49:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.05.25 20:25:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\TS3Client
[2012.05.26 11:25:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Alternative Software Ltd
[2012.06.09 11:56:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Ask
[2012.06.10 19:45:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\boost_interprocess
[2012.05.08 07:41:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2012.06.08 22:53:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\EA Core
[2012.06.01 18:10:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2012.05.07 15:44:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\IObit
[2012.05.08 08:09:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\MTA San Andreas All
[2012.06.01 18:19:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Origin
[2012.05.09 03:23:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2012.06.03 19:13:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\SmartSound Software Inc
[2012.06.08 23:06:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Solidshield
[2012.06.03 18:56:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\TEMP
[2012.05.28 15:00:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Ostatni\Data aplikací\AskToolbar
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2008.12.27 02:28:13 | 018,677,326 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.12.27 02:28:13 | 018,677,326 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 02:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 11:22:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- D:\WINDOWS\system32\autochk.exe
[2008.04.14 11:22:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- D:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.12.27 02:28:13 | 018,677,326 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.05.02 15:19:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- D:\WINDOWS\Driver Cache\i386\cdrom.sys
[2008.05.02 15:19:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- D:\WINDOWS\system32\dllcache\cdrom.sys
[2008.05.02 14:19:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- D:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2008.04.14 11:21:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- D:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 11:21:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- D:\WINDOWS\system32\dllcache\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 11:21:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- D:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 11:21:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- D:\WINDOWS\system32\eventlog.dll
[2012.01.31 12:22:06 | 000,006,952 | ---- | M] () MD5=D9A27F35D231BAC3AD58E922C7644E8B -- D:\Program Files\CyberLink\PowerDirector10\EventLog.dll
< MD5 for: EXPLORER.EXE >
[2008.12.19 17:13:58 | 001,486,336 | ---- | M] (Microsoft Corporation) MD5=D39127310CBAD1485EC5001A4ED1D853 -- D:\WINDOWS\explorer.exe
< MD5 for: HAL.DLL >
[2008.12.27 02:28:13 | 018,677,326 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 02:31:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- D:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2008.12.27 02:28:13 | 018,677,326 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
< MD5 for: ISAPNP.SYS >
[2008.12.27 02:28:13 | 018,677,326 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 10:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- D:\WINDOWS\system32\drivers\isapnp.sys
Re: Nelze načíst Youtube a Facebook
OTL.Txt 2/2
< MD5 for: LSASS.EXE >
[2008.04.14 11:22:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- D:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 11:22:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- D:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.12.14 19:14:25 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=B5B1080D35974C0E718D64280761BCD5 -- D:\WINDOWS\system32\dllcache\ndis.sys
[2008.12.14 19:14:25 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=B5B1080D35974C0E718D64280761BCD5 -- D:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.12.14 19:13:33 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=B3D65E8F4D9EC988FA17060F21AC445B -- D:\WINDOWS\system32\dllcache\netlogon.dll
[2008.12.14 19:13:33 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=B3D65E8F4D9EC988FA17060F21AC445B -- D:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 11:21:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- D:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 11:21:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- D:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2008.04.14 11:22:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- D:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 11:22:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- D:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 11:22:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- D:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 11:22:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- D:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.12.14 19:14:16 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- D:\WINDOWS\system32\dllcache\tcpip.sys
[2008.12.14 19:14:16 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- D:\WINDOWS\system32\drivers\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 11:22:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- D:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 11:22:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- D:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.12.19 16:59:10 | 000,557,056 | ---- | M] (Microsoft Corporation) MD5=12A799AD9415AE9C8ABCC5F75E9CF034 -- D:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 11:22:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- D:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 11:22:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- D:\WINDOWS\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[2 D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]
[5 D:\WINDOWS\Temp\*.tmp files -> D:\WINDOWS\Temp\*.tmp -> ]
[2 D:\WINDOWS\Temp\Google Toolbar\*.tmp files -> D:\WINDOWS\Temp\Google Toolbar\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2012.06.03 18:51:22 | 592,056,056 | ---- | M] () -- D:\CyberLink.1703_GM5_Trial_VDE120314-02.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.05.07 12:30:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\.minecraft
[2012.06.05 14:53:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\.techniclauncher
[2012.06.09 11:56:08 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Adobe
[2012.05.26 11:25:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Alternative Software Ltd
[2012.06.02 15:03:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Audacity
[2012.05.06 22:11:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Avira
[2012.06.08 22:33:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\BitTorrent
[2012.06.03 19:02:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\CyberLink
[2012.06.08 22:33:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
[2012.06.08 22:33:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\FileZilla
[2012.05.25 14:53:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\GameRanger
[2012.06.08 21:19:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Google
[2012.05.06 23:01:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Identities
[2012.05.29 07:14:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Leadertech
[2012.05.06 23:20:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Macromedia
[2012.06.09 11:56:08 | 000,000,000 | --SD | M] -- D:\Documents and Settings\Admin\Data aplikací\Microsoft
[2012.05.06 23:09:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Mozilla
[2012.05.13 00:54:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Notepad++
[2012.06.09 11:55:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Oracle
[2012.06.01 18:13:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Origin
[2012.06.08 21:26:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Skype
[2012.05.06 21:03:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\skypePM
[2012.06.03 16:46:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Sony
[2012.05.09 03:49:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.05.06 22:59:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Sun
[2012.05.31 17:34:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Toribash
[2012.05.25 20:25:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\TS3Client
[2012.06.08 22:33:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Winamp
[2012.05.07 14:38:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
[2012.05.06 21:48:19 | 000,278,561 | ---- | M] () -- D:\Documents and Settings\Admin\Data aplikací\.minecraft\Minecraft.exe
[2012.03.25 15:38:13 | 001,273,568 | ---- | M] (GameRanger Technologies) -- D:\Documents and Settings\Admin\Data aplikací\GameRanger\GameRanger\GameRanger.exe
[2012.05.27 20:27:44 | 000,040,960 | R--- | M] (Macrovision Corporation) -- D:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}\ARPPRODUCTICON.exe
[2012.05.27 20:27:44 | 000,040,960 | R--- | M] (Macrovision Corporation) -- D:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}\HUD.exe_8FE4D08663BD44EB882CC7EA5A1EF016.exe
[2012.05.27 20:27:44 | 000,040,960 | R--- | M] (Macrovision Corporation) -- D:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}\NewShortcut1_8FE4D08663BD44EB882CC7EA5A1EF016.exe
[2012.05.27 20:27:44 | 000,008,854 | R--- | M] () -- D:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}\UNINST_Uninstall_Gam_8FE4D08663BD44EB882CC7EA5A1EF016.exe
[2012.05.06 21:48:19 | 000,278,561 | ---- | M] () -- D:\Documents and Settings\Admin\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Minecraft.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2012.05.07 00:02:21 | 000,094,208 | ---- | M] () -- D:\WINDOWS\System32\config\default.sav
[2012.05.07 00:02:20 | 001,093,632 | ---- | M] () -- D:\WINDOWS\System32\config\software.sav
[2012.05.07 00:02:20 | 000,516,096 | ---- | M] () -- D:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.06.10 19:32:33 | 000,001,324 | ---- | M] () -- D:\WINDOWS\system32\d3d9caps.dat
[2012.06.09 11:37:19 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\system32\FlashPlayerCPLApp.cpl
[2012.06.09 11:55:03 | 000,174,024 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\system32\java.exe
[2012.06.09 11:55:03 | 000,174,024 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\system32\javaw.exe
[2012.06.10 19:46:21 | 000,271,641 | ---- | M] () -- D:\WINDOWS\system32\NvApps.xml
[2012.06.10 19:38:22 | 000,102,102 | ---- | M] () -- D:\WINDOWS\system32\perfc005.dat
[2012.06.10 19:38:22 | 000,087,482 | ---- | M] () -- D:\WINDOWS\system32\perfc009.dat
[2012.06.10 19:38:22 | 000,496,948 | ---- | M] () -- D:\WINDOWS\system32\perfh005.dat
[2012.06.10 19:38:22 | 000,501,958 | ---- | M] () -- D:\WINDOWS\system32\perfh009.dat
[2012.06.10 19:38:22 | 001,206,484 | ---- | M] () -- D:\WINDOWS\system32\PerfStringBackup.INI
[2012.06.10 12:16:41 | 000,002,206 | ---- | M] () -- D:\WINDOWS\system32\wpa.dbl
[1 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2012.06.03 18:51:22 | 592,056,056 | ---- | M] () -- D:\CyberLink.1703_GM5_Trial_VDE120314-02.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = D:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2008.04.11 10:46:12 | 001,276,416 | ---- | M] (Microsoft Corporation)
"Steam" = "D:\Program Files\Steam\steam.exe" -silent -- [2012.05.06 22:39:36 | 001,242,448 | ---- | M] (Valve Corporation)
"DAEMON Tools Lite" = "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012.04.11 14:24:22 | 003,672,384 | ---- | M] (DT Soft Ltd)
"ctfmon.exe" = D:\WINDOWS\system32\ctfmon.exe -- [2008.12.19 16:53:26 | 000,040,960 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.06.10 20:06:25 | 000,000,512 | ---- | M] () MD5=D5A9AC01517ADBB17B103017D599BC46 -- D:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.05.30 22:19:37 | 000,003,145 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\BitTorrent\Call.of.Duty.Modern.Warfare.3.Crackfix-RELOADED.torrent
[2012.05.07 12:39:30 | 000,020,480 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\BitTorrent\[PC GAME MULTI] - Gran Theft Auto San Andreas + Crack NoCD - (Perfect DVD Version) - (Eng-Ita-Deu-Fra-Esp) - (By G-ADLVR_R7.rar.torrent
[2012.06.03 10:00:16 | 002,295,515 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\Stažené soubory\Fraps-2.2.9---Plná-verze-+-Crack.exe
[2012.05.08 00:03:05 | 4205,696,685 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\Torrent Downloads\[PC GAME MULTI] - Gran Theft Auto San Andreas + Crack NoCD - (Perfect DVD Version) - (Eng-Ita-Deu-Fra-Esp) - (By G-ADLVR_R7.rar
[2012.05.23 06:25:39 | 003,963,090 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\Torrent Downloads\chronicles of riddick\vitality_crack.rar
[2003.12.05 14:52:40 | 000,000,796 | ---- | M] () -- \Program Files\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped
[2002.05.30 18:16:22 | 000,013,160 | ---- | M] () -- \Program Files\Stronghold Crusader\gm\cracks.gm1
< *keygen* /s >
< *loader* /s >
[2012.06.05 15:00:32 | 000,038,682 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\.techniclauncher\technicssp\ModLoader.txt
[2012.06.05 14:55:48 | 000,001,331 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\.techniclauncher\technicssp\config\ModLoader.cfg
[2012.06.05 14:55:37 | 000,000,046 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\.techniclauncher\technicssp\config\mod_MAtmos_forModLoader.cfg
[2012.06.05 14:55:28 | 000,000,046 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\.techniclauncher\technicssp\config\mod_ModLoaderMp.cfg
[2012.06.02 14:57:55 | 000,001,980 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\.techniclauncher\technicssp\mods\ComputerCraft\org\luaj\vm2\luajc\JavaLoader.class
[2012.04.26 18:30:02 | 000,009,051 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.04.26 18:30:02 | 000,016,119 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.04.26 18:30:02 | 000,018,434 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.04.26 18:30:02 | 000,009,283 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012.04.26 18:30:02 | 000,001,699 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\NewsLoader.js
[2012.06.03 18:22:37 | 000,583,544 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\Stažené soubory\CyberLink_PowerDirector_Downloader.exe
[2012.04.06 13:24:50 | 000,057,728 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2012.04.06 13:24:42 | 000,057,728 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2012.04.06 13:24:44 | 000,057,728 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2012.04.06 13:24:46 | 000,057,728 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2012.04.06 13:24:46 | 000,057,728 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2012.04.06 13:24:48 | 000,061,770 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2012.04.06 13:24:48 | 000,061,770 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2012.06.09 11:15:23 | 000,004,760 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\2NX2HHF2\bundleloader[1].js
[2012.06.09 11:29:19 | 000,004,760 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\2NX2HHF2\bundleloader[2].js
[2012.06.09 10:35:04 | 000,001,174 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\2NX2HHF2\downloader[1].js
[2012.06.09 11:30:17 | 000,001,174 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\2NX2HHF2\downloader[2].js
[2012.06.09 11:32:56 | 000,001,174 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\2NX2HHF2\downloader[3].js
[2012.06.09 10:35:02 | 000,004,760 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\E08NCWZI\bundleloader[1].js
[2012.06.09 11:30:15 | 000,004,760 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\E08NCWZI\bundleloader[2].js
[2012.06.09 11:15:26 | 000,000,723 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\E08NCWZI\downloaderror[1].js
[2012.06.09 11:29:22 | 000,000,723 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\E08NCWZI\downloaderror[2].js
[2012.06.09 10:35:04 | 000,000,723 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\I3BCH18A\downloaderror[1].js
[2012.06.09 11:30:17 | 000,000,723 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\I3BCH18A\downloaderror[2].js
[2012.06.09 11:32:54 | 000,007,934 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\SQ27VRRA\bundleloader[1].js
[2012.06.09 11:32:56 | 000,000,723 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\SQ27VRRA\downloaderror[1].js
[2012.06.09 11:15:25 | 000,001,174 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\SQ27VRRA\downloader[1].js
[2012.06.09 11:29:22 | 000,001,174 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\SQ27VRRA\downloader[2].js
[2012.06.06 16:23:46 | 000,001,950 | ---- | M] () -- \Documents and Settings\Admin\Nabídka Start\Programy\GotCLIP Downloader\GotCLIP Downloader.lnk
[2012.06.06 16:23:46 | 000,001,938 | ---- | M] () -- \Documents and Settings\Admin\Plocha\GotCLIP Downloader.lnk
[2012.03.26 10:12:00 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.03.26 10:12:00 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2010.03.09 04:28:40 | 005,297,608 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2012.05.09 02:10:15 | 000,047,568 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.dll
[2012.05.09 02:10:15 | 000,232,912 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2012.05.09 02:10:15 | 001,715,152 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloadergui.dll
[2012.04.09 10:20:34 | 002,533,160 | ---- | M] () -- \Program Files\CyberLink\Shared files\Plugin\8.0\CES_3DLoaderFBX.dll
[2011.04.29 21:12:24 | 000,239,440 | ---- | M] () -- \Program Files\GotCLIP Downloader\GotCLIP Downloader.exe
[2011.12.20 18:45:12 | 001,015,128 | ---- | M] () -- \Program Files\IObit\Game Booster 3\Freeware\GB_FreeSoftwareDownloader.exe
[2012.03.16 18:31:42 | 000,594,432 | ---- | M] () -- \Program Files\MTA San Andreas 1.3\MTA\loader.dll
[2011.07.19 02:03:32 | 000,008,787 | ---- | M] () -- \Program Files\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2008.10.05 14:17:34 | 000,006,308 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2008.10.04 23:00:58 | 000,015,872 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2008.10.05 15:02:04 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2008.10.04 16:50:10 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2008.10.04 22:22:34 | 000,003,871 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2012.05.08 08:39:14 | 000,064,280 | ---- | M] () -- \Program Files\Steam\steamapps\common\SuperMNC\Binaries\Win32\PhysXLoader.dll
[2012.05.07 05:02:43 | 000,001,152 | ---- | M] () -- \Program Files\Steam\steamapps\common\world of battles\data\UI\datafiles\imagesets\preloaderGradient.dds
[2012.05.07 03:10:17 | 000,001,152 | ---- | M] () -- \Program Files\Steam\steamapps\common\world of battles\data\UI\Management\preloaderGradient.dds
[2008.06.20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2008.04.14 11:21:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.14 11:21:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2012.06.08 23:06:28 | 000,000,024 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Solidshield\361F0237BE7E5793B9BDFEC1657C6962\serial.txt
[2007.10.11 09:55:12 | 000,929,792 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012.05.06 22:38:05 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.5000.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.05.06 22:37:31 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.05.06 22:58:29 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.05.09 03:22:47 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.05.06 22:58:36 | 000,086,016 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.05.06 22:57:35 | 000,929,792 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.05.09 04:49:17 | 000,339,968 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2b69a2af3d314b4a793d5a0fa65f5842\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.09 03:42:57 | 002,445,312 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a672f7430664de6e88063991b99a073e\System.Runtime.Serialization.ni.dll
[2012.05.24 23:11:15 | 000,310,272 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ff3383438d688a0118d0fa19ed1dc4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.24 23:11:45 | 002,625,024 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
[2012.05.24 23:08:12 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.05.24 23:04:10 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.05.24 23:08:11 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012.05.24 23:04:07 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2004.07.15 18:01:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2003.04.07 22:54:52 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2007.10.24 01:47:40 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2007.10.26 03:16:32 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2007.10.11 09:55:14 | 000,929,792 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2001.10.25 17:30:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 17:30:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2001.10.25 17:30:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 17:30:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 10:21:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 141 bytes -> D:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
< End of report >
< MD5 for: LSASS.EXE >
[2008.04.14 11:22:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- D:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 11:22:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- D:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.12.14 19:14:25 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=B5B1080D35974C0E718D64280761BCD5 -- D:\WINDOWS\system32\dllcache\ndis.sys
[2008.12.14 19:14:25 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=B5B1080D35974C0E718D64280761BCD5 -- D:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.12.14 19:13:33 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=B3D65E8F4D9EC988FA17060F21AC445B -- D:\WINDOWS\system32\dllcache\netlogon.dll
[2008.12.14 19:13:33 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=B3D65E8F4D9EC988FA17060F21AC445B -- D:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 11:21:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- D:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 11:21:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- D:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2008.04.14 11:22:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- D:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 11:22:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- D:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 11:22:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- D:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 11:22:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- D:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.12.14 19:14:16 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- D:\WINDOWS\system32\dllcache\tcpip.sys
[2008.12.14 19:14:16 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- D:\WINDOWS\system32\drivers\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 11:22:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- D:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 11:22:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- D:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.12.19 16:59:10 | 000,557,056 | ---- | M] (Microsoft Corporation) MD5=12A799AD9415AE9C8ABCC5F75E9CF034 -- D:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 11:22:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- D:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 11:22:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- D:\WINDOWS\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[2 D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]
[5 D:\WINDOWS\Temp\*.tmp files -> D:\WINDOWS\Temp\*.tmp -> ]
[2 D:\WINDOWS\Temp\Google Toolbar\*.tmp files -> D:\WINDOWS\Temp\Google Toolbar\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2012.06.03 18:51:22 | 592,056,056 | ---- | M] () -- D:\CyberLink.1703_GM5_Trial_VDE120314-02.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.05.07 12:30:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\.minecraft
[2012.06.05 14:53:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\.techniclauncher
[2012.06.09 11:56:08 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Adobe
[2012.05.26 11:25:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Alternative Software Ltd
[2012.06.02 15:03:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Audacity
[2012.05.06 22:11:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Avira
[2012.06.08 22:33:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\BitTorrent
[2012.06.03 19:02:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\CyberLink
[2012.06.08 22:33:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
[2012.06.08 22:33:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\FileZilla
[2012.05.25 14:53:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\GameRanger
[2012.06.08 21:19:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Google
[2012.05.06 23:01:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Identities
[2012.05.29 07:14:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Leadertech
[2012.05.06 23:20:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Macromedia
[2012.06.09 11:56:08 | 000,000,000 | --SD | M] -- D:\Documents and Settings\Admin\Data aplikací\Microsoft
[2012.05.06 23:09:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Mozilla
[2012.05.13 00:54:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Notepad++
[2012.06.09 11:55:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Oracle
[2012.06.01 18:13:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Origin
[2012.06.08 21:26:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Skype
[2012.05.06 21:03:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\skypePM
[2012.06.03 16:46:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Sony
[2012.05.09 03:49:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.05.06 22:59:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Sun
[2012.05.31 17:34:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Toribash
[2012.05.25 20:25:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\TS3Client
[2012.06.08 22:33:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\Winamp
[2012.05.07 14:38:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
[2012.05.06 21:48:19 | 000,278,561 | ---- | M] () -- D:\Documents and Settings\Admin\Data aplikací\.minecraft\Minecraft.exe
[2012.03.25 15:38:13 | 001,273,568 | ---- | M] (GameRanger Technologies) -- D:\Documents and Settings\Admin\Data aplikací\GameRanger\GameRanger\GameRanger.exe
[2012.05.27 20:27:44 | 000,040,960 | R--- | M] (Macrovision Corporation) -- D:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}\ARPPRODUCTICON.exe
[2012.05.27 20:27:44 | 000,040,960 | R--- | M] (Macrovision Corporation) -- D:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}\HUD.exe_8FE4D08663BD44EB882CC7EA5A1EF016.exe
[2012.05.27 20:27:44 | 000,040,960 | R--- | M] (Macrovision Corporation) -- D:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}\NewShortcut1_8FE4D08663BD44EB882CC7EA5A1EF016.exe
[2012.05.27 20:27:44 | 000,008,854 | R--- | M] () -- D:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}\UNINST_Uninstall_Gam_8FE4D08663BD44EB882CC7EA5A1EF016.exe
[2012.05.06 21:48:19 | 000,278,561 | ---- | M] () -- D:\Documents and Settings\Admin\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Minecraft.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2012.05.07 00:02:21 | 000,094,208 | ---- | M] () -- D:\WINDOWS\System32\config\default.sav
[2012.05.07 00:02:20 | 001,093,632 | ---- | M] () -- D:\WINDOWS\System32\config\software.sav
[2012.05.07 00:02:20 | 000,516,096 | ---- | M] () -- D:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.06.10 19:32:33 | 000,001,324 | ---- | M] () -- D:\WINDOWS\system32\d3d9caps.dat
[2012.06.09 11:37:19 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\system32\FlashPlayerCPLApp.cpl
[2012.06.09 11:55:03 | 000,174,024 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\system32\java.exe
[2012.06.09 11:55:03 | 000,174,024 | ---- | M] (Oracle Corporation) -- D:\WINDOWS\system32\javaw.exe
[2012.06.10 19:46:21 | 000,271,641 | ---- | M] () -- D:\WINDOWS\system32\NvApps.xml
[2012.06.10 19:38:22 | 000,102,102 | ---- | M] () -- D:\WINDOWS\system32\perfc005.dat
[2012.06.10 19:38:22 | 000,087,482 | ---- | M] () -- D:\WINDOWS\system32\perfc009.dat
[2012.06.10 19:38:22 | 000,496,948 | ---- | M] () -- D:\WINDOWS\system32\perfh005.dat
[2012.06.10 19:38:22 | 000,501,958 | ---- | M] () -- D:\WINDOWS\system32\perfh009.dat
[2012.06.10 19:38:22 | 001,206,484 | ---- | M] () -- D:\WINDOWS\system32\PerfStringBackup.INI
[2012.06.10 12:16:41 | 000,002,206 | ---- | M] () -- D:\WINDOWS\system32\wpa.dbl
[1 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2012.06.03 18:51:22 | 592,056,056 | ---- | M] () -- D:\CyberLink.1703_GM5_Trial_VDE120314-02.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = D:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2008.04.11 10:46:12 | 001,276,416 | ---- | M] (Microsoft Corporation)
"Steam" = "D:\Program Files\Steam\steam.exe" -silent -- [2012.05.06 22:39:36 | 001,242,448 | ---- | M] (Valve Corporation)
"DAEMON Tools Lite" = "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012.04.11 14:24:22 | 003,672,384 | ---- | M] (DT Soft Ltd)
"ctfmon.exe" = D:\WINDOWS\system32\ctfmon.exe -- [2008.12.19 16:53:26 | 000,040,960 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.06.10 20:06:25 | 000,000,512 | ---- | M] () MD5=D5A9AC01517ADBB17B103017D599BC46 -- D:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.05.30 22:19:37 | 000,003,145 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\BitTorrent\Call.of.Duty.Modern.Warfare.3.Crackfix-RELOADED.torrent
[2012.05.07 12:39:30 | 000,020,480 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\BitTorrent\[PC GAME MULTI] - Gran Theft Auto San Andreas + Crack NoCD - (Perfect DVD Version) - (Eng-Ita-Deu-Fra-Esp) - (By G-ADLVR_R7.rar.torrent
[2012.06.03 10:00:16 | 002,295,515 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\Stažené soubory\Fraps-2.2.9---Plná-verze-+-Crack.exe
[2012.05.08 00:03:05 | 4205,696,685 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\Torrent Downloads\[PC GAME MULTI] - Gran Theft Auto San Andreas + Crack NoCD - (Perfect DVD Version) - (Eng-Ita-Deu-Fra-Esp) - (By G-ADLVR_R7.rar
[2012.05.23 06:25:39 | 003,963,090 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\Torrent Downloads\chronicles of riddick\vitality_crack.rar
[2003.12.05 14:52:40 | 000,000,796 | ---- | M] () -- \Program Files\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped
[2002.05.30 18:16:22 | 000,013,160 | ---- | M] () -- \Program Files\Stronghold Crusader\gm\cracks.gm1
< *keygen* /s >
< *loader* /s >
[2012.06.05 15:00:32 | 000,038,682 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\.techniclauncher\technicssp\ModLoader.txt
[2012.06.05 14:55:48 | 000,001,331 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\.techniclauncher\technicssp\config\ModLoader.cfg
[2012.06.05 14:55:37 | 000,000,046 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\.techniclauncher\technicssp\config\mod_MAtmos_forModLoader.cfg
[2012.06.05 14:55:28 | 000,000,046 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\.techniclauncher\technicssp\config\mod_ModLoaderMp.cfg
[2012.06.02 14:57:55 | 000,001,980 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\.techniclauncher\technicssp\mods\ComputerCraft\org\luaj\vm2\luajc\JavaLoader.class
[2012.04.26 18:30:02 | 000,009,051 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.04.26 18:30:02 | 000,016,119 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.04.26 18:30:02 | 000,018,434 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.04.26 18:30:02 | 000,009,283 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012.04.26 18:30:02 | 000,001,699 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\NewsLoader.js
[2012.06.03 18:22:37 | 000,583,544 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\Stažené soubory\CyberLink_PowerDirector_Downloader.exe
[2012.04.06 13:24:50 | 000,057,728 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2012.04.06 13:24:42 | 000,057,728 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2012.04.06 13:24:44 | 000,057,728 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2012.04.06 13:24:46 | 000,057,728 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2012.04.06 13:24:46 | 000,057,728 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2012.04.06 13:24:48 | 000,061,770 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2012.04.06 13:24:48 | 000,061,770 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2012.06.09 11:15:23 | 000,004,760 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\2NX2HHF2\bundleloader[1].js
[2012.06.09 11:29:19 | 000,004,760 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\2NX2HHF2\bundleloader[2].js
[2012.06.09 10:35:04 | 000,001,174 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\2NX2HHF2\downloader[1].js
[2012.06.09 11:30:17 | 000,001,174 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\2NX2HHF2\downloader[2].js
[2012.06.09 11:32:56 | 000,001,174 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\2NX2HHF2\downloader[3].js
[2012.06.09 10:35:02 | 000,004,760 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\E08NCWZI\bundleloader[1].js
[2012.06.09 11:30:15 | 000,004,760 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\E08NCWZI\bundleloader[2].js
[2012.06.09 11:15:26 | 000,000,723 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\E08NCWZI\downloaderror[1].js
[2012.06.09 11:29:22 | 000,000,723 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\E08NCWZI\downloaderror[2].js
[2012.06.09 10:35:04 | 000,000,723 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\I3BCH18A\downloaderror[1].js
[2012.06.09 11:30:17 | 000,000,723 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\I3BCH18A\downloaderror[2].js
[2012.06.09 11:32:54 | 000,007,934 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\SQ27VRRA\bundleloader[1].js
[2012.06.09 11:32:56 | 000,000,723 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\SQ27VRRA\downloaderror[1].js
[2012.06.09 11:15:25 | 000,001,174 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\SQ27VRRA\downloader[1].js
[2012.06.09 11:29:22 | 000,001,174 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\SQ27VRRA\downloader[2].js
[2012.06.06 16:23:46 | 000,001,950 | ---- | M] () -- \Documents and Settings\Admin\Nabídka Start\Programy\GotCLIP Downloader\GotCLIP Downloader.lnk
[2012.06.06 16:23:46 | 000,001,938 | ---- | M] () -- \Documents and Settings\Admin\Plocha\GotCLIP Downloader.lnk
[2012.03.26 10:12:00 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.03.26 10:12:00 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2010.03.09 04:28:40 | 005,297,608 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2012.05.09 02:10:15 | 000,047,568 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.dll
[2012.05.09 02:10:15 | 000,232,912 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2012.05.09 02:10:15 | 001,715,152 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloadergui.dll
[2012.04.09 10:20:34 | 002,533,160 | ---- | M] () -- \Program Files\CyberLink\Shared files\Plugin\8.0\CES_3DLoaderFBX.dll
[2011.04.29 21:12:24 | 000,239,440 | ---- | M] () -- \Program Files\GotCLIP Downloader\GotCLIP Downloader.exe
[2011.12.20 18:45:12 | 001,015,128 | ---- | M] () -- \Program Files\IObit\Game Booster 3\Freeware\GB_FreeSoftwareDownloader.exe
[2012.03.16 18:31:42 | 000,594,432 | ---- | M] () -- \Program Files\MTA San Andreas 1.3\MTA\loader.dll
[2011.07.19 02:03:32 | 000,008,787 | ---- | M] () -- \Program Files\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2008.10.05 14:17:34 | 000,006,308 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2008.10.04 23:00:58 | 000,015,872 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2008.10.05 15:02:04 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2008.10.04 16:50:10 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2008.10.04 22:22:34 | 000,003,871 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2012.05.08 08:39:14 | 000,064,280 | ---- | M] () -- \Program Files\Steam\steamapps\common\SuperMNC\Binaries\Win32\PhysXLoader.dll
[2012.05.07 05:02:43 | 000,001,152 | ---- | M] () -- \Program Files\Steam\steamapps\common\world of battles\data\UI\datafiles\imagesets\preloaderGradient.dds
[2012.05.07 03:10:17 | 000,001,152 | ---- | M] () -- \Program Files\Steam\steamapps\common\world of battles\data\UI\Management\preloaderGradient.dds
[2008.06.20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2008.04.14 11:21:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.14 11:21:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2012.06.08 23:06:28 | 000,000,024 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Solidshield\361F0237BE7E5793B9BDFEC1657C6962\serial.txt
[2007.10.11 09:55:12 | 000,929,792 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012.05.06 22:38:05 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.5000.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.05.06 22:37:31 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.05.06 22:58:29 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.05.09 03:22:47 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.05.06 22:58:36 | 000,086,016 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.05.06 22:57:35 | 000,929,792 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.05.09 04:49:17 | 000,339,968 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2b69a2af3d314b4a793d5a0fa65f5842\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.09 03:42:57 | 002,445,312 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a672f7430664de6e88063991b99a073e\System.Runtime.Serialization.ni.dll
[2012.05.24 23:11:15 | 000,310,272 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ff3383438d688a0118d0fa19ed1dc4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.24 23:11:45 | 002,625,024 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
[2012.05.24 23:08:12 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.05.24 23:04:10 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.05.24 23:08:11 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012.05.24 23:04:07 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2004.07.15 18:01:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2003.04.07 22:54:52 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2007.10.24 01:47:40 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2007.10.26 03:16:32 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2007.10.11 09:55:14 | 000,929,792 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2001.10.25 17:30:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 17:30:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2001.10.25 17:30:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 17:30:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 10:21:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 141 bytes -> D:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
< End of report >
Re: Nelze načíst Youtube a Facebook
Extras.Txt
OTL Extras logfile created on: 10.6.2012 20:04:46 - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = D:\Documents and Settings\Admin\Dokumenty\Stažené soubory
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,75 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 78,79% Memory free
4,59 Gb Paging File | 3,90 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 97,65 Gb Total Space | 86,09 Gb Free Space | 88,16% Space Free | Partition Type: NTFS
Drive D: | 237,69 Gb Total Space | 94,84 Gb Free Space | 39,90% Space Free | Partition Type: NTFS
Drive E: | 7,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive K: | 3,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: PC-LUK | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-854245398-1788223648-682003330-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- D:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files\Steam\Steam.exe" = D:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"D:\Program Files\Steam\steamapps\common\world of battles\release\launcher.exe" = D:\Program Files\Steam\steamapps\common\world of battles\release\launcher.exe:*:Enabled:World of Battles
"D:\Program Files\BitTorrent\BitTorrent.exe" = D:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"D:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe" = D:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
"D:\Program Files\Steam\steamapps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe" = D:\Program Files\Steam\steamapps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe:*:Enabled:Super Monday Night Combat -- (Epic Games, Inc.)
"D:\Program Files\Steam\steamapps\common\arma 2 free\ArmA2Free.exe" = D:\Program Files\Steam\steamapps\common\arma 2 free\ArmA2Free.exe:*:Enabled:ARMA 2: Free -- (Bohemia Interactive)
"D:\Program Files\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe" = D:\Program Files\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe:*:Enabled:EE-AOC -- ()
"D:\Documents and Settings\Admin\Data aplikací\GameRanger\GameRanger\GameRanger.exe" = D:\Documents and Settings\Admin\Data aplikací\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger -- (GameRanger Technologies)
"D:\WINDOWS\system32\dplaysvr.exe" = D:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"D:\Program Files\Stronghold Crusader\Stronghold Crusader.exe" = D:\Program Files\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader -- ( )
"D:\Program Files\Sierra\Empire Earth\Empire Earth.exe" = D:\Program Files\Sierra\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth -- ()
"D:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe" = D:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe:*:Enabled:Crysis2 -- (Crytek GmbH)
"D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe" = D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2 -- ()
"D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe" = D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer -- ()
"D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe" = D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe:*:Enabled:Aliens vs. Predator -- (Sega Europe Limited)
"D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe" = D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe:*:Enabled:Aliens vs. Predator -- (Sega Europe Limited)
"D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP.exe" = D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP.exe:*:Enabled:Aliens vs. Predator -- (Sega Europe Limited)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055FEF8E-4B86-400F-A5C6-8FAC0042DCD9}" = NVIDIA PureVideo Decoder
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{129DDEC1-A6A3-3D60-AABE-76E6E5334922}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2DF8D09C-7D3C-4164-96DF-08EBF6E881C2}" = Matik 6-9 DEMO
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F3733A5-8322-454D-A638-3B74E1C83752}" = Gadget Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{519ACA84-2F7E-4482-8201-B0DCB6C8B3A5}" = Taksi Desktop Video Recorder v0.779
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{57030680-6253-4281-A3F3-83B090BD932B}_is1" = Crashday
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65B09E79-0187-4813-8258-03991132E5A5}" = Empire Earth
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DCC43B-33C9-3389-BD0D-33EB37973657}" = Microsoft .NET Framework 3.5 Language Pack - csy
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{827B97A9-B347-4110-9F89-37AF2B758F94}" = NHL™ 09
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}" = Gamer HUD Lite
"{90120000-008A-0409-0000-0000000FF1CE}" = Microsoft Office 2007 Recent Documents Gadget
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A10D72B9-9B20-47F8-AE4D-365BCC89F324}" = Empire Earth - The Art of Conquest
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A8DE8C34-7F51-4cc8-B326-C425793EE741}" = The Chronicles of Riddick: Escape From Butcher Bay
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BB05D173-9681-4812-A7FA-BD4042A3DA00}" = Alky for Applications (Windows XP)
"{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}" = OpenOffice.org 3.0
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1" = FlatOut2
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E3CE03F6-F1D6-48B5-B7AC-FD8E67C535B0}" = Návrat krále
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F86B4C7B-B846-4039-878D-6CC8F8D3370E}_is1" = SRS - Street Racing Syndicate
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity_is1" = Audacity 2.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"Clownfish" = Clownfish for Skype
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"FileZilla Client" = FileZilla Client 3.5.3
"FileZilla Server" = FileZilla Server
"Fraps" = Fraps (remove only)
"Game Booster_is1" = Game Booster 3
"GotCLIP Downloader" = GotCLIP Downloader
"HUFFYUV" = Huffyuv AVI lossless video codec (Remove Only)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"ie8" = Windows Internet Explorer 8
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{65B09E79-0187-4813-8258-03991132E5A5}" = Empire Earth
"InstallShield_{A10D72B9-9B20-47F8-AE4D-365BCC89F324}" = Empire Earth - The Art of Conquest
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{E3CE03F6-F1D6-48B5-B7AC-FD8E67C535B0}" = Návrat krále
"Mercedes-Benz Truck Racing" = Mercedes-Benz Truck Racing
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"Microsoft .NET Framework 3.5 Language Pack - csy" = Microsoft .NET Framework 3.5 Language Pack - CSY
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Mozilla Firefox 13.0 (x86 cs)" = Mozilla Firefox 13.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MTA:SA 1.3" = MTA:SA v1.3
"Nero8Lite_is1" = Nero 8 Lite 8.3.6.0
"NewBlue Art Effects for PDR10" = Art Effects for PDR10
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Notepad++" = Notepad++
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Origin" = Origin
"Quobi" = Quobi
"RS1" = RS1
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 104700" = Super Monday Night Combat
"Steam App 10680" = Aliens vs. Predator
"Steam App 107400" = ARMA 2: Free
"Steam App 113900" = World of Battles
"Steam App 205370" = Airline Tycoon 2 Demo
"Steam App 57690" = Tropico 4
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Windows Sidebar" = Postranní panel systému Windows
"WinRAR archiver" = WinRAR
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-854245398-1788223648-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"GameRanger" = GameRanger
"Google Chrome" = Google Chrome
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Winamp Toolbar" = Winamp Toolbar
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10.6.2012 3:55:24 | Computer Name = PC-LUK | Source = VSS | ID = 5013
Description = Chyba služby Stínová kopie svazků: Autor stínové kopie RemovableStorageManager
vyvolal rutinu OpenNtmsSessionW, která se nezdařila se stavem 0x80070422 (převeden
na 0x800423f4).
Error - 10.6.2012 4:03:05 | Computer Name = PC-LUK | Source = VSS | ID = 5013
Description = Chyba služby Stínová kopie svazků: Autor stínové kopie RemovableStorageManager
vyvolal rutinu OpenNtmsSessionW, která se nezdařila se stavem 0x80070422 (převeden
na 0x800423f4).
Error - 10.6.2012 4:06:19 | Computer Name = PC-LUK | Source = VSS | ID = 5013
Description = Chyba služby Stínová kopie svazků: Autor stínové kopie RemovableStorageManager
vyvolal rutinu OpenNtmsSessionW, která se nezdařila se stavem 0x80070422 (převeden
na 0x800423f4).
Error - 10.6.2012 4:06:23 | Computer Name = PC-LUK | Source = VSS | ID = 5013
Description = Chyba služby Stínová kopie svazků: Autor stínové kopie RemovableStorageManager
vyvolal rutinu OpenNtmsSessionW, která se nezdařila se stavem 0x80070422 (převeden
na 0x800423f4).
Error - 10.6.2012 4:06:26 | Computer Name = PC-LUK | Source = VSS | ID = 5013
Description = Chyba služby Stínová kopie svazků: Autor stínové kopie RemovableStorageManager
vyvolal rutinu OpenNtmsSessionW, která se nezdařila se stavem 0x80070422 (převeden
na 0x800423f4).
Error - 10.6.2012 4:06:54 | Computer Name = PC-LUK | Source = VSS | ID = 5013
Description = Chyba služby Stínová kopie svazků: Autor stínové kopie RemovableStorageManager
vyvolal rutinu OpenNtmsSessionW, která se nezdařila se stavem 0x80070422 (převeden
na 0x800423f4).
Error - 10.6.2012 4:06:59 | Computer Name = PC-LUK | Source = VSS | ID = 5013
Description = Chyba služby Stínová kopie svazků: Autor stínové kopie RemovableStorageManager
vyvolal rutinu OpenNtmsSessionW, která se nezdařila se stavem 0x80070422 (převeden
na 0x800423f4).
Error - 10.6.2012 10:42:28 | Computer Name = PC-LUK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTM.exe, verze 3.1.19.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 10.6.2012 10:42:34 | Computer Name = PC-LUK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTM.exe, verze 3.1.19.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 10.6.2012 11:05:00 | Computer Name = PC-LUK | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
[ System Events ]
Error - 27.5.2012 9:47:59 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 27.5.2012 9:48:06 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 27.5.2012 9:48:12 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 27.5.2012 9:48:19 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 27.5.2012 9:48:25 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 27.5.2012 9:48:28 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 27.5.2012 9:48:31 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 27.5.2012 9:48:34 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 27.5.2012 9:48:37 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 27.5.2012 9:48:41 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
< End of report >
OTL Extras logfile created on: 10.6.2012 20:04:46 - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = D:\Documents and Settings\Admin\Dokumenty\Stažené soubory
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,75 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 78,79% Memory free
4,59 Gb Paging File | 3,90 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 97,65 Gb Total Space | 86,09 Gb Free Space | 88,16% Space Free | Partition Type: NTFS
Drive D: | 237,69 Gb Total Space | 94,84 Gb Free Space | 39,90% Space Free | Partition Type: NTFS
Drive E: | 7,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive K: | 3,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: PC-LUK | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-854245398-1788223648-682003330-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- D:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files\Steam\Steam.exe" = D:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"D:\Program Files\Steam\steamapps\common\world of battles\release\launcher.exe" = D:\Program Files\Steam\steamapps\common\world of battles\release\launcher.exe:*:Enabled:World of Battles
"D:\Program Files\BitTorrent\BitTorrent.exe" = D:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"D:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe" = D:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
"D:\Program Files\Steam\steamapps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe" = D:\Program Files\Steam\steamapps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe:*:Enabled:Super Monday Night Combat -- (Epic Games, Inc.)
"D:\Program Files\Steam\steamapps\common\arma 2 free\ArmA2Free.exe" = D:\Program Files\Steam\steamapps\common\arma 2 free\ArmA2Free.exe:*:Enabled:ARMA 2: Free -- (Bohemia Interactive)
"D:\Program Files\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe" = D:\Program Files\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe:*:Enabled:EE-AOC -- ()
"D:\Documents and Settings\Admin\Data aplikací\GameRanger\GameRanger\GameRanger.exe" = D:\Documents and Settings\Admin\Data aplikací\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger -- (GameRanger Technologies)
"D:\WINDOWS\system32\dplaysvr.exe" = D:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"D:\Program Files\Stronghold Crusader\Stronghold Crusader.exe" = D:\Program Files\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader -- ( )
"D:\Program Files\Sierra\Empire Earth\Empire Earth.exe" = D:\Program Files\Sierra\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth -- ()
"D:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe" = D:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe:*:Enabled:Crysis2 -- (Crytek GmbH)
"D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe" = D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2 -- ()
"D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe" = D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer -- ()
"D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe" = D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe:*:Enabled:Aliens vs. Predator -- (Sega Europe Limited)
"D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe" = D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe:*:Enabled:Aliens vs. Predator -- (Sega Europe Limited)
"D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP.exe" = D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP.exe:*:Enabled:Aliens vs. Predator -- (Sega Europe Limited)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055FEF8E-4B86-400F-A5C6-8FAC0042DCD9}" = NVIDIA PureVideo Decoder
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{129DDEC1-A6A3-3D60-AABE-76E6E5334922}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2DF8D09C-7D3C-4164-96DF-08EBF6E881C2}" = Matik 6-9 DEMO
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F3733A5-8322-454D-A638-3B74E1C83752}" = Gadget Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{519ACA84-2F7E-4482-8201-B0DCB6C8B3A5}" = Taksi Desktop Video Recorder v0.779
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{57030680-6253-4281-A3F3-83B090BD932B}_is1" = Crashday
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65B09E79-0187-4813-8258-03991132E5A5}" = Empire Earth
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DCC43B-33C9-3389-BD0D-33EB37973657}" = Microsoft .NET Framework 3.5 Language Pack - csy
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{827B97A9-B347-4110-9F89-37AF2B758F94}" = NHL™ 09
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}" = Gamer HUD Lite
"{90120000-008A-0409-0000-0000000FF1CE}" = Microsoft Office 2007 Recent Documents Gadget
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A10D72B9-9B20-47F8-AE4D-365BCC89F324}" = Empire Earth - The Art of Conquest
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A8DE8C34-7F51-4cc8-B326-C425793EE741}" = The Chronicles of Riddick: Escape From Butcher Bay
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BB05D173-9681-4812-A7FA-BD4042A3DA00}" = Alky for Applications (Windows XP)
"{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}" = OpenOffice.org 3.0
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1" = FlatOut2
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E3CE03F6-F1D6-48B5-B7AC-FD8E67C535B0}" = Návrat krále
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F86B4C7B-B846-4039-878D-6CC8F8D3370E}_is1" = SRS - Street Racing Syndicate
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity_is1" = Audacity 2.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"Clownfish" = Clownfish for Skype
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"FileZilla Client" = FileZilla Client 3.5.3
"FileZilla Server" = FileZilla Server
"Fraps" = Fraps (remove only)
"Game Booster_is1" = Game Booster 3
"GotCLIP Downloader" = GotCLIP Downloader
"HUFFYUV" = Huffyuv AVI lossless video codec (Remove Only)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"ie8" = Windows Internet Explorer 8
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{65B09E79-0187-4813-8258-03991132E5A5}" = Empire Earth
"InstallShield_{A10D72B9-9B20-47F8-AE4D-365BCC89F324}" = Empire Earth - The Art of Conquest
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{E3CE03F6-F1D6-48B5-B7AC-FD8E67C535B0}" = Návrat krále
"Mercedes-Benz Truck Racing" = Mercedes-Benz Truck Racing
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"Microsoft .NET Framework 3.5 Language Pack - csy" = Microsoft .NET Framework 3.5 Language Pack - CSY
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Mozilla Firefox 13.0 (x86 cs)" = Mozilla Firefox 13.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MTA:SA 1.3" = MTA:SA v1.3
"Nero8Lite_is1" = Nero 8 Lite 8.3.6.0
"NewBlue Art Effects for PDR10" = Art Effects for PDR10
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Notepad++" = Notepad++
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Origin" = Origin
"Quobi" = Quobi
"RS1" = RS1
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 104700" = Super Monday Night Combat
"Steam App 10680" = Aliens vs. Predator
"Steam App 107400" = ARMA 2: Free
"Steam App 113900" = World of Battles
"Steam App 205370" = Airline Tycoon 2 Demo
"Steam App 57690" = Tropico 4
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Windows Sidebar" = Postranní panel systému Windows
"WinRAR archiver" = WinRAR
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-854245398-1788223648-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"GameRanger" = GameRanger
"Google Chrome" = Google Chrome
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Winamp Toolbar" = Winamp Toolbar
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10.6.2012 3:55:24 | Computer Name = PC-LUK | Source = VSS | ID = 5013
Description = Chyba služby Stínová kopie svazků: Autor stínové kopie RemovableStorageManager
vyvolal rutinu OpenNtmsSessionW, která se nezdařila se stavem 0x80070422 (převeden
na 0x800423f4).
Error - 10.6.2012 4:03:05 | Computer Name = PC-LUK | Source = VSS | ID = 5013
Description = Chyba služby Stínová kopie svazků: Autor stínové kopie RemovableStorageManager
vyvolal rutinu OpenNtmsSessionW, která se nezdařila se stavem 0x80070422 (převeden
na 0x800423f4).
Error - 10.6.2012 4:06:19 | Computer Name = PC-LUK | Source = VSS | ID = 5013
Description = Chyba služby Stínová kopie svazků: Autor stínové kopie RemovableStorageManager
vyvolal rutinu OpenNtmsSessionW, která se nezdařila se stavem 0x80070422 (převeden
na 0x800423f4).
Error - 10.6.2012 4:06:23 | Computer Name = PC-LUK | Source = VSS | ID = 5013
Description = Chyba služby Stínová kopie svazků: Autor stínové kopie RemovableStorageManager
vyvolal rutinu OpenNtmsSessionW, která se nezdařila se stavem 0x80070422 (převeden
na 0x800423f4).
Error - 10.6.2012 4:06:26 | Computer Name = PC-LUK | Source = VSS | ID = 5013
Description = Chyba služby Stínová kopie svazků: Autor stínové kopie RemovableStorageManager
vyvolal rutinu OpenNtmsSessionW, která se nezdařila se stavem 0x80070422 (převeden
na 0x800423f4).
Error - 10.6.2012 4:06:54 | Computer Name = PC-LUK | Source = VSS | ID = 5013
Description = Chyba služby Stínová kopie svazků: Autor stínové kopie RemovableStorageManager
vyvolal rutinu OpenNtmsSessionW, která se nezdařila se stavem 0x80070422 (převeden
na 0x800423f4).
Error - 10.6.2012 4:06:59 | Computer Name = PC-LUK | Source = VSS | ID = 5013
Description = Chyba služby Stínová kopie svazků: Autor stínové kopie RemovableStorageManager
vyvolal rutinu OpenNtmsSessionW, která se nezdařila se stavem 0x80070422 (převeden
na 0x800423f4).
Error - 10.6.2012 10:42:28 | Computer Name = PC-LUK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTM.exe, verze 3.1.19.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 10.6.2012 10:42:34 | Computer Name = PC-LUK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTM.exe, verze 3.1.19.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 10.6.2012 11:05:00 | Computer Name = PC-LUK | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
[ System Events ]
Error - 27.5.2012 9:47:59 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 27.5.2012 9:48:06 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 27.5.2012 9:48:12 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 27.5.2012 9:48:19 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 27.5.2012 9:48:25 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 27.5.2012 9:48:28 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 27.5.2012 9:48:31 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 27.5.2012 9:48:34 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 27.5.2012 9:48:37 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 27.5.2012 9:48:41 | Computer Name = PC-LUK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
< End of report >
Re: Nelze načíst Youtube a Facebook
Co ty cracky? 
Znovu spustte OTL, ale v nouzovem rezimu!!!
Do spodniho okna vlozte nasledujici zeleny text (vcetne te dvojtecky pred slovem otl)
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.
V normalnim rezimu udelejte uplnou kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Znovu spustte OTL, ale v nouzovem rezimu!!!Do spodniho okna vlozte nasledujici zeleny text (vcetne te dvojtecky pred slovem otl)
Kód: Vybrat vše
:otl
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - D:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/red ... 685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120506182211734&tb_oid=06-05-2012&tb_mrud=06-05-2012
IE - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - D:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
IE - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\SearchScopes\{218C57F2-2215-4D58-ADFC-24FB37D368BA}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=YYYYYYYYCZ&apn_uid=C1CF0D35-1CEE-4CF0-B444-2283DB0E6FFE&apn_sauid=3E71546C-E303-4305-83A5-A8FCFF49E7E2
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.14.1.100012
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=100000027&locale=en_EU&apn_uid=C1CF0D35-1CEE-4CF0-B444-2283DB0E6FFE&apn_ptnrs=U3&apn_sauid=3E71546C-E303-4305-83A5-A8FCFF49E7E2&apn_dtid=YYYYYYYYCZ&&q="
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
O3 - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-854245398-1788223648-682003330-1004\..\Toolbar\WebBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No CLSID value found.
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 File not found
[2012.06.09 12:06:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Local Settings\Data aplikací\AskToolbar
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
[2012.06.10 19:38:22 | 000,501,958 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2012.06.10 19:38:22 | 000,496,948 | ---- | M] () -- D:\WINDOWS\System32\perfh005.dat
[2012.06.10 19:38:22 | 000,102,102 | ---- | M] () -- D:\WINDOWS\System32\perfc005.dat
[2012.06.10 19:38:22 | 000,087,482 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2012.05.28 15:00:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Ostatni\Data aplikací\AskToolbar
[2 D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]
[5 D:\WINDOWS\Temp\*.tmp files -> D:\WINDOWS\Temp\*.tmp -> ]
[2 D:\WINDOWS\Temp\Google Toolbar\*.tmp files -> D:\WINDOWS\Temp\Google Toolbar\*.tmp -> ]
@Alternate Data Stream - 141 bytes -> D:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
D:\Program Files\Ask.com
D:\WINDOWS\tasks\Adobe Flash Player Updater.job
D:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PC-LUK-Admin.job
D:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004Core.job
D:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004UA.job
D:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004Core.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004UA.job
D:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
D:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\v03yqg63.default\searchplugins\askcom.xml
:services
WinRing0_1_2_0
JavaQuickStarterService
Skype C2C Service
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gusvc
SwitchBoard
:commands
[RESETHOSTS]
[EMPTYTEMP]
[Purity]
[EMPTYFLASH]Po restartu se objevi novy log, ten sem dejte.
V normalnim rezimu udelejte uplnou kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Nelze načíst Youtube a Facebook
OTL.Txt
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ deleted successfully.
D:\Program Files\Winamp Toolbar\winamptb.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found.
Registry value HKEY_USERS\S-1-5-21-854245398-1788223648-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ not found.
File D:\Program Files\Winamp Toolbar\winamptb.dll not found.
Registry key HKEY_USERS\S-1-5-21-854245398-1788223648-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-854245398-1788223648-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{218C57F2-2215-4D58-ADFC-24FB37D368BA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{218C57F2-2215-4D58-ADFC-24FB37D368BA}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Prefs.js: toolbar@ask.com:3.14.1.100012 removed from extensions.enabledItems
Prefs.js: "http://websearch.ask.com/redirect?clien ... YYYYCZ&&q=" removed from keyword.URL
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
D:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File D:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
Registry value HKEY_USERS\S-1-5-21-854245398-1788223648-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-854245398-1788223648-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-854245398-1788223648-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 deleted successfully.
Invalid CLSID key: _nltide_2
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 not found.
Invalid CLSID key: _nltide_2
D:\Documents and Settings\Admin\Local Settings\Data aplikací\AskToolbar\APNU folder moved successfully.
D:\Documents and Settings\Admin\Local Settings\Data aplikací\AskToolbar folder moved successfully.
D:\WINDOWS\System32\CONFIG.TMP deleted successfully.
D:\WINDOWS\system32\perfh009.dat moved successfully.
D:\WINDOWS\system32\perfh005.dat moved successfully.
D:\WINDOWS\system32\perfc005.dat moved successfully.
D:\WINDOWS\system32\perfc009.dat moved successfully.
D:\Documents and Settings\Ostatni\Data aplikací\AskToolbar folder moved successfully.
D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP150.tmp folder deleted successfully.
D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81.tmp folder deleted successfully.
D:\WINDOWS\Temp\5nsv5zp4.TMP deleted successfully.
D:\WINDOWS\Temp\TagB29.tmp deleted successfully.
D:\WINDOWS\Temp\TagB2A.tmp deleted successfully.
D:\WINDOWS\Temp\WSF8FC.tmp deleted successfully.
D:\WINDOWS\Temp\WSF8FD.tmp deleted successfully.
D:\WINDOWS\Temp\Google Toolbar\BITCA.tmp deleted successfully.
D:\WINDOWS\Temp\Google Toolbar\gtD2.tmp deleted successfully.
ADS D:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF deleted successfully.
========== FILES ==========
File/Folder D:\WINDOWS\system32\*.tmp.dll not found.
File/Folder D:\WINDOWS\system32\SET*.tmp not found.
File/Folder D:\WINDOWS\*.tmp not found.
File\Folder D:\Program Files\Ask.com not found.
File\Folder D:\WINDOWS\tasks\Adobe Flash Player Updater.job not found.
File\Folder D:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PC-LUK-Admin.job not found.
File\Folder D:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004Core.job not found.
File\Folder D:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004UA.job not found.
File\Folder D:\WINDOWS\tasks\Game_Booster_AutoUpdate.job not found.
File\Folder D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004Core.job not found.
File\Folder D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004UA.job not found.
File\Folder D:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job not found.
File\Folder D:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\v03yqg63.default\searchplugins\askcom.xml not found.
========== SERVICES/DRIVERS ==========
Service WinRing0_1_2_0 stopped successfully!
Service WinRing0_1_2_0 deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service Skype C2C Service stopped successfully!
Service Skype C2C Service deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
Service SwitchBoard stopped successfully!
Service SwitchBoard deleted successfully!
========== COMMANDS ==========
D:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: Admin
->Temp folder emptied: 227865984 bytes
->Temporary Internet Files folder emptied: 4475871 bytes
->Java cache emptied: 4049 bytes
->FireFox cache emptied: 80005556 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1246 bytes
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 4777303 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Ostatni
->Temp folder emptied: 1062032 bytes
->Temporary Internet Files folder emptied: 690234 bytes
->FireFox cache emptied: 22823032 bytes
->Flash cache emptied: 41620 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 722231 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 36975270 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 33005 bytes
Total Files Cleaned = 362,00 mb
[EMPTYFLASH]
User: Admin
->Flash cache emptied: 0 bytes
User: Administrator
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: Ostatni
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.48.0 log created on 06112012_142047
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
***Snad to je ten správný log. Po restartu se neukázal. Teď se jdu vrhnout na ten MBAM.
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ deleted successfully.
D:\Program Files\Winamp Toolbar\winamptb.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found.
Registry value HKEY_USERS\S-1-5-21-854245398-1788223648-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ not found.
File D:\Program Files\Winamp Toolbar\winamptb.dll not found.
Registry key HKEY_USERS\S-1-5-21-854245398-1788223648-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-854245398-1788223648-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{218C57F2-2215-4D58-ADFC-24FB37D368BA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{218C57F2-2215-4D58-ADFC-24FB37D368BA}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Prefs.js: toolbar@ask.com:3.14.1.100012 removed from extensions.enabledItems
Prefs.js: "http://websearch.ask.com/redirect?clien ... YYYYCZ&&q=" removed from keyword.URL
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
D:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File D:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
Registry value HKEY_USERS\S-1-5-21-854245398-1788223648-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-854245398-1788223648-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-854245398-1788223648-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 deleted successfully.
Invalid CLSID key: _nltide_2
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 not found.
Invalid CLSID key: _nltide_2
D:\Documents and Settings\Admin\Local Settings\Data aplikací\AskToolbar\APNU folder moved successfully.
D:\Documents and Settings\Admin\Local Settings\Data aplikací\AskToolbar folder moved successfully.
D:\WINDOWS\System32\CONFIG.TMP deleted successfully.
D:\WINDOWS\system32\perfh009.dat moved successfully.
D:\WINDOWS\system32\perfh005.dat moved successfully.
D:\WINDOWS\system32\perfc005.dat moved successfully.
D:\WINDOWS\system32\perfc009.dat moved successfully.
D:\Documents and Settings\Ostatni\Data aplikací\AskToolbar folder moved successfully.
D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP150.tmp folder deleted successfully.
D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81.tmp folder deleted successfully.
D:\WINDOWS\Temp\5nsv5zp4.TMP deleted successfully.
D:\WINDOWS\Temp\TagB29.tmp deleted successfully.
D:\WINDOWS\Temp\TagB2A.tmp deleted successfully.
D:\WINDOWS\Temp\WSF8FC.tmp deleted successfully.
D:\WINDOWS\Temp\WSF8FD.tmp deleted successfully.
D:\WINDOWS\Temp\Google Toolbar\BITCA.tmp deleted successfully.
D:\WINDOWS\Temp\Google Toolbar\gtD2.tmp deleted successfully.
ADS D:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF deleted successfully.
========== FILES ==========
File/Folder D:\WINDOWS\system32\*.tmp.dll not found.
File/Folder D:\WINDOWS\system32\SET*.tmp not found.
File/Folder D:\WINDOWS\*.tmp not found.
File\Folder D:\Program Files\Ask.com not found.
File\Folder D:\WINDOWS\tasks\Adobe Flash Player Updater.job not found.
File\Folder D:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PC-LUK-Admin.job not found.
File\Folder D:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004Core.job not found.
File\Folder D:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004UA.job not found.
File\Folder D:\WINDOWS\tasks\Game_Booster_AutoUpdate.job not found.
File\Folder D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004Core.job not found.
File\Folder D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1788223648-682003330-1004UA.job not found.
File\Folder D:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job not found.
File\Folder D:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\v03yqg63.default\searchplugins\askcom.xml not found.
========== SERVICES/DRIVERS ==========
Service WinRing0_1_2_0 stopped successfully!
Service WinRing0_1_2_0 deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service Skype C2C Service stopped successfully!
Service Skype C2C Service deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
Service SwitchBoard stopped successfully!
Service SwitchBoard deleted successfully!
========== COMMANDS ==========
D:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: Admin
->Temp folder emptied: 227865984 bytes
->Temporary Internet Files folder emptied: 4475871 bytes
->Java cache emptied: 4049 bytes
->FireFox cache emptied: 80005556 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1246 bytes
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 4777303 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Ostatni
->Temp folder emptied: 1062032 bytes
->Temporary Internet Files folder emptied: 690234 bytes
->FireFox cache emptied: 22823032 bytes
->Flash cache emptied: 41620 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 722231 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 36975270 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 33005 bytes
Total Files Cleaned = 362,00 mb
[EMPTYFLASH]
User: Admin
->Flash cache emptied: 0 bytes
User: Administrator
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: Ostatni
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.48.0 log created on 06112012_142047
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
***Snad to je ten správný log. Po restartu se neukázal. Teď se jdu vrhnout na ten MBAM.
Re: Nelze načíst Youtube a Facebook
Je to ten spravny log OTL provedlo co melo. Uvidime, co najde MBAM.
OTL provedlo co melo. Uvidime, co najde MBAM.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Nelze načíst Youtube a Facebook
MBAM Log
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
http://www.malwarebytes.org
Verze databáze: v2012.04.04.08
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Admin :: PC-LUK [administrátor]
Ochrana: Povolena
11.6.2012 14:32:43
mbam-log-2012-06-11 (16-18-40).txt
Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 376415
Uplynulý čas: 1 hodin, 45 minut, 40 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
D:\System Volume Information\_restore{8D8B36CF-3DD4-4385-8FFB-2B25AB4C4F8B}\RP15\A0011105.exe (Malware.Packer.Gen) -> Žádná instrukce nebyla provedena.
D:\System Volume Information\_restore{8D8B36CF-3DD4-4385-8FFB-2B25AB4C4F8B}\RP19\A0013930.exe (Malware.Packer.Gen) -> Žádná instrukce nebyla provedena.
(konec)
U toho posledního, jak je tam "Nalezené soubory: 2" Tak mi to zjistilo, že to je malware. Zatím jsem to nesmazal a čekám na odpoveď. Vzhledem k tomu, že to je ze System Volume Information, tak se mi do toho nechce moc lézt bez souhlasu odborníka.
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
http://www.malwarebytes.org
Verze databáze: v2012.04.04.08
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Admin :: PC-LUK [administrátor]
Ochrana: Povolena
11.6.2012 14:32:43
mbam-log-2012-06-11 (16-18-40).txt
Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 376415
Uplynulý čas: 1 hodin, 45 minut, 40 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
D:\System Volume Information\_restore{8D8B36CF-3DD4-4385-8FFB-2B25AB4C4F8B}\RP15\A0011105.exe (Malware.Packer.Gen) -> Žádná instrukce nebyla provedena.
D:\System Volume Information\_restore{8D8B36CF-3DD4-4385-8FFB-2B25AB4C4F8B}\RP19\A0013930.exe (Malware.Packer.Gen) -> Žádná instrukce nebyla provedena.
(konec)
U toho posledního, jak je tam "Nalezené soubory: 2" Tak mi to zjistilo, že to je malware. Zatím jsem to nesmazal a čekám na odpoveď. Vzhledem k tomu, že to je ze System Volume Information, tak se mi do toho nechce moc lézt bez souhlasu odborníka.
Přispějete na provoz fóra?
